Java 类org.apache.hadoop.security.authentication.client.KerberosAuthenticator 实例源码

private void testManagementOperationErrors() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  Mockito.when(request.getQueryString()).thenReturn(
      DelegationTokenAuthenticator.OP_PARAM + "=" +
          DelegationTokenAuthenticator.DelegationTokenOperation.
              GETDELEGATIONTOKEN.toString()
  );
  Mockito.when(request.getMethod()).thenReturn("FOO");
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).sendError(
      Mockito.eq(HttpServletResponse.SC_BAD_REQUEST),
      Mockito.startsWith("Wrong HTTP method"));

  Mockito.reset(response);
  Mockito.when(request.getMethod()).thenReturn(
      DelegationTokenAuthenticator.DelegationTokenOperation.
          GETDELEGATIONTOKEN.getHttpMethod()
  );
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).setStatus(
      Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED));
  Mockito.verify(response).setHeader(
      Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
      Mockito.eq("mock"));
}

public KerberosWebHDFSConnection2(String httpfsUrl, String principal, String password)  {
        this.httpfsUrl = httpfsUrl;
        this.principal = principal;
        this.password = password;

        Configuration conf = new Configuration();
        conf.addResource("conf/hdfs-site.xml");
        conf.addResource("conf/core-site.xml");
        newToken = new AuthenticatedURL.Token();

        KerberosAuthenticator ka = new KerberosAuthenticator();
        ConnectionConfigurator connectionConfigurator = new SSLFactory(SSLFactory.Mode.CLIENT,conf);
        ka.setConnectionConfigurator(connectionConfigurator);

        try{
            URL url = new URL(httpfsUrl);
            ka.authenticate(url,newToken);
        }catch(Exception e){
            e.printStackTrace();
        }


         this.authenticatedURL = new AuthenticatedURL(ka,connectionConfigurator);
//        this.authenticatedURL = new AuthenticatedURL(
//                new KerberosAuthenticator2(principal, password));
    }

private void testManagementOperationErrors() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  Mockito.when(request.getQueryString()).thenReturn(
      DelegationTokenAuthenticator.OP_PARAM + "=" +
          DelegationTokenAuthenticator.DelegationTokenOperation.
              GETDELEGATIONTOKEN.toString()
  );
  Mockito.when(request.getMethod()).thenReturn("FOO");
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).sendError(
      Mockito.eq(HttpServletResponse.SC_BAD_REQUEST),
      Mockito.startsWith("Wrong HTTP method"));

  Mockito.reset(response);
  Mockito.when(request.getMethod()).thenReturn(
      DelegationTokenAuthenticator.DelegationTokenOperation.
          GETDELEGATIONTOKEN.getHttpMethod()
  );
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).setStatus(
      Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED));
  Mockito.verify(response).setHeader(
      Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
      Mockito.eq("mock"));
}

private void testManagementOperationErrors() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  Mockito.when(request.getQueryString()).thenReturn(
      DelegationTokenAuthenticator.OP_PARAM + "=" +
          DelegationTokenAuthenticator.DelegationTokenOperation.
              GETDELEGATIONTOKEN.toString()
  );
  Mockito.when(request.getMethod()).thenReturn("FOO");
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).sendError(
      Mockito.eq(HttpServletResponse.SC_BAD_REQUEST),
      Mockito.startsWith("Wrong HTTP method"));

  Mockito.reset(response);
  Mockito.when(request.getMethod()).thenReturn(
      DelegationTokenAuthenticator.DelegationTokenOperation.
          GETDELEGATIONTOKEN.getHttpMethod()
  );
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).setStatus(
      Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED));
  Mockito.verify(response).setHeader(
      Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
      Mockito.eq("mock"));
}

private void testManagementOperationErrors() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  Mockito.when(request.getQueryString()).thenReturn(
      DelegationTokenAuthenticator.OP_PARAM + "=" +
          DelegationTokenAuthenticator.DelegationTokenOperation.
              GETDELEGATIONTOKEN.toString()
  );
  Mockito.when(request.getMethod()).thenReturn("FOO");
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).sendError(
      Mockito.eq(HttpServletResponse.SC_BAD_REQUEST),
      Mockito.startsWith("Wrong HTTP method"));

  Mockito.reset(response);
  Mockito.when(request.getMethod()).thenReturn(
      DelegationTokenAuthenticator.DelegationTokenOperation.
          GETDELEGATIONTOKEN.getHttpMethod()
  );
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).setStatus(
      Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED));
  Mockito.verify(response).setHeader(
      Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
      Mockito.eq("mock"));
}

private void testManagementOperationErrors() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  Mockito.when(request.getQueryString()).thenReturn(
      DelegationTokenAuthenticator.OP_PARAM + "=" +
          DelegationTokenAuthenticator.DelegationTokenOperation.
              GETDELEGATIONTOKEN.toString()
  );
  Mockito.when(request.getMethod()).thenReturn("FOO");
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).sendError(
      Mockito.eq(HttpServletResponse.SC_BAD_REQUEST),
      Mockito.startsWith("Wrong HTTP method"));

