[Jboss-cvs] JBossAS SVN: r55438 - in branches/Branch_4_0/security/src/tests: . org org/jboss org/jboss/test
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Aug 9 09:01:56 EDT 2006
Author: scott.stark at jboss.org
Date: 2006-08-09 09:01:49 -0400 (Wed, 09 Aug 2006)
New Revision: 55438
Added:
branches/Branch_4_0/security/src/tests/org/
branches/Branch_4_0/security/src/tests/org/jboss/
branches/Branch_4_0/security/src/tests/org/jboss/test/
branches/Branch_4_0/security/src/tests/org/jboss/test/DelegatingPolicyTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/LoginContextTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/LoginModulesTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermission.java
branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermissionCollection.java
branches/Branch_4_0/security/src/tests/org/jboss/test/NestableGroupTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/NestablePrincipalTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/PasswordHasher.java
branches/Branch_4_0/security/src/tests/org/jboss/test/PermissionName.java
branches/Branch_4_0/security/src/tests/org/jboss/test/SecurityProviderlTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/SunConfigParserTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/TestJCE.java
branches/Branch_4_0/security/src/tests/org/jboss/test/TestLogin.java
branches/Branch_4_0/security/src/tests/org/jboss/test/TestLoginModule.java
branches/Branch_4_0/security/src/tests/org/jboss/test/ThreadLocalTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/TstTimedCache.java
branches/Branch_4_0/security/src/tests/org/jboss/test/UtilTestCase.java
branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.conf
branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.xml
branches/Branch_4_0/security/src/tests/org/jboss/test/roles.properties
branches/Branch_4_0/security/src/tests/org/jboss/test/tst-policy.xml
branches/Branch_4_0/security/src/tests/org/jboss/test/tst.policy
branches/Branch_4_0/security/src/tests/org/jboss/test/users.properties
branches/Branch_4_0/security/src/tests/org/jboss/test/usersb64.properties
Log:
Move the local unit tests to src/tests
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/DelegatingPolicyTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/DelegatingPolicyTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/DelegatingPolicyTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,230 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.lang.reflect.Constructor;
+import java.security.AccessControlContext;
+import java.security.AccessControlException;
+import java.security.AccessController;
+import java.security.CodeSource;
+import java.security.Policy;
+import java.security.Principal;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
+import java.util.Set;
+import javax.security.auth.Subject;
+import javax.security.jacc.EJBMethodPermission;
+import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyConfigurationFactory;
+import javax.security.jacc.PolicyContext;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+import org.apache.log4j.Logger;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.jacc.DelegatingPolicy;
+import org.jboss.security.jacc.SubjectPolicyContextHandler;
+
+public class DelegatingPolicyTestCase extends TestCase
+{
+ private static Logger log = Logger.getLogger(DelegatingPolicyTestCase.class);
+ private static Policy oldPolicy;
+ private static Policy jaccPolicy;
+
+ public DelegatingPolicyTestCase(String name)
+ {
+ super(name);
+ }
+
+ static void setUpPolicy() throws Exception
+ {
+ // Get the current Policy impl
+ oldPolicy = Policy.getPolicy();
+
+ String provider = "org.jboss.security.jacc.DelegatingPolicy";
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ Class providerClass = loader.loadClass(provider);
+ try
+ {
+ // Look for a ctor(Policy) signature
+ Class[] ctorSig = {Policy.class};
+ Constructor ctor = providerClass.getConstructor(ctorSig);
+ Object[] ctorArgs = {oldPolicy};
+ jaccPolicy = (Policy) ctor.newInstance(ctorArgs);
+ }
+ catch(NoSuchMethodException e)
+ {
+ log.debug("Provider does not support ctor(Policy)");
+ jaccPolicy = (Policy) providerClass.newInstance();
+ }
+
+ // Install the JACC policy provider
+ Policy.setPolicy(jaccPolicy);
+
+ // Have the policy load/update itself
+ jaccPolicy.refresh();
+
+ // Register the default active Subject PolicyContextHandler
+ SubjectPolicyContextHandler handler = new SubjectPolicyContextHandler();
+ PolicyContext.registerHandler(SubjectPolicyContextHandler.SUBJECT_CONTEXT_KEY,
+ handler, false);
+ }
+
+ /**
+ * Basic test that a PolicyConfiguration is included in the Policy and its
+ * permissions are implied through the Policy.
+ *
+ * @throws Exception
+ */
+ public void testPolicyConfiguration() throws Exception
+ {
+ PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", false);
+ EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
+ pc.addToExcludedPolicy(someEJB);
+ pc.commit();
+
+ Policy sysPolicy = Policy.getPolicy();
+ assertTrue("Policy isa DelegatingPolicy", sysPolicy instanceof DelegatingPolicy);
+ sysPolicy.refresh();
+
+ // Act like the ejb container and check a permission
+ PolicyContext.setContextID("context-a");
+ EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX,,int");
+ assertTrue("methodX denied", sysPolicy.implies(null, methodX) == false);
+
+ pc = pcf.getPolicyConfiguration("context-a", true);
+ pc.addToUncheckedPolicy(someEJB);
+ pc.commit();
+ sysPolicy.refresh();
+ assertTrue("methodX allowed", sysPolicy.implies(null, methodX) == true);
+
+ pc.delete();
+ pc = pcf.getPolicyConfiguration("context-a", false);
+ pc.addToRole("callerX", someEJB);
+ pc.commit();
+ sysPolicy.refresh();
+ SimplePrincipal[] callers = {new SimplePrincipal("callerX")};
+ ProtectionDomain pd = new ProtectionDomain(null, null, null, callers);
+ assertTrue("methodX allowed", sysPolicy.implies(pd, methodX) == true);
+
+ callers = new SimplePrincipal[]{new SimplePrincipal("callerY")};
+ pd = new ProtectionDomain(null, null, null, callers);
+ assertTrue("methodX denied", sysPolicy.implies(pd, methodX) == false);
+
+ }
+
+ /**
+ * Test that uncommitted configurations in the Open state are not seen in
+ * the current Policy permission set.
+ *
+ * @throws Exception
+ */
+ public void testOpenConfigurations() throws Exception
+ {
+ PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", false);
+ EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
+ pc.addToRole("callerX", someEJB);
+ Policy sysPolicy = Policy.getPolicy();
+
+ pc = pcf.getPolicyConfiguration("context-a", true);
+ pc.addToUncheckedPolicy(someEJB);
+ sysPolicy.refresh();
+ EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX,,int");
+ // This perm should be denied since the policy config has not been comitted
+ boolean implied = sysPolicy.implies(null, methodX);
+ assertFalse("methodX allowed",implied == true);
+
+ pc.commit();
+ sysPolicy.refresh();
+ // Now it should be allowed since the policy config has been comitted
+ implied = sysPolicy.implies(null, methodX);
+ assertTrue("methodX allowed", implied == true);
+ }
+
+ public void testSubjectDoAs() throws Exception
+ {
+ PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ PolicyConfiguration pc = pcf.getPolicyConfiguration("context-a", true);
+ EJBMethodPermission someEJB = new EJBMethodPermission("someEJB", null);
+ pc.addToRole("callerX", someEJB);
+ pc.commit();
+
+ log.debug("EJBMethodPermission.CS: "+EJBMethodPermission.class.getProtectionDomain());
+ final EJBMethodPermission methodX = new EJBMethodPermission("someEJB", "methodX");
+ final Subject caller = new Subject();
+ caller.getPrincipals().add(new SimplePrincipal("callerX"));
+ Set principalsSet = caller.getPrincipals();
+ Principal[] principals = new Principal[principalsSet.size()];
+ principalsSet.toArray(principals);
+ CodeSource cs = getClass().getProtectionDomain().getCodeSource();
+ final ProtectionDomain[] pds = {new ProtectionDomain (cs, null, null, principals)};
+ AccessControlContext acc = new AccessControlContext(pds);
+ /*
+ AccessControlContext acc = new AccessControlContext(new AccessControlContext(pds),
+ new SubjectDomainCombiner(caller));
+ */
+
+ Boolean allowed = (Boolean) Subject.doAsPrivileged(caller, new PrivilegedAction()
+ {
+ public Object run()
+ {
+ AccessControlContext acc = AccessController.getContext();
+ Boolean ok = Boolean.FALSE;
+ try
+ {
+ acc.checkPermission(methodX);
+ ok = Boolean.TRUE;
+ }
+ catch(AccessControlException e)
+ {
+
+ }
+ return ok;
+ }
+ }, acc
+ );
+ assertTrue("methodX allowed", allowed == Boolean.TRUE );
+
+ }
+
+ public static Test suite()
+ {
+ TestSuite suite = new TestSuite(DelegatingPolicyTestCase.class);
+
+ // Create an initializer for the test suite
+ TestSetup wrapper = new TestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ setUpPolicy();
+ }
+ protected void tearDown() throws Exception
+ {
+ }
+ };
+ return wrapper;
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/LoginContextTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/LoginContextTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/LoginContextTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,318 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.util.Iterator;
+import java.util.Set;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.Subject;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.SimplePrincipal;
+
+public class LoginContextTestCase extends TestCase
+{
+
+ public LoginContextTestCase(String name)
+ {
+ super(name);
+ }
+
+ protected void setUp() throws Exception
+ {
+ System.setOut(System.err);
+ XMLLoginConfigImpl config = new XMLLoginConfigImpl();
+ config.setConfigResource("login-config.xml");
+ config.loadConfig();
+ Configuration.setConfiguration(config);
+ }
+
+ private void validateSuccessfulLogin(LoginContext lc) throws LoginException
+ {
+ Subject subject = lc.getSubject();
+ assertTrue("case5 subject != null", subject != null);
+ boolean hasGuest = subject.getPrincipals().contains(new SimplePrincipal("guest"));
+ assertTrue("subject has guest principal", hasGuest);
+ lc.logout();
+ hasGuest = subject.getPrincipals().contains(new SimplePrincipal("guest"));
+ assertTrue("subject has guest principal", hasGuest == false);
+ Set publicCreds = subject.getPublicCredentials();
+ assertTrue("public creds has 'A public credential'",
+ publicCreds.contains("A public credential"));
+ Set privateCreds = subject.getPrivateCredentials();
+ assertTrue("private creds has 'A private credential'",
+ privateCreds.contains("A private credential"));
+ Iterator iter = privateCreds.iterator();
+ int count = 0;
+ while( iter.hasNext() )
+ {
+ iter.next();
+ count ++;
+ }
+ assertTrue("private creds has 1 entry", count == 1);
+ }
+
+ public void testCase1() throws Exception
+ {
+ LoginContext lc = new LoginContext("case1");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+
