[jboss-cvs] JBossAS SVN: r91964 - in projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src: test/java/org/jboss/test/authentication/jaas and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Aug 4 10:48:42 EDT 2009
Author: anil.saldhana at jboss.com
Date: 2009-08-04 10:48:41 -0400 (Tue, 04 Aug 2009)
New Revision: 91964
Added:
projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java
Modified:
projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java
projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java
Log:
SECURITY-426: DecodeAction should use JaasSecurityDomain
Modified: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java 2009-08-04 14:41:26 UTC (rev 91963)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/main/java/org/jboss/security/auth/spi/DecodeAction.java 2009-08-04 14:48:41 UTC (rev 91964)
@@ -25,10 +25,10 @@
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
-import javax.crypto.Cipher;
+import javax.management.MBeanServer;
import javax.management.ObjectName;
-import org.jboss.security.config.SecurityConfiguration;
+import org.jboss.mx.util.MBeanServerLocator;
/**
* PriviledgedActions used by login modules for decoding passwords
@@ -79,18 +79,16 @@
* @return the decrypted secret
* @throws Exception
*/
- private byte[] decode(byte[] secret)
+ private byte[] decode(byte[] passw)
throws Exception
{
SecurityManager sm = System.getSecurityManager();
if( sm != null )
sm.checkPermission(decodePermission);
- Cipher cipher = Cipher.getInstance(SecurityConfiguration.getCipherAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, SecurityConfiguration.getCipherKey(),
- SecurityConfiguration.getCipherSpec());
- byte[] decode = cipher.doFinal(secret);
- return decode;
+ MBeanServer server = MBeanServerLocator.locateJBoss();
+ return (byte[]) server.invoke(serviceName, "decode64", new Object[] {passw},
+ new String[] {byte[].class.getName()});
}
static char[] decode(String password, ObjectName serviceName)
Copied: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java (from rev 91947, projects/security/security-jboss-sx/trunk/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java)
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java (rev 0)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/authentication/jaas/LdapLoginModuleDecodeActionUnitTestCase.java 2009-08-04 14:48:41 UTC (rev 91964)
@@ -0,0 +1,139 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.authentication.jaas;
+
+import java.io.File;
+import java.util.HashMap;
+
+import javax.management.MBeanServer;
+import javax.management.MBeanServerFactory;
+import javax.management.ObjectName;
+import javax.naming.Context;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+
+import org.jboss.security.auth.callback.AppCallbackHandler;
+import org.jboss.security.auth.spi.LdapLoginModule;
+import org.jboss.test.security.ldap.OpenDSUnitTestCase;
+
+/**
+ * SECURITY-426: DecodeAction is not using JaasSecurityDomain MBean
+ * @author Anil.Saldhana at redhat.com
+ */
+public class LdapLoginModuleDecodeActionUnitTestCase extends OpenDSUnitTestCase
+{
+ private String oname = "jboss.test:service=jaasSecurityDomain";
+
+ public LdapLoginModuleDecodeActionUnitTestCase(String name)
+ {
+ super(name);
+ }
+
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ //load it up with example1.ldif
+ String fileName = targetDir + "ldap" + fs + "example1.ldif";
+ boolean op = util.addLDIF(serverHost, port, adminDN, adminPW, new File(fileName).toURL());
+ assertTrue(op);
+
+ //Setup a configuration
+ Configuration.setConfiguration(new Configuration()
+ {
+ @SuppressWarnings("unchecked")
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String cname)
+ {
+ String name = LdapLoginModule.class.getName();
+ HashMap options = new HashMap();
+
+ options.put("java.naming.factory.initial", ldapCtxFactory);
+ options.put("java.naming.provider.url","ldap://localhost:10389/");
+ options.put("java.naming.security.authentication","simple");
+ options.put("principalDNPrefix","uid=");
+ options.put("uidAttributeID","userid");
+ options.put("roleAttributeID","roleName");
+ options.put("principalDNSuffix",",ou=People,dc=jboss,dc=org");
+ options.put("rolesCtxDN","cn=JBossSX Tests,ou=Roles,dc=jboss,dc=org");
+ options.put(Context.SECURITY_CREDENTIALS, "somecrazyencryptedstring");