  Mockito.reset(response);
  Mockito.when(request.getMethod()).thenReturn(
      DelegationTokenAuthenticator.DelegationTokenOperation.
          GETDELEGATIONTOKEN.getHttpMethod()
  );
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).setStatus(
      Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED));
  Mockito.verify(response).setHeader(
      Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
      Mockito.eq("mock"));
}

private void testManagementOperationErrors() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
  Mockito.when(request.getQueryString()).thenReturn(
      DelegationTokenAuthenticator.OP_PARAM + "=" +
          DelegationTokenAuthenticator.DelegationTokenOperation.
              GETDELEGATIONTOKEN.toString()
  );
  Mockito.when(request.getMethod()).thenReturn("FOO");
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).sendError(
      Mockito.eq(HttpServletResponse.SC_BAD_REQUEST),
      Mockito.startsWith("Wrong HTTP method"));

  Mockito.reset(response);
  Mockito.when(request.getMethod()).thenReturn(
      DelegationTokenAuthenticator.DelegationTokenOperation.
          GETDELEGATIONTOKEN.getHttpMethod()
  );
  Assert.assertFalse(handler.managementOperation(null, request, response));
  Mockito.verify(response).setStatus(
      Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED));
  Mockito.verify(response).setHeader(
      Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
      Mockito.eq("mock"));
}

public KerberosDelegationTokenAuthenticator() {
  super(new KerberosAuthenticator() {
    @Override
    protected Authenticator getFallBackAuthenticator() {
      return new PseudoDelegationTokenAuthenticator();
    }
  });
}

public KerberosDelegationTokenAuthenticator() {
  super(new KerberosAuthenticator() {
    @Override
    protected Authenticator getFallBackAuthenticator() {
      return new PseudoDelegationTokenAuthenticator();
    }
  });
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public KerberosDelegationTokenAuthenticator() {
  super(new KerberosAuthenticator() {
    @Override
    protected Authenticator getFallBackAuthenticator() {
      return new PseudoDelegationTokenAuthenticator();
    }
  });
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public KerberosDelegationTokenAuthenticator() {
  super(new KerberosAuthenticator() {
    @Override
    protected Authenticator getFallBackAuthenticator() {
      return new PseudoDelegationTokenAuthenticator();
    }
  });
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public KerberosDelegationTokenAuthenticator() {
  super(new KerberosAuthenticator() {
    @Override
    protected Authenticator getFallBackAuthenticator() {
      return new PseudoDelegationTokenAuthenticator();
    }
  });
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public KerberosDelegationTokenAuthenticator() {
  super(new KerberosAuthenticator() {
    @Override
    protected Authenticator getFallBackAuthenticator() {
      return new PseudoDelegationTokenAuthenticator();
    }
  });
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  Assert.assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

@Test
public void testPing() throws Exception {
  runTestAsSubject(new TestOperation(){
    @Override
    public void runTestAsSubject() throws Exception {
      final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
      HttpURLConnection conn = new AuthenticatedURL(new KerberosAuthenticator()).
          openConnection(url, new AuthenticatedURL.Token());
      Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
      String response = IOUtils.toString(conn.getInputStream());
      Assert.assertEquals("pong\n", response);
    }} );
}

@Test
public void testPingWithoutSubject() throws Exception {
  final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
  try {
    new AuthenticatedURL(new KerberosAuthenticator()).openConnection(url, new AuthenticatedURL.Token());
    fail("Here should fail.");
  } catch (Exception e) {
    boolean isExpectError = e.getMessage().contains("No valid credentials provided");
    Assert.assertTrue("Here should fail by 'No valid credentials provided'," +
        " but the exception is:" + e, isExpectError);
  }
}

@Test
public void testPingWithUnauthorizedUser() throws Exception {
  // create an unauthorized User with Kerberos
  String userPrinciple = "user/" + SERVER_HOST;
  String userKerberosName = userPrinciple + "@" + REALM;
  Subject userSubject = new Subject(false, Sets.newHashSet(
      new KerberosPrincipal(userKerberosName)), new HashSet<Object>(),new HashSet<Object>());
  File userKeytab = new File(kdcWorkDir, "user.keytab");
  kdc.createPrincipal(userKeytab, userPrinciple);
  LoginContext userLoginContext = new LoginContext("", userSubject, null,
      KerberosConfiguration.createClientConfig(userKerberosName, userKeytab));
  userLoginContext.login();
  Subject.doAs(userLoginContext.getSubject(), new PrivilegedExceptionAction<Void>() {
    @Override
    public Void run() throws Exception {
      final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
      try {
        new AuthenticatedURL(new KerberosAuthenticator()).openConnection(url, new AuthenticatedURL.Token());
        fail("Here should fail.");
      } catch (AuthenticationException e) {
        String expectedError = "status code: 403";
        if (!e.getMessage().contains(expectedError)) {
          LOG.error("UnexpectedError: " + e.getMessage(), e);
          fail("UnexpectedError: " + e.getMessage());
        }
      }
      return null;
    }
  });
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithoutAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}

public void testRequestWithInvalidAuthorization() throws Exception {
  HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
  HttpServletResponse response = Mockito.mock(HttpServletResponse.class);

  Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
  assertNull(handler.authenticate(request, response));
  Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
  Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}