001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test;
023:
024: import java.lang.reflect.Method;
025: import java.security.acl.Group;
026: import java.util.Enumeration;
027: import java.util.HashMap;
028: import java.util.Set;
029: import java.util.logging.Level;
030: import java.util.logging.LogManager;
031: import java.util.logging.ConsoleHandler;
032: import javax.security.auth.Subject;
033: import javax.security.auth.login.AppConfigurationEntry;
034: import javax.security.auth.login.Configuration;
035: import javax.security.auth.login.LoginContext;
036: import javax.management.MBeanServer;
037: import javax.management.MBeanServerFactory;
038: import javax.management.ObjectName;
039:
040: import junit.framework.TestCase;
041: import junit.framework.TestSuite;
042: import org.jboss.security.SimplePrincipal;
043: import org.jboss.security.plugins.JaasSecurityDomain;
044: import org.jboss.security.auth.callback.UsernamePasswordHandler;
045: import org.jboss.logging.Logger;
046:
047: /** Tests of the LoginModule classes.
048:
049: @author Scott.Stark@jboss.org
050: @version $Revision: 40402 $
051: */
052: public class LoginModulesTestCase extends TestCase {
053: static {
054: try {
055: Configuration.setConfiguration(new TestConfig());
056: System.out
057: .println("Installed TestConfig as JAAS Configuration");
058: Logger
059: .setPluginClassName("org.jboss.logging.JDK14LoggerPlugin");
060: java.util.logging.Logger security = java.util.logging.Logger
061: .getLogger("org.jboss.security");
062: security.setLevel(Level.FINEST);
063: ConsoleHandler console = new ConsoleHandler();
064: console.setLevel(Level.FINEST);
065: security.addHandler(console);
066: Logger log = Logger.getLogger("org.jboss.security");
067: log.trace("Configured JDK trace logging");
068: } catch (Exception e) {
069: e.printStackTrace();
070: }
071: }
072:
073: /** Hard coded login configurations for the test cases. The configuration
074: name corresponds to the unit test function that uses the configuration.
075: */
076: static class TestConfig extends Configuration {
077: public void refresh() {
078: }
079:
080: public AppConfigurationEntry[] getAppConfigurationEntry(
081: String name) {
082: AppConfigurationEntry[] entry = null;
083: try {
084: Class[] parameterTypes = {};
085: Method m = getClass().getDeclaredMethod(name,
086: parameterTypes);
087: Object[] args = {};
088: entry = (AppConfigurationEntry[]) m.invoke(this , args);
089: } catch (Exception e) {
090: }
091: return entry;
092: }
093:
094: AppConfigurationEntry[] testLdapExample1() {
095: String name = "org.jboss.security.auth.spi.LdapLoginModule";
096: HashMap options = new HashMap();
097: options.put("java.naming.factory.initial",
098: "com.sun.jndi.ldap.LdapCtxFactory");
099: options.put("java.naming.provider.url", "ldap://lamia/");
100: options
101: .put("java.naming.security.authentication",
102: "simple");
103: options.put("principalDNPrefix", "uid=");
104: options.put("principalDNSuffix",
105: ",ou=People,dc=jboss,dc=org");
106: options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
107: options.put("uidAttributeID", "member");
108: options.put("matchOnUserDN", "true");
109: options.put("roleAttributeID", "cn");
110: options.put("roleAttributeIsDN", "false");
111: options.put("searchTimeLimit", "5000");
112: options.put("searchScope", "ONELEVEL_SCOPE");
113: AppConfigurationEntry ace = new AppConfigurationEntry(
114: name,
115: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
116: options);
117: AppConfigurationEntry[] entry = { ace };
118: return entry;
119: }
120:
121: AppConfigurationEntry[] testLdapExample11() {
122: String name = "org.jboss.security.auth.spi.LdapLoginModule";
123: HashMap options = new HashMap();
124: options.put("java.naming.factory.initial",
125: "com.sun.jndi.ldap.LdapCtxFactory");
126: options.put("java.naming.provider.url", "ldap://lamia/");
127: options
128: .put("java.naming.security.authentication",
129: "simple");
130: options.put("java.naming.security.principal",
131: "cn=Root,dc=jboss,dc=org");
132: options.put("java.naming.security.credentials", "secret1");
133:
134: options.put("principalDNPrefix", "uid=");
135: options.put("principalDNSuffix",
136: ",ou=People,dc=jboss,dc=org");
137: options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
138: options.put("uidAttributeID", "member");
