[jboss-cvs] JBossAS SVN: r64293 - in projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi: helpers and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jul 26 02:27:24 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-07-26 02:27:23 -0400 (Thu, 26 Jul 2007)
New Revision: 64293
Added:
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestLoginModule.java
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestServerAuthModule.java
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java
Modified:
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java
projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java
Log:
jaspi tests
Modified: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java 2007-07-26 06:25:32 UTC (rev 64292)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIConfigUnitTestCase.java 2007-07-26 06:27:23 UTC (rev 64293)
@@ -27,6 +27,8 @@
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.config.AuthConfigFactory;
import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ClientAuthContext;
import javax.security.auth.message.config.ServerAuthConfig;
import javax.security.auth.message.config.ServerAuthContext;
@@ -56,7 +58,7 @@
"Test Config Provider");
}
- public void testFactoryConfig() throws Exception
+ public void testServerFactoryConfig() throws Exception
{
assertNotNull("AuthConfigFactory is ! null", factory);
AuthConfigProvider provider = factory.getConfigProvider("TEST", "APP", null);
@@ -71,7 +73,25 @@
assertNotNull("AuthContext ID != null",authContextID);
ServerAuthContext sctx = serverConfig.getAuthContext(authContextID,
new Subject(), new HashMap());
- assertNotNull("ServerAuthContext != null",sctx);
+ assertNotNull("ServerAuthContext != null",sctx);
}
+
+ public void testClientFactoryConfig() throws Exception
+ {
+ assertNotNull("AuthConfigFactory is ! null", factory);
+ AuthConfigProvider provider = factory.getConfigProvider("TEST", "APP", null);
+ assertNotNull("AuthConfigProvider is ! null", provider);
+
+ ClientAuthConfig clientConfig =
+ provider.getClientAuthConfig("TEST", "APP",
+ new AppCallbackHandler("anil","anil".toCharArray()));
+ assertNotNull("ClientAuthConfig ! null", clientConfig);
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = clientConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null",authContextID);
+ ClientAuthContext sctx = clientConfig.getAuthContext(authContextID,
+ new Subject(), new HashMap());
+ assertNotNull("ClientAuthContext != null",sctx);
+ }
}
Added: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/JASPIWorkflowUnitTestCase.java 2007-07-26 06:27:23 UTC (rev 64293)
@@ -0,0 +1,119 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.net.URL;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.AuthConfigFactory;
+import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ServerAuthConfig;
+import javax.security.auth.message.config.ServerAuthContext;
+
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.security.auth.message.GenericMessageInfo;
+import org.jboss.security.auth.message.config.JBossAuthConfigProvider;
+import org.jboss.security.plugins.JBossSecurityContext;
+import org.jboss.security.plugins.SecurityContextAssociation;
+
+import junit.framework.TestCase;
+
+//$Id$
+
+/**
+ * Test the Server side workflow for JASPI
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class JASPIWorkflowUnitTestCase extends TestCase
+{
+ AuthConfigFactory factory = null;
+ String layer = SecurityConstants.SERVLET_LAYER;
+ String appId = "localhost /petstore";
+
+ String configFile="config/jaspi-config.xml";
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ factory = AuthConfigFactory.getFactory();
+ factory.registerConfigProvider(new JBossAuthConfigProvider(new HashMap()),
+ layer, appId, "Test Config Provider");
+
+ JBossSecurityContext jsc = new JBossSecurityContext("conf-jaspi");
+ SecurityContextAssociation.setSecurityContext(jsc);
+
+ XMLLoginConfigImpl xli = new XMLLoginConfigImpl();
+ Configuration.setConfiguration(xli);
+