+ public void testCase2() throws Exception
+ {
+ LoginContext lc = new LoginContext("case2");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+
+ public void testCase3() throws Exception
+ {
+ LoginContext lc = new LoginContext("case3");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login3 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ /** This should fail because no login module succeeds
+ *
+ * @throws Exception
+ */
+ public void testCase4() throws Exception
+ {
+ LoginContext lc = new LoginContext("case4");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login4 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase5() throws Exception
+ {
+ LoginContext lc = new LoginContext("case5");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+ public void testCase6() throws Exception
+ {
+ LoginContext lc = new LoginContext("case6");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+ public void testCase7() throws Exception
+ {
+ LoginContext lc = new LoginContext("case7");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+
+ public void testCase8() throws Exception
+ {
+ LoginContext lc = new LoginContext("case8");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login8 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase9() throws Exception
+ {
+ LoginContext lc = new LoginContext("case9");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+
+ public void testCase10() throws Exception
+ {
+ LoginContext lc = new LoginContext("case10");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login10 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase11() throws Exception
+ {
+ LoginContext lc = new LoginContext("case11");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+ public void testCase12() throws Exception
+ {
+ LoginContext lc = new LoginContext("case12");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+
+ public void testCase13() throws Exception
+ {
+ LoginContext lc = new LoginContext("case13");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login13 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase14() throws Exception
+ {
+ LoginContext lc = new LoginContext("case14");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login14 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase15() throws Exception
+ {
+ LoginContext lc = new LoginContext("case15");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login15 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase16() throws Exception
+ {
+ LoginContext lc = new LoginContext("case16");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+
+ public void testCase17() throws Exception
+ {
+ LoginContext lc = new LoginContext("case17");
+ lc.login();
+ validateSuccessfulLogin(lc);
+ }
+
+ public void testCase18() throws Exception
+ {
+ LoginContext lc = new LoginContext("case18");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login18 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase19() throws Exception
+ {
+ LoginContext lc = new LoginContext("case19");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login19 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase20() throws Exception
+ {
+ LoginContext lc = new LoginContext("case20");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login20 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testCase21() throws Exception
+ {
+ LoginContext lc = new LoginContext("case21");
+ try
+ {
+ lc.login();
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ Subject subject = lc.getSubject();
+ assertTrue("case21 subject == null", subject == null);
+ }
+
+ public void testCase22() throws Exception
+ {
+ LoginContext lc = new LoginContext("case22");
+ try
+ {
+ lc.login();
+ fail("LoginContext.login22 did not thrown an exception");
+ }
+ catch(LoginException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+}
Property changes on: branches/Branch_4_0/security/src/tests/org/jboss/test/LoginContextTestCase.java
___________________________________________________________________
Name: svn:executable
+ *
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/LoginModulesTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/LoginModulesTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/LoginModulesTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,689 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.lang.reflect.Method;
+import java.security.acl.Group;
+import java.util.HashMap;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.LogManager;
+import java.util.logging.ConsoleHandler;
+import javax.security.auth.Subject;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.management.MBeanServer;
+import javax.management.MBeanServerFactory;
+import javax.management.ObjectName;
+
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.plugins.JaasSecurityDomain;
+import org.jboss.security.auth.callback.UsernamePasswordHandler;
+import org.jboss.logging.Logger;
+
+/** Tests of the LoginModule classes.
+
+ @author Scott.Stark at jboss.org
+ @version $Revision: 40402 $
+ */
+public class LoginModulesTestCase extends TestCase
+{
+ static
+ {
+ try
+ {
+ Configuration.setConfiguration(new TestConfig());
+ System.out.println("Installed TestConfig as JAAS Configuration");
+ Logger.setPluginClassName("org.jboss.logging.JDK14LoggerPlugin");
+ java.util.logging.Logger security = java.util.logging.Logger.getLogger("org.jboss.security");
+ security.setLevel(Level.FINEST);
+ ConsoleHandler console = new ConsoleHandler();
+ console.setLevel(Level.FINEST);
+ security.addHandler(console);
+ Logger log = Logger.getLogger("org.jboss.security");
+ log.trace("Configured JDK trace logging");
+ }
+ catch(Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+ /** Hard coded login configurations for the test cases. The configuration
+ name corresponds to the unit test function that uses the configuration.
+ */
+ static class TestConfig extends Configuration
+ {
+ public void refresh()
+ {
+ }
+
+ public AppConfigurationEntry[] getAppConfigurationEntry(String name)
+ {
+ AppConfigurationEntry[] entry = null;
+ try
+ {
+ Class[] parameterTypes = {};
+ Method m = getClass().getDeclaredMethod(name, parameterTypes);
+ Object[] args = {};
+ entry = (AppConfigurationEntry[]) m.invoke(this, args);
+ }
+ catch(Exception e)
+ {
+ }
+ return entry;
+ }
+ AppConfigurationEntry[] testLdapExample1()
+ {
+ String name = "org.jboss.security.auth.spi.LdapLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+ options.put("principalDNPrefix", "uid=");
+ options.put("principalDNSuffix", ",ou=People,dc=jboss,dc=org");
+ options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
+ options.put("uidAttributeID", "member");
+ options.put("matchOnUserDN", "true");
+ options.put("roleAttributeID", "cn");
+ options.put("roleAttributeIsDN", "false");
+ options.put("searchTimeLimit", "5000");
+ options.put("searchScope", "ONELEVEL_SCOPE");
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+ AppConfigurationEntry[] testLdapExample11()
+ {
+ String name = "org.jboss.security.auth.spi.LdapLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+ options.put("java.naming.security.principal", "cn=Root,dc=jboss,dc=org");
+ options.put("java.naming.security.credentials", "secret1");
+
+ options.put("principalDNPrefix", "uid=");
+ options.put("principalDNSuffix", ",ou=People,dc=jboss,dc=org");
+ options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
+ options.put("uidAttributeID", "member");
+ options.put("matchOnUserDN", "true");
+ options.put("roleAttributeID", "cn");
+ options.put("roleAttributeIsDN", "false");
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+ AppConfigurationEntry[] testLdapExample11Encrypt()
+ {
+ String name = "org.jboss.security.auth.spi.LdapLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+ options.put("java.naming.security.principal", "cn=Root,dc=jboss,dc=org");
+ // secret1 encrypted
+ options.put("java.naming.security.credentials", "7hInTB4HCBL");
+
+ options.put("jaasSecurityDomain", "jboss.test:service=JaasSecurityDomain,domain=testLdapExample11Encrypt");
+ options.put("principalDNPrefix", "uid=");
+ options.put("principalDNSuffix", ",ou=People,dc=jboss,dc=org");
+ options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
+ options.put("uidAttributeID", "member");
+ options.put("matchOnUserDN", "true");
+ options.put("roleAttributeID", "cn");
+ options.put("roleAttributeIsDN", "false");
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+ AppConfigurationEntry[] testLdapExample2()
+ {
+ String name = "org.jboss.security.auth.spi.LdapLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+ options.put("principalDNPrefix", "uid=");
+ options.put("principalDNSuffix", ",ou=People,o=example2,dc=jboss,dc=org");
+ options.put("rolesCtxDN", "ou=Roles,o=example2,dc=jboss,dc=org");
+ options.put("uidAttributeID", "uid");
+ options.put("matchOnUserDN", "false");
+ options.put("roleAttributeID", "memberOf");
+ options.put("roleAttributeIsDN", "true");
+ options.put("roleNameAttributeID", "cn");
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+
+ /**
+ testLdapExample21 {
+ org.jboss.security.auth.spi.LdapExtLoginModule
+ java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
+ java.naming.provider.url="ldap://lamia/"
+ java.naming.security.authentication=simple
+ bindDN="cn=Root,dc=jboss,dc=org"
+ bindCredential=secret1
+ baseCtxDN="ou=People,dc=jboss,dc=org"
+ baseFilter="(uid={0})"
+ rolesCtxDN="ou=Roles,dc=jboss,dc=org";
+ roleFilter="(member={1})"
+ roleAttributeID="cn"
+ roleRecursion=0
+ };
+ */
+ AppConfigurationEntry[] testLdapExample21()
+ {
+ String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+
+ options.put("bindDN", "cn=Root,dc=jboss,dc=org");
+ options.put("bindCredential", "secret1");
+ options.put("baseCtxDN", "ou=People,dc=jboss,dc=org");
+ options.put("baseFilter", "(uid={0})");
+
+ options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
+ options.put("roleFilter", "(member={1})");
+ options.put("roleAttributeID", "cn");
+ options.put("roleRecursion", "0");
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+ AppConfigurationEntry[] testLdapExample21Encrypt()
+ {
+ String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+
+ options.put("jaasSecurityDomain", "jboss.test:service=JaasSecurityDomain,domain=testLdapExample21Encrypt");
+ options.put("bindDN", "cn=Root,dc=jboss,dc=org");
+ // secret1 encrypted
+ options.put("bindCredential", "7hInTB4HCBL");
+ options.put("baseCtxDN", "ou=People,dc=jboss,dc=org");
+ options.put("baseFilter", "(uid={0})");
+
+ options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
+ options.put("roleFilter", "(member={1})");
+ options.put("roleAttributeID", "cn");
+ options.put("roleRecursion", "0");
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+ /**
+ testLdapExample23 {
+ org.jboss.security.auth.spi.LdapExtLoginModule
