KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > test > LoginModulesUnitTestCase


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.test.security.test;
23
24 import java.lang.reflect.Method JavaDoc;
25 import java.io.Serializable JavaDoc;
26 import java.io.IOException JavaDoc;
27 import java.security.MessageDigest JavaDoc;
28 import java.security.Principal JavaDoc;
29 import java.security.KeyStore JavaDoc;
30 import java.security.cert.X509Certificate JavaDoc;
31 import java.security.acl.Group JavaDoc;
32 import java.sql.Connection JavaDoc;
33 import java.sql.DriverManager JavaDoc;
34 import java.sql.SQLException JavaDoc;
35 import java.sql.Statement JavaDoc;
36 import java.util.Enumeration JavaDoc;
37 import java.util.HashMap JavaDoc;
38 import java.util.Iterator JavaDoc;
39 import java.util.Map JavaDoc;
40 import java.util.Set JavaDoc;
41 import java.net.URL JavaDoc;
42 import javax.naming.InitialContext JavaDoc;
43 import javax.security.auth.Subject JavaDoc;
44 import javax.security.auth.login.AppConfigurationEntry JavaDoc;
45 import javax.security.auth.login.Configuration JavaDoc;
46 import javax.security.auth.login.LoginContext JavaDoc;
47 import javax.security.auth.login.LoginException JavaDoc;
48 import javax.sql.DataSource JavaDoc;
49 import javax.resource.spi.security.PasswordCredential JavaDoc;
50 import javax.management.MBeanServerFactory JavaDoc;
51 import javax.management.MBeanServer JavaDoc;
52 import javax.management.ObjectName JavaDoc;
53 import javax.net.ssl.KeyManagerFactory;
54 import javax.net.ssl.TrustManagerFactory;
55
56 import junit.framework.TestSuite;
57
58 import org.jboss.logging.Logger;
59
60 import org.jboss.logging.XLevel;
61 import org.jboss.security.SimpleGroup;
62 import org.jboss.security.SimplePrincipal;
63 import org.jboss.security.Util;
64 import org.jboss.security.SecurityAssociation;
65 import org.jboss.security.SecurityDomain;
66 import org.jboss.security.plugins.JaasSecurityDomain;
67 import org.jboss.security.auth.callback.UsernamePasswordHandler;
68 import org.jboss.security.auth.callback.SecurityAssociationHandler;
69 import org.jboss.security.auth.spi.UsernamePasswordLoginModule;
70 import org.jboss.test.JBossTestCase;
71
72 /** Tests of the LoginModule classes.
73
74  @author Scott.Stark@jboss.org
75  @version $Revision: 58115 $
76  */
77 public class LoginModulesUnitTestCase extends JBossTestCase
78 {
79
80    /** Hard coded login configurations for the test cases. The configuration
81     name corresponds to the unit test function that uses the configuration.
