|
1
17
18 package org.apache.geronimo.security.remoting.jmx;
19
20 import java.io.File  ;
21 import java.io.IOException ;
22 import java.net.URI ;
23 import java.util.Properties ;
24 import java.util.Map ;
25 import java.util.HashMap ;
26 import javax.management.ObjectName ;
27 import javax.management.MalformedObjectNameException ;
28 import javax.security.auth.Subject ;
29 import javax.security.auth.callback.Callback ;
30 import javax.security.auth.callback.CallbackHandler ;
31 import javax.security.auth.callback.NameCallback ;
32 import javax.security.auth.callback.PasswordCallback ;
33 import javax.security.auth.callback.UnsupportedCallbackException ;
34 import javax.security.auth.login.LoginContext ;
35
36 import org.apache.geronimo.testsupport.TestSupport;
37
38 import org.apache.geronimo.gbean.GBeanData;
39 import org.apache.geronimo.gbean.GBeanInfo;
40 import org.apache.geronimo.gbean.AbstractName;
41 import org.apache.geronimo.gbean.AbstractNameQuery;
42 import org.apache.geronimo.kernel.KernelFactory;
43 import org.apache.geronimo.kernel.Kernel;
44 import org.apache.geronimo.kernel.repository.Artifact;
45 import org.apache.geronimo.security.IdentificationPrincipal;
46 import org.apache.geronimo.security.RealmPrincipal;
47 import org.apache.geronimo.security.jaas.server.JaasLoginService;
48 import org.apache.geronimo.security.jaas.LoginModuleGBean;
49 import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
50 import org.apache.geronimo.security.jaas.GeronimoLoginConfiguration;
51 import org.apache.geronimo.security.jaas.DirectConfigurationEntry;
52 import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
53 import org.apache.geronimo.security.jaas.ConfigurationEntryFactory;
54 import org.apache.geronimo.security.realm.GenericSecurityRealm;
55 import org.apache.geronimo.security.realm.SecurityRealm;
56 import org.apache.geronimo.system.serverinfo.ServerInfo;
57 import org.apache.geronimo.system.serverinfo.BasicServerInfo;
58
59
60
63 public class RemoteLoginTest extends TestSupport {
64 private File basedir = new File (System.getProperty("basedir"));
65
66 Kernel kernel;
67 AbstractName serverInfo;
68 AbstractName loginService;
69 AbstractName loginConfig;
70 protected AbstractName testCE;
71 protected AbstractName testRealm;
72 AbstractName serverStub;
73
74
75 public void testLogin() throws Exception {
76 ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
77 try {
78 Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
79 LoginContext context = new LoginContext ("FOO", new UsernamePasswordCallback("alan", "starcraft"));
80
81 context.login();
82 Subject subject = context.getSubject();
83
84 assertTrue("expected non-null subject", subject != null);
85 assertTrue("subject should have one remote principal", subject.getPrincipals(IdentificationPrincipal.class).size() == 1);
86 IdentificationPrincipal principal = (IdentificationPrincipal) subject.getPrincipals(IdentificationPrincipal.class).iterator().next();
87 assertTrue("id of principal should be non-zero", principal.getId().getSubjectId().longValue() != 0);
88 assertEquals("subject should have three principals", 3, subject.getPrincipals().size());
89 assertEquals("subject should have no realm principal", 0, subject.getPrincipals(RealmPrincipal.class).size());
90
91 context.logout();
92 } finally {
93 Thread.currentThread().setContextClassLoader(oldCl);
94 }
95 }
96
97 public void setUp() throws Exception {
98 kernel = KernelFactory.newInstance().createKernel("test.kernel");
99 kernel.boot();
100
101 GBeanData gbean;
102
103
105 gbean = buildGBeanData("role", "ServerInfo", BasicServerInfo.GBEAN_INFO);
106 serverInfo = gbean.getAbstractName();
107 gbean.setAttribute("baseDirectory", ".");
108 kernel.loadGBean(gbean, ServerInfo.class.getClassLoader());
109 kernel.startGBean(serverInfo);
110
111 gbean = buildGBeanData("type", "JaasLoginService", JaasLoginService.getGBeanInfo());
112 loginService = gbean.getAbstractName();
113 gbean.setReferencePattern("Realms", new AbstractNameQuery(SecurityRealm.class.getName()));
114 gbean.setAttribute("algorithm", "HmacSHA1");
115 gbean.setAttribute("password", "secret");
116 kernel.loadGBean(gbean, JaasLoginService.class.getClassLoader());
117
118 gbean = buildGBeanData("name", "PropertiesLoginModule", LoginModuleGBean.getGBeanInfo());
119 testCE = gbean.getAbstractName();
120 gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule");
121 gbean.setAttribute("serverSide", Boolean.TRUE);
122 gbean.setAttribute("loginDomainName", "secret");
123 Properties props = new Properties ();
124 props.put("usersURI", new File (BASEDIR, "src/test/data/data/users.properties").toURI().toString());
125 props.put("groupsURI", new File (BASEDIR, "src/test/data/data/groups.properties").toURI().toString());
126 gbean.setAttribute("options", props);
