Java > Open Source Codes > se > anatom > ejbca > ca > auth > TestAuthenticationSession


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/
13
14 package se.anatom.ejbca.ca.auth;
15
16 import java.security.KeyPair ;
17 import java.security.cert.X509Certificate ;
18 import java.util.Date ;
19 import java.util.Random ;
20
21 import javax.naming.Context ;
22 import javax.naming.NamingException ;
23
24 import junit.framework.TestCase;
25
26 import org.apache.log4j.Logger;
27 import org.ejbca.core.ejb.ca.auth.IAuthenticationSessionHome;
28 import org.ejbca.core.ejb.ca.auth.IAuthenticationSessionRemote;
29 import org.ejbca.core.ejb.ca.sign.ISignSessionHome;
30 import org.ejbca.core.ejb.ca.sign.ISignSessionRemote;
31 import org.ejbca.core.ejb.keyrecovery.IKeyRecoverySessionHome;
32 import org.ejbca.core.ejb.keyrecovery.IKeyRecoverySessionRemote;
33 import org.ejbca.core.ejb.ra.IUserAdminSessionHome;
34 import org.ejbca.core.ejb.ra.IUserAdminSessionRemote;
35 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionHome;
36 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionRemote;
37 import org.ejbca.core.model.SecConst;
38 import org.ejbca.core.model.ca.catoken.CATokenConstants;
39 import org.ejbca.core.model.log.Admin;
40 import org.ejbca.core.model.ra.UserDataConstants;
41 import org.ejbca.core.model.ra.UserDataVO;
42 import org.ejbca.core.model.ra.raadmin.GlobalConfiguration;
43 import org.ejbca.util.CertTools;
44 import org.ejbca.util.KeyTools;
45
46
47 /**
48  * Tests authentication session used by signer.
49  *
50  * @version $Id: TestAuthenticationSession.java,v 1.13 2006/10/31 08:24:54 anatom Exp $
51  */
52 public class TestAuthenticationSession extends TestCase {
53     private static Logger log = Logger.getLogger(TestAuthenticationSession.class);
54
55     private static Context ctx;
56     private static IAuthenticationSessionRemote remote;
57     private static IUserAdminSessionRemote usersession;
58     private static IKeyRecoverySessionRemote keyrecsession;
59     private static IRaAdminSessionRemote raadminsession;
60     private static String username;
61     private static String pwd;
62     private static int caid="CN=TEST".hashCode();
63     private static Admin admin = null;
64
65     /**
66      * Creates a new TestAuthenticationSession object.
67      *
68      * @param name name
69      */
70     public TestAuthenticationSession(String name) {
71         super(name);
72
73         try {
74             ctx = getInitialContext();
75             Object obj = ctx.lookup("AuthenticationSession");
76             IAuthenticationSessionHome home = (IAuthenticationSessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IAuthenticationSessionHome.class);
77             remote = home.create();
78             obj = ctx.lookup("UserAdminSession");
79             IUserAdminSessionHome userhome = (IUserAdminSessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IUserAdminSessionHome.class);
80             usersession = userhome.create();
81             admin = new Admin(Admin.TYPE_INTERNALUSER);
82             obj = ctx.lookup("KeyRecoverySession");
83             IKeyRecoverySessionHome keyrechome = (IKeyRecoverySessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IKeyRecoverySessionHome.class);
84             keyrecsession = keyrechome.create();
85             obj = ctx.lookup("RaAdminSession");
86             IRaAdminSessionHome raadminsessionhome = (IRaAdminSessionHome) javax.rmi.PortableRemoteObject.narrow(obj, IRaAdminSessionHome.class);
87             raadminsession = raadminsessionhome.create();
88         } catch (Exception e) {
89             e.printStackTrace();
90             assertTrue("Exception on setup", false);
91         }
92     }
93
94     protected void setUp() throws Exception {
95         log.debug(">setUp()");
96         CertTools.installBCProvider();
97         log.debug("<setUp()");
98     }
99
100     protected void tearDown() throws Exception {
101     }
102
103     private Context getInitialContext() throws NamingException {
104         //log.debug(">getInitialContext");
105 Context ctx = new javax.naming.InitialContext ();
106         //log.debug("<getInitialContext");
107 return ctx;
108     }
109
110     private String genRandomUserName() throws Exception {
111         // Gen random user
112 Random rand = new Random (new Date ().getTime() + 4711);
113         String name = "";
114         for (int i = 0; i < 6; i++) {
115             int randint = rand.nextInt(9);
116             name += (new Integer (randint)).toString();
117         }
118         log.debug("Generated random username: username =" + username);
119         return name;
120     } // genRandomUserName
121
122     private String genRandomPwd() throws Exception {
123         // Gen random pwd
124 Random rand = new Random (new Date ().getTime() + 4812);
125         String password = "";
126         for (int i = 0; i < 8; i++) {
127             int randint = rand.nextInt(9);
128             password += (new Integer (randint)).toString();
129         }
130         log.debug("Generated random pwd: password=" + password);
131         return password;
132     } // genRandomPwd
133
134
135     /**
136      * tests creation of new users
137      *
138      * @throws Exception error
139      */
140     public void test01CreateNewUser() throws Exception {
141         log.debug(">test01CreateNewUser()");
142
143         // Make user that we know later...
