1 17 18 package org.apache.geronimo.security.jaas; 19 20 import org.apache.geronimo.gbean.AbstractName; 21 import org.apache.geronimo.gbean.GBeanData; 22 import org.apache.geronimo.security.AbstractTest; 23 import org.apache.geronimo.security.ContextManager; 24 import org.apache.geronimo.security.DomainPrincipal; 25 import org.apache.geronimo.security.IdentificationPrincipal; 26 import org.apache.geronimo.security.RealmPrincipal; 27 import org.apache.geronimo.security.realm.GenericSecurityRealm; 28 29 import javax.security.auth.Subject ; 30 import javax.security.auth.login.LoginContext ; 31 import javax.security.auth.login.LoginException ; 32 import java.io.File ; 33 import java.util.Properties ; 34 35 36 39 public class LoginPropertiesFileTest extends AbstractTest { 40 protected AbstractName clientLM; 41 protected AbstractName clientCE; 42 protected AbstractName testCE; 43 protected AbstractName testRealm; 44 45 public void setUp() throws Exception { 46 needServerInfo = true; 47 needLoginConfiguration = true; 48 super.setUp(); 49 50 GBeanData gbean; 51 52 gbean = buildGBeanData("name", "ClientPropertiesLoginModule", LoginModuleGBean.getGBeanInfo()); 53 clientLM = gbean.getAbstractName(); 54 gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.jaas.client.JaasLoginCoordinator"); 55 gbean.setAttribute("serverSide", Boolean.FALSE); 56 Properties props = new Properties (); 57 props.put("host", "localhost"); 58 props.put("port", "4242"); 59 props.put("realm", "properties-realm"); 60 gbean.setAttribute("options", props); 61 kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader()); 62 63 gbean = buildGBeanData("name", "ClientConfigurationEntry", DirectConfigurationEntry.getGBeanInfo()); 64 clientCE = gbean.getAbstractName(); 65 gbean.setAttribute("applicationConfigName", "properties-client"); 66 gbean.setAttribute("controlFlag", LoginModuleControlFlag.REQUIRED); 67 gbean.setReferencePattern("Module", clientLM); 68 kernel.loadGBean(gbean, DirectConfigurationEntry.class.getClassLoader()); 69 70 gbean = buildGBeanData("name", "PropertiesLoginModule", LoginModuleGBean.getGBeanInfo()); 71 testCE = gbean.getAbstractName(); 72 gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule"); 73 gbean.setAttribute("serverSide", Boolean.TRUE); 74 props = new Properties (); 75 props.put("usersURI", new File (BASEDIR, "src/test/data/data/users.properties").toURI().toString()); 76 props.put("groupsURI", new File (BASEDIR, "src/test/data/data/groups.properties").toURI().toString()); 77 gbean.setAttribute("options", props); 78 gbean.setAttribute("loginDomainName", "TestProperties"); 79 gbean.setAttribute("wrapPrincipals", Boolean.TRUE); 80 kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader()); 81 82 gbean = buildGBeanData("name", "PropertiesLoginModuleUse", JaasLoginModuleUse.getGBeanInfo()); 83 AbstractName testUseName = gbean.getAbstractName(); 84 gbean.setAttribute("controlFlag", "REQUIRED"); 85 gbean.setReferencePattern("LoginModule", testCE); 86 kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader()); 87 88 gbean = buildGBeanData("name", "PropertiesSecurityRealm", GenericSecurityRealm.getGBeanInfo()); 89 testRealm = gbean.getAbstractName(); 90 gbean.setAttribute("realmName", "properties-realm"); 91 gbean.setReferencePattern("LoginModuleConfiguration", testUseName); 92 gbean.setReferencePattern("ServerInfo", serverInfo); 93 gbean.setReferencePattern("LoginService", loginService); 94 kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader()); 95 96 kernel.startGBean(loginConfiguration); 97 kernel.startGBean(clientLM); 98 kernel.startGBean(clientCE); 99 kernel.startGBean(testUseName); 100 kernel.startGBean(testCE); 101 kernel.startGBean(testRealm); 102 } 103 104 public void tearDown() throws Exception { 105 kernel.stopGBean(testRealm); 106 kernel.stopGBean(testCE); 107 kernel.stopGBean(clientCE); 108 kernel.stopGBean(clientLM); 109 