KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > security > jaas > LoginSQLTest


1 /**
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17
18 package org.apache.geronimo.security.jaas;
19
20 import org.apache.geronimo.gbean.AbstractName;
21 import org.apache.geronimo.gbean.GBeanData;
22 import org.apache.geronimo.security.AbstractTest;
23 import org.apache.geronimo.security.ContextManager;
24 import org.apache.geronimo.security.DomainPrincipal;
25 import org.apache.geronimo.security.IdentificationPrincipal;
26 import org.apache.geronimo.security.RealmPrincipal;
27 import org.apache.geronimo.security.realm.GenericSecurityRealm;
28
29 import javax.security.auth.Subject JavaDoc;
30 import javax.security.auth.login.LoginContext JavaDoc;
31 import javax.security.auth.login.LoginException JavaDoc;
32 import java.sql.Connection JavaDoc;
33 import java.sql.DriverManager JavaDoc;
34 import java.sql.SQLException JavaDoc;
35 import java.util.Properties JavaDoc;
36 import java.io.File JavaDoc;
37
38
39 /**
40  * @version $Rev: 476049 $ $Date: 2006-11-16 23:35:17 -0500 (Thu, 16 Nov 2006) $
41  */
42 public class LoginSQLTest extends AbstractTest {
43     private File JavaDoc basedir = new File JavaDoc(System.getProperty("basedir"));
44     private String JavaDoc hsqldbURL = "jdbc:hsqldb:" + new File JavaDoc(basedir, "target/database/LoginSQLTest");
45     
46     protected AbstractName sqlRealm;
47     protected AbstractName sqlModule;
48
49     public void setUp() throws Exception JavaDoc {
50         super.setUp();
51
52         DriverManager.registerDriver(new org.hsqldb.jdbcDriver());
53
54         Connection JavaDoc conn = DriverManager.getConnection(hsqldbURL, "sa", "");
55
56
57         try {
58             conn.prepareStatement("CREATE USER loginmodule PASSWORD password ADMIN;").executeUpdate();
59         } catch (SQLException JavaDoc e) {
60             //ignore, for some reason user already exists.
61 }
62
63         conn.prepareStatement("CREATE TABLE Users(UserName VARCHAR(16), Password VARCHAR(16));").executeUpdate();
64         conn.prepareStatement("CREATE TABLE Groups(GroupName VARCHAR(16), UserName VARCHAR(16));").executeUpdate();
65
66         conn.prepareStatement("GRANT SELECT ON Users TO loginmodule;").executeUpdate();
67         conn.prepareStatement("GRANT SELECT ON Groups TO loginmodule;").executeUpdate();
68
69         conn.prepareStatement("INSERT INTO Users VALUES ('izumi', 'violin');").executeUpdate();
70         conn.prepareStatement("INSERT INTO Users VALUES ('alan', 'starcraft');").executeUpdate();
71         conn.prepareStatement("INSERT INTO Users VALUES ('george', 'bone');").executeUpdate();
72         conn.prepareStatement("INSERT INTO Users VALUES ('gracie', 'biscuit');").executeUpdate();
73         conn.prepareStatement("INSERT INTO Users VALUES ('metro', 'mouse');").executeUpdate();
74
75         conn.prepareStatement("INSERT INTO Groups VALUES ('manager', 'izumi');").executeUpdate();
76         conn.prepareStatement("INSERT INTO Groups VALUES ('it', 'alan');").executeUpdate();
77         conn.prepareStatement("INSERT INTO Groups VALUES ('pet', 'george');").executeUpdate();
78         conn.prepareStatement("INSERT INTO Groups VALUES ('pet', 'gracie');").executeUpdate();
79         conn.prepareStatement("INSERT INTO Groups VALUES ('pet', 'metro');").executeUpdate();
80         conn.prepareStatement("INSERT INTO Groups VALUES ('dog', 'george');").executeUpdate();
81         conn.prepareStatement("INSERT INTO Groups VALUES ('dog', 'gracie');").executeUpdate();
82         conn.prepareStatement("INSERT INTO Groups VALUES ('cat', 'metro');").executeUpdate();
83
84         conn.close();
85
86         GBeanData gbean = buildGBeanData("name", "SQLLoginModule", LoginModuleGBean.getGBeanInfo());
87         sqlModule = gbean.getAbstractName();
88         gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.realm.providers.SQLLoginModule");
89         gbean.setAttribute("serverSide", new Boolean JavaDoc(true));
90         Properties JavaDoc props = new Properties JavaDoc();
91         props.put("jdbcURL", hsqldbURL);
92         props.put("jdbcDriver", "org.hsqldb.jdbcDriver");
93         props.put("jdbcUser", "loginmodule");