82     */
83    static class TestConfig extends Configuration JavaDoc
84    {
85       public void refresh()
86       {
87       }
88
89       public AppConfigurationEntry JavaDoc[] getAppConfigurationEntry(String JavaDoc name)
90       {
91          AppConfigurationEntry JavaDoc[] entry = null;
92          try
93          {
94             Class JavaDoc[] parameterTypes = {};
95             Method JavaDoc m = getClass().getDeclaredMethod(name, parameterTypes);
96             Object JavaDoc[] args = {};
97             entry = (AppConfigurationEntry JavaDoc[]) m.invoke(this, args);
98          }
99          catch(Exception JavaDoc e)
100          {
101          }
102          return entry;
103       }
104
105       AppConfigurationEntry JavaDoc[] testClientLogin()
106       {
107          String JavaDoc name = "org.jboss.security.ClientLoginModule";
108          HashMap JavaDoc options = new HashMap JavaDoc();
109          options.put("restore-login-identity", "true");
110          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
111          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
112          AppConfigurationEntry JavaDoc[] entry = {ace};
113          return entry;
114       }
115       AppConfigurationEntry JavaDoc[] testIdentity()
116       {
117          String JavaDoc name = "org.jboss.security.auth.spi.IdentityLoginModule";
118          HashMap JavaDoc options = new HashMap JavaDoc();
119          options.put("principal", "stark");
120          options.put("roles", "Role3,Role4");
121          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
122          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
123          AppConfigurationEntry JavaDoc[] entry = {ace};
124          return entry;
125       }
126       AppConfigurationEntry JavaDoc[] testJdbc()
127       {
128          String JavaDoc name = "org.jboss.security.auth.spi.DatabaseServerLoginModule";
129          HashMap JavaDoc options = new HashMap JavaDoc();
130          options.put("dsJndiName", "testJdbc");
131          options.put("principalsQuery", "select Password from Principals where PrincipalID=?");
132          options.put("rolesQuery", "select Role, RoleGroup from Roles where PrincipalID=?");
133          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
134          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
135          AppConfigurationEntry JavaDoc[] entry = {ace};
136          return entry;
137       }
138       AppConfigurationEntry JavaDoc[] testSimple()
139       {
140          String JavaDoc name = "org.jboss.security.auth.spi.SimpleServerLoginModule";
141          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
142          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, new HashMap JavaDoc());
143          AppConfigurationEntry JavaDoc[] entry = {ace};
144          return entry;
145       }
146       AppConfigurationEntry JavaDoc[] testUsernamePassword()
147       {
148          return other();
149       }
150       AppConfigurationEntry JavaDoc[] testUsernamePasswordHash()
151       {
152          HashMap JavaDoc options = new HashMap JavaDoc();
153          options.put("hashAlgorithm", "MD5");
154          options.put("hashEncoding", "base64");
155          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(HashTestLoginModule.class.getName(),
156             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
157          AppConfigurationEntry JavaDoc[] entry = {ace};
158          return entry;
159       }
160       AppConfigurationEntry JavaDoc[] testUsernamePasswordHashWithDigestCallback()
161       {
162          HashMap JavaDoc options = new HashMap JavaDoc();
163          options.put("hashAlgorithm", "MD5");
164          options.put("hashEncoding", "base64");
165          options.put("hashCharset", "UTF-8");
166          options.put("digestCallback", "org.jboss.test.security.test.TestDigestCallback");
167          options.put("digest.preSalt", "pre");
168          options.put("digest.postSalt", "post");
169          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(HashTestDigestCallbackLoginModule.class.getName(),
170             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
171          AppConfigurationEntry JavaDoc[] entry = {ace};
172          return entry;
173       }
174       AppConfigurationEntry JavaDoc[] testAnon()
175       {
176          String JavaDoc name = "org.jboss.security.auth.spi.AnonLoginModule";
177          HashMap JavaDoc options = new HashMap JavaDoc();
178          options.put("unauthenticatedIdentity", "nobody");
