session id authorization確認

@r-ThinkPad-T60:~/workspace20130706/jettytiddlywiki/src/main/java/jettyTiddlywiki/servlet$ ls
Atms.java        FileGet.java      Parse.java   RootHandler.java
Diff.java        FilePost.java     Raw.java     Search.java
FileDelete.java  Initializer.java  Recent.java  Wiki.java

本ソフトウェアで外部から情報を受け付けレスポンスを返すservlet口12、
未ログインの状態で全てgetでloginへredirect,postでunautholized,また仮にadminが未登録の状態用のページでは空を返すことを確認する

blank.png

r@r-ThinkPad-T60:~$ curl -I https://localhost:8443 -k --sslv3
HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=oylh7tgddpq13asbn4gfbsan;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/index.html
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/wiki/PageTemplate -k --sslv3
HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=mxoz8g6p5gek13mtcttn1vicx;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/wiki/PageTemplate
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/atms/PageTemplate -k --sslv3
HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=1r7xhs0yekswb1jmsvd813hjvc;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/atms/PageTemplate
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/diff/PageTemplate -k --sslv3
HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=1lihqcuknmf3mjt77vqvd369s;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/diff/PageTemplate
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/raw/PageTemplate -k --sslv3
HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=ep1hy0wegx0d1qn8ea37zz3vn;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/raw/PageTemplate
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/recent -k --sslv3
HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=cdy9tl8kia3g1sndtj5v1ue32;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/recent
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/search?keyword=a -k --sslv3HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=x2147y0m4zevlxh1h9oo6gb1;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/search
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/initializer -k --sslv3
HTTP/1.1 200 OK
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -d "raw=`echo $AAA`" https://localhost:8443/parse -k --sslv3
<head><title>Unauthorized</title></head>
<body>
<h1>Unauthorized</h1>
<pre>
(POST /parse)@25444001 org.eclipse.jetty.server.Request@1843ea1
</pre>
r@r-ThinkPad-T60:~$ curl -d "file=foo" https://localhost:8443/filedelete -k --sslv3
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
<title>Error 405 HTTP method POST is not supported by this URL</title>
</head>
<body><h2>HTTP ERROR 405</h2>
<p>Problem accessing /filedelete. Reason:
<pre>    HTTP method POST is not supported by this URL</pre></p><hr /><i><small>Powered by Jetty://</small></i><br/>     
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/filedelete?file=foo -k --sslv3
HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=qz9bfz24nopl18o83latv7m75;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 166
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -I https://localhost:8443/file/a/a -k --sslv3HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=68m6wkjo18b01w1daexz12aby;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://localhost:8443/login?redirect=/file/a/a
Content-Length: 0
Server: Jetty(7.6.5.v20120716)
r@r-ThinkPad-T60:~$ curl -F file=@a https://localhost:8443/upload -k --sslv3
<head><title>Unauthorized</title></head>
<body>
<h1>Unauthorized</h1>
<pre>
(POST /upload)@5897293 org.eclipse.jetty.server.Request@59fc4d
</pre>
</body>r@r-ThinkPad-T60:~$ curl -d "raw=`echo $AAA`" https://localhost:8443/wiki --sslv3
<head><title>Unauthorized</title></head>
<body>
<h1>Unauthorized</h1>
<pre>
(POST /wiki/new)@29258478 org.eclipse.jetty.server.Request@1be72ee
</pre>
r@r-ThinkPad-T60:~$ curl -d id=a -d password=a -d password2=a -d sitename=a https://localhost:8443/initializer -k --sslv3
(return;)
r@r-ThinkPad-T60:~$ 

以上。全て確認

    last modified: 15 July 2013 [ View wiki source Close ]
     
SEARCH DIFFERENCE ATTACHMENT RECENT POST