[jboss-cvs] JBossAS SVN: r74865 - in branches/Branch_4_2/security/src: tests/org/jboss/test and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jun 19 19:46:17 EDT 2008
Author: mmoyses
Date: 2008-06-19 19:46:17 -0400 (Thu, 19 Jun 2008)
New Revision: 74865
Modified:
branches/Branch_4_2/security/src/main/org/jboss/security/auth/spi/LdapLoginModule.java
branches/Branch_4_2/security/src/tests/org/jboss/test/LoginModulesTestCase.java
Log:
JBAS-4343
Modified: branches/Branch_4_2/security/src/main/org/jboss/security/auth/spi/LdapLoginModule.java
===================================================================
--- branches/Branch_4_2/security/src/main/org/jboss/security/auth/spi/LdapLoginModule.java 2008-06-19 23:05:11 UTC (rev 74864)
+++ branches/Branch_4_2/security/src/main/org/jboss/security/auth/spi/LdapLoginModule.java 2008-06-19 23:46:17 UTC (rev 74865)
@@ -260,7 +260,6 @@
return isValid;
}
- @SuppressWarnings("unchecked")
private void createLdapInitContext(String username, Object credential) throws Exception
{
boolean trace = log.isTraceEnabled();
Modified: branches/Branch_4_2/security/src/tests/org/jboss/test/LoginModulesTestCase.java
===================================================================
--- branches/Branch_4_2/security/src/tests/org/jboss/test/LoginModulesTestCase.java 2008-06-19 23:05:11 UTC (rev 74864)
+++ branches/Branch_4_2/security/src/tests/org/jboss/test/LoginModulesTestCase.java 2008-06-19 23:46:17 UTC (rev 74865)
@@ -1,48 +1,49 @@
-/*
- * JBoss, Home of Professional Open Source.
- * Copyright 2006, Red Hat Middleware LLC, and individual contributors
- * as indicated by the @author tags. See the copyright.txt file in the
- * distribution for a full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.test;
import java.lang.reflect.Method;
import java.security.acl.Group;
-import java.util.Enumeration;
+import java.util.Enumeration;
import java.util.HashMap;
import java.util.Set;
+import java.util.logging.ConsoleHandler;
import java.util.logging.Level;
-import java.util.logging.LogManager;
-import java.util.logging.ConsoleHandler;
+
+import javax.management.MBeanServer;
+import javax.management.MBeanServerFactory;
+import javax.management.ObjectName;
import javax.security.auth.Subject;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
-import javax.management.MBeanServer;
-import javax.management.MBeanServerFactory;
-import javax.management.ObjectName;
import junit.framework.TestCase;
import junit.framework.TestSuite;
+
+import org.jboss.logging.Logger;
import org.jboss.security.SimplePrincipal;
+import org.jboss.security.auth.callback.UsernamePasswordHandler;
import org.jboss.security.plugins.JaasSecurityDomain;
-import org.jboss.security.auth.callback.UsernamePasswordHandler;
-import org.jboss.logging.Logger;
/** Tests of the LoginModule classes.
@@ -52,11 +53,11 @@
public class LoginModulesTestCase extends TestCase
{
static
- {
+ {
try
{
Configuration.setConfiguration(new TestConfig());
- System.out.println("Installed TestConfig as JAAS Configuration");
+ System.out.println("Installed TestConfig as JAAS Configuration");
Logger.setPluginClassName("org.jboss.logging.JDK14LoggerPlugin");
java.util.logging.Logger security = java.util.logging.Logger.getLogger("org.jboss.security");
security.setLevel(Level.FINEST);
@@ -64,13 +65,14 @@
console.setLevel(Level.FINEST);
security.addHandler(console);
Logger log = Logger.getLogger("org.jboss.security");
- log.trace("Configured JDK trace logging");
+ log.trace("Configured JDK trace logging");
}
- catch(Exception e)
+ catch (Exception e)
{
e.printStackTrace();
- }
+ }
}
+
/** Hard coded login configurations for the test cases. The configuration
name corresponds to the unit test function that uses the configuration.