179          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
180             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
181          AppConfigurationEntry JavaDoc[] entry = {ace};
182          return entry;
183       }
184       AppConfigurationEntry JavaDoc[] testNull()
185       {
186          String JavaDoc name = "org.jboss.security.auth.spi.AnonLoginModule";
187          HashMap JavaDoc options = new HashMap JavaDoc();
188          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
189          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
190          AppConfigurationEntry JavaDoc[] entry = {ace};
191          return entry;
192       }
193       AppConfigurationEntry JavaDoc[] testUsersRoles()
194       {
195          String JavaDoc name = "org.jboss.security.auth.spi.UsersRolesLoginModule";
196          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
197          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, new HashMap JavaDoc());
198          AppConfigurationEntry JavaDoc[] entry = {ace};
199          return entry;
200       }
201       AppConfigurationEntry JavaDoc[] testUsersRolesHash()
202       {
203          String JavaDoc name = "org.jboss.security.auth.spi.UsersRolesLoginModule";
204          HashMap JavaDoc options = new HashMap JavaDoc();
205          options.put("usersProperties", "usersb64.properties");
206          options.put("hashAlgorithm", "MD5");
207          options.put("hashEncoding", "base64");
208          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
209          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
210          AppConfigurationEntry JavaDoc[] entry = {ace};
211          return entry;
212       }
213       AppConfigurationEntry JavaDoc[] testAnonUsersRoles()
214       {
215          String JavaDoc name = "org.jboss.security.auth.spi.UsersRolesLoginModule";
216          HashMap JavaDoc options = new HashMap JavaDoc();
217          options.put("unauthenticatedIdentity", "nobody");
218          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
219          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
220          AppConfigurationEntry JavaDoc[] entry = {ace};
221          return entry;
222       }
223       AppConfigurationEntry JavaDoc[] testControlFlags()
224       {
225          String JavaDoc name1 = "org.jboss.security.auth.spi.UsersRolesLoginModule";
226          AppConfigurationEntry JavaDoc ace1 = new AppConfigurationEntry JavaDoc(name1,
227             AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, new HashMap JavaDoc());
228
229          String JavaDoc name2 = "org.jboss.security.auth.spi.DatabaseServerLoginModule";
230          HashMap JavaDoc options = new HashMap JavaDoc();
231          options.put("dsJndiName", "testJdbc");
232          options.put("principalsQuery", "select Password from Principals where PrincipalID=?");
233          options.put("rolesQuery", "select Role, RoleGroup from Roles where PrincipalID=?");
234          AppConfigurationEntry JavaDoc ace2 = new AppConfigurationEntry JavaDoc(name2,
235             AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, options);
236
237          AppConfigurationEntry JavaDoc[] entry = {ace1, ace2};
238          return entry;
239       }
240       AppConfigurationEntry JavaDoc[] testJCACallerIdentity()
241       {
242          String JavaDoc name = "org.jboss.resource.security.CallerIdentityLoginModule";
243          HashMap JavaDoc options = new HashMap JavaDoc();
244          options.put("userName", "jduke");
245          options.put("password", "theduke");
246          options.put("managedConnectionFactoryName", "jboss:name=fakeMCF");
247          options.put("ignoreMissigingMCF", Boolean.TRUE);
248          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
249             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
250          AppConfigurationEntry JavaDoc[] entry = {ace};
251          return entry;
252       }
253       AppConfigurationEntry JavaDoc[] testJaasSecurityDomainIdentityLoginModule()
254       {
255          String JavaDoc name = "org.jboss.resource.security.JaasSecurityDomainIdentityLoginModule";
256          HashMap JavaDoc options = new HashMap JavaDoc();
257          options.put("userName", "sa");
258          options.put("password", "E5gtGMKcXPP");
259          options.put("managedConnectionFactoryName", "jboss.jca:service=LocalTxCM,name=DefaultDS");
260          options.put("ignoreMissigingMCF", Boolean.TRUE);