+ java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
+ java.naming.provider.url="ldap://lamia/"
+ java.naming.security.authentication=simple
+ bindDN="cn=Root,dc=jboss,dc=org"
+ bindCredential=secret1
+ baseCtxDN="ou=People,o=example3,dc=jboss,dc=org"
+ baseFilter="(cn={0})"
+ rolesCtxDN="ou=Roles,o=example3,dc=jboss,dc=org";
+ roleFilter="(member={1})"
+ roleAttributeID="cn"
+ roleRecursion=0
+ };
+ */
+ AppConfigurationEntry[] testLdapExample23()
+ {
+ String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+
+
+ options.put("bindDN", "cn=Root,dc=jboss,dc=org");
+ options.put("bindCredential", "secret1");
+ options.put("baseCtxDN", "ou=People,o=example3,dc=jboss,dc=org");
+ options.put("baseFilter", "(cn={0})");
+
+ options.put("rolesCtxDN", "ou=Roles,o=example3,dc=jboss,dc=org");
+ options.put("roleFilter", "(member={1})");
+ options.put("roleAttributeID", "cn");
+ options.put("roleRecursion", "0");
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+ /**
+ testLdapExample22 {
+ org.jboss.security.auth.spi.LdapExtLoginModule
+ java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
+ java.naming.provider.url="ldap://lamia/"
+ java.naming.security.authentication=simple
+ bindDN="cn=Root,dc=jboss,dc=org"
+ bindCredential=secret1
+ baseCtxDN="ou=People,o=example2,dc=jboss,dc=org"
+ baseFilter="(uid={0})"
+ rolesCtxDN="ou=Roles,o=example2,dc=jboss,dc=org";
+ roleFilter="(uid={0})"
+ roleAttributeIsDN="cn"
+ roleAttributeID="memberOf"
+ roleNameAttributeID="cn"
+ roleRecursion=0
+ };
+ */
+ AppConfigurationEntry[] testLdapExample22()
+ {
+ String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+
+
+ options.put("bindDN", "cn=Root,dc=jboss,dc=org");
+ options.put("bindCredential", "secret1");
+ options.put("baseCtxDN", "ou=People,o=example2,dc=jboss,dc=org");
+ options.put("baseFilter", "(uid={0})");
+
+ options.put("rolesCtxDN", "ou=Roles,o=example2,dc=jboss,dc=org");
+ options.put("roleFilter", "(uid={0})");
+ options.put("roleAttributeID", "memberOf");
+ options.put("roleAttributeIsDN", "true");
+ options.put("roleNameAttributeID", "cn");
+ options.put("roleRecursion", "0");
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+ /**
+ testLdapExample24 {
+ org.jboss.security.auth.spi.LdapExtLoginModule
+ java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
+ java.naming.provider.url="ldap://lamia/"
+ java.naming.security.authentication=simple
+ bindDN="cn=Root,dc=jboss,dc=org"
+ bindCredential=secret1
+ baseCtxDN="ou=People,o=example4,dc=jboss,dc=org"
+ baseFilter="(cn={0})"
+ rolesCtxDN="ou=Roles,o=example4,dc=jboss,dc=org";
+ roleFilter="(member={1})"
+ roleAttributeID="memberOf"
+ roleRecursion=1
+ };
+ */
+ AppConfigurationEntry[] testLdapExample24()
+ {
+ String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+
+ options.put("bindDN", "cn=Root,dc=jboss,dc=org");
+ options.put("bindCredential", "secret1");
+ options.put("baseCtxDN", "ou=People,o=example4,dc=jboss,dc=org");
+ options.put("baseFilter", "(cn={0})");
+
+ options.put("rolesCtxDN", "ou=Roles,o=example4,dc=jboss,dc=org");
+ options.put("roleFilter", "(member={1})");
+ options.put("roleAttributeID", "cn");
+ options.put("roleRecursion", "1");
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+
+ }
+
+ public LoginModulesTestCase(String testName)
+ {
+ super(testName);
+ }
+
+ public void testLdapExample1() throws Exception
+ {
+ System.out.println("testLdapExample1");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample1", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ }
+ public void testLdapExample11() throws Exception
+ {
+ System.out.println("testLdapExample11");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample11", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ }
+ public void testLdapExample11Encrypt() throws Exception
+ {
+ System.out.println("testLdapExample11Encrypt");
+ MBeanServer server = MBeanServerFactory.createMBeanServer("jboss");
+ JaasSecurityDomain secDomain = new JaasSecurityDomain("testLdapExample11Encrypt");
+ secDomain.setSalt("abcdefgh");
+ secDomain.setIterationCount(13);
+ secDomain.setKeyStorePass("master");
+ secDomain.setManagerServiceName(null);
+ secDomain.start();
+ ObjectName name = new ObjectName("jboss.test:service=JaasSecurityDomain,domain=testLdapExample11Encrypt");
+ server.registerMBean(secDomain, name);
+
+ // secret1 encrypts to 7hInTB4HCBL
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample11Encrypt", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ MBeanServerFactory.releaseMBeanServer(server);
+ }
+ /*
+version: 1
+dn: o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: dcObject
+objectClass: organization
+dc: jboss
+o: JBoss
+
+dn: ou=People,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: People
+
+dn: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: inetOrgPerson
+cn: Java Duke
+employeeNumber: judke-123
+sn: Duke
+uid: jduke
+userPassword:: dGhlZHVrZQ==
+
+dn: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: inetOrgPerson
+cn: Java Duke2
+employeeNumber: judke2-123
+sn: Duke2
+uid: jduke2
+userPassword:: dGhlZHVrZTI=
+
+dn: ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: Roles
+
+dn: uid=jduke,ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: groupUserEx
+memberOf: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
+memberOf: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
+uid: jduke
+
+dn: uid=jduke2,ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: groupUserEx
+memberOf: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
+memberOf: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
+uid: jduke2
+
+dn: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: groupOfNames
+cn: Echo
+description: the echo role
+member: uid=jduke,ou=People,dc=jboss,dc=org
+
+dn: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: groupOfNames
+objectClass: top
+cn: TheDuke
+description: the duke role
+member: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
+
+dn: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: groupOfNames
+cn: Echo2
+description: the Echo2 role
+member: uid=jduke2,ou=People,dc=jboss,dc=org
+
+dn: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: groupOfNames
+objectClass: top
+cn: TheDuke2
+description: the duke2 role
+member: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
+
+dn: cn=JBossAdmin,ou=Roles,o=example2,dc=jboss,dc=org
+objectClass: top
+objectClass: groupOfNames
+cn: JBossAdmin
+description: the JBossAdmin group
+member: uid=jduke,ou=People,dc=jboss,dc=org
+ */
+ public void testLdapExample2() throws Exception
+ {
+ System.out.println("testLdapExample2");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample2", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+ assertFalse("Echo2 is NOT a role", roles.isMember(new SimplePrincipal("Echo2")));
+ assertFalse("TheDuke2 is NOT a role", roles.isMember(new SimplePrincipal("TheDuke2")));
+
+ lc.logout();
+ }
+ public void testLdapExample21() throws Exception
+ {
+ System.out.println("testLdapExample21");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke",
+ "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample21", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ Set principals = subject.getPrincipals();
+ assertTrue("Principals contains jduke", principals.contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ }
+ public void testLdapExample21Encrypt() throws Exception
+ {
+ System.out.println("testLdapExample21Encrypt");
+ MBeanServer server = MBeanServerFactory.createMBeanServer("jboss");
+ JaasSecurityDomain secDomain = new JaasSecurityDomain("testLdapExample21Encrypt");
+ secDomain.setSalt("abcdefgh");
+ secDomain.setIterationCount(13);
+ secDomain.setKeyStorePass("master");
+ secDomain.setManagerServiceName(null);
+ secDomain.start();
+ ObjectName name = new ObjectName("jboss.test:service=JaasSecurityDomain,domain=testLdapExample21Encrypt");
+ server.registerMBean(secDomain, name);
+
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke",
+ "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample21Encrypt", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ Set principals = subject.getPrincipals();
+ assertTrue("Principals contains jduke", principals.contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ MBeanServerFactory.releaseMBeanServer(server);
+ }
+ public void testLdapExample23() throws Exception
+ {
+ System.out.println("testLdapExample23");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke",
+ "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample23", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ Set principals = subject.getPrincipals();
+ assertTrue("Principals contains Java Duke", principals.contains(new SimplePrincipal("Java Duke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ }
+ public void testLdapExample22() throws Exception
+ {
+ System.out.println("testLdapExample22");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke",
+ "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample22", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ Set principals = subject.getPrincipals();
+ assertTrue("Principals contains jduke", principals.contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ }
+ public void testLdapExample24() throws Exception
+ {
+ System.out.println("testLdapExample24");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke",
+ "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testLdapExample24", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: "+subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ Set principals = subject.getPrincipals();
+ assertTrue("Principals contains Java Duke", principals.contains(new SimplePrincipal("Java Duke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("RG2 is a role", roles.isMember(new SimplePrincipal("RG2")));
+ assertTrue("R1 is a role", roles.isMember(new SimplePrincipal("R1")));
+ assertTrue("R2 is a role", roles.isMember(new SimplePrincipal("R2")));
+ assertTrue("R3 is a role", roles.isMember(new SimplePrincipal("R3")));
+ assertFalse("R4 is NOT a role", roles.isMember(new SimplePrincipal("R4")));
+ assertTrue("R5 is a role", roles.isMember(new SimplePrincipal("R5")));
+
+ lc.logout();
+ }
+
+ public static void main(java.lang.String[] args)
+ {
+ System.setErr(System.out);
+ TestSuite suite = new TestSuite(LoginModulesTestCase.class);
+ junit.textui.TestRunner.run(suite);
+ }
+
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermission.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermission.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermission.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,89 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.security.BasicPermission;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import javax.naming.Name;
+
+/** A path like heirarchical permission.