*/
@@ -90,11 +92,12 @@
Object[] args = {};
entry = (AppConfigurationEntry[]) m.invoke(this, args);
}
- catch(Exception e)
+ catch (Exception e)
{
}
return entry;
}
+
AppConfigurationEntry[] testLdapExample1()
{
String name = "org.jboss.security.auth.spi.LdapLoginModule";
@@ -112,10 +115,11 @@
options.put("searchTimeLimit", "5000");
options.put("searchScope", "ONELEVEL_SCOPE");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
+
AppConfigurationEntry[] testLdapExample11()
{
String name = "org.jboss.security.auth.spi.LdapLoginModule";
@@ -134,10 +138,11 @@
options.put("roleAttributeID", "cn");
options.put("roleAttributeIsDN", "false");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
+
AppConfigurationEntry[] testLdapExample11Encrypt()
{
String name = "org.jboss.security.auth.spi.LdapLoginModule";
@@ -158,10 +163,11 @@
options.put("roleAttributeID", "cn");
options.put("roleAttributeIsDN", "false");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
+
AppConfigurationEntry[] testLdapExample2()
{
String name = "org.jboss.security.auth.spi.LdapLoginModule";
@@ -179,7 +185,7 @@
options.put("roleNameAttributeID", "cn");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
@@ -219,10 +225,11 @@
options.put("roleRecursion", "0");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
+
AppConfigurationEntry[] testLdapExample21Encrypt()
{
String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
@@ -244,10 +251,11 @@
options.put("roleRecursion", "0");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
+
/**
testLdapExample23 {
org.jboss.security.auth.spi.LdapExtLoginModule
@@ -272,7 +280,6 @@
options.put("java.naming.provider.url", "ldap://lamia/");
options.put("java.naming.security.authentication", "simple");
-
options.put("bindDN", "cn=Root,dc=jboss,dc=org");
options.put("bindCredential", "secret1");
options.put("baseCtxDN", "ou=People,o=example3,dc=jboss,dc=org");
@@ -284,10 +291,11 @@
options.put("roleRecursion", "0");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
+
/**
testLdapExample22 {
org.jboss.security.auth.spi.LdapExtLoginModule
@@ -314,7 +322,6 @@
options.put("java.naming.provider.url", "ldap://lamia/");
options.put("java.naming.security.authentication", "simple");
-
options.put("bindDN", "cn=Root,dc=jboss,dc=org");
options.put("bindCredential", "secret1");
options.put("baseCtxDN", "ou=People,o=example2,dc=jboss,dc=org");
@@ -328,10 +335,11 @@
options.put("roleRecursion", "0");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
+
/**
testLdapExample24 {
org.jboss.security.auth.spi.LdapExtLoginModule
@@ -367,38 +375,60 @@
options.put("roleRecursion", "1");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry[] entry = {ace};
return entry;
}
-
- AppConfigurationEntry[] testJBAS3312()
- {
- String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
- HashMap options = new HashMap();
- options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
- options.put("java.naming.provider.url", "ldap://lamia/");
- options.put("java.naming.security.authentication", "simple");
-
- options.put("bindDN", "cn=Root,DC=uz,DC=kuleuven,DC=ac,DC=be");
- options.put("bindCredential", "root");
- options.put("baseCtxDN", "ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be");
- options.put("baseFilter", "(sAMAccountName={0})");
-
- options.put("rolesCtxDN", "OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be");
- options.put("roleFilter", "(member={1})");
- options.put("roleAttributeID", "memberOf");
- options.put("roleAttributeIsDN", "true");
- options.put("roleNameAttributeID", "cn");
- options.put("roleRecursion", "5");
- options.put("searchScope", "ONELEVEL_SCOPE");
-
- AppConfigurationEntry ace = new AppConfigurationEntry(name,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
- AppConfigurationEntry[] entry = {ace};
- return entry;
- }
+ AppConfigurationEntry[] testJBAS3312()
+ {
+ String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+
+ options.put("bindDN", "cn=Root,DC=uz,DC=kuleuven,DC=ac,DC=be");
+ options.put("bindCredential", "root");
+ options.put("baseCtxDN", "ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be");
+ options.put("baseFilter", "(sAMAccountName={0})");
+
+ options.put("rolesCtxDN", "OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be");
+ options.put("roleFilter", "(member={1})");
