1 17 18 package org.apache.geronimo.security.remoting.jmx; 19 20 import java.io.File ; 21 import java.io.IOException ; 22 import java.net.URI ; 23 import java.util.Properties ; 24 import java.util.Map ; 25 import java.util.HashMap ; 26 import javax.management.ObjectName ; 27 import javax.management.MalformedObjectNameException ; 28 import javax.security.auth.Subject ; 29 import javax.security.auth.callback.Callback ; 30 import javax.security.auth.callback.CallbackHandler ; 31 import javax.security.auth.callback.NameCallback ; 32 import javax.security.auth.callback.PasswordCallback ; 33 import javax.security.auth.callback.UnsupportedCallbackException ; 34 import javax.security.auth.login.LoginContext ; 35 36 import org.apache.geronimo.testsupport.TestSupport; 37 38 import org.apache.geronimo.gbean.GBeanData; 39 import org.apache.geronimo.gbean.GBeanInfo; 40 import org.apache.geronimo.gbean.AbstractName; 41 import org.apache.geronimo.gbean.AbstractNameQuery; 42 import org.apache.geronimo.kernel.KernelFactory; 43 import org.apache.geronimo.kernel.Kernel; 44 import org.apache.geronimo.kernel.repository.Artifact; 45 import org.apache.geronimo.security.IdentificationPrincipal; 46 import org.apache.geronimo.security.RealmPrincipal; 47 import org.apache.geronimo.security.jaas.server.JaasLoginService; 48 import org.apache.geronimo.security.jaas.LoginModuleGBean; 49 import org.apache.geronimo.security.jaas.JaasLoginModuleUse; 50 import org.apache.geronimo.security.jaas.GeronimoLoginConfiguration; 51 import org.apache.geronimo.security.jaas.DirectConfigurationEntry; 52 import org.apache.geronimo.security.jaas.LoginModuleControlFlag; 53 import org.apache.geronimo.security.jaas.ConfigurationEntryFactory; 54 import org.apache.geronimo.security.realm.GenericSecurityRealm; 55 import org.apache.geronimo.security.realm.SecurityRealm; 56 import org.apache.geronimo.system.serverinfo.ServerInfo; 57 import org.apache.geronimo.system.serverinfo.BasicServerInfo; 58 59 60 63 public class RemoteLoginTest extends TestSupport { 64 private File basedir = new File (System.getProperty("basedir")); 65 66 Kernel kernel; 67 AbstractName serverInfo; 68 AbstractName loginService; 69 AbstractName loginConfig; 70 protected AbstractName testCE; 71 protected AbstractName testRealm; 72 AbstractName serverStub; 73 74 75 public void testLogin() throws Exception { 76 ClassLoader oldCl = Thread.currentThread().getContextClassLoader(); 77 try { 78 Thread.currentThread().setContextClassLoader(getClass().getClassLoader()); 79 LoginContext context = new LoginContext ("FOO", new UsernamePasswordCallback("alan", "starcraft")); 80 81 context.login(); 82 Subject subject = context.getSubject(); 83 84 assertTrue("expected non-null subject", subject != null); 85 assertTrue("subject should have one remote principal", subject.getPrincipals(IdentificationPrincipal.class).size() == 1); 86 IdentificationPrincipal principal = (IdentificationPrincipal) subject.getPrincipals(IdentificationPrincipal.class).iterator().next(); 87 assertTrue("id of principal should be non-zero", principal.getId().getSubjectId().longValue() != 0); 88 assertEquals("subject should have three principals", 3, subject.getPrincipals().size()); 89 assertEquals("subject should have no realm principal", 0, subject.getPrincipals(RealmPrincipal.class).size()); 90 91 context.logout(); 92 } finally { 93 Thread.currentThread().setContextClassLoader(oldCl); 94 } 95 } 96 97 public void setUp() throws Exception { 98 kernel = KernelFactory.newInstance().createKernel("test.kernel"); 99 kernel.boot(); 100 101 GBeanData gbean; 102 103 105 gbean = buildGBeanData("role", "ServerInfo", BasicServerInfo.GBEAN_INFO); 106 serverInfo = gbean.getAbstractName(); 107 gbean.setAttribute("baseDirectory", "."); 108 kernel.loadGBean(gbean, ServerInfo.class.getClassLoader()); 109 kernel.startGBean(serverInfo); 110 111 gbean = buildGBeanData("type", "JaasLoginService", JaasLoginService.getGBeanInfo()); 112 loginService = gbean.getAbstractName(); 113 gbean.setReferencePattern("Realms", new AbstractNameQuery(SecurityRealm.class.getName())); 114 gbean.setAttribute("algorithm", "HmacSHA1"); 115 gbean.setAttribute("password", "secret"); 116 kernel.loadGBean(gbean, JaasLoginService.class.getClassLoader()); 117 118 gbean = buildGBeanData("name", "PropertiesLoginModule", LoginModuleGBean.getGBeanInfo()); 119 testCE = gbean.getAbstractName(); 120 gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule"); 121 gbean.setAttribute("serverSide", Boolean.TRUE); 122 gbean.setAttribute("loginDomainName", "secret"); 123 Properties props = new Properties (); 124 props.put("usersURI", new File (BASEDIR, "src/test/data/data/users.properties").toURI().toString()); 125 props.put("groupsURI", new File (BASEDIR, "src/test/data/data/groups.properties").toURI().toString()); 126 