144 username = genRandomUserName();
145         pwd = genRandomPwd();
146         String email = username + "@anatom.se";
147         usersession.addUser(admin, username, pwd, "C=SE, O=AnaTom, CN=" + username, "rfc822name=" + email, email, false, SecConst.EMPTY_ENDENTITYPROFILE, SecConst.CERTPROFILE_FIXED_ENDUSER, SecConst.USER_ENDUSER, SecConst.TOKEN_SOFT_P12, 0, caid);
148         log.debug("created user: " + username + ", " + pwd + ", C=SE, O=AnaTom, CN=" + username);
149
150         log.debug("<test01CreateNewUser()");
151     }
152
153     /**
154      * Tests authentiction of users
155      *
156      * @throws Exception error
157      */
158     public void test02AuthenticateUser() throws Exception {
159         log.debug(">test02AuthenticateUser()");
160         // user that we know exists...
161 log.debug("Username:" + username + "\npwd:" + pwd);
162         UserDataVO data = remote.authenticateUser(admin, username, pwd);
163
164         log.debug("DN: " + data.getDN());
165         assertTrue("DN is wrong", data.getDN().indexOf(username) != -1);
166
167         log.debug("Email: " + data.getEmail());
168         assertNotNull("Email should not be null", data.getEmail());
169         assertTrue("Email is wrong", data.getEmail().equals(username + "@anatom.se"));
170
171         log.debug("Type: " + data.getType());
172         assertTrue("Type is wrong", data.getType() == SecConst.USER_ENDUSER);
173         log.debug("<test02AuthenticateUser()");
174     }
175
176     /**
177      * Tests filed authentication
178      *
179      * @throws Exception error
180      */
181     public void test03FailAuthenticateUser() throws Exception {
182         log.debug(">test03FailAuthenticateUser()");
183         // Set status to GENERATED so authentication will fail
184 usersession.setUserStatus(admin,username,UserDataConstants.STATUS_GENERATED);
185         boolean authfailed = false;
186         try {
187             UserDataVO auth = remote.authenticateUser(admin, username, pwd);
188             log.debug("Authenticated user: "+auth.getUsername());
189         } catch (Exception e) {
190             authfailed = true;
191         }
192         assertTrue("Authentication succeeded when it should have failed.", authfailed);
193         log.debug("<test03FailAuthenticateUser()");
194     }
195
196     /**
197      * Tests more failed authentication
198      *
199      * @throws Exception error
200      */
201     public void test04FailAuthenticateUser() throws Exception {
202         log.debug(">test04FailAuthenticateUser()");
203         // user that we know exists... but we issue wrong password
204 boolean authfailed = false;
205         try {
206             UserDataVO auth = remote.authenticateUser(admin, username, "abc123");
207             log.debug("Authenticated user: "+auth.getUsername());
208         } catch (Exception e) {
209             authfailed = true;
210         }
211         assertTrue("Authentication succeeded when it should have failed.", authfailed);
212         log.debug("<test04FailAuthenticateUser()");
213     }
214
215     /**
216      * Test reset of key recovery mark.
217      *
218      * @throws Exception
219      */
220     public void test05UnmarkKeyRecoveryOnFinish() throws Exception {
221         log.debug(">test05UnmarkKeyRecoveryOnFinish()");
222         
223         GlobalConfiguration config = raadminsession.loadGlobalConfiguration(admin);
224         boolean orgkeyrecconfig = config.getEnableKeyRecovery();
225         config.setEnableKeyRecovery(true);
226         raadminsession.saveGlobalConfiguration(admin,config);
227         
228         // create certificate for user
229 // Set status to NEW
230 usersession.setPassword(admin, username, "foo123");
231         usersession.setUserStatus(admin, username, UserDataConstants.STATUS_NEW);
232         
233
234         
235         
236         // Create a dummy certificate and keypair.
237 KeyPair keys = KeyTools.genKeys("1024", CATokenConstants.KEYALGORITHM_RSA);
238         ISignSessionHome home = (ISignSessionHome) javax.rmi.PortableRemoteObject.narrow(getInitialContext().lookup("RSASignSession"), ISignSessionHome.class);
239         ISignSessionRemote ss = home.create();
240         X509Certificate cert = (X509Certificate ) ss.createCertificate(admin,username,"foo123",keys.getPublic());
241         
242         // First mark the user for recovery
243 keyrecsession.addKeyRecoveryData(admin, cert, username, keys);
244         keyrecsession.markNewestAsRecoverable(admin,username,SecConst.EMPTY_ENDENTITYPROFILE);
245         
246         assertTrue("Failure the users keyrecovery session should have been marked", keyrecsession.isUserMarked(admin,username));
247         
248         // Now finish the user (The actual test)
249 remote.finishUser(admin,username,pwd);
250         // And se if the user is still marked
251
252         assertTrue("Failure the users keyrecovery session should have been unmarked", !keyrecsession.isUserMarked(admin,username));
253         
254         // Clean up
255 keyrecsession.removeAllKeyRecoveryData(admin,username);
256         
257         config.setEnableKeyRecovery(orgkeyrecconfig);
258         raadminsession.saveGlobalConfiguration(admin,config);
259         log.debug("<test05UnmarkKeyRecoveryOnFinish()");
260     }
261     
262     /**
263      * Delete user after completed tests
264      *
265      * @throws Exception error
266      */
267     public void test06DeleteUser() throws Exception {
268         log.debug(">test06DeleteUser()");
269         usersession.deleteUser(admin, username);
270         log.debug("deleted user: " + username);
271         log.debug("<test06eleteUser()");
272     }
273 }
274

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags