1 17 18 package org.apache.geronimo.security.jaas; 19 20 import org.apache.geronimo.gbean.AbstractName; 21 import org.apache.geronimo.gbean.GBeanData; 22 import org.apache.geronimo.security.AbstractTest; 23 import org.apache.geronimo.security.ContextManager; 24 import org.apache.geronimo.security.DomainPrincipal; 25 import org.apache.geronimo.security.IdentificationPrincipal; 26 import org.apache.geronimo.security.RealmPrincipal; 27 import org.apache.geronimo.security.realm.GenericSecurityRealm; 28 29 import javax.security.auth.Subject ; 30 import javax.security.auth.login.LoginContext ; 31 import javax.security.auth.login.LoginException ; 32 import java.sql.Connection ; 33 import java.sql.DriverManager ; 34 import java.sql.SQLException ; 35 import java.util.Properties ; 36 import java.io.File ; 37 38 39 42 public class LoginSQLTest extends AbstractTest { 43 private File basedir = new File (System.getProperty("basedir")); 44 private String hsqldbURL = "jdbc:hsqldb:" + new File (basedir, "target/database/LoginSQLTest"); 45 46 protected AbstractName sqlRealm; 47 protected AbstractName sqlModule; 48 49 public void setUp() throws Exception { 50 super.setUp(); 51 52 DriverManager.registerDriver(new org.hsqldb.jdbcDriver()); 53 54 Connection conn = DriverManager.getConnection(hsqldbURL, "sa", ""); 55 56 57 try { 58 conn.prepareStatement("CREATE USER loginmodule PASSWORD password ADMIN;").executeUpdate(); 59 } catch (SQLException e) { 60 } 62 63 conn.prepareStatement("CREATE TABLE Users(UserName VARCHAR(16), Password VARCHAR(16));").executeUpdate(); 64 conn.prepareStatement("CREATE TABLE Groups(GroupName VARCHAR(16), UserName VARCHAR(16));").executeUpdate(); 65 66 conn.prepareStatement("GRANT SELECT ON Users TO loginmodule;").executeUpdate(); 67 conn.prepareStatement("GRANT SELECT ON Groups TO loginmodule;").executeUpdate(); 68 69 conn.prepareStatement("INSERT INTO Users VALUES ('izumi', 'violin');").executeUpdate(); 70 conn.prepareStatement("INSERT INTO Users VALUES ('alan', 'starcraft');").executeUpdate(); 71 conn.prepareStatement("INSERT INTO Users VALUES ('george', 'bone');").executeUpdate(); 72 conn.prepareStatement("INSERT INTO Users VALUES ('gracie', 'biscuit');").executeUpdate(); 73 conn.prepareStatement("INSERT INTO Users VALUES ('metro', 'mouse');").executeUpdate(); 74 75 conn.prepareStatement("INSERT INTO Groups VALUES ('manager', 'izumi');").executeUpdate(); 76 conn.prepareStatement("INSERT INTO Groups VALUES ('it', 'alan');").executeUpdate(); 77 conn.prepareStatement("INSERT INTO Groups VALUES ('pet', 'george');").executeUpdate(); 78 conn.prepareStatement("INSERT INTO Groups VALUES ('pet', 'gracie');").executeUpdate(); 79 conn.prepareStatement("INSERT INTO Groups VALUES ('pet', 'metro');").executeUpdate(); 80 conn.prepareStatement("INSERT INTO Groups VALUES ('dog', 'george');").executeUpdate(); 81 conn.prepareStatement("INSERT INTO Groups VALUES ('dog', 'gracie');").executeUpdate(); 82 conn.prepareStatement("INSERT INTO Groups VALUES ('cat', 'metro');").executeUpdate(); 83 84 conn.close(); 85 86 GBeanData gbean = buildGBeanData("name", "SQLLoginModule", LoginModuleGBean.getGBeanInfo()); 87 sqlModule = gbean.getAbstractName(); 88 gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.realm.providers.SQLLoginModule"); 89 gbean.setAttribute("serverSide", new Boolean (true)); 90 Properties props = new Properties (); 91 props.put("jdbcURL", hsqldbURL); 92 props.put("jdbcDriver", "org.hsqldb.jdbcDriver"); 93 props.put("jdbcUser", "loginmodule"); 94 props.put("jdbcPassword", "password"); 95 props.put("userSelect", "SELECT