1 22 package org.jboss.test.security.test; 23 24 import java.security.Principal ; 25 26 import javax.management.MBeanServerConnection ; 27 import javax.management.ObjectName ; 28 import javax.security.auth.login.LoginContext ; 29 import javax.security.auth.login.LoginException ; 30 31 import junit.extensions.TestSetup; 32 import junit.framework.Test; 33 import junit.framework.TestSuite; 34 35 import org.jboss.logging.Logger; 36 import org.jboss.security.SecurityAssociation; 37 import org.jboss.security.Util; 38 import org.jboss.security.auth.callback.AppCallbackHandler; 39 import org.jboss.test.JBossTestCase; 40 import org.jboss.test.JBossTestSetup; 41 42 48 public class SRPLoginModuleUnitTestCase extends JBossTestCase 49 { 50 static final String JAR = "security-srp.sar"; 51 static String username = "scott"; 52 static char[] password = "echoman".toCharArray(); 53 54 LoginContext lc; 55 boolean loggedIn; 56 57 public SRPLoginModuleUnitTestCase(String name) 58 { 59 super(name); 60 } 61 62 64 public void testSRPLogin() throws Exception 65 { 66 log.debug("+++ testSRPLogin"); 67 login("srp-test", username, password, null); 68 logout(); 69 } 70 73 public void testSRPLogins() throws Exception 74 { 75 log.debug("+++ testSRPLogins"); 76 login("srp-test", username, password, null); 77 logout(); 78 login("srp-test", username, password, null); 79 logout(); 80 login("srp-test", username, password, null); 81 logout(); 82 } 83 84 86 public void testSRPLoginHTTP() throws Exception 87 { 88 log.debug("+++ testSRPLoginHTTP"); 89 login("srp-test-http", username, password, null); 90 logout(); 91 } 92 93 95 public void testSRPLoginHTTPHA() throws Exception 96 { 97 log.debug("+++ testSRPLoginHTTPHA"); 98 login("srp-test-http-ha", username, password, null); 99 logout(); 100 } 101 102 105 public void testSRPLoginWithExternalA() throws Exception 106 { 107 log.debug("+++ testSRPLoginWithExternalA"); 108 byte[] abytes = "abcdefgh".getBytes(); 109 login("srp-test-ex", username, password, abytes); 110 logout(); 111 } 112 113 116 public void testSRPLoginWithAuxChallenge() throws Exception 117 { 118 log.debug("+++ testSRPLoginWithAuxChallenge"); 119 try 121 { 122 Class.forName("javax.crypto.SealedObject"); 123 log.debug("Found javax/crypto/SealedObject"); 124 login("srp-test-aux", username, password, null, "token-123"); 125 } 126 catch(ClassNotFoundException e) 127 { 128 log.debug("Failed to find javax/crypto/SealedObject, skipping test"); 129 return; 130 } 131 catch(NoClassDefFoundError e) 132 { 133 log.debug("Failed to find javax/crypto/SealedObject, skipping test"); 134 return; 135 } 136 catch(LoginException e) 137 { 138 boolean hasUnlimitedCrypto = Util.hasUnlimitedCrypto(); 139 log.warn("login failure, hasUnlimitedCrypto="+hasUnlimitedCrypto, e); 140 if( hasUnlimitedCrypto == true ) 142 fail("Unable to complete login: "+e.getMessage()); 143 log.info("Skipping test due to missing UnlimitedCrypto"); 144 return; 145 } 146 catch(Exception e) 147 { 148 log.error("Non CNFE exception during testSRPLoginWithAuxChallenge", e); 149 fail("Non CNFE exception during testSRPLoginWithAuxChallenge"); 150 } 151 152 logout(); 153 } 154 155 158 public void testSRPLoginWithMultipleSessions() throws Exception 159 { 160 log.debug("+++ testSRPLoginWithMultipleSessions"); 161 AppCallbackHandler handler = new AppCallbackHandler(username, password, null); 162 MBeanServerConnection server = super.getServer(); 163 164 SessionThread t1 = new SessionThread(log, handler, server); 166 t1.start(); 167 168 SessionThread t2 = new SessionThread(log, handler, server); 170 t2.start(); 171 172 t1.join(); 173 t2.join(); 174 assertTrue("Session1.error == null", t1.getError() == null); 175 assertTrue("Session2.error == null", t2.getError() == null); 176 } 177 static class SessionThread extends Thread 178 { 179 private Throwable error; 180 private Logger log; 181 private AppCallbackHandler handler; 182 private MBeanServerConnection server; 183 184 SessionThread(Logger log, AppCallbackHandler handler, MBeanServerConnection server) 185 { 186 super("SRPSession"); 187 this.log = log; 188 this.handler = handler; 189 this.server = server; 190 } 191 192 public Throwable getError() 193 { 194 return error; 195 } 196 public void run() 197 { 198 try 199 { 200 log.debug("Creating LoginContext(srp-test-multi): "+getName()); 201 LoginContext lc = new LoginContext ("srp-test-multi", handler); 202 lc.login(); 203 log.debug("Created LoginContext, subject="+lc.getSubject()); 204 ObjectName service = new ObjectName ("jboss.security.tests:service=SRPCacheTest"); 206 Principal user = SecurityAssociation.getPrincipal(); 207 byte[] key = (byte[]) SecurityAssociation.getCredential(); 208 Object [] args = {user, key}; 209 String [] sig = {Principal .class.getName(), key.getClass().getName()}; 210 for(int n = 0; n < 5; n ++) 211 server.invoke(service, "testSession", args, sig); 212 lc.logout(); 213 } 214 catch(Throwable t) 215 { 216 error = t; 217 log.error("Session failed", t); 218 } 219 } 220 } 221 222 225 private void login(String confName, String username, char[] password, 226 byte[] data) throws Exception 227 { 228 this.login(confName, username, password, data, null); 229 } 230 private void login(String confName, String username, char[] password, 231 byte[] data, String text) throws Exception 232 { 233 if( loggedIn ) 234 return; 235 236 lc = null; 237 AppCallbackHandler handler = new AppCallbackHandler(username, password, data, text); 238 log.debug("Creating LoginContext("+confName+")"); 239 lc = new LoginContext (confName, handler); 240 lc.login(); 241 log.debug("Created LoginContext, subject="+lc.getSubject()); 242 loggedIn = true; 243 } 244 private void logout() throws Exception 245 { 246 if( loggedIn ) 247 { 248 loggedIn = false; 249 lc.logout(); 250 } 251 } 252 253 256 public static Test suite() throws Exception 257 { 258 TestSuite suite = new TestSuite(); 259 suite.addTest(new TestSuite(SRPLoginModuleUnitTestCase.class)); 260 261 TestSetup wrapper = new JBossTestSetup(suite) 263 { 264 protected void setUp() throws Exception 265 { 266 super.setUp(); 267 super.redeploy(JAR); 268 String authConfPath = super.getResourceURL("security-srp/auth.conf"); 270 System.setProperty("java.security.auth.login.config", authConfPath); 271 } 272 protected void tearDown() throws Exception 273 { 274 undeploy(JAR); 275 super.tearDown(); 276 } 277 }; 278 return wrapper; 279 } 280 281 } 282 | Popular Tags |