|
1
18
19 package org.apache.activemq.security;
20
21 import junit.framework.TestCase;
22
23 import org.apache.activemq.broker.ConnectionContext;
24 import org.apache.activemq.broker.StubBroker;
25 import org.apache.activemq.command.ConnectionInfo;
26 import org.apache.activemq.jaas.GroupPrincipal;
27 import org.apache.activemq.jaas.UserPrincipal;
28 import org.apache.activemq.transport.tcp.StubX509Certificate;
29
30 import java.io.IOException  ;
31 import java.security.Principal ;
32 import java.util.HashMap ;
33 import java.util.HashSet ;
34 import java.util.Iterator ;
35 import java.util.Set ;
36
37 import javax.security.auth.Subject ;
38 import javax.security.auth.callback.CallbackHandler ;
39 import javax.security.auth.login.AppConfigurationEntry ;
40 import javax.security.auth.login.Configuration ;
41 import javax.security.auth.login.LoginContext ;
42
43 public class JaasCertificateAuthenticationBrokerTest extends TestCase {
44 StubBroker receiveBroker;
45
46 JaasCertificateAuthenticationBroker authBroker;
47
48 ConnectionContext connectionContext;
49 ConnectionInfo connectionInfo;
50
51 protected void setUp() throws Exception {
52 receiveBroker = new StubBroker();
53
54 authBroker = new JaasCertificateAuthenticationBroker(receiveBroker, "");
55
56 connectionContext = new ConnectionContext();
57 connectionInfo = new ConnectionInfo();
58
59 connectionInfo.setTransportContext(new StubX509Certificate[] {});
60 }
61
62 protected void tearDown() throws Exception {
63 super.tearDown();
64 }
65
66 private void setConfiguration(Set userNames, Set groupNames, boolean loginShouldSucceed) {
67 HashMap configOptions = new HashMap ();
68
69 String userNamesString;
70 {
71 Iterator iter = userNames.iterator();
72 userNamesString = "" + (iter.hasNext() ? (String )iter.next() : "");
73 while (iter.hasNext()) {
74 userNamesString += "," + (String )iter.next();
75 }
76 }
77
78 String groupNamesString = "";
79 {
80 Iterator iter = groupNames.iterator();
81 groupNamesString = "" + (iter.hasNext() ? (String )iter.next() : "");
82 while (iter.hasNext()) {
83 groupNamesString += "," + (String )iter.next();
84 }
85 }
86
87 configOptions.put(StubLoginModule.ALLOW_LOGIN_PROPERTY, (loginShouldSucceed ? "true" : "false"));
88 configOptions.put(StubLoginModule.USERS_PROPERTY, userNamesString);
89 configOptions.put(StubLoginModule.GROUPS_PROPERTY, groupNamesString);
90 AppConfigurationEntry configEntry = new AppConfigurationEntry (
91 "org.apache.activemq.security.StubLoginModule",
92 AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
93 configOptions);
94
95 StubJaasConfiguration jaasConfig = new StubJaasConfiguration(configEntry);
96
97 Configuration.setConfiguration(jaasConfig);
98 }
99
100 public void testAddConnectionSuccess() {
101 String dnUserName = "dnUserName";
102
103 HashSet userNames = new HashSet ();
104 userNames.add(dnUserName);
105
106 HashSet groupNames = new HashSet ();
107 groupNames.add("testGroup1");
108 groupNames.add("testGroup2");
109 groupNames.add("tesetGroup3");
110
111 setConfiguration(
112 userNames,
113 groupNames,
114 true);
115
116 try {
117 authBroker.addConnection(connectionContext, connectionInfo);
118 } catch (Exception e) {
119 fail("Call to addConnection failed: " + e.getMessage());
120 }
121
122 assertEquals("Number of addConnection calls to underlying Broker must match number of calls made to " +
123 "AuthenticationBroker.",
124 1, receiveBroker.addConnectionData.size());
125
126 ConnectionContext receivedContext =
127 ((StubBroker.AddConnectionData)receiveBroker.addConnectionData.getFirst()).connectionContext;
128
129 assertEquals("The SecurityContext's userName must be set to that of the UserPrincipal.",
130 dnUserName, receivedContext.getSecurityContext().getUserName());
131
132 Set receivedPrincipals =
133 receivedContext.getSecurityContext().getPrincipals();
134
135 for (Iterator iter = receivedPrincipals.iterator(); iter.hasNext(); ) {
136 Principal currentPrincipal = (Principal)iter.next();
137
138 if (currentPrincipal instanceof UserPrincipal) {
139 if (userNames.remove(currentPrincipal.getName())) {
140 } else {
142 fail("Unknown UserPrincipal found");
144 }
145 } else if (currentPrincipal instanceof GroupPrincipal) {
146 if (groupNames.remove(currentPrincipal.getName())) {
147 } else {
149 fail("Unknown GroupPrincipal found.");
150 }
151 } else {
152 fail("Unexpected Principal subclass found.");
153 }
154 }
155
156 if (!userNames.isEmpty()) {
157 fail("Some usernames were not added as UserPrincipals");
158 }
159
160 if (!groupNames.isEmpty()) {
161 fail("Some group names were not added as GroupPrincipals");
162 }
163 }
164
165 public void testAddConnectionFailure() {
166 HashSet userNames = new HashSet ();
167
168 HashSet groupNames = new HashSet ();
169 groupNames.add("testGroup1");
170 groupNames.add("testGroup2");
171 groupNames.add("tesetGroup3");
172
173 setConfiguration(
174 userNames,
175 groupNames,
176 false);
177
178 boolean connectFailed = false;
179 try {
180 authBroker.addConnection(connectionContext, connectionInfo);
181 } catch (SecurityException e) {
182 connectFailed = true;
183 } catch (Exception e) {
184 fail("Failed to connect for unexpected reason: " + e.getMessage());
185 }
186
187 if (!connectFailed) {
188 fail("Unauthenticated connection allowed.");
189 }
190
191 assertEquals("Unauthenticated connection allowed.",
192 true, receiveBroker.addConnectionData.isEmpty());
193 }
194
195 public void testRemoveConnection() throws Exception {
196 connectionContext.setSecurityContext(new StubSecurityContext());
197
198 authBroker.removeConnection(connectionContext, connectionInfo, new Throwable ());
199
200 assertEquals("removeConnection should clear ConnectionContext.",
201 null, connectionContext.getSecurityContext());
202
203 assertEquals("Incorrect number of calls to underlying broker were made.",
204 1, receiveBroker.removeConnectionData.size());
205 }
206 }
207 |
Popular Tags |
Java API By Example, From Geeks To Geeks.