KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > test > SRPLoginModuleUnitTestCase


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.test.security.test;
23
24 import java.security.Principal JavaDoc;
25
26 import javax.management.MBeanServerConnection JavaDoc;
27 import javax.management.ObjectName JavaDoc;
28 import javax.security.auth.login.LoginContext JavaDoc;
29 import javax.security.auth.login.LoginException JavaDoc;
30
31 import junit.extensions.TestSetup;
32 import junit.framework.Test;
33 import junit.framework.TestSuite;
34
35 import org.jboss.logging.Logger;
36 import org.jboss.security.SecurityAssociation;
37 import org.jboss.security.Util;
38 import org.jboss.security.auth.callback.AppCallbackHandler;
39 import org.jboss.test.JBossTestCase;
40 import org.jboss.test.JBossTestSetup;
41
42 /** Test of the secure remote password(SRP) service and its usage via JAAS
43 login modules.
44  
45  @author Scott.Stark@jboss.org
46  @version $Revision: 58115 $
47  */
48 public class SRPLoginModuleUnitTestCase extends JBossTestCase
49 {
50    static final String JavaDoc JAR = "security-srp.sar";
51    static String JavaDoc username = "scott";
52    static char[] password = "echoman".toCharArray();
53
54    LoginContext JavaDoc lc;
55    boolean loggedIn;
56
57    public SRPLoginModuleUnitTestCase(String JavaDoc name)
58    {
59       super(name);
60    }
61
62    /** Test a login against the SRP service using the SRPLoginModule
63     */
64    public void testSRPLogin() throws Exception JavaDoc
65    {
66       log.debug("+++ testSRPLogin");
67       login("srp-test", username, password, null);
68       logout();
69    }
70    /** Test a login against the SRP service using the SRPLoginModule, logout,
71     * and repeat twice.
72     */
73    public void testSRPLogins() throws Exception JavaDoc
74    {
75       log.debug("+++ testSRPLogins");
76       login("srp-test", username, password, null);
77       logout();
78       login("srp-test", username, password, null);
79       logout();
80       login("srp-test", username, password, null);
81       logout();
82    }
83
84    /** Test a login against the SRP service using the SRPLoginModule
85     */
86    public void testSRPLoginHTTP() throws Exception JavaDoc
87    {
88       log.debug("+++ testSRPLoginHTTP");
89       login("srp-test-http", username, password, null);
90       logout();
91    }
92
93    /** Test a login against the SRP service using the SRPLoginModule
94     */
95    public void testSRPLoginHTTPHA() throws Exception JavaDoc
96    {
97       log.debug("+++ testSRPLoginHTTPHA");
98       login("srp-test-http-ha", username, password, null);
99       logout();
100    }
101
102    /** Test a login against the SRP service using the SRPLoginModule and
103     specify the random number used in the client A public key.
104     */
105    public void testSRPLoginWithExternalA() throws Exception JavaDoc
106    {
107       log.debug("+++ testSRPLoginWithExternalA");
108       byte[] abytes = "abcdefgh".getBytes();
109       login("srp-test-ex", username, password, abytes);
110       logout();
111    }
112
113    /** Test a login against the SRP service using the SRPLoginModule and
114     provide an auxillarly challenge to be validated by the server.
