1 13 14 package se.anatom.ejbca.ca.auth; 15 16 import java.security.KeyPair ; 17 import java.security.cert.X509Certificate ; 18 import java.util.Date ; 19 import java.util.Random ; 20 21 import javax.naming.Context ; 22 import javax.naming.NamingException ; 23 24 import junit.framework.TestCase; 25 26 import org.apache.log4j.Logger; 27 import org.ejbca.core.ejb.ca.auth.IAuthenticationSessionHome; 28 import org.ejbca.core.ejb.ca.auth.IAuthenticationSessionRemote; 29 import org.ejbca.core.ejb.ca.sign.ISignSessionHome; 30 import org.ejbca.core.ejb.ca.sign.ISignSessionRemote; 31 import org.ejbca.core.ejb.keyrecovery.IKeyRecoverySessionHome; 32 import org.ejbca.core.ejb.keyrecovery.IKeyRecoverySessionRemote; 33 import org.ejbca.core.ejb.ra.IUserAdminSessionHome; 34 import org.ejbca.core.ejb.ra.IUserAdminSessionRemote; 35 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionHome; 36 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionRemote; 37 import org.ejbca.core.model.SecConst; 38 import org.ejbca.core.model.ca.catoken.CATokenConstants; 39 import org.ejbca.core.model.log.Admin; 40 import org.ejbca.core.model.ra.UserDataConstants; 41 import org.ejbca.core.model.ra.UserDataVO; 42 import org.ejbca.core.model.ra.raadmin.GlobalConfiguration; 43 import org.ejbca.util.CertTools; 44 import org.ejbca.util.KeyTools; 45 46 47 52 public class TestAuthenticationSession extends TestCase { 53 private static Logger log = Logger.getLogger(TestAuthenticationSession.class); 54 55 private static Context ctx; 56 private static IAuthenticationSessionRemote remote; 57 private static IUserAdminSessionRemote usersession; 58 private static IKeyRecoverySessionRemote keyrecsession; 59 private static IRaAdminSessionRemote raadminsession; 60 private static String username; 61 private static String pwd; 62 private static int caid="CN=TEST".hashCode(); 63 private static Admin admin = null; 64 65 70 public TestAuthenticationSession(String name) { 71 super(name); 72 73 try { 74 ctx = getInitialContext(); 75 Object obj = ctx.lookup("AuthenticationSession"); 76 IAuthenticationSessionHome home = (IAuthenticationSessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IAuthenticationSessionHome.class); 77 remote = home.create(); 78 obj = ctx.lookup("UserAdminSession"); 79 IUserAdminSessionHome userhome = (IUserAdminSessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IUserAdminSessionHome.class); 80 usersession = userhome.create(); 81 admin = new Admin(Admin.TYPE_INTERNALUSER); 82 obj = ctx.lookup("KeyRecoverySession"); 83 IKeyRecoverySessionHome keyrechome = (IKeyRecoverySessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IKeyRecoverySessionHome.class); 84 keyrecsession = keyrechome.create(); 85 obj = ctx.lookup("RaAdminSession"); 86 IRaAdminSessionHome raadminsessionhome = (IRaAdminSessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IRaAdminSessionHome.class); 87 raadminsession = raadminsessionhome.create(); 88 } catch (Exception e) { 89 e.printStackTrace(); 90 assertTrue("Exception on setup", false); 91 } 92 } 93 94 protected void setUp() throws Exception { 95 log.debug(">setUp()"); 96 CertTools.installBCProvider(); 97 log.debug("<setUp()"); 98 } 99 100 protected void tearDown() throws Exception { 101 } 102 103 private Context getInitialContext() throws NamingException { 104 Context ctx = new javax.naming.InitialContext (); 106 return ctx; 108 } 109 110 private String genRandomUserName() throws Exception { 111 Random rand = new Random (new Date ().getTime() + 4711); 113 String name = ""; 114 for (int i = 0; i < 6; i++) { 115 int randint = rand.nextInt(9); 116 name += (new Integer (randint)).toString(); 117 } 118 log.debug("Generated random username: username =" + username); 119 return name; 120 } 122 private String genRandomPwd() throws Exception { 123 Random rand = new Random (new Date ().getTime() + 4812); 125 String password = ""; 126 for (int i = 0; i < 8; i++) { 127 int randint = rand.nextInt(9); 128 password += (new Integer (randint)).toString(); 129 } 130 log.debug("Generated random pwd: password=" + password); 131 return password; 132 } 134 135 140 public void test01CreateNewUser() throws Exception { 141 