+ URL configURL = Thread.currentThread().getContextClassLoader().getResource(configFile);
+ assertNotNull("Config URL",configURL);
+
+ xli.setConfigURL(configURL);
+ xli.loadConfig();
+ }
+
+ public void testSuccessfulJASPI() throws Exception
+ {
+ AuthConfigProvider provider = factory.getConfigProvider(layer,appId,null);
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer,appId,
+ new AppCallbackHandler("anil","anilpwd".toCharArray()));
+ assertNotNull("ServerAuthConfig is not null", serverConfig);
+
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = serverConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null",authContextID);
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID,
+ new Subject(), new HashMap());
+ assertNotNull("ServerAuthContext != null",sctx);
+ Subject clientSubject = new Subject();
+ Subject serviceSubject = new Subject();
+ AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
+ assertEquals(AuthStatus.SUCCESS, status );
+ }
+
+ public void testUnSuccessfulJASPI() throws Exception
+ {
+ AuthConfigProvider provider = factory.getConfigProvider(layer,appId,null);
+ ServerAuthConfig serverConfig = provider.getServerAuthConfig(layer,appId,
+ new AppCallbackHandler("anil","badpwd".toCharArray()));
+ assertNotNull("ServerAuthConfig is not null", serverConfig);
+
+ MessageInfo mi = new GenericMessageInfo(new Object(), new Object());
+ String authContextID = serverConfig.getAuthContextID(mi);
+ assertNotNull("AuthContext ID != null",authContextID);
+ ServerAuthContext sctx = serverConfig.getAuthContext(authContextID,
+ new Subject(), new HashMap());
+ assertNotNull("ServerAuthContext != null",sctx);
+ Subject clientSubject = new Subject();
+ Subject serviceSubject = new Subject();
+ AuthStatus status = sctx.validateRequest(mi, clientSubject, serviceSubject);
+ assertEquals(AuthStatus.FAILURE, status );
+ }
+}
Added: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestLoginModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestLoginModule.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestLoginModule.java 2007-07-26 06:27:23 UTC (rev 64293)
@@ -0,0 +1,99 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.jboss.security.SimplePrincipal;
+
+//$Id$
+
+/**
+ * Test Login Module
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 26, 2007
+ * @version $Revision$
+ */
+public class TestLoginModule implements LoginModule
+{
+ private Subject subject;
+ private CallbackHandler cbh;
+ private Map<String, ?> sharedState;
+ private Map<String, ?> options;
+
+ private String username = null;
+
+ public boolean abort() throws LoginException
+ {
+ return true;
+ }
+
+ public boolean commit() throws LoginException
+ {
+ subject.getPrincipals().add(new SimplePrincipal(username));
+ return true;
+ }
+
+ public void initialize(Subject subject,
+ CallbackHandler cbh,
+ Map<String, ?> sharedState,
+ Map<String, ?> options)
+ {
+ this.subject = subject;
+ this.cbh = cbh;
+ this.sharedState = sharedState;
+ this.options = options;
+ }
+
+ public boolean login() throws LoginException
+ {
+ NameCallback nc = new NameCallback("UserName=", "guest");
+ PasswordCallback pwd = new PasswordCallback("Password=", false);
+ try
+ {
+ cbh.handle(new Callback[]{nc,pwd});
+ username = nc.getName();
+ String p = new String(pwd.getPassword());
+ if(username.equals(options.get("principal")) && p.equals(options.get("pass")))
+ return true;
+ }
+ catch (Exception e)
+ {
+ throw new LoginException(e.getLocalizedMessage());
+ }
+ return false;
+ }
+
+ public boolean logout() throws LoginException
+ {
+ subject = null;
+ return false;
+ }
+}
Added: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestServerAuthModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestServerAuthModule.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/TestServerAuthModule.java 2007-07-26 06:27:23 UTC (rev 64293)
@@ -0,0 +1,114 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.module.ServerAuthModule;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+//$Id$
+
+/**
+ * Test Server Auth Module that delegates to a login module stack