UserName, Password FROM Users where UserName = ?"); 96 props.put("groupSelect", "SELECT UserName, GroupName FROM Groups where UserName = ?"); 97 gbean.setAttribute("options", props); 98 gbean.setAttribute("loginDomainName", "SQLDomain"); 99 gbean.setAttribute("wrapPrincipals", Boolean.TRUE); 100 kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader()); 101 kernel.startGBean(sqlModule); 102 103 gbean = buildGBeanData("name", "SQLLoginModuleUse", JaasLoginModuleUse.getGBeanInfo()); 104 AbstractName testUseName = gbean.getAbstractName(); 105 gbean.setAttribute("controlFlag", "REQUIRED"); 106 gbean.setReferencePattern("LoginModule", sqlModule); 107 kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader()); 108 kernel.startGBean(testUseName); 109 110 gbean = buildGBeanData("name", "SQLSecurityRealm", GenericSecurityRealm.getGBeanInfo()); 111 sqlRealm = gbean.getAbstractName(); 112 gbean.setAttribute("realmName", "sql-realm"); 113 gbean.setReferencePattern("LoginModuleConfiguration", testUseName); 114 gbean.setReferencePattern("LoginService", loginService); 115 kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader()); 116 kernel.startGBean(sqlRealm); 117 118 } 119 120 public void tearDown() throws Exception { 121 kernel.stopGBean(sqlRealm); 122 kernel.stopGBean(sqlModule); 123 kernel.unloadGBean(sqlRealm); 124 kernel.unloadGBean(sqlModule); 125 126 super.tearDown(); 127 128 Connection conn = DriverManager.getConnection(hsqldbURL, "sa", ""); 129 130 try { 131 conn.prepareStatement("DROP USER loginmodule;").executeUpdate(); 132 133 conn.prepareStatement("DROP TABLE Users;").executeUpdate(); 134 conn.prepareStatement("DROP TABLE Groups;").executeUpdate(); 135 } catch (SQLException e) { 136 } 138 139 } 140 141 public void testLogin() throws Exception { 142 LoginContext context = new LoginContext ("sql", new UsernamePasswordCallback("alan", "starcraft")); 143 144 context.login(); 145 Subject subject = context.getSubject(); 146 assertTrue("expected non-null client-side subject", subject != null); 147 subject = ContextManager.getServerSideSubject(subject); 148 149 assertTrue("expected non-null server-side subject", subject != null); 150 assertEquals("server-side subject should have seven principal", 7, subject.getPrincipals().size()); 151 assertEquals("server-side subject should have two realm principals", 2, subject.getPrincipals(RealmPrincipal.class).size()); 152 assertEquals("server-side subject should have two domain principals", 2, subject.getPrincipals(DomainPrincipal.class).size()); 153 assertEquals("server-side subject should have one remote principal", 1, subject.getPrincipals(IdentificationPrincipal.class).size()); 154 IdentificationPrincipal principal = (IdentificationPrincipal) subject.getPrincipals(IdentificationPrincipal.class).iterator().next(); 155 assertTrue("id of principal should be non-zero", principal.getId().getSubjectId().longValue() != 0); 156 157 context.logout(); 158 } 159 160 public void testNullUserLogin() throws Exception { 161 LoginContext context = new LoginContext ("sql", new UsernamePasswordCallback(null, "starcraft")); 162 163 try { 164 context.login(); 165 fail("Should not allow this login with null username"); 166 } catch (LoginException e) { 167 } 168 } 169 170 public void testNullPasswordLogin() throws Exception { 171 LoginContext context = new LoginContext ("sql", new UsernamePasswordCallback("alan", null)); 172 173 try { 174 context.login(); 175 fail("Should not allow this login with null password"); 176 } catch (LoginException e) { 177 } 178 } 179 } 180 | Popular Tags |