+ options.put("roleAttributeID", "memberOf");
+ options.put("roleAttributeIsDN", "true");
+ options.put("roleNameAttributeID", "cn");
+ options.put("roleRecursion", "5");
+ options.put("searchScope", "ONELEVEL_SCOPE");
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+
+ AppConfigurationEntry[] testJBAS4343()
+ {
+ String name = "org.jboss.security.auth.spi.LdapLoginModule";
+ HashMap options = new HashMap();
+ options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ options.put("java.naming.provider.url", "ldap://lamia/");
+ options.put("java.naming.security.authentication", "simple");
+ options.put("principalDNPrefix", "uid=");
+ options.put("principalDNSuffix", ",ou=People,o=example5,dc=jboss,dc=org");
+ options.put("rolesCtxDN", "ou=Roles,o=example5,dc=jboss,dc=org");
+ options.put("uidAttributeID", "member");
+ options.put("matchOnUserDN", "true");
+ options.put("roleAttributeID", "uid");
+ options.put("roleAttributeIsDN", "false");
+ options.put("searchTimeLimit", "5000");
+ options.put("searchScope", "ONELEVEL_SCOPE");
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+
}
public LoginModulesTestCase(String testName)
@@ -406,6 +436,51 @@
super(testName);
}
+ /* example1
+ dn: dc=jboss,dc=org
+ objectclass: top
+ objectclass: dcObject
+ objectclass: organization
+ dc: jboss
+ o: example1
+
+ dn: ou=People,dc=jboss,dc=org
+ objectclass: top
+ objectclass: organizationalUnit
+ ou: People
+
+ dn: uid=jduke,ou=People,dc=jboss,dc=org
+ objectclass: top
+ objectclass: uidObject
+ objectclass: person
+ uid: jduke
+ cn: Java Duke
+ sn: Duke
+ userPassword: theduke
+
+ dn: ou=Roles,dc=jboss,dc=org
+ objectclass: top
+ objectclass: organizationalUnit
+ ou: Roles
+
+ dn: cn=Echo,ou=Roles,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupOfNames
+ cn: Echo
+ description: the JBossAdmin group
+ member: uid=jduke,ou=People,dc=jboss,dc=org
+
+ dn: cn=TheDuke,ou=Roles,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: TheDuke
+ description: TheDuke role context
+ member: uid=jduke,ou=People,dc=jboss,dc=org
+
+ dn: cn=Root,dc=jboss,dc=org
+ objectclass: organizationalRole
+ cn: Root
+ */
public void testLdapExample1() throws Exception
{
System.out.println("testLdapExample1");
@@ -414,7 +489,7 @@
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
@@ -425,6 +500,7 @@
lc.logout();
}
+
public void testLdapExample11() throws Exception
{
System.out.println("testLdapExample11");
@@ -433,7 +509,7 @@
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
@@ -444,6 +520,7 @@
lc.logout();
}
+
public void testLdapExample11Encrypt() throws Exception
{
System.out.println("testLdapExample11Encrypt");
@@ -463,7 +540,7 @@
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
@@ -475,95 +552,96 @@
lc.logout();
MBeanServerFactory.releaseMBeanServer(server);
}
- /*
-version: 1
-dn: o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: dcObject
-objectClass: organization
-dc: jboss
-o: JBoss
-dn: ou=People,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: organizationalUnit
-ou: People
+ /* example2
+ version: 1
+ dn: o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: dcObject
+ objectClass: organization
+ dc: jboss
+ o: example2
-dn: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: uidObject
-objectClass: person
-objectClass: inetOrgPerson
-cn: Java Duke
-employeeNumber: judke-123
-sn: Duke
-uid: jduke
-userPassword:: dGhlZHVrZQ==
+ dn: ou=People,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: organizationalUnit
+ ou: People
-dn: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: uidObject
-objectClass: person
-objectClass: inetOrgPerson
-cn: Java Duke2
-employeeNumber: judke2-123
-sn: Duke2
-uid: jduke2
-userPassword:: dGhlZHVrZTI=
+ dn: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: uidObject
+ objectClass: person
+ objectClass: inetOrgPerson
+ cn: Java Duke
+ employeeNumber: judke-123
+ sn: Duke
+ uid: jduke
+ userPassword:: dGhlZHVrZQ==
-dn: ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: organizationalUnit
-ou: Roles
+ dn: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: uidObject
+ objectClass: person
+ objectClass: inetOrgPerson
+ cn: Java Duke2
+ employeeNumber: judke2-123
+ sn: Duke2
+ uid: jduke2
+ userPassword:: dGhlZHVrZTI=
-dn: uid=jduke,ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: groupUserEx