261          options.put("jaasSecurityDomain", "jboss.test:service=JaasSecurityDomain,domain=testJaasSecurityDomainIdentityLoginModule");
262          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
263             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
264          AppConfigurationEntry JavaDoc[] entry = {ace};
265          return entry;
266       }
267       AppConfigurationEntry JavaDoc[] testCertLogin()
268       {
269          String JavaDoc name = "org.jboss.security.auth.spi.BaseCertLoginModule";
270          HashMap JavaDoc options = new HashMap JavaDoc();
271          options.put("securityDomain", "testCertLogin");
272          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
273             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
274          AppConfigurationEntry JavaDoc[] entry = {ace};
275          return entry;
276       }
277       AppConfigurationEntry JavaDoc[] testCertRoles()
278       {
279          String JavaDoc name = "org.jboss.security.auth.spi.CertRolesLoginModule";
280          HashMap JavaDoc options = new HashMap JavaDoc();
281          options.put("securityDomain", "testCertRoles");
282          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(name,
283             AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
284          AppConfigurationEntry JavaDoc[] entry = {ace};
285          return entry;
286       }
287       AppConfigurationEntry JavaDoc[] other()
288       {
289          AppConfigurationEntry JavaDoc ace = new AppConfigurationEntry JavaDoc(TestLoginModule.class.getName(),
290          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, new HashMap JavaDoc());
291          AppConfigurationEntry JavaDoc[] entry = {ace};
292          return entry;
293       }
294    }
295
296    public static class TestLoginModule extends UsernamePasswordLoginModule
297    {
298       protected Group JavaDoc[] getRoleSets()
299       {
300          SimpleGroup roles = new SimpleGroup("Roles");
301          Group JavaDoc[] roleSets = {roles};
302          roles.addMember(new SimplePrincipal("TestRole"));
303          roles.addMember(new SimplePrincipal("Role2"));
304          return roleSets;
305       }
306       /** This represents the 'true' password
307        */
308       protected String JavaDoc getUsersPassword()
309       {
310          return "secret";
311       }
312    }
313    public static class HashTestLoginModule extends TestLoginModule
314    {
315       /** This represents the 'true' password in its hashed form
316        */
317       protected String JavaDoc getUsersPassword()
318       {
319          MessageDigest JavaDoc md = null;
320          try
321          {
322             md = MessageDigest.getInstance("MD5");
323          }
324          catch(Exception JavaDoc e)
325          {
326             e.printStackTrace();
327          }
328          byte[] passwordBytes = "secret".getBytes();
329          byte[] hash = md.digest(passwordBytes);
330          String JavaDoc passwordHash = Util.encodeBase64(hash);
331          return passwordHash;
332       }
333    }
334    public static class HashTestDigestCallbackLoginModule extends TestLoginModule
335    {
336       /** This represents the 'true' password in its hashed form
337        */
338       protected String JavaDoc getUsersPassword()
339       {
340          MessageDigest JavaDoc md = null;
341          try
342          {
343             md = MessageDigest.getInstance("MD5");
344          }
345          catch(Exception JavaDoc e)
346          {
347             e.printStackTrace();
348          }
349          byte[] passwordBytes = "secret".getBytes();
350          md.update("pre".getBytes());
351          md.update(passwordBytes);
352          md.update("post".getBytes());
353          byte[] hash = md.digest();
354          String JavaDoc passwordHash = Util.encodeBase64(hash);
355          return passwordHash;
356       }
357    }
358
359    /** A pseudo DataSource that is used to provide Hypersonic db
360     connections to the DatabaseServerLoginModule.
361     */
362    static class TestDS implements DataSource JavaDoc, Serializable JavaDoc
363    {
364       private static final long serialVersionUID = 1;
365       public java.sql.Connection JavaDoc getConnection() throws java.sql.SQLException JavaDoc
366       {
367          return getConnection("sa", "");
368       }
369       public java.sql.Connection JavaDoc getConnection(String JavaDoc user, String JavaDoc pass) throws java.sql.SQLException JavaDoc
370       {
371             java.sql.Connection JavaDoc con = null;