127 kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
128
129 gbean = buildGBeanData("name", "PropertiesLoginModuleUse", JaasLoginModuleUse.getGBeanInfo());
130 AbstractName testUseName = gbean.getAbstractName();
131 gbean.setAttribute("controlFlag", "REQUIRED");
132 gbean.setReferencePattern("LoginModule", testCE);
133 kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
134
135 gbean = buildGBeanData("name", "PropertiesSecurityRealm", GenericSecurityRealm.getGBeanInfo());
136 testRealm = gbean.getAbstractName();
137 gbean.setAttribute("realmName", "properties-realm");
138 gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
139 gbean.setReferencePattern("ServerInfo", serverInfo);
140 kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
141
142
143 gbean = buildGBeanData("target", "JaasLoginServiceRemotingServer", JaasLoginServiceRemotingServer.getGBeanInfo());
144 serverStub = gbean.getAbstractName();
145 gbean.setAttribute("protocol", "tcp");
146 gbean.setAttribute("host", "localhost");
147 gbean.setAttribute("port", new Integer (4242));
148 gbean.setReferencePattern("LoginService", loginService);
149 kernel.loadGBean(gbean, JaasLoginServiceRemotingServer.class.getClassLoader());
150
151 kernel.startGBean(loginService);
152 kernel.startGBean(testCE);
153 kernel.startGBean(testUseName);
154 kernel.startGBean(testRealm);
155 try {
156 kernel.startGBean(serverStub);
157 } catch (Throwable t) {
158 tearDown();
159 throw new RuntimeException (t);
160 }
161
162 gbean = buildGBeanData("name", "ClientLoginConfiguration", GeronimoLoginConfiguration.getGBeanInfo());
164 loginConfig = gbean.getAbstractName();
165 gbean.setReferencePattern("Configurations", new AbstractNameQuery(ConfigurationEntryFactory.class.getName()));
166 kernel.loadGBean(gbean, GeronimoLoginConfiguration.class.getClassLoader());
167 kernel.startGBean(loginConfig);
168
169 gbean = buildGBeanData("name", "JaasLoginCoordinatorLM", LoginModuleGBean.getGBeanInfo());
171 AbstractName jlc = gbean.getAbstractName();
172 gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.jaas.client.JaasLoginCoordinator");
173 gbean.setAttribute("serverSide", new Boolean (false));
174 props = new Properties ();
175 URI connectURI = (URI ) kernel.getAttribute(serverStub, "clientConnectURI");
176 props.put("host", connectURI.getHost());
177 props.put("port", "" + connectURI.getPort());
178 props.put("realm", "properties-realm");
179
180 gbean.setAttribute("options", props);
181 kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
182 kernel.startGBean(jlc);
183
184 gbean = buildGBeanData("name", "ClientConfigurationEntry", DirectConfigurationEntry.getGBeanInfo());
185 AbstractName dce = gbean.getAbstractName();
186 gbean.setAttribute("applicationConfigName", "FOO");
187 gbean.setAttribute("controlFlag", LoginModuleControlFlag.REQUIRED);
188 gbean.setReferencePattern("Module", jlc);
189 kernel.loadGBean(gbean, DirectConfigurationEntry.class.getClassLoader());
190 kernel.startGBean(dce);
191
192 }
201
202 protected void tearDown() throws Exception {
203 kernel.stopGBean(serverStub);
204 kernel.stopGBean(testRealm);
205 kernel.stopGBean(testCE);
206 kernel.stopGBean(loginService);
207 kernel.stopGBean(serverInfo);
208
209 kernel.unloadGBean(loginService);
210 kernel.unloadGBean(testCE);
211 kernel.unloadGBean(testRealm);
212 kernel.unloadGBean(serverStub);
213 kernel.unloadGBean(loginConfig);
214 kernel.unloadGBean(serverInfo);
215
216 kernel.shutdown();
217 }
218
219 private GBeanData buildGBeanData(String key, String value, GBeanInfo info) throws MalformedObjectNameException {
220 AbstractName abstractName = buildAbstractName(key, value, info);
221 return new GBeanData(abstractName, info);
222 }
223
224 private AbstractName buildAbstractName(String key, String value, GBeanInfo info) throws MalformedObjectNameException {
225 Map names = new HashMap ();
226 names.put(key, value);
227 return new AbstractName(new Artifact("test", "foo", "1", "car"), names, new ObjectName ("test:" + key + "=" + value));
228 }
229
230 class UsernamePasswordCallback implements CallbackHandler {
231 private final String username;
232 private final String password;
233
234 UsernamePasswordCallback(String username, String password) {
235 this.username = username;
236 this.password = password;
237 }
238
239 public void handle(Callback [] callbacks) throws IOException , UnsupportedCallbackException {
240 for (int i = 0; i < callbacks.length; i++) {
241 if (callbacks[i] instanceof PasswordCallback ) {
242 ((PasswordCallback ) callbacks[i]).setPassword(password.toCharArray());
243 } else if (callbacks[i] instanceof NameCallback ) {
244 ((NameCallback ) callbacks[i]).setName(username);
245 }
246 }
247 }
248 }
249 }
250 |
Popular Tags |
Java API By Example, From Geeks To Geeks.