-memberOf: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
-memberOf: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
-uid: jduke
+ dn: ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: organizationalUnit
+ ou: Roles
-dn: uid=jduke2,ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: groupUserEx
-memberOf: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
-memberOf: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
-uid: jduke2
+ dn: uid=jduke,ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupUserEx
+ memberOf: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
+ memberOf: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
+ uid: jduke
-dn: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: groupOfNames
-cn: Echo
-description: the echo role
-member: uid=jduke,ou=People,dc=jboss,dc=org
+ dn: uid=jduke2,ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupUserEx
+ memberOf: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
+ memberOf: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
+ uid: jduke2
-dn: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: groupOfNames
-objectClass: top
-cn: TheDuke
-description: the duke role
-member: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
+ dn: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupOfNames
+ cn: Echo
+ description: the echo role
+ member: uid=jduke,ou=People,dc=jboss,dc=org
-dn: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: groupOfNames
-cn: Echo2
-description: the Echo2 role
-member: uid=jduke2,ou=People,dc=jboss,dc=org
+ dn: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: TheDuke
+ description: the duke role
+ member: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
-dn: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: groupOfNames
-objectClass: top
-cn: TheDuke2
-description: the duke2 role
-member: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
+ dn: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupOfNames
+ cn: Echo2
+ description: the Echo2 role
+ member: uid=jduke2,ou=People,dc=jboss,dc=org
-dn: cn=JBossAdmin,ou=Roles,o=example2,dc=jboss,dc=org
-objectClass: top
-objectClass: groupOfNames
-cn: JBossAdmin
-description: the JBossAdmin group
-member: uid=jduke,ou=People,dc=jboss,dc=org
+ dn: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: TheDuke2
+ description: the duke2 role
+ member: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
+
+ dn: cn=JBossAdmin,ou=Roles,o=example2,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupOfNames
+ cn: JBossAdmin
+ description: the JBossAdmin group
+ member: uid=jduke,ou=People,dc=jboss,dc=org
*/
public void testLdapExample2() throws Exception
{
@@ -573,7 +651,7 @@
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
@@ -586,16 +664,16 @@
lc.logout();
}
+
public void testLdapExample21() throws Exception
{
System.out.println("testLdapExample21");
- UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke",
- "theduke".toCharArray());
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
LoginContext lc = new LoginContext("testLdapExample21", handler);
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
Set principals = subject.getPrincipals();
@@ -607,6 +685,7 @@
lc.logout();
}
+
public void testLdapExample21Encrypt() throws Exception
{
System.out.println("testLdapExample21Encrypt");
@@ -620,13 +699,12 @@
ObjectName name = new ObjectName("jboss.test:service=JaasSecurityDomain,domain=testLdapExample21Encrypt");
server.registerMBean(secDomain, name);
- UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke",
- "theduke".toCharArray());
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
LoginContext lc = new LoginContext("testLdapExample21Encrypt", handler);
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
Set principals = subject.getPrincipals();
@@ -639,16 +717,65 @@
lc.logout();
MBeanServerFactory.releaseMBeanServer(server);
}
+
+ /* example3
+ dn: o=example3,dc=jboss,dc=org
+ objectclass: top
+ objectclass: dcObject
+ objectclass: organization
+ dc: jboss
+ o: example3
+
+ dn: ou=People,o=example3,dc=jboss,dc=org
+ objectclass: top
+ objectclass: organizationalUnit
+ ou: People
+
+ dn: uid=jduke,ou=People,o=example3,dc=jboss,dc=org
+ objectclass: top
+ objectclass: uidObject
+ objectclass: person