+
+ at author Scott.Stark at jboss.org
+ at version $Revsiion:$
+*/
+public class NamespacePermission extends BasicPermission
+{
+ private PermissionName fullName;
+ private String actions;
+
+ /** Creates new NamespacePermission */
+ public NamespacePermission(String name, String actions)
+ {
+ super(name, actions);
+ this.actions = actions;
+ fullName = new PermissionName(name);
+ }
+ public NamespacePermission(Name name, String actions)
+ {
+ super(name.toString(), actions);
+ this.actions = actions;
+ fullName = new PermissionName(name);
+ }
+
+ public String getActions()
+ {
+ return actions;
+ }
+
+ public PermissionName getFullName()
+ {
+ return fullName;
+ }
+
+ public boolean implies(Permission p)
+ {
+ String pactions = p.getActions();
+ boolean implied = true;
+ for(int n = 0; n < actions.length(); n ++)
+ {
+ char a = actions.charAt(n);
+ char pa = pactions.charAt(n);
+ if( (a != '-' && pa != '-' && pa != a) )
+ {
+ implied = false;
+ break;
+ }
+ else if( a == '-' && pa != '-' )
+ {
+ implied = false;
+ break;
+ }
+ }
+ return implied;
+ }
+
+ public PermissionCollection newPermissionCollection()
+ {
+ return new NamespacePermissionCollection();
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermissionCollection.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermissionCollection.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/NamespacePermissionCollection.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,170 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.NoSuchElementException;
+import java.util.Set;
+import java.util.SortedMap;
+import java.util.TreeMap;
+
+/** The PermissionCollection object for NamespacePermissions.
+
+ at author Scott.Stark at jboss.org
+ at version $Revision: 37390 $
+*/
+public class NamespacePermissionCollection extends PermissionCollection
+{
+ private TreeMap namespacePerms = new TreeMap();
+ private TreeMap namespaceKeys = new TreeMap(new PermissionName.NameLengthComparator());
+
+ /** Creates new NamespacePermission */
+ public NamespacePermissionCollection()
+ {
+ }
+
+ public void add(Permission permission)
+ {
+ if( this.isReadOnly() )
+ throw new SecurityException("Cannot add permission to read-only collection");
+ if( (permission instanceof NamespacePermission) == false )
+ throw new IllegalArgumentException("Only NamespacePermission can be added, invalid="+permission);
+ NamespacePermission np = (NamespacePermission) permission;
+ PermissionName key = np.getFullName();
+ ArrayList tmp = (ArrayList) namespacePerms.get(key);
+ if( tmp == null )
+ {
+ tmp = new ArrayList();
+ namespacePerms.put(key, tmp);
+ namespaceKeys.put(key, key);
+ }
+ tmp.add(np);
+ }
+
+ /** Locate the closest permissions assigned to the namespace. This is based
+ *on the viewing the permission name as a heirarchical PermissionName and
+ */
+ public boolean implies(Permission permission)
+ {
+ boolean implies = false;
+ if( namespacePerms.isEmpty() == true )
+ return false;
+
+ NamespacePermission np = (NamespacePermission) permission;
+ // See if there is an exact permission for the name
+ PermissionName key = np.getFullName();
+ ArrayList tmp = (ArrayList) namespacePerms.get(key);
+ if( tmp == null )
+ { // Find the closest parent position.
+ SortedMap headMap = namespacePerms.headMap(key);
+ try
+ {
+ PermissionName lastKey = (PermissionName) headMap.lastKey();
+ if( lastKey.isParent(key) == true )
+ tmp = (ArrayList) namespacePerms.get(lastKey);
+ else
+ {
+ PermissionName[] keys = {};
+ keys = (PermissionName[]) headMap.keySet().toArray(keys);
+ for(int k = keys.length-1; k >= 0; k --)
+ {
+ lastKey = keys[k];
+ if( lastKey.isParent(key) == true )
+ {
+ tmp = (ArrayList) namespacePerms.get(lastKey);
+ break;
+ }
+ }
+ }
+ }
+ catch(NoSuchElementException e)
+ { /* Assign the first permission
+ Object firstKey = namespacePerms.firstKey();
+ tmp = (ArrayList) namespacePerms.get(firstKey);
+ */
+ }
+ }
+
+ // See if the permission is implied by any we found
+ if( tmp != null )
+ implies = isImplied(tmp, np);
+//System.out.println("NPC["+this+"].implies("+np+") -> "+implies);
+ return implies;
+ }
+
+ public Enumeration elements()
+ {
+ Set s = namespaceKeys.keySet();
+ final Iterator iter = s.iterator();
+ Enumeration elements = new Enumeration()
+ {
+ ArrayList activeEntry;
+ int index;
+ public boolean hasMoreElements()
+ {
+ boolean hasMoreElements = true;
+ if( activeEntry == null || index >= activeEntry.size() )
+ {
+ hasMoreElements = iter.hasNext();
+ activeEntry = null;
+ }
+ return hasMoreElements;
+ }
+ public Object nextElement()
+ {
+ Object next = null;
+ if( activeEntry == null )
+ {
+ Object key = iter.next();
+ activeEntry = (ArrayList) namespacePerms.get(key);
+ index = 0;
+ next = activeEntry.get(index ++);
+ }
+ else
+ {
+ next = activeEntry.get(index ++);
+ }
+ return next;
+ }
+ };
+ return elements;
+ }
+
+
+ private boolean isImplied(ArrayList permissions, NamespacePermission np)
+ {
+ boolean isImplied = false;
+ for(int p = 0; p < permissions.size(); p ++)
+ {
+ Permission perm = (Permission) permissions.get(p);
+ isImplied |= perm.implies(np);
+ if( isImplied == true )
+ break;
+ }
+ return isImplied;
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/NestableGroupTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/NestableGroupTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/NestableGroupTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,168 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.HashSet;
+import java.util.Enumeration;
+import junit.framework.*;
+
+import org.jboss.security.AnybodyPrincipal;
+import org.jboss.security.NobodyPrincipal;
+import org.jboss.security.NestableGroup;
+import org.jboss.security.SimpleGroup;
+import org.jboss.security.SimplePrincipal;
+
+/** Tests of the NestableGroup class.
+
+ at see org.jboss.security.NestableGroup
+
+ at author Scott.Stark at jboss.org
+ at version $Revision: 37390 $
+*/
+public class NestableGroupTestCase extends TestCase
+{
+ static Group[] groups = {
+ new SimpleGroup("roles1"),
+ new SimpleGroup("roles2"),
+ new SimpleGroup("roles3"),
+ new SimpleGroup("roles4")
+ };
+ static
+ {
+ for(int g = 0; g < groups.length; g ++)
+ {
+ for(int m = 0; m < 4; m ++)
+ groups[g].addMember(new SimplePrincipal("user."+g+'.'+m));
+ }
+ }
+ static NestableGroup group = new NestableGroup("Roles");
+
+ public NestableGroupTestCase(String testName)
+ {
+ super(testName);
+ }
+
+ public static Test suite()
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new NestableGroupTestCase("testGetName"));
+ suite.addTest(new NestableGroupTestCase("testEquals"));
+ suite.addTest(new NestableGroupTestCase("testAddMember"));
+ suite.addTest(new NestableGroupTestCase("testRemoveMember"));
+ suite.addTest(new NestableGroupTestCase("testAnybody"));
+ suite.addTest(new NestableGroupTestCase("testNobody"));
+
+ return suite;
+ }
+
+ public void testGetName()
+ {
+ System.out.println("testGetName");
+ assertTrue(group.getName().equals("Roles"));
+ }
+
+ public void testEquals()
+ {
+ System.out.println("testEquals");
+ SimpleGroup CallerPrincipal = new SimpleGroup("Roles");
+ assertTrue(group.equals(CallerPrincipal));
+ }
+
+ /** Test of removeMember method, of class org.jboss.security.NestableGroup. */
+ public void testRemoveMember()
+ {
+ System.out.println("testRemoveMember");
+ for(int g = groups.length -1; g >= 0; g --)
+ {
+ testMembers(g);
+ assertTrue("Remove "+groups[g], group.removeMember(groups[g]));
+ }
+ }
+
+ /** Test of addMember method, of class org.jboss.security.NestableGroup. */
+ public void testAddMember()
+ {
+ System.out.println("testAddMember");
+ for(int g = 0; g < groups.length; g ++)
+ {
+ Group grp = groups[g];
+ group.addMember(grp);
+ testMembers(g);
+ }
+
+ try
+ {
+ group.addMember(new SimplePrincipal("BadGroup"));
+ fail("Was able to add a Principal to NestableGroup");
+ }
+ catch(IllegalArgumentException e)
+ {
+ }
+ }
+
+ public void testAnybody()
+ {
+ System.out.println("testAnybody");
+ group.addMember(groups[0]);
+ boolean isMember = group.isMember(AnybodyPrincipal.ANYBODY_PRINCIPAL);
+ assertTrue("AnybodyPrincipal.isMember", isMember);
+ }
+
+ public void testNobody()
+ {
+ System.out.println("testNobody");
+ SimpleGroup nobodyGroup = new SimpleGroup("<NOBODY>");
+ SimplePrincipal nobody = new SimplePrincipal("<NOBODY>");
+ nobodyGroup.addMember(nobody);
+ group.addMember(nobodyGroup);
+ boolean isMember = group.isMember(NobodyPrincipal.NOBODY_PRINCIPAL);
+ assertTrue("NobodyPrincipal.isMember == false", isMember == false);
+ }
+
+ /** Test of members method, of class org.jboss.security.NestableGroup. */
+ private void testMembers(int grpNo)
+ {
+ String user = "user."+grpNo+'.';
+ HashSet memberSet = new HashSet();
+ for(int m = 0; m < 4; m ++)
+ {
+ Principal p = new SimplePrincipal(user+m);
+ assertTrue("Is member1, "+p, group.isMember(p));
+ memberSet.add(p);
+ }
+
+ Enumeration members = group.members();
+ while( members.hasMoreElements() )
+ {
+ Principal member = (Principal) members.nextElement();
+ assertTrue("Is member2: "+member, memberSet.contains(member));
+ }
+ }
+
+ public static void main(java.lang.String[] args)
+ {
+ junit.textui.TestRunner.run(suite());
+ }
+
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/NestablePrincipalTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/NestablePrincipalTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/NestablePrincipalTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,139 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Enumeration;
+import junit.framework.*;
+
+import org.jboss.security.AnybodyPrincipal;
+import org.jboss.security.NestablePrincipal;
+import org.jboss.security.NobodyPrincipal;
+import org.jboss.security.SimpleGroup;
+import org.jboss.security.SimplePrincipal;
+
+/** Tests of the NestablePrincipal class.