+ options.put("jaasSecurityDomain", oname);
+
+
+ AppConfigurationEntry ace = new AppConfigurationEntry(name,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
+ AppConfigurationEntry[] entry = {ace};
+ return entry;
+ }
+
+ @Override
+ public void refresh()
+ {
+ }
+ });
+
+ //Setup MBeanServer
+ MBeanServer jbossMBeanServer = MBeanServerFactory.createMBeanServer("jboss");
+ try
+ {
+ Test test = new Test();
+ jbossMBeanServer.registerMBean(test, new ObjectName(oname));
+ //jbossMBeanServer.createMBean(Test.class.getName(), new ObjectName(oname), getClass().getClassLoader());
+ }
+ catch(Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void testLDAPAddDelete() throws Exception
+ {
+ //Ignore
+ }
+
+ public void testLDAPDecodeAction() throws Exception
+ {
+ LoginContext lc = new LoginContext("test", new AppCallbackHandler("jduke","theduke".toCharArray()));
+ lc.login();
+ }
+
+ //We create a MBean that has just one operation for testing purposes
+ public interface TestMBean
+ {
+ byte[] decode64(byte[] secret) throws Exception;
+ }
+
+ public class Test implements TestMBean
+ {
+ public Test()
+ {
+ }
+
+ //In JBoss environment, the JaasSecurityDomain mbean will perform the decoding
+ public byte[] decode64(byte[] secret) throws Exception
+ {
+ return "theduke".getBytes();
+ }
+ }
+}
\ No newline at end of file
Modified: projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java 2009-08-04 14:41:26 UTC (rev 91963)
+++ projects/security/security-jboss-sx/branches/Branch_2_0/jbosssx/src/test/java/org/jboss/test/security/ldap/OpenDSUnitTestCase.java 2009-08-04 14:48:41 UTC (rev 91964)
@@ -41,28 +41,31 @@
*/
public class OpenDSUnitTestCase extends JBossTestCase
{
- private String serverHost;
- private String port = "10389";
- private String adminPW = "password";
- private String dn = "dc=jboss,dc=org";
- private String adminDN = "cn=Directory Manager";
- private OpenDSUtil util = new OpenDSUtil();
+ protected String serverHost;
+ protected String port = "10389";
+ protected String adminPW = "password";
+ protected String dn = "dc=jboss,dc=org";
+ protected String adminDN = "cn=Directory Manager";
+ protected OpenDSUtil util = new OpenDSUtil();
/**
* Use a different value for the system property on
* a JVM that is not shipped by Sun
*/
- String ldapCtxFactory = System.getProperty("ldapctx.factory",
+ protected String ldapCtxFactory = System.getProperty("ldapctx.factory",
"com.sun.jndi.ldap.LdapCtxFactory");
- String baseDir = System.getProperty("user.dir");
- String fs = System.getProperty("file.separator");
+ protected String baseDir = System.getProperty("user.dir");
+ protected String fs = System.getProperty("file.separator");
- String targetDir = "target" + fs + "test-classes" + fs;
- String openDSDir = targetDir + "opends" ;
+ //System property when running in eclipse (-Declipse=jbosssx/ )
+ private String eclipsePath = System.getProperty("eclipse","");
- OpenDS opends = null;
+ protected String targetDir = eclipsePath + "target" + fs + "test-classes" + fs;
+ protected String openDSDir = targetDir + "opends" ;
+ protected OpenDS opends = null;
+
public OpenDSUnitTestCase(String name)
{
super(name);
@@ -72,6 +75,15 @@
protected void setUp() throws Exception
{
super.setUp();
+ //Ensure openDSDir exists and recycle opends db dir
+ File openDSDirFile = new File(openDSDir);
+ if(openDSDirFile.exists())
+ {
+ File dbDir = new File(openDSDir + fs + "db");
+ assertTrue("Deletion of opendsDir db success", recursiveDeleteDir(dbDir));
+ assertTrue("Creation of opendsDir DB success", dbDir.mkdirs());
+ }
+
serverHost = getServerHost();
opends = new OpenDS();
@@ -132,7 +144,7 @@
}
}
- private void shutdown() throws Exception
+ protected void shutdown() throws Exception
{
//Check if the server is running
if(opends.isRunning())
@@ -149,5 +161,28 @@
env.put(Context.SECURITY_PRINCIPAL, adminDN);
env.put(Context.SECURITY_CREDENTIALS, adminPW);
return new InitialDirContext(env);
- }
+ }
+
+ private boolean recursiveDeleteDir(File dirPath)
+ {
+ if( dirPath.exists() )
+ {
+ File[] files = dirPath.listFiles();
+ for(int i=0; i<files.length; i++)
+ {
+ if(files[i].isDirectory())
+ {
+ recursiveDeleteDir(files[i]);
+ }
+ else
+ {
+ files[i].delete();
+ }
+ }
+ }
+ if(dirPath.exists())
+ return dirPath.delete();
+ else
+ return true;
+ }
}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list