139: options.put("matchOnUserDN", "true");
140: options.put("roleAttributeID", "cn");
141: options.put("roleAttributeIsDN", "false");
142: AppConfigurationEntry ace = new AppConfigurationEntry(
143: name,
144: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
145: options);
146: AppConfigurationEntry[] entry = { ace };
147: return entry;
148: }
149:
150: AppConfigurationEntry[] testLdapExample11Encrypt() {
151: String name = "org.jboss.security.auth.spi.LdapLoginModule";
152: HashMap options = new HashMap();
153: options.put("java.naming.factory.initial",
154: "com.sun.jndi.ldap.LdapCtxFactory");
155: options.put("java.naming.provider.url", "ldap://lamia/");
156: options
157: .put("java.naming.security.authentication",
158: "simple");
159: options.put("java.naming.security.principal",
160: "cn=Root,dc=jboss,dc=org");
161: // secret1 encrypted
162: options.put("java.naming.security.credentials",
163: "7hInTB4HCBL");
164:
165: options
166: .put("jaasSecurityDomain",
167: "jboss.test:service=JaasSecurityDomain,domain=testLdapExample11Encrypt");
168: options.put("principalDNPrefix", "uid=");
169: options.put("principalDNSuffix",
170: ",ou=People,dc=jboss,dc=org");
171: options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
172: options.put("uidAttributeID", "member");
173: options.put("matchOnUserDN", "true");
174: options.put("roleAttributeID", "cn");
175: options.put("roleAttributeIsDN", "false");
176: AppConfigurationEntry ace = new AppConfigurationEntry(
177: name,
178: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
179: options);
180: AppConfigurationEntry[] entry = { ace };
181: return entry;
182: }
183:
184: AppConfigurationEntry[] testLdapExample2() {
185: String name = "org.jboss.security.auth.spi.LdapLoginModule";
186: HashMap options = new HashMap();
187: options.put("java.naming.factory.initial",
188: "com.sun.jndi.ldap.LdapCtxFactory");
189: options.put("java.naming.provider.url", "ldap://lamia/");
190: options
191: .put("java.naming.security.authentication",
192: "simple");
193: options.put("principalDNPrefix", "uid=");
194: options.put("principalDNSuffix",
195: ",ou=People,o=example2,dc=jboss,dc=org");
196: options.put("rolesCtxDN",
197: "ou=Roles,o=example2,dc=jboss,dc=org");
198: options.put("uidAttributeID", "uid");
199: options.put("matchOnUserDN", "false");
200: options.put("roleAttributeID", "memberOf");
201: options.put("roleAttributeIsDN", "true");
202: options.put("roleNameAttributeID", "cn");
203:
204: AppConfigurationEntry ace = new AppConfigurationEntry(
205: name,
206: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
207: options);
208: AppConfigurationEntry[] entry = { ace };
209: return entry;
210: }
211:
212: /**
213: testLdapExample21 {
214: org.jboss.security.auth.spi.LdapExtLoginModule
215: java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
216: java.naming.provider.url="ldap://lamia/"
217: java.naming.security.authentication=simple
218: bindDN="cn=Root,dc=jboss,dc=org"
219: bindCredential=secret1
220: baseCtxDN="ou=People,dc=jboss,dc=org"
221: baseFilter="(uid={0})"
222: rolesCtxDN="ou=Roles,dc=jboss,dc=org";
223: roleFilter="(member={1})"
224: roleAttributeID="cn"
225: roleRecursion=0
226: };
227: */
228: AppConfigurationEntry[] testLdapExample21() {
229: String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
230: HashMap options = new HashMap();
231: options.put("java.naming.factory.initial",
232: "com.sun.jndi.ldap.LdapCtxFactory");
233: options.put("java.naming.provider.url", "ldap://lamia/");
234: options
235: .put("java.naming.security.authentication",
236: "simple");
237:
238: options.put("bindDN", "cn=Root,dc=jboss,dc=org");
239: options.put("bindCredential", "secret1");
240: options.put("baseCtxDN", "ou=People,dc=jboss,dc=org");
241: options.put("baseFilter", "(uid={0})");
242:
243: options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
244: options.put("roleFilter", "(member={1})");
245: options.put("roleAttributeID", "cn");
246: options.put("roleRecursion", "0");
247:
248: AppConfigurationEntry ace = new AppConfigurationEntry(
249: name,
250: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
251: options);
252: AppConfigurationEntry[] entry = { ace };
253: return entry;
254: }
255:
256: AppConfigurationEntry[] testLdapExample21Encrypt() {