115     */
116    public void testSRPLoginWithAuxChallenge() throws Exception JavaDoc
117    {
118       log.debug("+++ testSRPLoginWithAuxChallenge");
119       // Check for javax/crypto/SealedObject
120 try
121       {
122          Class.forName("javax.crypto.SealedObject");
123          log.debug("Found javax/crypto/SealedObject");
124          login("srp-test-aux", username, password, null, "token-123");
125       }
126       catch(ClassNotFoundException JavaDoc e)
127       {
128          log.debug("Failed to find javax/crypto/SealedObject, skipping test");
129          return;
130       }
131       catch(NoClassDefFoundError JavaDoc e)
132       {
133          log.debug("Failed to find javax/crypto/SealedObject, skipping test");
134          return;
135       }
136       catch(LoginException JavaDoc e)
137       {
138          boolean hasUnlimitedCrypto = Util.hasUnlimitedCrypto();
139          log.warn("login failure, hasUnlimitedCrypto="+hasUnlimitedCrypto, e);
140          // See if
141 if( hasUnlimitedCrypto == true )
142             fail("Unable to complete login: "+e.getMessage());
143          log.info("Skipping test due to missing UnlimitedCrypto");
144          return;
145       }
146       catch(Exception JavaDoc e)
147       {
148          log.error("Non CNFE exception during testSRPLoginWithAuxChallenge", e);
149          fail("Non CNFE exception during testSRPLoginWithAuxChallenge");
150       }
151
152       logout();
153    }
154
155    /** Test a login against the SRP service using the SRPLoginModule with
156     multiple sessions for the same user. This creates two threads
157     */
158    public void testSRPLoginWithMultipleSessions() throws Exception JavaDoc
159    {
160       log.debug("+++ testSRPLoginWithMultipleSessions");
161       AppCallbackHandler handler = new AppCallbackHandler(username, password, null);
162       MBeanServerConnection JavaDoc server = super.getServer();
163
164       // Session #1
165 SessionThread t1 = new SessionThread(log, handler, server);
166       t1.start();
167
168       // Session #2
169 SessionThread t2 = new SessionThread(log, handler, server);
170       t2.start();
171
172       t1.join();
173       t2.join();
174       assertTrue("Session1.error == null", t1.getError() == null);
175       assertTrue("Session2.error == null", t2.getError() == null);
176    }
177    static class SessionThread extends Thread JavaDoc
178    {
179       private Throwable JavaDoc error;
180       private Logger log;
181       private AppCallbackHandler handler;
182       private MBeanServerConnection JavaDoc server;
183
184       SessionThread(Logger log, AppCallbackHandler handler, MBeanServerConnection JavaDoc server)
185       {
186          super("SRPSession");
187          this.log = log;
188          this.handler = handler;
189          this.server = server;
190       }
191
192       public Throwable JavaDoc getError()
193       {
194          return error;
195       }
196       public void run()
197       {
198          try
199          {
200             log.debug("Creating LoginContext(srp-test-multi): "+getName());
201             LoginContext JavaDoc lc = new LoginContext JavaDoc("srp-test-multi", handler);
202             lc.login();
203             log.debug("Created LoginContext, subject="+lc.getSubject());
204             // Invoke the
205 ObjectName JavaDoc service = new ObjectName JavaDoc("jboss.security.tests:service=SRPCacheTest");
206             Principal JavaDoc user = SecurityAssociation.getPrincipal();
207             byte[] key = (byte[]) SecurityAssociation.getCredential();
208             Object JavaDoc[] args = {user, key};
209             String JavaDoc[] sig = {Principal JavaDoc.class.getName(), key.getClass().getName()};
210             for(int n = 0; n < 5; n ++)
211                server.invoke(service, "testSession", args, sig);
212             lc.logout();
213          }
214          catch(Throwable JavaDoc t)
215          {
216             error = t;
217             log.error("Session failed", t);
218          }
219       }
220    }
221
222    /** Login using the given confName login configuration with the provided
223     username and password credential.
224     */
225    private void login(String JavaDoc confName, String JavaDoc username, char[] password,
226       byte[] data) throws Exception JavaDoc
227    {
228       this.login(confName, username, password, data, null);
229    }
230    private void login(String JavaDoc confName, String JavaDoc username, char[] password,
231       byte[] data, String JavaDoc text) throws Exception JavaDoc
232    {
233       if( loggedIn )
234          return;
235
236       lc = null;
237       AppCallbackHandler handler = new AppCallbackHandler(username, password, data, text);
238       log.debug("Creating LoginContext("+confName+")");
239       lc = new LoginContext JavaDoc(confName, handler);
240       lc.login();
241       log.debug("Created LoginContext, subject="+lc.getSubject());
242       loggedIn = true;
243    }
244    private void logout() throws Exception JavaDoc
245    {
246       if( loggedIn )
247       {
248          loggedIn = false;
249          lc.logout();
250       }
251    }
252
253    /**
254     * Setup the test suite.
255     */
256    public static Test suite() throws Exception JavaDoc
257    {
258       TestSuite suite = new TestSuite();
259       suite.addTest(new TestSuite(SRPLoginModuleUnitTestCase.class));
260
261       // Create an initializer for the test suite
262 TestSetup wrapper = new JBossTestSetup(suite)
263       {
264          protected void setUp() throws Exception JavaDoc
265          {
266             super.setUp();
267             super.redeploy(JAR);
268             // Establish the JAAS login config
269 String JavaDoc authConfPath = super.getResourceURL("security-srp/auth.conf");
270             System.setProperty("java.security.auth.login.config", authConfPath);
271          }
272          protected void tearDown() throws Exception JavaDoc
273          {
274             undeploy(JAR);
275             super.tearDown();
276          }
277       };
278       return wrapper;
279    }
280
281 }
282
Popular Tags