+
+ at see org.jboss.security.NestablePrincipal
+
+ at author Scott.Stark at jboss.org
+ at version $Revision: 37390 $
+*/
+public class NestablePrincipalTestCase extends TestCase
+{
+ static Principal[] principals = {
+ new SimplePrincipal("user1"),
+ new SimplePrincipal("user2"),
+ new SimplePrincipal("user2"),
+ new SimplePrincipal("user3")
+ };
+ static NestablePrincipal principal = new NestablePrincipal("CallerPrincipal");
+
+ public NestablePrincipalTestCase(String testName)
+ {
+ super(testName);
+ }
+
+ public static Test suite()
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new NestablePrincipalTestCase("testGetName"));
+ suite.addTest(new NestablePrincipalTestCase("testEquals"));
+ suite.addTest(new NestablePrincipalTestCase("testAddMember"));
+ suite.addTest(new NestablePrincipalTestCase("testRemoveMember"));
+ suite.addTest(new NestablePrincipalTestCase("testAnybody"));
+ suite.addTest(new NestablePrincipalTestCase("testNobody"));
+
+ return suite;
+ }
+
+ public void testGetName()
+ {
+ System.out.println("testGetName");
+ assertTrue(principal.getName().equals("CallerPrincipal"));
+ }
+
+ public void testEquals()
+ {
+ System.out.println("testEquals");
+ SimpleGroup CallerPrincipal = new SimpleGroup("CallerPrincipal");
+ assertTrue(principal.equals(CallerPrincipal));
+ }
+
+ /** Test of removeMember method, of class org.jboss.security.NestablePrincipal. */
+ public void testRemoveMember()
+ {
+ System.out.println("testRemoveMember");
+ for(int p = principals.length -1; p >= 0; p --)
+ {
+ assertTrue("Remove "+principals[p], principal.removeMember(principals[p]));
+ testMembers();
+ }
+ }
+
+ /** Test of addMember method, of class org.jboss.security.NestablePrincipal. */
+ public void testAddMember()
+ {
+ System.out.println("testAddMember");
+
+ for(int p = 0; p < principals.length; p ++)
+ {
+ Principal user = principals[p];
+ principal.addMember(user);
+ assertTrue("AddMember "+user, principal.isMember(user));
+ testMembers();
+ }
+ }
+
+ public void testAnybody()
+ {
+ System.out.println("testAnybody");
+ principal.addMember(principals[0]);
+ assertTrue("AnybodyPrincipal.isMember", principal.isMember(AnybodyPrincipal.ANYBODY_PRINCIPAL));
+ }
+
+ public void testNobody()
+ {
+ System.out.println("testNobody");
+ SimplePrincipal nobody = new SimplePrincipal("<NOBODY>");
+ principal.addMember(nobody);
+ assertTrue("AnybodyPrincipal.isMember", principal.isMember(NobodyPrincipal.NOBODY_PRINCIPAL) == false);
+ }
+
+ /** Test of members method, of class org.jboss.security.NestablePrincipal. */
+ private void testMembers()
+ {
+ Enumeration members = principal.members();
+ while( members.hasMoreElements() )
+ {
+ Principal user = (Principal) members.nextElement();
+ assertTrue("Members "+user, principal.isMember(user));
+ }
+ }
+
+ public static void main(java.lang.String[] args)
+ {
+ junit.textui.TestRunner.run(suite());
+ }
+
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/PasswordHasher.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/PasswordHasher.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/PasswordHasher.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,75 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import org.jboss.security.Util;
+
+/** A utility program for generating password hashes given the hashAlgorithm,
+hashEncoding, and hashCharset options used by the UsernamePasswordLoginModule.
+The command line usage is:
+PasswordHasher [hashAlgorithm [hashEncoding [hashCharset]]] password
+
+ @author Scott.Stark at jboss.org
+ @version $Revision: 37390 $
+ */
+public class PasswordHasher
+{
+ static String usage = "Usage: [hashAlgorithm [hashEncoding [hashCharset]]] password";
+
+ /** @param args the command line arguments
+ *Usage: [hashAlgorithm [hashEncoding [hashCharset]]] password
+ */
+ public static void main(String[] args)
+ {
+ String hashAlgorithm = "MD5";
+ String hashEncoding = "base64";
+ String hashCharset = null;
+ String password = null;
+ if( args.length == 0 || args[0].startsWith("-h") )
+ throw new IllegalStateException(usage);
+ switch( args.length )
+ {
+ case 4:
+ hashAlgorithm = args[0];
+ hashEncoding = args[1];
+ hashCharset = args[2];
+ password = args[3];
+ break;
+ case 3:
+ hashAlgorithm = args[0];
+ hashEncoding = args[1];
+ password = args[2];
+ break;
+ case 2:
+ hashAlgorithm = args[0];
+ password = args[1];
+ break;
+ case 1:
+ password = args[0];
+ break;
+ }
+ String passwordHash = Util.createPasswordHash(hashAlgorithm, hashEncoding,
+ hashCharset, null, password);
+ System.out.println("passwordHash = "+passwordHash);
+ }
+
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/PermissionName.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/PermissionName.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/PermissionName.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,135 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.io.Serializable;
+import java.security.BasicPermission;
+import java.util.Comparator;
+import java.util.Properties;
+import javax.naming.CompoundName;
+import javax.naming.Name;
+import javax.naming.NamingException;
+
+/** A javax.naming.Name based key class used as the name attribute
+by NamespacePermissions.
+
+ at author Scott.Stark at jboss.org
+ at version $Revision: 37390 $
+*/
+public class PermissionName implements Comparable, Serializable
+{
+ static final long serialVersionUID = 358449172612757607L;
+ /** The Properties used for the project directory heirarchical names */
+ static Name emptyName;
+ static Properties nameSyntax = new Properties();
+ static
+ {
+ nameSyntax.put("jndi.syntax.direction", "left_to_right");
+ nameSyntax.put("jndi.syntax.separator", "/");
+ try
+ {
+ emptyName = new CompoundName("", nameSyntax);
+ }
+ catch(NamingException e)
+ {
+ }
+ }
+ private Name name;
+
+ /** An alternate PermissionName comparator that first orders names by
+ length(longer names before shorter names) to ensure that the most
+ precise names are seen first.
+ */
+ public static class NameLengthComparator implements Comparator
+ {
+ public int compare(Object o1, Object o2)
+ {
+ PermissionName p1 = (PermissionName) o1;
+ PermissionName p2 = (PermissionName) o2;
+ // if p1 is longer than p2, its < p2 -> < 0
+ int compare = p2.size() - p1.size();
+ if( compare == 0 )
+ compare = p1.compareTo(p2);
+ return compare;
+ }
+ }
+
+ /** Creates new NamespacePermission */
+ public PermissionName(String name) throws IllegalArgumentException
+ {
+ try
+ {
+ this.name = new CompoundName(name, nameSyntax);
+ }
+ catch(NamingException e)
+ {
+ throw new IllegalArgumentException(e.toString(true));
+ }
+ }
+ public PermissionName(Name name)
+ {
+ this.name = name;
+ }
+
+ public int compareTo(Object obj)
+ {
+ PermissionName pn = (PermissionName) obj;
+ /* Each level must be compared. The first level to not be equals
+ determines the ordering of the names.
+ */
+ int compare = name.size() - pn.name.size();
+ int length = Math.min(name.size(), pn.name.size());
+ for(int n = 0; compare == 0 && n < length; n ++)
+ {
+ String atom0 = name.get(n);
+ String atom1 = pn.name.get(n);
+ compare = atom0.compareTo(atom1);
+ }
+ return compare;
+ }
+
+ public boolean equals(Object obj)
+ {
+ return compareTo(obj) == 0;
+ }
+
+ public int hashCode()
+ {
+ return name.hashCode();
+ }
+
+ public int size()
+ {
+ return name.size();
+ }
+
+ public boolean isParent(PermissionName childName)
+ {
+ boolean isParent = childName.name.startsWith(name);
+ return isParent;
+ }
+
+ public String toString()
+ {
+ return name.toString();
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/SecurityProviderlTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/SecurityProviderlTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/SecurityProviderlTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,111 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.security.MessageDigest;
+import java.security.Security;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+import org.jboss.crypto.JBossSXProvider;
+import org.jboss.security.Util;
+
+/** Tests of the org.jboss.crypto.* Java Cryptography Architecture plugin
+ classes
+
+ @author Scott.Stark at jboss.org
+ @version $Revision: 37390 $
+ */
+public class SecurityProviderlTestCase extends TestCase
+{
+ public SecurityProviderlTestCase(String name)
+ {
+ super(name);
+ }
+
+ /** Compare Util.sessionKeyHash against the SHA-SRP MessageDigest. This
+ will not match the Util.sessionKeyHash as the algorithm described in
+ RFC2945 does not reverse the odd and even byte arrays as is done in
+ Util.sessionKeyHash.
