[jboss-svn-commits] JBL Code SVN: r29270 - in labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta: tests/src/org/jboss/soa/esb/services/security/auth/login and 1 other directory.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Wed Sep 9 04:35:24 EDT 2009
Author: beve
Date: 2009-09-09 04:35:23 -0400 (Wed, 09 Sep 2009)
New Revision: 29270
Modified:
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java
Log:
More tests and clean up.
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-09 06:54:29 UTC (rev 29269)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModule.java 2009-09-09 08:35:23 UTC (rev 29270)
@@ -23,7 +23,6 @@
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
-import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
@@ -47,6 +46,8 @@
/**
* JAAS LoginModule for JBoss SecurityTokenService (STS).
+ * This LoginModule only performs validation of existing SAML
+ * Assertions and does not issue and such Assertions.
*
* @author <a href="mailto:dbevenius at jboss.com">Daniel Bevenius</a>
*/
@@ -57,13 +58,12 @@
/**
* Options for this login module
*/
- private Map<String, ?> options;
- public static String SERVICE_NAME_OPTION = "serviceName";
- public static String PORT_NAME_OPTION = "portName";
- public static String ENDPOINT_ADDRESS_OPTION = "endpointAddress";
- public static String USERNAME_OPTION = "username";
- public static String PASSWORD_OPTION = "password";
- public static String SAML_TOKEN_TYPE_OPTION = "samlTokenType";
+ public static final String SERVICE_NAME_OPTION = "serviceName";
+ public static final String PORT_NAME_OPTION = "portName";
+ public static final String ENDPOINT_ADDRESS_OPTION = "endpointAddress";
+ public static final String USERNAME_OPTION = "username";
+ public static final String PASSWORD_OPTION = "password";
+ public static final String SAML_TOKEN_TYPE_OPTION = "samlTokenType";
/**
* The subject to be populated.
@@ -86,12 +86,6 @@
private WSTrustClient wsTrustClient;
/**
- * The type of SAML Token that this LoginModule can handle. This is set
- * through the options configuration.
- */
- private String samlTokenType;
-
- /**
* The outcome of the authentication process.
*/
private boolean success;
@@ -115,8 +109,6 @@
public void initialize(final Subject subject, final CallbackHandler callbackHandler, final Map<String, ?> sharedState, final Map<String, ?> options)
{
this.subject = subject;
- this.callbackHandler = callbackHandler;
- this.options = options;
final String stsServiceName = getRequiredOption(options, SERVICE_NAME_OPTION);
final String stsPortName = getRequiredOption(options, PORT_NAME_OPTION);
@@ -124,7 +116,12 @@
final String stsUserName = getRequiredOption(options, USERNAME_OPTION);
final String stsPassword = getRequiredOption(options, PASSWORD_OPTION);
- samlTokenType = getRequiredOption(options, SAML_TOKEN_TYPE_OPTION);
+
+ if (callbackHandler == null)
+ {
+ throw new IllegalArgumentException("CallbackHandler must not be null");
+ }
+ this.callbackHandler = callbackHandler;
if (wsTrustClient == null)
{
@@ -142,12 +139,12 @@
private String getRequiredOption(final Map<String, ?> options, final String optionName)
{
final String option = (String) options.get(optionName);
- if (option != null)
+ if (option == null)
{
- return option;
+ throw new IllegalArgumentException("Required option '" + optionName + "' was missing from the login modules configuration");
}
- throw new IllegalArgumentException("Required option '" + optionName + "' was missing from the login modules configuration");
+ return option;
}
void setWSTrustClient(final WSTrustClient wsTrustClient)
@@ -169,8 +166,6 @@
samlToken = getSamlTokenFromCaller();
if (samlToken == null)
{
- // Retrieve the Saml Token from the authentiation request.
- samlToken = wsTrustClient.issueToken(samlTokenType);
}
// Verify that the Saml Token is still valid.
Modified: labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java 2009-09-09 06:54:29 UTC (rev 29269)
+++ labs/jbossesb/workspace/dbevenius/saml_support/product/rosetta/tests/src/org/jboss/soa/esb/services/security/auth/login/JBossSTSLoginModuleUnitTest.java 2009-09-09 08:35:23 UTC (rev 29270)
@@ -25,7 +25,6 @@
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
-import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
@@ -104,7 +103,56 @@
boolean login = loginModule.login();
assertTrue(login);
}
-
+
+ @Test (expected = IllegalArgumentException.class)
+ public void missingCallbackHanlder()
+ {
+ Map<String, String> allOptions = allOptions();
+ allOptions.remove(JBossSTSLoginModule.SERVICE_NAME_OPTION);
+ final JBossSTSLoginModule loginModule = new JBossSTSLoginModule();
+ loginModule.setWSTrustClient(mock(WSTrustClient.class));
+ loginModule.initialize(new Subject(), null, null, allOptions());
+ }
+
+ @Test (expected = IllegalArgumentException.class)
+ public void missingServerNameOption()
+ {
+ assertMissingOption(JBossSTSLoginModule.SERVICE_NAME_OPTION);
+ }
+
+ @Test (expected = IllegalArgumentException.class)
+ public void missingPortNameOption()
+ {
+ assertMissingOption(JBossSTSLoginModule.PORT_NAME_OPTION);
+ }
+
+ @Test (expected = IllegalArgumentException.class)
+ public void missingEndpointAddressOption()
+ {
+ assertMissingOption(JBossSTSLoginModule.ENDPOINT_ADDRESS_OPTION);
+ }
+
+ @Test (expected = IllegalArgumentException.class)
+ public void missingUsernameOption()
+ {
+ assertMissingOption(JBossSTSLoginModule.USERNAME_OPTION);
+ }
+
+ @Test (expected = IllegalArgumentException.class)
+ public void missingPasswordOption()
+ {
+ assertMissingOption(JBossSTSLoginModule.PASSWORD_OPTION);
+ }
+
+ private void assertMissingOption(final String optionName)
+ {
+ final Map<String, String> allOptions = allOptions();
+ allOptions.remove(optionName);
+ final JBossSTSLoginModule loginModule = new JBossSTSLoginModule();
+ loginModule.setWSTrustClient(mock(WSTrustClient.class));
+ loginModule.initialize(new Subject(), new JBossSTSCallbackHandler(), null, allOptions);
+ }
+
private Element createSamlToken() throws Exception
{
AssertionType assertionType = new AssertionType();
More information about the jboss-svn-commits
mailing list