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 25, 2007
+ * @version $Revision$
+ */
+public class TestServerAuthModule implements ServerAuthModule
+{
+ private Class[] supportedTypes = new Class[]{HttpServletRequest.class,
+ HttpServletResponse.class};
+ private LoginContext loginContext;
+ private String loginContextName = null;
+ private Map options = new HashMap();
+
+ public TestServerAuthModule(String loginContextName)
+ {
+ this.loginContextName = loginContextName;
+ }
+
+ public Class[] getSupportedMessageTypes()
+ {
+ return supportedTypes;
+ }
+
+ public void initialize(MessagePolicy messagePolicyReq, MessagePolicy messagePolicyResp,
+ CallbackHandler cbh, Map options) throws AuthException
+ {
+ this.options = options;
+ try
+ {
+ loginContext = new LoginContext(loginContextName, cbh);
+ }
+ catch (LoginException e)
+ {
+ throw new RuntimeException(e.getLocalizedMessage());
+ }
+
+ }
+
+ public void cleanSubject(MessageInfo mi, Subject subj) throws AuthException
+ {
+ subj.getPrincipals().clear();
+ subj.getPublicCredentials().clear();
+ subj.getPrivateCredentials().clear();
+ if(this.loginContext != null)
+ try
+ {
+ loginContext.logout();
+ }
+ catch (LoginException e)
+ {
+ throw new RuntimeException(e.getLocalizedMessage());
+ }
+ }
+
+ public AuthStatus secureResponse(MessageInfo mi, Subject clientSubject) throws AuthException
+ {
+ return null;
+ }
+
+ public AuthStatus validateRequest(MessageInfo mi, Subject clientSubject, Subject serviceSubject)
+ throws AuthException
+ {
+ try
+ {
+ this.loginContext.login();
+ }
+ catch (LoginException e)
+ {
+ throw new AuthException(e.getLocalizedMessage());
+ }
+ return AuthStatus.SUCCESS;
+ }
+}
Modified: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java 2007-07-26 06:25:32 UTC (rev 64292)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestAuthConfigProvider.java 2007-07-26 06:27:23 UTC (rev 64293)
@@ -43,7 +43,7 @@
String appcontext, CallbackHandler handler) throws AuthException,
SecurityException
{
- return null;
+ return new TestClientAuthConfig();
}
public ServerAuthConfig getServerAuthConfig(String layer,
Added: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthConfig.java 2007-07-26 06:27:23 UTC (rev 64293)
@@ -0,0 +1,73 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi.helpers;
+
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ClientAuthContext;
+
+//$Id$
+
+/**
+ * Test ClientAuthConfig
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class TestClientAuthConfig implements ClientAuthConfig
+{
+
+ public ClientAuthContext getAuthContext(String authContextID,
+ Subject clientSubject, Map properties)
+ throws AuthException
+ {
+ return new TestClientAuthContext();
+ }
+
+ public String getAppContext()
+ {
+ return "TEST";
+ }
+
+ public String getAuthContextID(MessageInfo messageInfo)
+ {
+ return "AUTHCONTEXTID";
+ }
+
+ public String getMessageLayer()
+ {
+ return "TESTCLIENT";
+ }
+
+ public boolean isProtected()
+ {
+ return false;
+ }
+
+ public void refresh() throws AuthException, SecurityException
+ {
+ }
+}
Added: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/authentication/jaspi/helpers/TestClientAuthContext.java 2007-07-26 06:27:23 UTC (rev 64293)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaspi.helpers;
+
+import javax.security.auth.Subject;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthContext;
+
+//$Id$
+
+/**
+ * Test ClientAuthContext
+ * @author Anil.Saldhana at redhat.com
+ * @since Jul 16, 2007
+ * @version $Revision$
+ */
+public class TestClientAuthContext implements ClientAuthContext
+{
+ public void cleanSubject(MessageInfo messageInfo, Subject arg1)
+ throws AuthException
+ {
+ }
+
+ public AuthStatus secureRequest(MessageInfo messageInfo, Subject arg1)
+ throws AuthException
+ {
+ return null;
+ }
+
+ public AuthStatus validateResponse(MessageInfo messageInfo,
+ Subject arg1, Subject arg2)
+ throws AuthException
+ {
+ return null;
+ }
+}
More information about the jboss-cvs-commits
mailing list