1561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes/* 2561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Licensed to the Apache Software Foundation (ASF) under one or more 3561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * contributor license agreements. See the NOTICE file distributed with 4561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * this work for additional information regarding copyright ownership. 5561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * The ASF licenses this file to You under the Apache License, Version 2.0 6561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * (the "License"); you may not use this file except in compliance with 7561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * the License. You may obtain a copy of the License at 8561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * 9561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * http://www.apache.org/licenses/LICENSE-2.0 10561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * 11561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Unless required by applicable law or agreed to in writing, software 12561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * distributed under the License is distributed on an "AS IS" BASIS, 13561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * See the License for the specific language governing permissions and 15561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * limitations under the License. 16561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 17561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 18561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughespackage org.apache.harmony.auth.tests.module; 19561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 20561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.Principal; 21561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.HashMap; 22561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.Set; 23561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 24561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport javax.security.auth.Subject; 25561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport javax.security.auth.login.LoginException; 26561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 27561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport junit.framework.TestCase; 28561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 29561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.auth.module.KeyStoreLoginModule; 30561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 31561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport tests.support.resource.Support_Resources; 32561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 33561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughespublic class KeyStoreLoginModuleTest extends TestCase { 34561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 35561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // module options 36561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes private HashMap<String, String> options = new HashMap<String, String>(); 37561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 38561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes private final String KEYSTORE_URL = "file:" 39561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + Support_Resources.getAbsoluteResourcePath("hyts_ks.bks"); 40561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 41561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes private final String KEYSTORE_PASSWORD_URL = "file:" 42561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + Support_Resources.getAbsoluteResourcePath("hyts_ks_pass"); 43561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 44561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes private final String KEYSTORE_FAULTPASSWORD_URL = "file:" 45561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + Support_Resources.getAbsoluteResourcePath("fault_pass"); 46561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 47561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes private final String KEYSTORE_ALIAS = "mykey"; 48561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 49561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void test_abort() throws LoginException { 50561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes KeyStoreLoginModule ksm = new KeyStoreLoginModule(); 51561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 52561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should return false if login failed or no login", ksm 53561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .abort()); 54561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 55561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Abort failed"); 56561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 57561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Subject subject = new Subject(); 58561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subject.setReadOnly(); 59561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ksm.initialize(subject, null, null, options); 60561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 61561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should return false if login failed or no login", ksm.abort()); 62561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 63561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.remove("keyStorePasswordURL"); 64561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.put("keyStorePasswordURL", KEYSTORE_FAULTPASSWORD_URL); 65561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subject = new Subject(); 66561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ksm.initialize(subject, null, null, options); 67561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 68561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ksm.login(); 69561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("login should fail"); 70561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 71561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should return false because of login failure", ksm 72561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .abort()); 73561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 74561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.remove("keyStorePasswordURL"); 75561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.put("keyStorePasswordURL", KEYSTORE_PASSWORD_URL); 76561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subject = new Subject(); 77561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ksm.initialize(subject, null, null, options); 78561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ksm.login(); 79561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Should return true if login was successful", ksm 80561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .abort()); 81561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 82561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 83561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void test_commit() { 84561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes KeyStoreLoginModule module = new KeyStoreLoginModule(); 85561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Subject subject = new Subject(); 86561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.initialize(subject, null, null, options); 87561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 88561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Login should be successful", module.login()); 89561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.commit(); 90561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 91561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 92561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Login shouldn't fail"); 93561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 94561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Set<Principal> principals = subject.getPrincipals(); 95561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should get at least one principal", principals.isEmpty()); 96561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Set<Object> subjects = subject.getPrivateCredentials(); 97561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should get at least one private credential", subjects 98561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .isEmpty()); 99561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Set<Object> subjects2 = subject.getPublicCredentials(); 100561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should get at least one public credential", subjects2 101561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .isEmpty()); 102561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subject = new Subject(); 103561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subject.setReadOnly(); 104561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.initialize(subject, null, null, options); 105561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 106561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Commit shouldn't be successful", module.commit()); 107561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Should throw LoginException here because of trying to clear read-only subject"); 108561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 109561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // expected LoginException here 110561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 111561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 112561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 113561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 114561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void test_initialize() { 115561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes KeyStoreLoginModule module = new KeyStoreLoginModule(); 116561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 117561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.initialize(null, null, null, null); 118561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Should throw NullPointerException here."); 119561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (NullPointerException e) { 120561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // expected NullPointerException 121561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 122561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 123561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 124561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void test_login() { 125561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes KeyStoreLoginModule module = new KeyStoreLoginModule(); 126561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashMap<String, String> emptyOptions = new HashMap<String, String>(); 127561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.initialize(null, null, null, emptyOptions); 128561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 129561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.login(); 130561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Should throw LoginException here."); 131561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 132561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // expected LoginException 133561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 134561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 135561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Subject subject = new Subject(); 136561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.initialize(subject, null, null, options); 137561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 138561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Login should be successful", module.login()); 139561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 140561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Login shouldn't fail"); 141561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 142561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.put("keyStorePasswordURL", KEYSTORE_FAULTPASSWORD_URL); 143561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.initialize(subject, null, null, options); 144561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 145561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Login shouldn't be successful", module.login()); 146561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Login should fail"); 147561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 148561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // expected Loginexception here 149561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 150561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 151561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 152561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void test_logout() { 153561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes KeyStoreLoginModule module = new KeyStoreLoginModule(); 154561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Subject subject = new Subject(); 155561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.initialize(subject, null, null, options); 156561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 157561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Login should be successful", module.login()); 158561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes module.commit(); 159561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 160561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Login shouldn't fail"); 161561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 162561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Set<Principal> principals = subject.getPrincipals(); 163561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should get at least one principal", principals.isEmpty()); 164561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Set<Object> subjects = subject.getPrivateCredentials(); 165561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should get at least one private credential", subjects 166561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .isEmpty()); 167561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Set<Object> subjects2 = subject.getPublicCredentials(); 168561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Should get at least one public credential", subjects2 169561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .isEmpty()); 170561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 171561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Should be true", module.logout()); 172561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (LoginException e) { 173561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Logout failed"); 174561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 175561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes principals = subject.getPrincipals(); 176561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Principals should be cleared", principals.isEmpty()); 177561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subjects = subject.getPrivateCredentials(); 178561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Private credential should be cleared", subjects.isEmpty()); 179561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subjects2 = subject.getPublicCredentials(); 180561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Public credential should be cleared", subjects2.isEmpty()); 181561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 182561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 183561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected void setUp() throws Exception { 184561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.put("keyStoreURL", KEYSTORE_URL); 185561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.put("keyStorePasswordURL", KEYSTORE_PASSWORD_URL); 186561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.put("keyStoreAlias", KEYSTORE_ALIAS); 187561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 188561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 189561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes @Override 190561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected void tearDown() throws Exception { 191561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes options.clear(); 192561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 193561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes} 194