+ */
+ public void testSHAInterleave() throws Exception
+ {
+ System.out.println("testSHAInterleave");
+ MessageDigest md = MessageDigest.getInstance("SHA-SRP");
+ byte[] test = "session_key".getBytes();
+
+ byte[] hash1 = Util.sessionKeyHash(test);
+ String hash1b64 = Util.encodeBase64(hash1);
+ System.out.println("hash1 = "+hash1b64);
+ byte[] hash2 = md.digest(test);
+ String hash2b64 = Util.encodeBase64(hash2);
+ System.out.println("hash2 = "+hash2b64);
+ super.assertTrue(hash1b64.equals(hash2b64) == false);
+ }
+ /** This should match the Util.sessionKeyHash
+ */
+ public void testSHAReverseInterleave() throws Exception
+ {
+ System.out.println("testSHAReverseInterleave");
+ MessageDigest md = MessageDigest.getInstance("SHA-SRP-Reverse");
+ byte[] test = "session_key".getBytes();
+
+ byte[] hash1 = Util.sessionKeyHash(test);
+ String hash1b64 = Util.encodeBase64(hash1);
+ System.out.println("hash1 = "+hash1b64);
+ byte[] hash2 = md.digest(test);
+ String hash2b64 = Util.encodeBase64(hash2);
+ System.out.println("hash2 = "+hash2b64);
+ super.assertEquals(hash1b64, hash2b64);
+ }
+
+ public static Test suite()
+ {
+ TestSuite suite = new TestSuite(SecurityProviderlTestCase.class);
+
+ // Create an initializer for the test suite
+ TestSetup wrapper = new TestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ Util.init();
+ JBossSXProvider provider = new JBossSXProvider();
+ Security.addProvider(provider);
+ }
+ protected void tearDown() throws Exception
+ {
+ Security.removeProvider(JBossSXProvider.PROVIDER_NAME);
+ }
+ };
+ return wrapper;
+ }
+
+ public static void main(java.lang.String[] args)
+ {
+ System.setErr(System.out);
+ Test suite = suite();
+ junit.textui.TestRunner.run(suite);
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/SunConfigParserTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/SunConfigParserTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/SunConfigParserTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,129 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.io.InputStreamReader;
+import java.net.URL;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.auth.login.SunConfigParser;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+
+/** Tests of the Sun login configuration file format parser
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision: 37390 $
+ */
+public class SunConfigParserTestCase extends TestCase
+{
+
+ public SunConfigParserTestCase(String name)
+ {
+ super(name);
+ }
+
+ /** Test the Sun config file parser directly.
+ *
+ * @throws Exception
+ */
+ public void testParser() throws Exception
+ {
+ XMLLoginConfigImpl config = new XMLLoginConfigImpl();
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ URL configURL = loader.getResource("login-config.conf");
+ InputStreamReader configFile = new InputStreamReader(configURL.openStream());
+ SunConfigParser.doParse(configFile, config, true);
+
+ AppConfigurationEntry[] entry = config.getAppConfigurationEntry("case1");
+ assertTrue("case1 entry != null", entry != null);
+ assertTrue("case1.length == 2", entry.length == 2);
+ assertTrue("case1[0].module == org.jboss.test.TestLoginModule",
+ entry[0].getLoginModuleName().equals("org.jboss.test.TestLoginModule"));
+ assertTrue("case1[0].flag == required",
+ entry[0].getControlFlag() == LoginModuleControlFlag.REQUIRED);
+ assertTrue("case1[0].option(name) == 1.1",
+ entry[0].getOptions().get("name").equals("1.1"));
+ assertTrue("case1[0].option(succeed) == true",
+ entry[0].getOptions().get("succeed").equals("true"));
+ assertTrue("case1[0].option(throwEx) == false",
+ entry[0].getOptions().get("throwEx").equals("false"));
+
+ entry = config.getAppConfigurationEntry("case2");
+ assertTrue("case2 entry != null", entry != null);
+ assertTrue("case2.length == 2", entry.length == 2);
+ assertTrue("case2[0].module = org.jboss.test.TestLoginModule",
+ entry[0].getLoginModuleName().equals("org.jboss.test.TestLoginModule"));
+ assertTrue("case2[0].flag == optional",
+ entry[0].getControlFlag() == LoginModuleControlFlag.OPTIONAL);
+ assertTrue("case2[1].option(name) == 2.2",
+ entry[1].getOptions().get("name").equals("2.2"));
+ assertTrue("case2[1].option(succeed) == false",
+ entry[1].getOptions().get("succeed").equals("false"));
+ assertTrue("case2[1].option(throwEx) == true",
+ entry[1].getOptions().get("throwEx").equals("true"));
+ }
+
+ /** Test the Sun config file parser by creating a XMLLoginConfig with a
+ * URL pointing to a Sun format config file.
+ *
+ * @throws Exception
+ */
+ public void testSunLoginConfig() throws Exception
+ {
+ XMLLoginConfigImpl config = new XMLLoginConfigImpl();
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ URL configURL = loader.getResource("login-config.conf");
+ config.setConfigURL(configURL);
+ config.loadConfig();
+
+ AppConfigurationEntry[] entry = config.getAppConfigurationEntry("case1");
+ assertTrue("case1 entry != null", entry != null);
+ assertTrue("case1.length == 2", entry.length == 2);
+ assertTrue("case1[0].module == org.jboss.test.TestLoginModule",
+ entry[0].getLoginModuleName().equals("org.jboss.test.TestLoginModule"));
+ assertTrue("case1[0].flag == required",
+ entry[0].getControlFlag() == LoginModuleControlFlag.REQUIRED);
+ assertTrue("case1[0].option(name) == 1.1",
+ entry[0].getOptions().get("name").equals("1.1"));
+ assertTrue("case1[0].option(succeed) == true",
+ entry[0].getOptions().get("succeed").equals("true"));
+ assertTrue("case1[0].option(throwEx) == false",
+ entry[0].getOptions().get("throwEx").equals("false"));
+
+ entry = config.getAppConfigurationEntry("case2");
+ assertTrue("case2 entry != null", entry != null);
+ assertTrue("case2.length == 2", entry.length == 2);
+ assertTrue("case2[0].module = org.jboss.test.TestLoginModule",
+ entry[0].getLoginModuleName().equals("org.jboss.test.TestLoginModule"));
+ assertTrue("case2[0].flag == optional",
+ entry[0].getControlFlag() == LoginModuleControlFlag.OPTIONAL);
+ assertTrue("case2[1].option(name) == 2.2",
+ entry[1].getOptions().get("name").equals("2.2"));
+ assertTrue("case2[1].option(succeed) == false",
+ entry[1].getOptions().get("succeed").equals("false"));
+ assertTrue("case2[1].option(throwEx) == true",
+ entry[1].getOptions().get("throwEx").equals("true"));
+ }
+}
Property changes on: branches/Branch_4_0/security/src/tests/org/jboss/test/SunConfigParserTestCase.java
___________________________________________________________________
Name: svn:executable
+ *
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/TestJCE.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/TestJCE.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/TestJCE.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,165 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.io.Serializable;
+import java.math.BigInteger;
+import java.security.AlgorithmParameters;
+import java.security.Key;
+import java.security.KeyException;
+import java.security.MessageDigest;
+import java.security.Provider;
+import java.security.SecureRandom;
+import java.security.Security;
+import java.util.Iterator;
+import java.lang.reflect.Constructor;
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SealedObject;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+/** Tests of the Java Cryptography Extension framework
+ @author Scott.Stark at jboss.org
+ @version $Revision: 37390 $
+*/
+public class TestJCE
+{
+ static void showProviders() throws Exception
+ {
+ Provider[] providers = Security.getProviders();
+ for(int p = 0; p < providers.length; p ++)
+ {
+ Iterator iter = providers[p].keySet().iterator();
+ System.out.println("Provider: "+providers[p].getInfo());
+ while( iter.hasNext() )
+ {
+ String key = (String) iter.next();
+ System.out.println(" key="+key+", value="+providers[p].getProperty(key));
+ }
+ }
+ }
+
+ static void testBlowfish() throws Exception
+ {
+ KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
+ Cipher cipher = Cipher.getInstance("Blowfish");
+ SecretKey key = null;
+ int minKeyBits = -1, maxKeyBits = 0;
+ int minCipherBits = -1, maxCipherBits = 0;
+ for(int size = 1; size <= 448/8; size ++)
+ {
+ int bits = size * 8;
+ try
+ {
+ kgen.init(bits);
+ key = kgen.generateKey();
+ if( minKeyBits == -1 )
+ minKeyBits = bits;
+ maxKeyBits = bits;
+ }
+ catch(Exception e)
+ {
+ System.out.println("Failed to create key with bits="+bits);
+ e.printStackTrace();
+ continue;
+ }
+
+ try
+ {
+ cipher.init(Cipher.ENCRYPT_MODE, key);
+ if( minCipherBits == -1 )
+ minCipherBits = bits;
+ maxCipherBits = bits;
+ }
+ catch(Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+ System.out.println("Key range: "+minKeyBits+".."+maxKeyBits);
+ System.out.println("Cipher range: "+minCipherBits+".."+maxCipherBits);
+ }
+
+ static void testKey() throws Exception
+ {
+ int size = 8 * 24;
+ KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
+ kgen.init(size);
+ SecretKey key = kgen.generateKey();
+ byte[] kbytes = key.getEncoded();
+ System.out.println("key.Algorithm = "+key.getAlgorithm());
+ System.out.println("key.Format = "+key.getFormat());
+ System.out.println("key.Encoded Size = "+kbytes.length);
+
+ Cipher cipher = Cipher.getInstance("Blowfish");
+ AlgorithmParameters params = cipher.getParameters();
+ System.out.println("Blowfish.params = "+params);
+ cipher.init(Cipher.ENCRYPT_MODE, key);
+ SealedObject msg = new SealedObject("This is a secret", cipher);
+
+ SecretKeySpec serverKey = new SecretKeySpec(kbytes, "Blowfish");
+ Cipher scipher = Cipher.getInstance("Blowfish");
+ scipher.init(Cipher.DECRYPT_MODE, serverKey);
+ String theMsg = (String) msg.getObject(scipher);
+ System.out.println("Decrypted: "+theMsg);
+
+ SecureRandom rnd = SecureRandom.getInstance("SHA1PRNG");
+ BigInteger bi = new BigInteger(320, rnd);
+ byte[] k2bytes = bi.toByteArray();
+ SecretKeySpec keySpec = new SecretKeySpec(k2bytes, "Blowfish");
+ System.out.println("key2.Algorithm = "+key.getAlgorithm());
+ System.out.println("key2.Format = "+key.getFormat());
+ System.out.println("key2.Encoded Size = "+kbytes.length);
+ }
+
+ static void testKey2() throws Exception
+ {
+ byte[] key = new byte[40];
+ for(int n = 0; n < 40; n ++)
+ key[n] = (byte) (n+100);
+ String cipherAlgorithm = "Blowfish";
+ Class[] signature = {key.getClass(), String.class};
+ Object[] args = {key, cipherAlgorithm};
+ Object secretKey = null;
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ Class secretKeySpecClass = loader.loadClass("javax.crypto.spec.SecretKeySpec");