+ objectClass: inetOrgPerson
+ uid: jduke
+ employeeNumber: judke-123
+ cn: Java Duke
+ sn: Duke
+ userPassword: theduke
+
+ dn: ou=Roles,o=example3,dc=jboss,dc=org
+ objectClass: top
+ objectClass: organizationalUnit
+ ou: Roles
+
+ dn: uid=jduke,ou=Roles,o=example3,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupUserEx
+ memberOf: cn=Echo,ou=Roles,o=example3,dc=jboss,dc=org
+ memberOf: cn=TheDuke,ou=Roles,o=example3,dc=jboss,dc=org
+ uid: jduke
+
+ dn: cn=Echo,ou=Roles,o=example3,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupOfNames
+ cn: Echo
+ description: the JBossAdmin group
+ member: uid=jduke,ou=People,o=example3,dc=jboss,dc=org
+
+ dn: cn=TheDuke,ou=Roles,o=example3,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: TheDuke
+ member: uid=jduke,ou=People,o=example3,dc=jboss,dc=org
+ */
public void testLdapExample23() throws Exception
{
System.out.println("testLdapExample23");
- UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke",
- "theduke".toCharArray());
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke", "theduke".toCharArray());
LoginContext lc = new LoginContext("testLdapExample23", handler);
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
Set principals = subject.getPrincipals();
@@ -660,16 +787,16 @@
lc.logout();
}
+
public void testLdapExample22() throws Exception
{
System.out.println("testLdapExample22");
- UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke",
- "theduke".toCharArray());
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
LoginContext lc = new LoginContext("testLdapExample22", handler);
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
Set principals = subject.getPrincipals();
@@ -681,16 +808,96 @@
lc.logout();
}
+
+ /* example4
+ dn: o=example4,dc=jboss,dc=org
+ objectclass: top
+ objectclass: dcObject
+ objectclass: organization
+ dc: jboss
+ o: example4
+
+ dn: ou=People,o=example4,dc=jboss,dc=org
+ objectclass: top
+ objectclass: organizationalUnit
+ ou: People
+
+ dn: uid=jduke,ou=People,o=example4,dc=jboss,dc=org
+ objectClass: top
+ objectClass: uidObject
+ objectClass: person
+ objectClass: inetOrgPerson
+ cn: Java Duke
+ employeeNumber: jduke-123
+ sn: Duke
+ uid: jduke
+ userPassword:: dGhlZHVrZQ==
+
+ dn: ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: top
+ objectClass: organizationalUnit
+ ou: Roles
+
+ dn: cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: RG1
+ member: cn=empty
+
+ dn: cn=RG2,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: RG2
+ member: cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+ member: uid=jduke,ou=People,o=example4,dc=jboss,dc=org
+
+ dn: cn=RG3,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: RG3
+ member: cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+
+ dn: cn=R1,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: R1
+ member: cn=RG2,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+
+ dn: cn=R2,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: R2
+ member: cn=RG2,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+
+ dn: cn=R3,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: R3
+ member: cn=RG2,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+ member: cn=RG3,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+
+ dn: cn=R4,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: R4
+ member: cn=RG3,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+
+ dn: cn=R5,ou=Roles,o=example4,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: R5
+ member: cn=RG3,cn=RG1,ou=Roles,o=example4,dc=jboss,dc=org
+ member: uid=jduke,ou=People,o=example4,dc=jboss,dc=org
+ */
public void testLdapExample24() throws Exception
{
System.out.println("testLdapExample24");
- UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke",
- "theduke".toCharArray());
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke", "theduke".toCharArray());
LoginContext lc = new LoginContext("testLdapExample24", handler);
lc.login();
Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
+ System.out.println("Subject: " + subject);
Set groups = subject.getPrincipals(Group.class);
Set principals = subject.getPrincipals();
@@ -705,107 +912,166 @@
assertTrue("R5 is a role", roles.isMember(new SimplePrincipal("R5")));
lc.logout();
- }
-
- /* JBAS-3312 testcase
-dn: DC=uz,DC=kuleuven,DC=ac,DC=be
