KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > security > jaas > LoginKerberosTest


1 /**
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17
18 package org.apache.geronimo.security.jaas;
19
20 import org.apache.geronimo.gbean.AbstractName;
21 import org.apache.geronimo.gbean.GBeanData;
22 import org.apache.geronimo.security.AbstractTest;
23 import org.apache.geronimo.security.ContextManager;
24 import org.apache.geronimo.security.IdentificationPrincipal;
25 import org.apache.geronimo.security.RealmPrincipal;
26 import org.apache.geronimo.security.realm.GenericSecurityRealm;
27
28 import javax.security.auth.Subject JavaDoc;
29 import javax.security.auth.kerberos.KerberosPrincipal JavaDoc;
30 import javax.security.auth.login.LoginContext JavaDoc;
31 import javax.security.auth.login.LoginException JavaDoc;
32 import java.util.Properties JavaDoc;
33
34
35 /**
36  * @version $Rev: 476049 $ $Date: 2006-11-16 23:35:17 -0500 (Thu, 16 Nov 2006) $
37  */
38 public class LoginKerberosTest extends AbstractTest {
39
40     protected AbstractName kerberosRealm;
41     protected AbstractName kerberosLM;
42
43     public void setUp() throws Exception JavaDoc {
44         super.setUp();
45
46         GBeanData gbean = buildGBeanData("name", "KerberosLoginModule", LoginModuleGBean.getGBeanInfo());
47         kerberosLM = gbean.getAbstractName();
48         gbean.setAttribute("loginModuleClass", "com.sun.security.auth.module.Krb5LoginModule");
49         gbean.setAttribute("serverSide", Boolean.TRUE); // normally not, but in this case, it's treated as server-side
50 Properties JavaDoc props = new Properties JavaDoc();
51         props.put("debug", "true");
52         props.put("useTicketCache", "true");
53         props.put("doNotPrompt", "true");
54         gbean.setAttribute("options", props);
55         kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
56
57         gbean = buildGBeanData("name", "KerberosLoginModuleUse", JaasLoginModuleUse.getGBeanInfo());
58         AbstractName testUseName = gbean.getAbstractName();
59         gbean.setAttribute("controlFlag", "REQUIRED");
60         gbean.setReferencePattern("LoginModule", kerberosLM);
61         kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
62
63         gbean = buildGBeanData("name", "KerberosSecurityRealm", GenericSecurityRealm.getGBeanInfo());
64         kerberosRealm = gbean.getAbstractName();
65         gbean.setAttribute("realmName", "TOOLAZYDOGS.COM");
66         gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
67         kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
68         kernel.startGBean(kerberosLM);
69         kernel.startGBean(testUseName);
70         kernel.startGBean(kerberosRealm);
71     }
72
73     public void tearDown() throws Exception JavaDoc {
74         kernel.stopGBean(kerberosRealm);
75         kernel.unloadGBean(kerberosRealm);
76         kernel.stopGBean(kerberosLM);
77         kernel.unloadGBean(kerberosLM);
78
79         super.tearDown();
80     }
81
82     public void testLogin() throws Exception JavaDoc {
83         try {
84             LoginContext JavaDoc context = new LoginContext JavaDoc("kerberos-local");
85
86             context.login();
87             Subject JavaDoc subject = context.getSubject();
88
89             assertTrue("expected non-null client-side subject", subject != null);
90             subject = ContextManager.getServerSideSubject(subject);
91
92             assertTrue("expected non-null server-side subject", subject != null);
93             assertTrue("id of server-side subject should be non-null", ContextManager.getSubjectId(subject) != null);
94             assertEquals("server-side subject should have three principals", 3, subject.getPrincipals().size());
95             assertEquals("server-side subject should have one realm principal", 1, subject.getPrincipals(RealmPrincipal.class).size());
96             assertEquals("server-side subject should have one identification principal", 1, subject.getPrincipals(IdentificationPrincipal.class).size());
97             assertEquals("server-side subject should have one kerberos principal", 1, subject.getPrincipals(KerberosPrincipal JavaDoc.class).size());
98             RealmPrincipal principal = (RealmPrincipal) subject.getPrincipals(RealmPrincipal.class).iterator().next();
99
100             context.logout();
101
102             assertTrue("id of subject should be null", ContextManager.getSubjectId(subject) == null);
103         } catch (LoginException JavaDoc e) {
104             e.printStackTrace();
105             // May not have kerberos
106 }
107     }
108 }
109
Popular Tags