372             String JavaDoc jdbcURL = "";
373             try
374          {
375             jdbcURL = "jdbc:hsqldb:hsql://" + System.getProperty("jbosstest.server.host", "localhost") + ":1701";
376             con = DriverManager.getConnection(jdbcURL, user, pass);
377             }
378          catch(java.sql.SQLException JavaDoc sqle)
379          {
380                 jdbcURL = "jdbc:hsqldb:."; // only memory jdbc url
381 con = DriverManager.getConnection(jdbcURL, user, pass);
382             }
383          return con;
384       }
385       public java.io.PrintWriter JavaDoc getLogWriter() throws java.sql.SQLException JavaDoc
386       {
387          return null;
388       }
389       public void setLogWriter(java.io.PrintWriter JavaDoc out)
390          throws java.sql.SQLException JavaDoc
391       {
392       }
393       public int getLoginTimeout() throws java.sql.SQLException JavaDoc
394       {
395          return 0;
396       }
397       public void setLoginTimeout(int seconds) throws java.sql.SQLException JavaDoc
398       {
399       }
400    }
401
402    static class TestSecurityDomain implements SecurityDomain, Serializable JavaDoc
403    {
404       private static final long serialVersionUID = 1;
405
406       private transient KeyStore JavaDoc store;
407
408       public KeyStore JavaDoc getKeyStore() throws SecurityException JavaDoc
409       {
410          return store;
411       }
412
413       public KeyManagerFactory getKeyManagerFactory() throws SecurityException JavaDoc
414       {
415          return null;
416       }
417
418       public KeyStore JavaDoc getTrustStore() throws SecurityException JavaDoc
419       {
420          return store;
421       }
422
423       public TrustManagerFactory getTrustManagerFactory() throws SecurityException JavaDoc
424       {
425          return null;
426       }
427
428       public String JavaDoc getSecurityDomain()
429       {
430          return null;
431       }
432
433       public Subject JavaDoc getActiveSubject()
434       {
435          return null;
436       }
437
438       public boolean isValid(Principal JavaDoc principal, Object JavaDoc credential,
439          Subject JavaDoc activeSubject)
440       {
441          return false;
442       }
443
444       public boolean isValid(Principal JavaDoc principal, Object JavaDoc credential)
445       {
446          return false;
447       }
448
449       public Principal JavaDoc getPrincipal(Principal JavaDoc principal)
450       {
451          return null;
452       }
453
454       public boolean doesUserHaveRole(Principal JavaDoc principal, Set JavaDoc roles)
455       {
456          return false;
457       }
458
459       public Set JavaDoc getUserRoles(Principal JavaDoc principal)
460       {
461          return null;
462       }
463
464       private void readObject(java.io.ObjectInputStream JavaDoc in)
465          throws IOException JavaDoc
466       {
467          try
468          {
469             store = KeyStore.getInstance("JKS");
470             ClassLoader JavaDoc loader = Thread.currentThread().getContextClassLoader();
471             URL JavaDoc resURL = loader.getResource("security/tst.keystore");
472             store.load(resURL.openStream(), "unit-tests".toCharArray());
473          }
474          catch(Exception JavaDoc e)
475          {
476             throw new IOException JavaDoc(e.toString());
477          }
478       }
479       
480       /**
481        * @see AuthenticationManager#getTargetPrincipal(Principal,Map)
482        */
483       public Principal JavaDoc getTargetPrincipal(Principal JavaDoc anotherDomainPrincipal, Map JavaDoc contextMap)
484       {
485          throw new RuntimeException JavaDoc("Not implemented yet");
486       }
487    }
488
489    public LoginModulesUnitTestCase(String JavaDoc testName)
490    {
491       super(testName);
492    }
493
494    protected void setUp() throws Exception JavaDoc
495    {
496       // Install the custom JAAS configuration
497 Configuration.setConfiguration(new TestConfig());
498    }
499
500    public void testClientLogin() throws Exception JavaDoc
501    {
502       getLog().info("testClientLogin");
503       UsernamePasswordHandler handler = new UsernamePasswordHandler("scott", "secret".toCharArray());
504       LoginContext JavaDoc lc = new LoginContext JavaDoc("testClientLogin", handler);
505       lc.login();
506       Subject JavaDoc subject = lc.getSubject();
507       Principal JavaDoc scott = new SimplePrincipal("scott");
508       assertTrue("Principals contains scott", subject.getPrincipals().contains(scott));
