Tested admin services using SSL and a self-signed certificate.

Change-Id: If5cbd8ab867637d3524629a75b120b2fedc29779
diff --git a/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
index f66646a..6455452 100644
--- a/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ b/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
@@ -57,7 +57,7 @@
 //                        .getConfiguration().getAdminToken())) {
         
 //        EM: to do ssl
-//        if (authentication != null && cr.isSecure()) {
+        if (authentication != null && cr.isSecure()) {
 //            String token = StringUtils.stripTokenType(authentication);
 //            EncryptionIface crypto = BeansFactory.getKustvaktContext()
 //                    .getEncryption();
@@ -73,9 +73,9 @@
                 cr.setSecurityContext(new KustvaktContext(c));
                 
 //            }
-//        }
-//        else
-//            throw KustvaktResponseHandler.throwAuthenticationException("");
+        }
+        else
+            throw KustvaktResponseHandler.throwAuthenticationException("Unsecure connection.");
         return cr;
     }
 
diff --git a/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java b/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java
index 65c906c..c282708 100644
--- a/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java
@@ -37,11 +37,12 @@
 
     private static TestContainer testContainer;
 
-    private static Client client;
+    protected static Client client;
     private static String[] classPackages = null;
 
     private static int PORT = 9000;
     private static int PORT_IT = 1;
+    protected static String containerURI = "http://localhost/";
 
 
     public static void addClass (Class<?> resourceClass) {
@@ -108,7 +109,7 @@
                 tcf = new GrizzlyWebTestContainerFactory();
         }
 
-        testContainer = tcf.create(UriBuilder.fromUri("http://localhost/")
+        testContainer = tcf.create(UriBuilder.fromUri(containerURI)
                 .port(port).build(), ad);
         client = testContainer.getClient();
         if (client == null) {
diff --git a/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java b/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java
index 3e16f22..81d3e0e 100644
--- a/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java
@@ -5,10 +5,21 @@
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
+import java.io.File;
+import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.util.UUID;
+
+import javax.net.ssl.SSLContext;
 
 import org.apache.commons.io.IOUtils;
 import org.apache.http.HttpEntity;
@@ -16,7 +27,12 @@
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.utils.URIBuilder;
+import org.apache.http.config.Registry;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.conn.ssl.SSLContexts;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
 import org.apache.http.impl.client.HttpClients;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.junit.Assert;
 import org.junit.Test;
 
@@ -28,13 +44,14 @@
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.handlers.ResourceDao;
 import de.ids_mannheim.korap.resources.KustvaktResource;
+import de.ids_mannheim.korap.resources.Permissions.Permission;
 import de.ids_mannheim.korap.security.auth.BasicHttpAuth;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.JsonUtils;
 
 /**
- * This class tests services of a running Kustvakt server with a MySQL database. 
- * Please check the database configuration in src/main/resources/jdbc.properties 
+ * This class tests services of a running Kustvakt server with a MySQL database.
+ * Please check the database configuration in src/main/resources/jdbc.properties
  * and run the server before running the tests.
  * 
  * See {@link ResourceServiceTest} for tests using an in-memory database.
@@ -42,7 +59,53 @@
  * @author margaretha
  *
  */
-public class ResouceServiceServerTest extends BeanConfigTest{
+public class ResouceServiceServerTest extends BeanConfigTest {
+	@Test
+	public void testCreatePolicy() throws IOException, URISyntaxException {
+		String pwd ="password";
+		InputStream stream = new FileInputStream(new File(
+                "/home/elma/korap-keystore"));
+		
+        SSLContext sslcontext = null;
+		try {
+			KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+			ks.load(stream, pwd.toCharArray());
+			sslcontext = SSLContexts.custom()
+	                .loadTrustMaterial(ks)
+	                .loadKeyMaterial(ks, pwd.toCharArray())
+	                .build();
+		} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException 
+				| KeyManagementException | UnrecoverableKeyException e) {
+			e.printStackTrace();
+		}
+		
+		SSLConnectionSocketFactory factory = new SSLConnectionSocketFactory(sslcontext,
+		         SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
+        HttpClient httpclient = HttpClients.custom()
+                .setSSLSocketFactory(factory)
+                .build();
+		
+        String id = UUID.randomUUID().toString();
+		URIBuilder builder = new URIBuilder();
+		builder.setScheme("https")
+			.setHost("korap.ids-mannheim.de")
+			.setPort(8443).setPath("/api/v0.1/admin/createPolicies/" + id)
+			.setParameter("type", "virtualcollection")
+			.setParameter("name", "Goethe VC")
+			.setParameter("description", "Goethe corpus")
+			.setParameter("group", "public")
+			.setParameter("perm", Permission.READ.name())
+			.setParameter("loc", "")
+			.setParameter("expire", "");
+
+		URI uri = builder.build();
+		HttpPost httppost = new HttpPost(uri);
+		httppost.addHeader(Attributes.AUTHORIZATION, BasicHttpAuth.encode("kustvakt", "kustvakt2015"));
+		HttpResponse response = httpclient.execute(httppost);
+		assertEquals(ClientResponse.Status.OK.getStatusCode(),
+                response.getStatusLine().getStatusCode());
+
+	}
 
 	@Test
 	public void testWrongAuthorization() throws IOException, URISyntaxException {
@@ -73,8 +136,8 @@
 		assertTrue(node.isObject());
 		assertEquals("Goethe", node.path("name").asText());
 		assertEquals("Goethe corpus", node.path("description").asText());
-		
-		//checkResourceInDB(node.path("id").asText());
+
+		// checkResourceInDB(node.path("id").asText());
 	}
 
 	public HttpResponse testResourceStore(String password) throws IOException, URISyntaxException {
@@ -90,24 +153,21 @@
 		return httpclient.execute(httppost);
 
 	}
-	
-	private void checkResourceInDB(String id) throws KustvaktException {
-		
-		ResourceDao<?> dao = new ResourceDao<>(helper().getContext()
-                .getPersistenceClient());
-        assertEquals("sqlite", helper().getContext().getPersistenceClient()
-                .getDatabase());
 
-        assertNotEquals(0, dao.size());
-        KustvaktResource res = dao.findbyId(id,
-                User.UserFactory.getDemoUser());
-        assertNotNull(res);
-        Assert.assertEquals(true,res.getField("testVar").toString().startsWith("testVal_"));
+	private void checkResourceInDB(String id) throws KustvaktException {
+
+		ResourceDao<?> dao = new ResourceDao<>(helper().getContext().getPersistenceClient());
+		assertEquals("sqlite", helper().getContext().getPersistenceClient().getDatabase());
+
+		assertNotEquals(0, dao.size());
+		KustvaktResource res = dao.findbyId(id, User.UserFactory.getDemoUser());
+		assertNotNull(res);
+		Assert.assertEquals(true, res.getField("testVar").toString().startsWith("testVal_"));
 	}
 
 	@Override
 	public void initMethod() throws KustvaktException {
 		// TODO Auto-generated method stub
-		
+
 	}
 }