257: String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
258: HashMap options = new HashMap();
259: options.put("java.naming.factory.initial",
260: "com.sun.jndi.ldap.LdapCtxFactory");
261: options.put("java.naming.provider.url", "ldap://lamia/");
262: options
263: .put("java.naming.security.authentication",
264: "simple");
265:
266: options
267: .put("jaasSecurityDomain",
268: "jboss.test:service=JaasSecurityDomain,domain=testLdapExample21Encrypt");
269: options.put("bindDN", "cn=Root,dc=jboss,dc=org");
270: // secret1 encrypted
271: options.put("bindCredential", "7hInTB4HCBL");
272: options.put("baseCtxDN", "ou=People,dc=jboss,dc=org");
273: options.put("baseFilter", "(uid={0})");
274:
275: options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org");
276: options.put("roleFilter", "(member={1})");
277: options.put("roleAttributeID", "cn");
278: options.put("roleRecursion", "0");
279:
280: AppConfigurationEntry ace = new AppConfigurationEntry(
281: name,
282: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
283: options);
284: AppConfigurationEntry[] entry = { ace };
285: return entry;
286: }
287:
288: /**
289: testLdapExample23 {
290: org.jboss.security.auth.spi.LdapExtLoginModule
291: java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
292: java.naming.provider.url="ldap://lamia/"
293: java.naming.security.authentication=simple
294: bindDN="cn=Root,dc=jboss,dc=org"
295: bindCredential=secret1
296: baseCtxDN="ou=People,o=example3,dc=jboss,dc=org"
297: baseFilter="(cn={0})"
298: rolesCtxDN="ou=Roles,o=example3,dc=jboss,dc=org";
299: roleFilter="(member={1})"
300: roleAttributeID="cn"
301: roleRecursion=0
302: };
303: */
304: AppConfigurationEntry[] testLdapExample23() {
305: String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
306: HashMap options = new HashMap();
307: options.put("java.naming.factory.initial",
308: "com.sun.jndi.ldap.LdapCtxFactory");
309: options.put("java.naming.provider.url", "ldap://lamia/");
310: options
311: .put("java.naming.security.authentication",
312: "simple");
313:
314: options.put("bindDN", "cn=Root,dc=jboss,dc=org");
315: options.put("bindCredential", "secret1");
316: options.put("baseCtxDN",
317: "ou=People,o=example3,dc=jboss,dc=org");
318: options.put("baseFilter", "(cn={0})");
319:
320: options.put("rolesCtxDN",
321: "ou=Roles,o=example3,dc=jboss,dc=org");
322: options.put("roleFilter", "(member={1})");
323: options.put("roleAttributeID", "cn");
324: options.put("roleRecursion", "0");
325:
326: AppConfigurationEntry ace = new AppConfigurationEntry(
327: name,
328: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
329: options);
330: AppConfigurationEntry[] entry = { ace };
331: return entry;
332: }
333:
334: /**
335: testLdapExample22 {
336: org.jboss.security.auth.spi.LdapExtLoginModule
337: java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
338: java.naming.provider.url="ldap://lamia/"
339: java.naming.security.authentication=simple
340: bindDN="cn=Root,dc=jboss,dc=org"
341: bindCredential=secret1
342: baseCtxDN="ou=People,o=example2,dc=jboss,dc=org"
343: baseFilter="(uid={0})"
344: rolesCtxDN="ou=Roles,o=example2,dc=jboss,dc=org";
345: roleFilter="(uid={0})"
346: roleAttributeID="memberOf"
347: roleAttributeIsDN="true"
348: roleNameAttributeID="cn"
349: roleRecursion=0
350: };
351: */
352: AppConfigurationEntry[] testLdapExample22() {
353: String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
354: HashMap options = new HashMap();
355: options.put("java.naming.factory.initial",
356: "com.sun.jndi.ldap.LdapCtxFactory");
357: options.put("java.naming.provider.url", "ldap://lamia/");
358: options
359: .put("java.naming.security.authentication",
360: "simple");
361:
362: options.put("bindDN", "cn=Root,dc=jboss,dc=org");
363: options.put("bindCredential", "secret1");
364: options.put("baseCtxDN",
365: "ou=People,o=example2,dc=jboss,dc=org");
366: options.put("baseFilter", "(uid={0})");
367:
368: options.put("rolesCtxDN",
369: "ou=Roles,o=example2,dc=jboss,dc=org");
370: options.put("roleFilter", "(uid={0})");
371: options.put("roleAttributeID", "memberOf");
372: options.put("roleAttributeIsDN", "true");
373: options.put("roleNameAttributeID", "cn");
374: options.put("roleRecursion", "0");
375:
376: AppConfigurationEntry ace = new AppConfigurationEntry(
377: name,
378: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