-objectClass: top
-
-dn: ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
-objectClass: organizationalUnit
-ou: People
-
-dn: CN=jduke,ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
-memberOf: ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
-cn: JDuke
-name: Java Duke
-sn: TheDuke
-sAMAccountName: jduke
-userPrincipalName: jduke at jboss.org
-userPassword: theduke
-
-dn: OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-objectClass: top
-objectClass: organizationalUnit
-objectClass: orgUnitEx
-ou: Groups
-objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
-
-
-dn: OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-objectClass: top
-objectClass: organizationalUnit
-objectClass: orgUnitEx
-ou: Informatiesystemen
-objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
-
-
-dn: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-objectClass: top
-objectClass: group
-cn: inf_map_informatiesystemen_lijst
-member: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-member: CN=inf_map_carenet_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-sAMAccountName: inf_map_informatiesystemen_lijst
-objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
-
-
-dn: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-objectClass: top
-objectClass: group
-cn: inf_map_vmware_Lijst
-description: \\uz\data\Admin\VMWare Lijst
-member: CN=inf_map_vmware_iso_S,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-member: CN=inf_map_vmware_iso_L,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-memberOf: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-sAMAccountName: inf_map_vmware_Lijst
-objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
-
-
-dn: CN=inf_map_vmware_iso_S,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-objectClass: top
-objectClass: group
-cn: inf_map_vmware_iso_S
-description: \\uz\data\Admin\VMWare\ISO Schrijven
-member: CN=markv,OU=People,DC=uz,DC=kuleuven,DC=ac,DC=be
-member: CN=jduke,OU=People,DC=uz,DC=kuleuven,DC=ac,DC=be
-memberOf: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-memberOf: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
-sAMAccountName: inf_map_vmware_iso_S
-objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
+ }
+
+ /* JBAS-3312 testcase
+ dn: DC=uz,DC=kuleuven,DC=ac,DC=be
+ objectClass: top
+
+ dn: ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
+ objectClass: organizationalUnit
+ ou: People
+
+ dn: CN=jduke,ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
+ memberOf: ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
+ objectClass: top
+ objectClass: person
+ objectClass: organizationalPerson
+ objectClass: user
+ cn: JDuke
+ name: Java Duke
+ sn: TheDuke
+ sAMAccountName: jduke
+ userPrincipalName: jduke at jboss.org
+ userPassword: theduke
+
+ dn: OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ objectClass: top
+ objectClass: organizationalUnit
+ objectClass: orgUnitEx
+ ou: Groups
+ objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
+
+ dn: OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ objectClass: top
+ objectClass: organizationalUnit
+ objectClass: orgUnitEx
+ ou: Informatiesystemen
+ objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
+
+ dn: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ objectClass: top
+ objectClass: group
+ cn: inf_map_informatiesystemen_lijst
+ member: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ member: CN=inf_map_carenet_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ sAMAccountName: inf_map_informatiesystemen_lijst
+ objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
+
+ dn: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ objectClass: top
+ objectClass: group
+ cn: inf_map_vmware_Lijst
+ description: \\uz\data\Admin\VMWare Lijst
+ member: CN=inf_map_vmware_iso_S,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ member: CN=inf_map_vmware_iso_L,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ memberOf: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ sAMAccountName: inf_map_vmware_Lijst
+ objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
+
+ dn: CN=inf_map_vmware_iso_S,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ objectClass: top
+ objectClass: group
+ cn: inf_map_vmware_iso_S
+ description: \\uz\data\Admin\VMWare\ISO Schrijven