kernel.stopGBean(loginConfiguration); 110 kernel.stopGBean(serverInfo); 111 112 kernel.unloadGBean(testCE); 113 kernel.unloadGBean(testRealm); 114 kernel.unloadGBean(clientCE); 115 kernel.unloadGBean(clientLM); 116 kernel.unloadGBean(loginConfiguration); 117 kernel.unloadGBean(serverInfo); 118 119 super.tearDown(); 120 } 121 122 public void testLogin() throws Exception { 123 124 LoginContext context = new LoginContext ("properties-client", new AbstractTest.UsernamePasswordCallback("alan", "starcraft")); 125 126 context.login(); 127 Subject subject = context.getSubject(); 128 129 assertTrue("expected non-null subject", subject != null); 130 assertTrue("subject should have one remote principal", subject.getPrincipals(IdentificationPrincipal.class).size() == 1); 131 IdentificationPrincipal remote = (IdentificationPrincipal) subject.getPrincipals(IdentificationPrincipal.class).iterator().next(); 132 assertTrue("subject should be associated with remote id", ContextManager.getRegisteredSubject(remote.getId()) != null); 133 assertEquals("subject should have seven principals (" + subject.getPrincipals().size() + ")", 7, subject.getPrincipals().size()); 134 assertEquals("subject should have 2 realm principals (" + subject.getPrincipals(RealmPrincipal.class).size() + ")", 2, subject.getPrincipals(RealmPrincipal.class).size()); 135 assertEquals("subject should have 2 domain principals (" + subject.getPrincipals(DomainPrincipal.class).size() + ")", 2, subject.getPrincipals(DomainPrincipal.class).size()); 136 137 subject = ContextManager.getServerSideSubject(subject); 138 139 assertTrue("expected non-null subject", subject != null); 140 assertTrue("subject should have one remote principal", subject.getPrincipals(IdentificationPrincipal.class).size() == 1); 141 remote = (IdentificationPrincipal) subject.getPrincipals(IdentificationPrincipal.class).iterator().next(); 142 assertTrue("subject should be associated with remote id", ContextManager.getRegisteredSubject(remote.getId()) != null); 143 assertEquals("subject should have seven principals (" + subject.getPrincipals().size() + ")", 7, subject.getPrincipals().size()); 144 assertEquals("subject should have 2 realm principals (" + subject.getPrincipals(RealmPrincipal.class).size() + ")", 2, subject.getPrincipals(RealmPrincipal.class).size()); 145 assertEquals("subject should have 2 domain principals (" + subject.getPrincipals(DomainPrincipal.class).size() + ")", 2, subject.getPrincipals(DomainPrincipal.class).size()); 146 147 context.logout(); 148 149 assertTrue("id of server subject should be null", ContextManager.getSubjectId(subject) == null); 150 } 151 152 public void testNullUserLogin() throws Exception { 153 LoginContext context = new LoginContext ("properties-client", new UsernamePasswordCallback(null, "starcraft")); 154 155 try { 156 context.login(); 157 fail("Should not allow this login with null username"); 158 } catch (LoginException e) { 159 } 160 } 161 162 public void testBadUserLogin() throws Exception { 163 LoginContext context = new LoginContext ("properties-client", new UsernamePasswordCallback("bad", "starcraft")); 164 165 try { 166 context.login(); 167 fail("Should not allow this login with null username"); 168 } catch (LoginException e) { 169 } 170 } 171 172 public void testNullPasswordLogin() throws Exception { 173 LoginContext context = new LoginContext ("properties-client", new UsernamePasswordCallback("alan", null)); 174 175 try { 176 context.login(); 177 fail("Should not allow this login with null password"); 178 } catch (LoginException e) { 179 } 180 } 181 182 public void testBadPasswordLogin() throws Exception { 183 LoginContext context = new LoginContext ("properties-client", new UsernamePasswordCallback("alan", "bad")); 184 185 try { 186 context.login(); 187 fail("Should not allow this login with null password"); 188 } catch (LoginException e) { 189 } 190 } 191 } 192 | Popular Tags |