gbean.setAttribute("options", props); 127 kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader()); 128 129 gbean = buildGBeanData("name", "PropertiesLoginModuleUse", JaasLoginModuleUse.getGBeanInfo()); 130 AbstractName testUseName = gbean.getAbstractName(); 131 gbean.setAttribute("controlFlag", "REQUIRED"); 132 gbean.setReferencePattern("LoginModule", testCE); 133 kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader()); 134 135 gbean = buildGBeanData("name", "PropertiesSecurityRealm", GenericSecurityRealm.getGBeanInfo()); 136 testRealm = gbean.getAbstractName(); 137 gbean.setAttribute("realmName", "properties-realm"); 138 gbean.setReferencePattern("LoginModuleConfiguration", testUseName); 139 gbean.setReferencePattern("ServerInfo", serverInfo); 140 kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader()); 141 142 143 gbean = buildGBeanData("target", "JaasLoginServiceRemotingServer", JaasLoginServiceRemotingServer.getGBeanInfo()); 144 serverStub = gbean.getAbstractName(); 145 gbean.setAttribute("protocol", "tcp"); 146 gbean.setAttribute("host", "localhost"); 147 gbean.setAttribute("port", new Integer (4242)); 148 gbean.setReferencePattern("LoginService", loginService); 149 kernel.loadGBean(gbean, JaasLoginServiceRemotingServer.class.getClassLoader()); 150 151 kernel.startGBean(loginService); 152 kernel.startGBean(testCE); 153 kernel.startGBean(testUseName); 154 kernel.startGBean(testRealm); 155 try { 156 kernel.startGBean(serverStub); 157 } catch (Throwable t) { 158 tearDown(); 159 throw new RuntimeException (t); 160 } 161 162 gbean = buildGBeanData("name", "ClientLoginConfiguration", GeronimoLoginConfiguration.getGBeanInfo()); 164 loginConfig = gbean.getAbstractName(); 165 gbean.setReferencePattern("Configurations", new AbstractNameQuery(ConfigurationEntryFactory.class.getName())); 166 kernel.loadGBean(gbean, GeronimoLoginConfiguration.class.getClassLoader()); 167 kernel.startGBean(loginConfig); 168 169 gbean = buildGBeanData("name", "JaasLoginCoordinatorLM", LoginModuleGBean.getGBeanInfo()); 171 AbstractName jlc = gbean.getAbstractName(); 172 gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.jaas.client.JaasLoginCoordinator"); 173 gbean.setAttribute("serverSide", new Boolean (false)); 174 props = new Properties (); 175 URI connectURI = (URI ) kernel.getAttribute(serverStub, "clientConnectURI"); 176 props.put("host", connectURI.getHost()); 177 props.put("port", "" + connectURI.getPort()); 178 props.put("realm", "properties-realm"); 179 180 gbean.setAttribute("options", props); 181 kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader()); 182 kernel.startGBean(jlc); 183 184 gbean = buildGBeanData("name", "ClientConfigurationEntry", DirectConfigurationEntry.getGBeanInfo()); 185 AbstractName dce = gbean.getAbstractName(); 186 gbean.setAttribute("applicationConfigName", "FOO"); 187 gbean.setAttribute("controlFlag", LoginModuleControlFlag.REQUIRED); 188 gbean.setReferencePattern("Module", jlc); 189 kernel.loadGBean(gbean, DirectConfigurationEntry.class.getClassLoader()); 190 kernel.startGBean(dce); 191 192 } 201 202 protected void tearDown() throws Exception { 203 kernel.stopGBean(serverStub); 204 kernel.stopGBean(testRealm); 205 kernel.stopGBean(testCE); 206 kernel.stopGBean(loginService); 207 kernel.stopGBean(serverInfo); 208 209 kernel.unloadGBean(loginService); 210 kernel.unloadGBean(testCE); 211 kernel.unloadGBean(testRealm); 212 kernel.unloadGBean(serverStub); 213 kernel.unloadGBean(loginConfig); 214 kernel.unloadGBean(serverInfo); 215 216 kernel.shutdown(); 217 } 218 219 private GBeanData buildGBeanData(String key, String value, GBeanInfo info) throws MalformedObjectNameException { 220 AbstractName abstractName = buildAbstractName(key, value, info); 221 return new GBeanData(abstractName, info); 222 } 223 224 private AbstractName buildAbstractName(String key, String value, GBeanInfo info) throws MalformedObjectNameException { 225 Map names = new HashMap (); 226 names.put(key, value); 227 return new AbstractName(new Artifact("test", "foo", "1", "car"), names, new ObjectName ("test:" + key + "=" + value)); 228 } 229 230 class UsernamePasswordCallback implements CallbackHandler { 231 private final String username; 232 private final String password; 233 234 UsernamePasswordCallback(String username, String password) { 235 this.username = username; 236 this.password = password; 237 } 238 239 public void handle(Callback [] callbacks) throws IOException , UnsupportedCallbackException { 240 for (int i = 0; i < callbacks.length; i++) { 241 if (callbacks[i] instanceof PasswordCallback ) { 242 ((PasswordCallback ) callbacks[i]).setPassword(password.toCharArray()); 243 } else if (callbacks[i] instanceof NameCallback ) { 244 ((NameCallback ) callbacks[i]).setName(username); 245 } 246 } 247 } 248 } 249 } 250 | Popular Tags |