[jboss-cvs] JBossAS SVN: r91964 - in projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src: test/java/org/jboss/test/authentication/jaas and 1 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Aug 4 10:48:42 EDT 2009


Author: anil.saldhana at jboss.com
Date: 2009-08-04 10:48:41 -0400 (Tue, 04 Aug 2009)
New Revision: 91964

Added:
   projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java
Modified:
   projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java
   projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java
Log:
SECURITY-426: DecodeAction should use JaasSecurityDomain

Modified: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java	2009-08-04 14:41:26 UTC (rev 91963)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java	2009-08-04 14:48:41 UTC (rev 91964)
@@ -25,10 +25,10 @@
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
 
-import javax.crypto.Cipher;
+import javax.management.MBeanServer;
 import javax.management.ObjectName;
 
-import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.mx.util.MBeanServerLocator;
 
 /**
  * PriviledgedActions used by login modules for decoding passwords
@@ -79,18 +79,16 @@
    * @return the decrypted secret
    * @throws Exception
    */
-  private byte[] decode(byte[] secret)
+  private byte[] decode(byte[] passw)
      throws Exception
   {
      SecurityManager sm = System.getSecurityManager();
      if( sm != null )
         sm.checkPermission(decodePermission);
 
-     Cipher cipher = Cipher.getInstance(SecurityConfiguration.getCipherAlgorithm());
-     cipher.init(Cipher.DECRYPT_MODE, SecurityConfiguration.getCipherKey(), 
-           SecurityConfiguration.getCipherSpec());
-     byte[] decode = cipher.doFinal(secret);
-     return decode;
+     MBeanServer server = MBeanServerLocator.locateJBoss();
+     return (byte[]) server.invoke(serviceName, "decode64", new Object[] {passw}, 
+           new String[] {byte[].class.getName()});  
   }
   
    static char[] decode(String password, ObjectName serviceName)

Copied: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java (from rev 91947, projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java)
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java	                        (rev 0)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java	2009-08-04 14:48:41 UTC (rev 91964)
@@ -0,0 +1,139 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors. 
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaas;
+
+import java.io.File;
+import java.util.HashMap;
+
+import javax.management.MBeanServer;
+import javax.management.MBeanServerFactory;
+import javax.management.ObjectName;
+import javax.naming.Context;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.spi.LdapLoginModule;
+import org.jboss.test.security.ldap.OpenDSUnitTestCase;
+
+/**
+ * SECURITY-426: DecodeAction is not using JaasSecurityDomain MBean
+ * @author Anil.Saldhana at redhat.com
+ */
+public class LdapLoginModuleDecodeActionUnitTestCase extends OpenDSUnitTestCase
+{ 
+   private String oname = "jboss.test:service=jaasSecurityDomain";
+   
+   public LdapLoginModuleDecodeActionUnitTestCase(String name)
+   {
+      super(name); 
+   }
+
+
+   @Override
+   protected void setUp() throws Exception
+   {
+      super.setUp();
+      //load it up with example1.ldif
+      String fileName = targetDir + "ldap" + fs + "example1.ldif";
+      boolean op = util.addLDIF(serverHost, port, adminDN, adminPW, new File(fileName).toURL());
+      assertTrue(op);
+      
+      //Setup a configuration
+      Configuration.setConfiguration(new Configuration() 
+      {
+         @SuppressWarnings("unchecked")
+         @Override
+         public AppConfigurationEntry[] getAppConfigurationEntry(String cname)
+         {
+            String name = LdapLoginModule.class.getName();
+            HashMap options = new HashMap();
+            
+            options.put("java.naming.factory.initial", ldapCtxFactory);
+            options.put("java.naming.provider.url","ldap://localhost:10389/");
+            options.put("java.naming.security.authentication","simple");
+            options.put("principalDNPrefix","uid=");
+            options.put("uidAttributeID","userid");
+            options.put("roleAttributeID","roleName");
+            options.put("principalDNSuffix",",ou=People,dc=jboss,dc=org");
+            options.put("rolesCtxDN","cn=JBossSX Tests,ou=Roles,dc=jboss,dc=org");
+            options.put(Context.SECURITY_CREDENTIALS, "somecrazyencryptedstring");
+            options.put("jaasSecurityDomain", oname);
+            
+            
+            AppConfigurationEntry ace = new AppConfigurationEntry(name,
+            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+            AppConfigurationEntry[] entry = {ace};
+            return entry; 
+         }
+
+         @Override
+         public void refresh()
+         {      
+         }
+      });
+      
+      //Setup MBeanServer
+      MBeanServer jbossMBeanServer = MBeanServerFactory.createMBeanServer("jboss");
+      try
+      {
+         Test test = new Test();
+         jbossMBeanServer.registerMBean(test, new ObjectName(oname));
+         //jbossMBeanServer.createMBean(Test.class.getName(), new ObjectName(oname), getClass().getClassLoader()); 
+      }
+      catch(Exception e)
+      {
+         e.printStackTrace();
+      }
+   }
+   
+   public void testLDAPAddDelete() throws Exception
+   {
+      //Ignore
+   }   
+   
+   public void testLDAPDecodeAction() throws Exception
+   {
+      LoginContext lc = new LoginContext("test", new AppCallbackHandler("jduke","theduke".toCharArray()));
+      lc.login();
+   }
+   
+   //We create a MBean that has just one operation for testing purposes
+   public interface TestMBean
+   {
+      byte[] decode64(byte[] secret) throws Exception;
+   }
+   
+   public class Test implements TestMBean
+   {
+      public Test() 
+      {   
+      }
+      
+      //In JBoss environment, the JaasSecurityDomain mbean will perform the decoding
+      public byte[] decode64(byte[] secret) throws Exception
+      {
+         return "theduke".getBytes();
+      }      
+   }
+}
\ No newline at end of file

