KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > test > JaasSecurityManagerUnitTestCase


1 /*
2  * JBoss, Home of Professional Open Source
3  * Copyright 2005, JBoss Inc., and individual contributors as indicated
4  * by the @authors tag. See the copyright.txt in the distribution for a
5  * full listing of individual contributors.
6  *
7  * This is free software; you can redistribute it and/or modify it
8  * under the terms of the GNU Lesser General Public License as
9  * published by the Free Software Foundation; either version 2.1 of
10  * the License, or (at your option) any later version.
11  *
12  * This software is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this software; if not, write to the Free
19  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21  */
22
23 package org.jboss.test.security.test;
24
25 import java.util.HashMap JavaDoc;
26 import java.security.acl.Group JavaDoc;
27 import javax.security.auth.callback.CallbackHandler JavaDoc;
28 import javax.security.auth.login.Configuration JavaDoc;
29 import javax.security.auth.login.AppConfigurationEntry JavaDoc;
30 import javax.security.auth.login.LoginException JavaDoc;
31
32 import org.jboss.security.plugins.JaasSecurityManager;
33 import org.jboss.security.auth.callback.SecurityAssociationHandler;
34 import org.jboss.security.auth.spi.UsernamePasswordLoginModule;
35 import org.jboss.security.SimplePrincipal;
36 import org.jboss.util.TimedCachePolicy;
37 import org.jboss.logging.Logger;
38 import junit.framework.TestCase;
39
40 /** Tests of the JaasSecurityManager implementation.
41
42  @author Scott.Stark@jboss.org
43  @version $Revision: 45750 $
44  */
45 public class JaasSecurityManagerUnitTestCase
46    extends TestCase
47 {
48    static Logger log = Logger.getLogger(JaasSecurityManagerUnitTestCase.class);
49
50    public JaasSecurityManagerUnitTestCase(String JavaDoc name)
51    {
52       super(name);
53    }
54
55    /**
56     * Setup the JAAS configuration
57     * @throws Exception
58     */
59    protected void setUp() throws Exception JavaDoc
60    {
61       super.setUp();
62       Configuration.setConfiguration(new MyConfig());
63    }
64
65    /**
66     * Validate that using of String/char[] representing the same
67     * credential do not cause thrashing of the domain cache.
68     */
69    public void testStringCharArrayCredential()
70    {
71       SimplePrincipal jduke = new SimplePrincipal("jduke");
72       CallbackHandler JavaDoc handler = new SecurityAssociationHandler(jduke, "theduke".toCharArray());
73       JaasSecurityManager sm = new JaasSecurityManager("testStringCharArrayCredential", handler);
74       TimedCachePolicy cache = new TimedCachePolicy(600, true, 10);
75       cache.create();
76       cache.start();
77       sm.setCachePolicy(cache);
78
79       // Initial validation to populate the cache
80 assertTrue(sm.isValid(jduke, "theduke"));
81       // Validate that the String credential form uses the cache
82 assertTrue(sm.isValid(jduke, "theduke"));
83       // Validate that the char[] credential form uses the cache
84 assertTrue(sm.isValid(jduke, "theduke".toCharArray()));
85    }
86    /**
87     * Validate that using of char[]/String representing the same
88     * credential do not cause thrashing of the domain cache.
89     */
90    public void testCharArrayStringCredential()
91    {
92       SimplePrincipal jduke = new SimplePrincipal("jduke");
93       CallbackHandler JavaDoc handler = new SecurityAssociationHandler(jduke, "theduke".toCharArray());
94       JaasSecurityManager sm = new JaasSecurityManager("testStringCharArrayCredential", handler);
95       TimedCachePolicy cache = new TimedCachePolicy(600, true, 10);
96       cache.create();
97       cache.start();
98       sm.setCachePolicy(cache);
99
100       // Reset the validation count
101 CountedLoginModule.validateCount = 0;
102       // Initial validation to populate the cache
103 assertTrue(sm.isValid(jduke, "theduke".toCharArray()));
104       // Validate that the char[] credential form uses the cache
105 assertTrue(sm.isValid(jduke, "theduke".toCharArray()));
106       // Validate that the String credential form uses the cache
107 assertTrue(sm.isValid(jduke, "theduke"));
108    }
109
110    /**
111     * Implementation of JAAS configuration for this testcase
112     */
113    static class MyConfig extends Configuration JavaDoc
114    {
115       AppConfigurationEntry JavaDoc[] entry;
116       MyConfig()
117       {
118          entry = new AppConfigurationEntry JavaDoc[1];
119          HashMap JavaDoc opts = new HashMap JavaDoc();
120          entry[0] = new AppConfigurationEntry JavaDoc(CountedLoginModule.class.getName(),
121             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, opts);
122       }
123
124       public AppConfigurationEntry JavaDoc[] getAppConfigurationEntry(String JavaDoc appName)
125       {
126          return entry;
127       }
128       public void refresh()
129       {
130       }
131    }
132
133    /**
134     * UsernamePasswordLoginModule extenstion that only allows a single
135     * validation attempt.
136     */
137    public static class CountedLoginModule extends UsernamePasswordLoginModule
138    {
139       static int validateCount = 0;
140
141       protected boolean validatePassword(String JavaDoc inputPassword, String JavaDoc expectedPassword)
142       {
143          validateCount ++;
144          log.info("validatePassword, validateCount="+validateCount);
145          if( validateCount > 1 )
146          {
147             IllegalStateException JavaDoc ex = new IllegalStateException JavaDoc("Too many validation calls: "+validateCount);
148             super.setValidateError(ex);
149             return false;
150          }
151          return super.validatePassword(inputPassword, expectedPassword);
152       }
153
154       protected String JavaDoc getUsersPassword() throws LoginException JavaDoc
155       {
156          return "theduke";
157       }
158
159       protected Group JavaDoc[] getRoleSets() throws LoginException JavaDoc
160       {
161          return new Group JavaDoc[0];
162       }
163    }
164 }
165
Popular Tags