log.debug(">test01CreateNewUser()"); 142 143 username = genRandomUserName(); 145 pwd = genRandomPwd(); 146 String email = username + "@anatom.se"; 147 usersession.addUser(admin, username, pwd, "C=SE, O=AnaTom, CN=" + username, "rfc822name=" + email, email, false, SecConst.EMPTY_ENDENTITYPROFILE, SecConst.CERTPROFILE_FIXED_ENDUSER, SecConst.USER_ENDUSER, SecConst.TOKEN_SOFT_P12, 0, caid); 148 log.debug("created user: " + username + ", " + pwd + ", C=SE, O=AnaTom, CN=" + username); 149 150 log.debug("<test01CreateNewUser()"); 151 } 152 153 158 public void test02AuthenticateUser() throws Exception { 159 log.debug(">test02AuthenticateUser()"); 160 log.debug("Username:" + username + "\npwd:" + pwd); 162 UserDataVO data = remote.authenticateUser(admin, username, pwd); 163 164 log.debug("DN: " + data.getDN()); 165 assertTrue("DN is wrong", data.getDN().indexOf(username) != -1); 166 167 log.debug("Email: " + data.getEmail()); 168 assertNotNull("Email should not be null", data.getEmail()); 169 assertTrue("Email is wrong", data.getEmail().equals(username + "@anatom.se")); 170 171 log.debug("Type: " + data.getType()); 172 assertTrue("Type is wrong", data.getType() == SecConst.USER_ENDUSER); 173 log.debug("<test02AuthenticateUser()"); 174 } 175 176 181 public void test03FailAuthenticateUser() throws Exception { 182 log.debug(">test03FailAuthenticateUser()"); 183 usersession.setUserStatus(admin,username,UserDataConstants.STATUS_GENERATED); 185 boolean authfailed = false; 186 try { 187 UserDataVO auth = remote.authenticateUser(admin, username, pwd); 188 log.debug("Authenticated user: "+auth.getUsername()); 189 } catch (Exception e) { 190 authfailed = true; 191 } 192 assertTrue("Authentication succeeded when it should have failed.", authfailed); 193 log.debug("<test03FailAuthenticateUser()"); 194 } 195 196 201 public void test04FailAuthenticateUser() throws Exception { 202 log.debug(">test04FailAuthenticateUser()"); 203 boolean authfailed = false; 205 try { 206 UserDataVO auth = remote.authenticateUser(admin, username, "abc123"); 207 log.debug("Authenticated user: "+auth.getUsername()); 208 } catch (Exception e) { 209 authfailed = true; 210 } 211 assertTrue("Authentication succeeded when it should have failed.", authfailed); 212 log.debug("<test04FailAuthenticateUser()"); 213 } 214 215 220 public void test05UnmarkKeyRecoveryOnFinish() throws Exception { 221 log.debug(">test05UnmarkKeyRecoveryOnFinish()"); 222 223 GlobalConfiguration config = raadminsession.loadGlobalConfiguration(admin); 224 boolean orgkeyrecconfig = config.getEnableKeyRecovery(); 225 config.setEnableKeyRecovery(true); 226 raadminsession.saveGlobalConfiguration(admin,config); 227 228 usersession.setPassword(admin, username, "foo123"); 231 usersession.setUserStatus(admin, username, UserDataConstants.STATUS_NEW); 232 233 234 235 236 KeyPair keys = KeyTools.genKeys("1024", CATokenConstants.KEYALGORITHM_RSA); 238 ISignSessionHome home = (ISignSessionHome) javax.rmi.PortableRemoteObject.narrow(getInitialContext().lookup("RSASignSession"), ISignSessionHome.class); 239 ISignSessionRemote ss = home.create(); 240 X509Certificate cert = (X509Certificate ) ss.createCertificate(admin,username,"foo123",keys.getPublic()); 241 242 keyrecsession.addKeyRecoveryData(admin, cert, username, keys); 244 keyrecsession.markNewestAsRecoverable(admin,username,SecConst.EMPTY_ENDENTITYPROFILE); 245 246 assertTrue("Failure the users keyrecovery session should have been marked", keyrecsession.isUserMarked(admin,username)); 247 248 remote.finishUser(admin,username,pwd); 250 252 assertTrue("Failure the users keyrecovery session should have been unmarked", !keyrecsession.isUserMarked(admin,username)); 253 254 keyrecsession.removeAllKeyRecoveryData(admin,username); 256 257 config.setEnableKeyRecovery(orgkeyrecconfig); 258 raadminsession.saveGlobalConfiguration(admin,config); 259 log.debug("<test05UnmarkKeyRecoveryOnFinish()"); 260 } 261 262 267 public void test06DeleteUser() throws Exception { 268 log.debug(">test06DeleteUser()"); 269 usersession.deleteUser(admin, username); 270 log.debug("deleted user: " + username); 271 log.debug("<test06eleteUser()"); 272 } 273 } 274 | Popular Tags |