1 22 package org.jboss.test.security.test; 23 24 import java.util.HashSet ; 25 import java.util.HashMap ; 26 import java.util.Properties ; 27 import javax.security.auth.login.Configuration ; 28 import javax.security.auth.login.AppConfigurationEntry ; 29 import javax.security.auth.Subject ; 30 31 import junit.framework.TestCase; 32 import junit.textui.TestRunner; 33 34 import org.jboss.logging.Logger; 35 import org.jboss.security.plugins.JaasSecurityManager; 36 import org.jboss.security.SimplePrincipal; 37 import org.jboss.security.SecurityAssociation; 38 import org.jboss.security.auth.callback.SecurityAssociationHandler; 39 import org.jboss.util.TimedCachePolicy; 40 41 46 public class SecurityMgrStressTestCase extends TestCase 47 { 48 static final int Nusers = 10; 49 static final Logger log = Logger.getLogger(SecurityMgrStressTestCase.class); 50 51 56 public SecurityMgrStressTestCase(String name) 57 { 58 super(name); 59 } 60 61 66 public void testMTAuthentication() throws Exception 67 { 68 SecurityAssociation.setServer(); 69 int count = Integer.getInteger("jbosstest.threadcount", 10).intValue(); 70 int iterations = Integer.getInteger("jbosstest.iterationcount", 5000).intValue(); 71 log.info("Creating "+count+" threads doing "+iterations+" iterations"); 72 JaasSecurityManager secMgr = new JaasSecurityManager("testIdentity", new SecurityAssociationHandler()); 73 TimedCachePolicy cache = new TimedCachePolicy(3, false, 100); 74 cache.create(); 75 cache.start(); 76 secMgr.setCachePolicy(cache); 77 Thread [] testThreads = new Thread [count]; 78 AuthTester[] testers = new AuthTester[count]; 79 for(int t = 0; t < count; t ++) 80 { 81 int userID = t % Nusers; 82 AuthTester test = new AuthTester(secMgr, iterations, userID); 83 if( t == count - 2 ) 84 test.failAuthentication(); 85 if( t == count - 1 ) 86 test.failAuthorization(); 87 testers[t] = test; 88 Thread thr = new Thread (test, "Tester#"+t); 89 thr.start(); 90 testThreads[t] = thr; 91 } 92 93 for(int t = 0; t < count; t ++) 94 { 95 Thread thr = testThreads[t]; 96 thr.join(); 97 AuthTester test = testers[t]; 98 if( test.failAuthentication == true || test.failAuthorization == true ) 99 assertTrue("Failure test has an error", test.error != null); 100 else if( test.error != null ) 101 fail("Unexpected error seen by : "+test); 102 } 103 } 104 105 protected void setUp() 106 { 107 Configuration.setConfiguration(new TestConfig()); 109 } 110 111 115 public static void main(String [] args) 116 { 117 TestRunner.run(SecurityMgrStressTestCase.class); 118 } 119 120 123 private static class TestConfig extends Configuration 124 { 125 private AppConfigurationEntry [] theEntry; 126 127 TestConfig() 128 { 129 String name = "org.jboss.security.auth.spi.MemoryUsersRolesLoginModule"; 130 Properties users = new Properties (); 131 Properties roles = new Properties (); 132 for(int i = 0; i < Nusers; i ++) 133 { 134 String username = "jduke"+i; 135 users.setProperty(username, "theduke"+i); 136 StringBuffer roleNames = new StringBuffer (); 137 for(int j = 0; j < 3; j ++) 138 { 139 if( j > 0 ) 140 roleNames.append(','); 141 roleNames.append(username+"-Role"+j); 142 } 143 roles.setProperty(username, roleNames.toString()); 144 } 145 146 HashMap options = new HashMap (); 147 options.put("users", users); 148 options.put("roles", roles); 149 AppConfigurationEntry ace = new AppConfigurationEntry (name, 150 AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); 151 theEntry = new AppConfigurationEntry []{ace}; 152 } 153 public AppConfigurationEntry [] getAppConfigurationEntry(String name) 154 { 155 return theEntry; 156 } 157 public void refresh() 158 { 159 } 160 } 161 162 private static class AuthTester implements Runnable 163 { 164 JaasSecurityManager secMgr; 165 int iterations; 166 String username; 167 String password; 168 Throwable error; 169 boolean failAuthentication; 170 boolean failAuthorization; 171 172 AuthTester(JaasSecurityManager secMgr, int iterations, int id) 173 { 174 this.iterations = iterations; 175 this.secMgr = secMgr; 176 this.username = "jduke"+id; 177 this.password = "theduke"+id; 178 } 179 180 void failAuthentication() 181 { 182 failAuthentication = true; 183 } 184 void failAuthorization() 185 { 186 failAuthorization = true; 187 } 188 189 public void run() 190 { 191 log.info("Begin run, t="+Thread.currentThread()); 192 String thePassword = password; 193 if( failAuthentication == true ) 194 thePassword += "-fail"; 195 SimplePrincipal user = new SimplePrincipal(username); 196 HashSet roleSet = new HashSet (); 197 for(int j = 0; j < 3; j ++) 198 { 199 String role = username+"-Role"+j; 200 if( failAuthorization == true ) 201 role += "-fail"; 202 roleSet.add(new SimplePrincipal(role)); 203 } 204 205 try 206 { 207 for(int i = 0; i < iterations; i ++) 208 { 209 Subject subject = new Subject (); 210 boolean authenticated = secMgr.isValid(user, thePassword, subject); 211 if( authenticated == false ) 212 throw new SecurityException ("Failed to authenticate: "+user); 213 SecurityAssociation.pushSubjectContext(subject, user, "any"); 214 boolean authorized = secMgr.doesUserHaveRole(user, roleSet); 215 SecurityAssociation.popSubjectContext(); 216 if( authorized == false ) 217 { 218 Subject s = secMgr.getActiveSubject(); 219 throw new SecurityException ("Failed to authorize, subject="+s); 220 } 221 } 222 } 223 catch(Throwable t) 224 { 225 error = t; 226 if( failAuthentication == false && failAuthorization == false ) 227 log.error("Security failure", t); 228 } 229 log.info("End run, t="+Thread.currentThread()); 230 } 231 } 232 233 } 234 | Popular Tags |