94         props.put("jdbcPassword", "password");
95         props.put("userSelect", "SELECT UserName, Password FROM Users where UserName = ?");
96         props.put("groupSelect", "SELECT UserName, GroupName FROM Groups where UserName = ?");
97         gbean.setAttribute("options", props);
98         gbean.setAttribute("loginDomainName", "SQLDomain");
99         gbean.setAttribute("wrapPrincipals", Boolean.TRUE);
100         kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
101         kernel.startGBean(sqlModule);
102
103         gbean = buildGBeanData("name", "SQLLoginModuleUse", JaasLoginModuleUse.getGBeanInfo());
104         AbstractName testUseName = gbean.getAbstractName();
105         gbean.setAttribute("controlFlag", "REQUIRED");
106         gbean.setReferencePattern("LoginModule", sqlModule);
107         kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
108         kernel.startGBean(testUseName);
109
110         gbean = buildGBeanData("name", "SQLSecurityRealm", GenericSecurityRealm.getGBeanInfo());
111         sqlRealm = gbean.getAbstractName();
112         gbean.setAttribute("realmName", "sql-realm");
113         gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
114         gbean.setReferencePattern("LoginService", loginService);
115         kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
116         kernel.startGBean(sqlRealm);
117
118     }
119
120     public void tearDown() throws Exception JavaDoc {
121         kernel.stopGBean(sqlRealm);
122         kernel.stopGBean(sqlModule);
123         kernel.unloadGBean(sqlRealm);
124         kernel.unloadGBean(sqlModule);
125
126         super.tearDown();
127
128         Connection JavaDoc conn = DriverManager.getConnection(hsqldbURL, "sa", "");
129
130         try {
131             conn.prepareStatement("DROP USER loginmodule;").executeUpdate();
132
133             conn.prepareStatement("DROP TABLE Users;").executeUpdate();
134             conn.prepareStatement("DROP TABLE Groups;").executeUpdate();
135         } catch (SQLException JavaDoc e) {
136             //who knows??
137 }
138
139     }
140
141     public void testLogin() throws Exception JavaDoc {
142         LoginContext JavaDoc context = new LoginContext JavaDoc("sql", new UsernamePasswordCallback("alan", "starcraft"));
143
144         context.login();
145         Subject JavaDoc subject = context.getSubject();
146         assertTrue("expected non-null client-side subject", subject != null);
147         subject = ContextManager.getServerSideSubject(subject);
148
149         assertTrue("expected non-null server-side subject", subject != null);
150         assertEquals("server-side subject should have seven principal", 7, subject.getPrincipals().size());
151         assertEquals("server-side subject should have two realm principals", 2, subject.getPrincipals(RealmPrincipal.class).size());
152         assertEquals("server-side subject should have two domain principals", 2, subject.getPrincipals(DomainPrincipal.class).size());
153         assertEquals("server-side subject should have one remote principal", 1, subject.getPrincipals(IdentificationPrincipal.class).size());
154         IdentificationPrincipal principal = (IdentificationPrincipal) subject.getPrincipals(IdentificationPrincipal.class).iterator().next();
155         assertTrue("id of principal should be non-zero", principal.getId().getSubjectId().longValue() != 0);
156
157         context.logout();
158     }
159
160     public void testNullUserLogin() throws Exception JavaDoc {
161         LoginContext JavaDoc context = new LoginContext JavaDoc("sql", new UsernamePasswordCallback(null, "starcraft"));
162
163         try {
164             context.login();
165             fail("Should not allow this login with null username");
166         } catch (LoginException JavaDoc e) {
167         }
168     }
169
170     public void testNullPasswordLogin() throws Exception JavaDoc {
171         LoginContext JavaDoc context = new LoginContext JavaDoc("sql", new UsernamePasswordCallback("alan", null));
172
173         try {
174             context.login();
175             fail("Should not allow this login with null password");
176         } catch (LoginException JavaDoc e) {
177         }
178     }
179 }
180
Popular Tags