509       Principal JavaDoc saPrincipal = SecurityAssociation.getPrincipal();
510       assertTrue("SecurityAssociation.getPrincipal == scott", saPrincipal.equals(scott));
511
512       UsernamePasswordHandler handler2 = new UsernamePasswordHandler("scott2", "secret2".toCharArray());
513       LoginContext JavaDoc lc2 = new LoginContext JavaDoc("testClientLogin", handler2);
514       lc2.login();
515       Principal JavaDoc scott2 = new SimplePrincipal("scott2");
516       saPrincipal = SecurityAssociation.getPrincipal();
517       assertTrue("SecurityAssociation.getPrincipal == scott2", saPrincipal.equals(scott2));
518       lc2.logout();
519       saPrincipal = SecurityAssociation.getPrincipal();
520       assertTrue("SecurityAssociation.getPrincipal == scott", saPrincipal.equals(scott));
521       
522       lc.logout();
523    }
524
525    public void testUsernamePassword() throws Exception JavaDoc
526    {
527       getLog().info("testUsernamePassword");
528       UsernamePasswordHandler handler = new UsernamePasswordHandler("scott", "secret".toCharArray());
529       LoginContext JavaDoc lc = new LoginContext JavaDoc("testUsernamePassword", handler);
530       lc.login();
531       Subject JavaDoc subject = lc.getSubject();
532       Set JavaDoc groups = subject.getPrincipals(Group JavaDoc.class);
533       assertTrue("Principals contains scott", subject.getPrincipals().contains(new SimplePrincipal("scott")));
534       assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
535       Group JavaDoc roles = (Group JavaDoc) groups.iterator().next();
536       assertTrue("TestRole is a role", roles.isMember(new SimplePrincipal("TestRole")));
537       assertTrue("Role2 is a role", roles.isMember(new SimplePrincipal("Role2")));
538
539       lc.logout();
540    }
541    public void testUsernamePasswordHash() throws Exception JavaDoc
542    {
543       getLog().info("testUsernamePasswordHash");
544       UsernamePasswordHandler handler = new UsernamePasswordHandler("scott", "secret".toCharArray());
545       LoginContext JavaDoc lc = new LoginContext JavaDoc("testUsernamePasswordHash", handler);
546       lc.login();
547       Subject JavaDoc subject = lc.getSubject();
548       Set JavaDoc groups = subject.getPrincipals(Group JavaDoc.class);
549       assertTrue("Principals contains scott", subject.getPrincipals().contains(new SimplePrincipal("scott")));
550       assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
551       Group JavaDoc roles = (Group JavaDoc) groups.iterator().next();
552       assertTrue("TestRole is a role", roles.isMember(new SimplePrincipal("TestRole")));
553       assertTrue("Role2 is a role", roles.isMember(new SimplePrincipal("Role2")));
554
555       lc.logout();
556    }
557
558    public void testUsernamePasswordHashWithDigestCallback() throws Exception JavaDoc
559    {
560       getLog().info("testUsernamePasswordHashWithDigestCallback");
561       // secret in ascii
562 byte[] passBytes = {115, 101, 99, 114, 101, 116};
563       String JavaDoc pass = new String JavaDoc(passBytes, "UTF-8");
564       UsernamePasswordHandler handler = new UsernamePasswordHandler("scott", pass.toCharArray());
565       LoginContext JavaDoc lc = new LoginContext JavaDoc("testUsernamePasswordHashWithDigestCallback", handler);
566       lc.login();
567       Subject JavaDoc subject = lc.getSubject();
568       Set JavaDoc groups = subject.getPrincipals(Group JavaDoc.class);
569       assertTrue("Principals contains scott", subject.getPrincipals().contains(new SimplePrincipal("scott")));
570       assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
571       Group JavaDoc roles = (Group JavaDoc) groups.iterator().next();
572       assertTrue("TestRole is a role", roles.isMember(new SimplePrincipal("TestRole")));
573       assertTrue("Role2 is a role", roles.isMember(new SimplePrincipal("Role2")));
574
575       lc.logout();
576    }
577
578    public void testUsersRoles() throws Exception JavaDoc
579    {
580       getLog().info("testUsersRoles");
581       UsernamePasswordHandler handler = new UsernamePasswordHandler("scott", "echoman".toCharArray());
582       LoginContext JavaDoc lc = new LoginContext JavaDoc("testUsersRoles", handler);
583       lc.login();
584       Subject JavaDoc subject = lc.getSubject();
585       Set JavaDoc groups = subject.getPrincipals(Group JavaDoc.class);
586       assertTrue("Principals contains scott", subject.getPrincipals().contains(new SimplePrincipal("scott")));
587       assertTrue("Principals contains Roles", groups.contains(new