+ Constructor ctor = secretKeySpecClass.getDeclaredConstructor(signature);
+ secretKey = ctor.newInstance(args);
+ System.out.println("SecretKey: "+secretKey);
+ }
+ public static void main(String[] args)
+ {
+ try
+ {
+ System.setOut(System.err);
+ TestJCE tst = new TestJCE();
+ //tst.showProviders();
+ tst.testKey2();
+ //tst.testBlowfish();
+ }
+ catch(Throwable t)
+ {
+ t.printStackTrace();
+ }
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/TestLogin.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/TestLogin.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/TestLogin.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,36 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.security.*;
+import javax.security.auth.*;
+
+public class TestLogin
+{
+ public static void main(String[] args) throws Exception
+ {
+ System.setProperty("java.security.policy", "policy");
+ System.out.println("java.security.manager = "+System.getProperty("java.security.manager"));
+ Permission p = new AuthPermission("getLoginConfiguration");
+ AccessController.checkPermission(p);
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/TestLoginModule.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/TestLoginModule.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/TestLoginModule.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,90 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.util.Map;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+import org.jboss.security.SimplePrincipal;
+
+public class TestLoginModule implements LoginModule
+{
+ Subject subject;
+ String principal;
+ String name;
+ boolean succeed;
+ boolean throwEx;
+
+ public TestLoginModule()
+ {
+ }
+
+ public void initialize(Subject subject, CallbackHandler handler, Map sharedState, Map options)
+ {
+ this.subject = subject;
+ principal = (String) options.get("principal");
+ if( principal == null )
+ principal = "guest";
+ name = (String) options.get("name");
+ String opt = (String) options.get("succeed");
+ succeed = Boolean.valueOf(opt).booleanValue();
+ opt = (String) options.get("throwEx");
+ throwEx = Boolean.valueOf(opt).booleanValue();
+ System.out.println("initialize, name="+name);
+ opt = (String) options.get("initEx");
+ if( Boolean.valueOf(opt) == Boolean.TRUE )
+ throw new IllegalArgumentException("Failed during init, name="+name);
+ }
+
+ public boolean login() throws LoginException
+ {
+ System.out.println("login, name="+name+", succeed="+succeed);
+ if( throwEx )
+ throw new LoginException("Failed during login, name="+name);
+ return succeed;
+ }
+
+ public boolean commit() throws LoginException
+ {
+ System.out.println("commit, name="+name);
+ subject.getPrincipals().add(new SimplePrincipal(principal));
+ subject.getPublicCredentials().add("A public credential");
+ subject.getPrivateCredentials().add("A private credential");
+ return true;
+ }
+
+ public boolean abort() throws LoginException
+ {
+ System.out.println("abort, name="+name);
+ return true;
+ }
+
+ public boolean logout() throws LoginException
+ {
+ System.out.println("logout, name="+name);
+ subject.getPrincipals().remove(new SimplePrincipal(principal));
+ return succeed;
+ }
+
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/ThreadLocalTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/ThreadLocalTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/ThreadLocalTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,100 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+import org.jboss.security.SimplePrincipal;
+
+/** Tests of propagating the security identity across threads using
+InheritableThreadLocal.
+
+ at author Scott.Stark at jboss.org
+ at version $Revision: 37390 $
+*/
+public class ThreadLocalTestCase extends TestCase
+{
+ private static InheritableThreadLocal thread_principal = new InheritableThreadLocal();
+ private static InheritableThreadLocal thread_credential = new InheritableThreadLocal();
+ private static String USER = "jduke";
+ private static String PASSWORD = "theduke";
+
+ public ThreadLocalTestCase(String name)
+ {
+ super(name);
+ }
+
+ public void testSecurityPropagation() throws Exception
+ {
+ // Assign the principal & crendentials for this thread
+ SimplePrincipal user = new SimplePrincipal(USER);
+ thread_principal.set(user);
+ thread_credential.set(PASSWORD);
+ // Spawn a thread
+ Thread t = new Thread(new Child(), "testSecurityPropagation");
+ t.start();
+ t.join();
+ }
+
+ public void testSecurityPropagation2() throws Exception
+ {
+ // Assign the principal & crendentials for this thread
+ SimplePrincipal user = new SimplePrincipal(USER);
+ thread_principal.set(user);
+ thread_credential.set(PASSWORD);
+ // Spawn a thread
+ Thread t = new Thread(new Child(), "testSecurityPropagation");
+ // See that changing the current thread info is not seen by children threads
+ thread_principal.set(new SimplePrincipal("other"));
+ thread_credential.set("otherpass");
+ t.start();
+ t.join();
+ }
+
+ static class Child implements Runnable
+ {
+ public void run()
+ {
+ Thread t = Thread.currentThread();
+ System.out.println("Child.run begin, t="+t);
+ if( t.getName().equals("testSecurityPropagation") )
+ {
+ SimplePrincipal user = (SimplePrincipal) thread_principal.get();
+ String password = (String) thread_credential.get();
+ if( user.getName().equals(USER) == false )
+ fail("Thread user != "+USER);
+ if( password.equals(PASSWORD) == false )
+ fail("Thread password != "+PASSWORD);
+ }
+ System.out.println("Child.run end, t="+t);
+ }
+ }
+
+ public static void main(java.lang.String[] args)
+ {
+ System.setErr(System.out);
+ TestSuite suite = new TestSuite(ThreadLocalTestCase.class);
+ junit.textui.TestRunner.run(suite);
+ }
+
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/TstTimedCache.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/TstTimedCache.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/TstTimedCache.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,114 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import java.io.FilePermission;
+import java.net.URL;
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Policy;
+
+import org.jboss.util.TimedCachePolicy;
+
+/** Tests of the TimedCachePolicy class.
+
+ at see org.jboss.util.TimedCachePolicy
+
+ at author Scott.Stark at jboss.org
+ at version $Revision: 37390 $
+*/
+public class TstTimedCache
+{
+ static class Refreshable implements TimedCachePolicy.TimedEntry
+ {
+ int refreshes;
+ long expirationTime;
+ Object value;
+ Refreshable(long lifetime, Object value, int refreshes)
+ {
+ this.expirationTime = 1000 * lifetime;
+ this.value = value;
+ this.refreshes = refreshes;
+ }
+ public void init(long now)
+ {
+ expirationTime += now;
+ System.out.println(value+".init("+now+"), expirationTime="+expirationTime);
+ }
+ public boolean isCurrent(long now)
+ {
+ System.out.println(value+".isCurrent("+now+") = "+(expirationTime > now));
+ return expirationTime > now;
+ }
+ public boolean refresh()
+ {
+ refreshes --;
+ System.out.println(value+".refresh() = "+(refreshes > 0));
+ return refreshes > 0;
+ }
+ public void destroy()
+ {
+ System.out.println(value+".destroy()");
+ }
+ public Object getValue()
+ {
+ return value;
+ }
+ }
+
+ /**
+ * @param args the command line arguments
+ */
+ public static void main(String args[])
+ {
+ TimedCachePolicy cache = new TimedCachePolicy(20, false, 1);
+ cache.create();
+ cache.start();
+ cache.insert("1", new Refreshable(5, "value1", 4));
+ cache.insert("2", new Refreshable(3, "value2", 10));
+ cache.insert("3", "value3");
+ long start = System.currentTimeMillis();
+ // Loop until the longest lived value is gone
+ while( cache.peek("2") != null )
+ {
+ long now = System.currentTimeMillis();
+ System.out.println("Elapsed: "+(now - start) / 1000);
+ System.out.println("get(1) -> "+cache.get("1"));
+ System.out.println("get(2) -> "+cache.get("2"));
+ System.out.println("get(3) -> "+cache.get("3"));
+ try
+ {
+ Thread.currentThread().sleep(3*1000);
+ }
+ catch(InterruptedException e)
+ {
+ }
+ }
+ long now = System.currentTimeMillis();
+ System.out.println("End, elapsed: "+(now - start) / 1000);
+ System.out.println("get(1) -> "+cache.get("1"));
+ System.out.println("get(2) -> "+cache.get("2"));
+ System.out.println("get(3) -> "+cache.get("3"));
+ }
+
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/UtilTestCase.java
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/UtilTestCase.java 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/UtilTestCase.java 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,79 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test;
+
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+import org.jboss.security.Util;
+
+/** Tests of the org.jboss.security.Util class
+
+ @author Scott.Stark at jboss.org
+ @version $Revision: 55378 $
+ */
+public class UtilTestCase extends TestCase
+{
+ public UtilTestCase(String name)
+ {
+ super(name);
+ }
+
+ /** Compare Util.encodeBase64 against the sun misc class
+ */
+ public void testBase64() throws Exception
+ {
+ System.out.println("testBase64");
+ byte[] test = "echoman".getBytes();
+ String b64_1 = Util.encodeBase64(test);
+ System.out.println("b64_1 = "+b64_1);
+
+
+ //sun.misc.BASE64Encoder encoder = new sun.misc.BASE64Encoder();
+ //String b64_2 = encoder.encode(test);
+ String b64_2 = javax.mail.internet.MimeUtility.encodeText("echoman", "iso-8859-1", "base64");
+ System.out.println("b64_2 = "+b64_2);
+ super.assertEquals("encodeBase64 == BASE64Encoder", b64_1, b64_2);
+ }
+
+ /** Compare Util.encodeBase16 against the java.math.BigInteger class
+ */
+ public void testBase16() throws Exception
+ {
+ System.out.println("testBase16");
+ byte[] test = "echoman".getBytes();
+ String b16_1 = Util.encodeBase16(test);
+ System.out.println("b16_1 = "+b16_1);
+
+ java.math.BigInteger encoder = new java.math.BigInteger(test);
+ String b16_2 = encoder.toString(16);
+ System.out.println("b16_2 = "+b16_2);
+ super.assertEquals("encodeBase16 == BigInteger", b16_1, b16_2);
+ }
+
+ public static void main(java.lang.String[] args)
+ {
+ System.setErr(System.out);
+ TestSuite suite = new TestSuite(UtilTestCase.class);
+ junit.textui.TestRunner.run(suite);
+ }
+}
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.conf
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.conf 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.conf 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,72 @@
+/* Tests of the behvior of the control flags with multiple
+login modules.