Modified: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java	2009-08-04 14:41:26 UTC (rev 91963)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java	2009-08-04 14:48:41 UTC (rev 91964)
@@ -41,28 +41,31 @@
  */
 public class OpenDSUnitTestCase extends JBossTestCase
 {   
-   private String serverHost;
-   private String port = "10389";
-   private String adminPW = "password";
-   private String dn = "dc=jboss,dc=org";
-   private String adminDN = "cn=Directory Manager";
-   private OpenDSUtil util = new OpenDSUtil();
+   protected String serverHost;
+   protected String port = "10389";
+   protected String adminPW = "password";
+   protected String dn = "dc=jboss,dc=org";
+   protected String adminDN = "cn=Directory Manager";
+   protected OpenDSUtil util = new OpenDSUtil();
    
    /**
     * Use a different value for the system property on 
     * a JVM that is not shipped by Sun
     */
-   String ldapCtxFactory = System.getProperty("ldapctx.factory",
+   protected String ldapCtxFactory = System.getProperty("ldapctx.factory",
          "com.sun.jndi.ldap.LdapCtxFactory");
 
-   String baseDir = System.getProperty("user.dir");
-   String fs = System.getProperty("file.separator");
+   protected String baseDir = System.getProperty("user.dir");
+   protected String fs = System.getProperty("file.separator");
    
-   String targetDir = "target" + fs + "test-classes" + fs;
-   String openDSDir =   targetDir + "opends" ; 
+   //System property when running in eclipse (-Declipse=jbosssx/ )
+   private String eclipsePath = System.getProperty("eclipse","");
    
-   OpenDS opends = null;
+   protected String targetDir = eclipsePath + "target" + fs + "test-classes" + fs;
+   protected String openDSDir =   targetDir + "opends" ; 
    
+   protected OpenDS opends = null;
+   
    public OpenDSUnitTestCase(String name)
    {
       super(name); 
@@ -72,6 +75,15 @@
    protected void setUp() throws Exception
    {   
       super.setUp();
+      //Ensure openDSDir exists and recycle opends db dir
+      File openDSDirFile = new File(openDSDir);
+      if(openDSDirFile.exists())
+      {
+         File dbDir = new File(openDSDir + fs + "db");
+         assertTrue("Deletion of opendsDir db success", recursiveDeleteDir(dbDir));
+         assertTrue("Creation of opendsDir DB success", dbDir.mkdirs());
+      }   
+      
       serverHost = getServerHost(); 
       
       opends = new OpenDS();
@@ -132,7 +144,7 @@
       }  
    }
     
-   private void shutdown() throws Exception
+   protected void shutdown() throws Exception
    { 
       //Check if the server is running
       if(opends.isRunning())
@@ -149,5 +161,28 @@
       env.put(Context.SECURITY_PRINCIPAL, adminDN);
       env.put(Context.SECURITY_CREDENTIALS, adminPW);
       return new InitialDirContext(env);   
-   } 
+   }
+   
+   private boolean recursiveDeleteDir(File dirPath)
+   {
+      if( dirPath.exists() ) 
+      {
+         File[] files = dirPath.listFiles();
+         for(int i=0; i<files.length; i++) 
+         {
+            if(files[i].isDirectory()) 
+            {
+               recursiveDeleteDir(files[i]);
+            }
+            else 
+            {
+              files[i].delete();
+            }
+         }
+       }
+       if(dirPath.exists())
+          return dirPath.delete();
+       else
+          return true; 
+   }
 }
\ No newline at end of file




More information about the jboss-cvs-commits mailing list