+ member: CN=markv,OU=People,DC=uz,DC=kuleuven,DC=ac,DC=be
+ member: CN=jduke,OU=People,DC=uz,DC=kuleuven,DC=ac,DC=be
+ memberOf: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ memberOf: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
+ sAMAccountName: inf_map_vmware_iso_S
+ objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
*/
- public void testJBAS3312() throws Exception
- {
- System.out.println("testJBAS3312");
- UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke",
- "theduke".toCharArray());
- LoginContext lc = new LoginContext("testJBAS3312", handler);
- lc.login();
-
- Subject subject = lc.getSubject();
- System.out.println("Subject: "+subject);
-
- Set groups = subject.getPrincipals(Group.class);
- Set principals = subject.getPrincipals();
- assertTrue("Principals contains Java Duke", principals.contains(new SimplePrincipal("jduke")));
- assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
- Group roles = (Group) groups.iterator().next();
- Enumeration names = roles.members();
- while( names.hasMoreElements() )
- {
- System.out.println(names.nextElement());
- }
- assertTrue("inf_map_vmware_iso_S is a role", roles.isMember(new SimplePrincipal("inf_map_vmware_iso_S")));
- assertTrue("inf_map_informatiesystemen_lijst is a role", roles.isMember(new SimplePrincipal("inf_map_informatiesystemen_lijst")));
- assertTrue("inf_map_vmware_Lijst is a role", roles.isMember(new SimplePrincipal("inf_map_vmware_Lijst")));
-
- lc.logout();
- }
+ public void testJBAS3312() throws Exception
+ {
+ System.out.println("testJBAS3312");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testJBAS3312", handler);
+ lc.login();
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: " + subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ Set principals = subject.getPrincipals();
+ assertTrue("Principals contains Java Duke", principals.contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ Enumeration names = roles.members();
+ while (names.hasMoreElements())
+ {
+ System.out.println(names.nextElement());
+ }
+ assertTrue("inf_map_vmware_iso_S is a role", roles.isMember(new SimplePrincipal("inf_map_vmware_iso_S")));
+ assertTrue("inf_map_informatiesystemen_lijst is a role", roles.isMember(new SimplePrincipal(
+ "inf_map_informatiesystemen_lijst")));
+ assertTrue("inf_map_vmware_Lijst is a role", roles.isMember(new SimplePrincipal("inf_map_vmware_Lijst")));
+
+ lc.logout();
+ }
+
+ /* JBAS-4343 testcase
+ dn: o=example5,dc=jboss,dc=org
+ objectClass: top
+ objectClass: dcObject
+ objectClass: organization
+ dc: jboss
+ o: example5
+
+ dn: ou=People,o=example5,dc=jboss,dc=org
+ objectclass: top
+ objectclass: organizationalUnit
+ ou: People
+
+ dn: uid=jduke,ou=People,o=example5,dc=jboss,dc=org
+ objectclass: top
+ objectclass: uidObject
+ objectclass: person
+ uid: jduke
+ cn: Java Duke
+ sn: Duke
+ userPassword: theduke
+
+ dn: ou=Roles,o=example5,dc=jboss,dc=org
+ objectclass: top
+ objectclass: organizationalUnit
+ ou: Roles
+
+ dn: cn=Echo,ou=Roles,o=example5,dc=jboss,dc=org
+ objectClass: top
+ objectClass: groupOfNames
+ objectClass: uidObject
+ cn: Echo
+ uid: Echo
+ description: the JBossAdmin group
+ member: uid=jduke,ou=People,o=example5,dc=jboss,dc=org
+
+ dn: cn=TheDuke,ou=Roles,o=example5,dc=jboss,dc=org
+ objectClass: groupOfNames
+ objectClass: top
+ cn: TheDuke
+ description: TheDuke role context
+ member: uid=jduke,ou=People,o=example5,dc=jboss,dc=org
+ */
+ public void testJBAS4343() throws Exception
+ {
+ System.out.println("testJBAS4343");
+ UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray());
+ LoginContext lc = new LoginContext("testJBAS4343", handler);
+ lc.login();
+
+ Subject subject = lc.getSubject();
+ System.out.println("Subject: " + subject);
+
+ Set groups = subject.getPrincipals(Group.class);
+ assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke")));
+ assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles")));
+ Group roles = (Group) groups.iterator().next();
+ assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo")));
+ assertFalse("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke")));
+
+ lc.logout();
+ }
+
public static void main(java.lang.String[] args)
{
System.setErr(System.out);
More information about the jboss-cvs-commits
mailing list