+
+1) Required - The LoginModule is required to succeed.
+ If it succeeds or fails, authentication still continues
+ to proceed down the LoginModule list.
+
+2) Requisite - The LoginModule is required to succeed.
+ If it succeeds, authentication continues down the
+ LoginModule list. If it fails,
+ control immediately returns to the application
+ (authentication does not proceed down the
+ LoginModule list).
+
+3) Sufficient - The LoginModule is not required to
+ succeed. If it does succeed, control immediately
+ returns to the application (authentication does not
+ proceed down the LoginModule list).
+ If it fails, authentication continues down the
+ LoginModule list.
+
+4) Optional - The LoginModule is not required to
+ succeed. If it succeeds or fails,
+ authentication still continues to proceed down the
+ LoginModule list.
+*/
+case1 {
+ org.jboss.test.TestLoginModule required
+ name=1.1
+ succeed=true
+ throwEx='false'
+ ;
+# A comment
+ org.jboss.test.TestLoginModule optional
+ name=1.2
+ succeed=false
+ throwEx="true"
+ ;
+};
+
+// Another comment
+case2 {
+ org.jboss.test.TestLoginModule optional
+ name=2.1
+ succeed=true
+ throwEx='false'
+ ;
+# A comment
+ org.jboss.test.TestLoginModule optional
+ name=2.2
+ succeed=false
+ throwEx="true"
+ ;
+};
+
+srp-test {
+ // Put your login modules that work without jBoss here
+ org.jboss.security.srp.jaas.SRPLoginModule required
+ password-stacking="useFirstPass"
+ principalClassName="org.jboss.security.SimplePrincipal"
+ srpServerJndiName="SRPServerInterface"
+ debug=true
+ ;
+
+ // jBoss LoginModule
+ org.jboss.security.ClientLoginModule required
+ password-stacking="useFirstPass"
+ ;
+
+ // Put your login modules that need jBoss here
+};
+
Property changes on: branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.conf
___________________________________________________________________
Name: svn:executable
+ *
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.xml
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.xml 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.xml 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,416 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<!-- Tests of the behvior of the control flags with multiple
+login modules.
+
+1) Required - The LoginModule is required to succeed.
+ If it succeeds or fails, authentication still continues
+ to proceed down the LoginModule list.
+
+2) Requisite - The LoginModule is required to succeed.
+ If it succeeds, authentication continues down the
+ LoginModule list. If it fails,
+ control immediately returns to the application
+ (authentication does not proceed down the
+ LoginModule list).
+
+3) Sufficient - The LoginModule is not required to
+ succeed. If it does succeed, control immediately
+ returns to the application (authentication does not
+ proceed down the LoginModule list).
+ If it fails, authentication continues down the
+ LoginModule list.
+
+4) Optional - The LoginModule is not required to
+ succeed. If it succeeds or fails,
+ authentication still continues to proceed down the
+ LoginModule list.
+-->
+<policy>
+
+ <application-policy name = "case1">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">1.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">1.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case2">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">2.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">2.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case3">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">3.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">3.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case4">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">4.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">4.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case5">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">5.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">5.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case6">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">6.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">6.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case7">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">7.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">7.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case8">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">8.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">8.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case9">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">9.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">9.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case10">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">10.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">10.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case11">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">11.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">11.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case12">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">12.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">12.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case13">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">13.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">13.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case14">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">14.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">14.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case15">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">15.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">15.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case16">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">16.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">16.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case17">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">17.1</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">17.2</module-option>
+ <module-option name = "succeed">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case18">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "requisite">
+ <module-option name = "name">18.1</module-option>
+ <module-option name = "initEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">18.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">18.3</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case19">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">19.1</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">19.2</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case20">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">20.1</module-option>
+ <module-option name = "succeed">true</module-option>
+ <module-option name = "throwEx">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">20.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">20.3</module-option>
+ <module-option name = "succeed">false</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case21">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">21.1</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">21.2</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "optional">
+ <module-option name = "name">21.3</module-option>
+ <module-option name = "succeed">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "case22">
+ <authentication>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "sufficient">
+ <module-option name = "name">22.1</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">22.2</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ <login-module code = "org.jboss.test.TestLoginModule"
+ flag = "required">
+ <module-option name = "name">22.3</module-option>
+ <module-option name = "throwEx">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+</policy>
Property changes on: branches/Branch_4_0/security/src/tests/org/jboss/test/login-config.xml
___________________________________________________________________
Name: svn:executable
+ *
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/roles.properties
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/roles.properties 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/roles.properties 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,12 @@
+scott=Echo
+stark=Java,Coder
+stark.CallerPrincipal=callerStark
+
+starksm.Roles=ProjectUser
+starksm.CallerPrincipal=callerStarksm
+scott.Roles=ProjectUser
+scott.CallerPrincipal=callerScott
+
+jduke=Role1,Role2
+jdukeman=Role2,Role3
+jdukeman.CallerPrincipal=callerJdukeman
\ No newline at end of file
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/tst-policy.xml
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/tst-policy.xml 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/tst-policy.xml 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,43 @@
+<?xml version = "1.0" encoding = "UTF-8"?>
+<policy>
+<!-- A test application policy that creates a SimplePrincipal with
+a name of 'starksm' for testing the subject based policy permissions.
+-->
+ <application-policy name = "test-domain">
+ <authentication>
+ <login-module code = "org.jboss.security.plugins.samples.IdentityLoginModule" flag = "required">
+ <module-option name = "principal">starksm</module-option>
+ </login-module>
+ </authentication>
+ <authorization>
+ <grant>
+ <principal code = "org.jboss.security.SimplePrincipal" name = "scott"/>
+ <permission code = "org.jboss.test.NamespacePermission" name = "Project1" actions = "rwxd"/>
+ <permission code = "org.jboss.test.NamespacePermission" name = "Project1/Documents/Private" actions = "rw-d"/>
+ </grant>
+ <grant>
+ <principal code = "org.jboss.security.SimplePrincipal" name = "starksm"/>
+ <permission code = "org.jboss.test.NamespacePermission" name = "Project1/Documents/Public" actions = "r---"/>
+ </grant>
+ </authorization>
+ </application-policy>
+
+<!-- A application policy that specifies the SRPLoginModule + JBoss
+ ClientLogin module for testing the secure authentication link.
+-->
+ <application-policy name = "srp-login">
+ <authentication>
+ <login-module code = "org.jboss.security.srp.jaas.SRPLoginModule" flag = "required">
+ <module-option name = "password-stacking">useFirstPass</module-option>
+ <module-option name = "principalClassName">org.jboss.security.SimplePrincipal</module-option>
+ <module-option name = "srpServerJndiName">SRPServerInterface</module-option>
+ <module-option name = "debug">true</module-option>
+ </login-module>
+
+ <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
+ <module-option name = "password-stacking">useFirstPass</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+</policy>
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/tst.policy
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/tst.policy 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/tst.policy 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,55 @@
+// The login module jar
+
+grant codeBase "file:${output.dir}/tests/jbosssx-tests.jar" {
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+ permission javax.security.auth.AuthPermission "modifyPublicCredentials";
+ permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
+ permission javax.security.auth.AuthPermission "refreshCredential";
+ permission javax.security.auth.AuthPermission "destroyCredential";
+};
+
+// The LoginContext client classes
+
+grant codeBase "file:${output.dir}/classes/-" {
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+ permission java.io.FilePermission "hypersonic", "write";
+ permission java.io.FilePermission "hypersonic${/}*", "delete,write";
+ permission java.io.FilePermission "LoginModulesTestCase.log", "write";
+ permission java.lang.RuntimePermission "setIO";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+ permission java.net.SocketPermission "*", "accept,connect";
+ permission java.security.SecurityPermission "insertProvider.JBossSX";
+ permission java.security.SecurityPermission "removeProvider.JBossSX";
+ permission java.security.SecurityPermission "putProviderProperty.JBossSX";
+ permission java.util.PropertyPermission "*", "read, write";
+ permission javax.security.auth.AuthPermission "setLoginConfiguration";
+ permission javax.security.auth.AuthPermission "getLoginConfiguration";
+ permission javax.security.auth.AuthPermission "createLoginContext";
+ permission javax.security.auth.AuthPermission "createLoginContext.*";
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+ permission javax.security.auth.AuthPermission "modifyPublicCredentials";
+ permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
+ permission javax.security.auth.PrivateCredentialPermission "java.lang.String * \"*\"", "read";
+};
+
+grant codeBase "file:${jboss.home}/tools/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${jboss.home}/common/output/-" {
+ permission java.io.FilePermission "<<ALL FILES>>", "read, write";
+ permission java.util.PropertyPermission "*", "read";
+};
+grant codeBase "file:${jboss.home}/naming/output/-" {
+ permission java.net.SocketPermission "*", "accept,connect";
+ permission java.util.PropertyPermission "*", "read,write";
+};
+
+
+// The security layer classes
+grant codeBase "file:${jboss.home}/thirdparty/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${output.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/users.properties
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/users.properties 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/users.properties 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1,4 @@
+scott=echoman
+stark=javaman
+jduke=theduke
+jdukeman=anotherduke
\ No newline at end of file
Added: branches/Branch_4_0/security/src/tests/org/jboss/test/usersb64.properties
===================================================================
--- branches/Branch_4_0/security/src/tests/org/jboss/test/usersb64.properties 2006-08-09 12:54:24 UTC (rev 55437)
+++ branches/Branch_4_0/security/src/tests/org/jboss/test/usersb64.properties 2006-08-09 13:01:49 UTC (rev 55438)
@@ -0,0 +1 @@
+scott=ug1tko1om/N1IdWSSQxwRA==
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list