379: options);
380: AppConfigurationEntry[] entry = { ace };
381: return entry;
382: }
383:
384: /**
385: testLdapExample24 {
386: org.jboss.security.auth.spi.LdapExtLoginModule
387: java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
388: java.naming.provider.url="ldap://lamia/"
389: java.naming.security.authentication=simple
390: bindDN="cn=Root,dc=jboss,dc=org"
391: bindCredential=secret1
392: baseCtxDN="ou=People,o=example4,dc=jboss,dc=org"
393: baseFilter="(cn={0})"
394: rolesCtxDN="ou=Roles,o=example4,dc=jboss,dc=org";
395: roleFilter="(member={1})"
396: roleAttributeID="memberOf"
397: roleRecursion=1
398: };
399: */
400: AppConfigurationEntry[] testLdapExample24() {
401: String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
402: HashMap options = new HashMap();
403: options.put("java.naming.factory.initial",
404: "com.sun.jndi.ldap.LdapCtxFactory");
405: options.put("java.naming.provider.url", "ldap://lamia/");
406: options
407: .put("java.naming.security.authentication",
408: "simple");
409:
410: options.put("bindDN", "cn=Root,dc=jboss,dc=org");
411: options.put("bindCredential", "secret1");
412: options.put("baseCtxDN",
413: "ou=People,o=example4,dc=jboss,dc=org");
414: options.put("baseFilter", "(cn={0})");
415:
416: options.put("rolesCtxDN",
417: "ou=Roles,o=example4,dc=jboss,dc=org");
418: options.put("roleFilter", "(member={1})");
419: options.put("roleAttributeID", "cn");
420: options.put("roleRecursion", "1");
421:
422: AppConfigurationEntry ace = new AppConfigurationEntry(
423: name,
424: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
425: options);
426: AppConfigurationEntry[] entry = { ace };
427: return entry;
428: }
429:
430: AppConfigurationEntry[] testJBAS3312() {
431: String name = "org.jboss.security.auth.spi.LdapExtLoginModule";
432: HashMap options = new HashMap();
433: options.put("java.naming.factory.initial",
434: "com.sun.jndi.ldap.LdapCtxFactory");
435: options.put("java.naming.provider.url", "ldap://lamia/");
436: options
437: .put("java.naming.security.authentication",
438: "simple");
439:
440: options.put("bindDN",
441: "cn=Root,DC=uz,DC=kuleuven,DC=ac,DC=be");
442: options.put("bindCredential", "root");
443: options.put("baseCtxDN",
444: "ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be");
445: options.put("baseFilter", "(sAMAccountName={0})");
446:
447: options
448: .put("rolesCtxDN",
449: "OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be");
450: options.put("roleFilter", "(member={1})");
451: options.put("roleAttributeID", "memberOf");
452: options.put("roleAttributeIsDN", "true");
453: options.put("roleNameAttributeID", "cn");
454: options.put("roleRecursion", "5");
455: options.put("searchScope", "ONELEVEL_SCOPE");
456:
457: AppConfigurationEntry ace = new AppConfigurationEntry(
458: name,
459: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
460: options);
461: AppConfigurationEntry[] entry = { ace };
462: return entry;
463: }
464:
465: }
466:
467: public LoginModulesTestCase(String testName) {
468: super (testName);
469: }
470:
471: public void testLdapExample1() throws Exception {
472: System.out.println("testLdapExample1");
473: UsernamePasswordHandler handler = new UsernamePasswordHandler(
474: "jduke", "theduke".toCharArray());
475: LoginContext lc = new LoginContext("testLdapExample1", handler);
476: lc.login();
477:
478: Subject subject = lc.getSubject();
479: System.out.println("Subject: " + subject);
480:
481: Set groups = subject.getPrincipals(Group.class);
482: assertTrue("Principals contains jduke", subject.getPrincipals()
483: .contains(new SimplePrincipal("jduke")));
484: assertTrue("Principals contains Roles", groups
485: .contains(new SimplePrincipal("Roles")));
486: Group roles = (Group) groups.iterator().next();
487: assertTrue("Echo is a role", roles
488: .isMember(new SimplePrincipal("Echo")));
489: assertTrue("TheDuke is a role", roles
490: .isMember(new SimplePrincipal("TheDuke")));
491:
492: lc.logout();
493: }
494:
495: public void testLdapExample11() throws Exception {
496: System.out.println("testLdapExample11");
497: UsernamePasswordHandler handler = new UsernamePasswordHandler(
498: "jduke", "theduke".toCharArray());
499: LoginContext lc = new LoginContext("testLdapExample11", handler);
500: lc.login();
501:
502: Subject subject = lc.getSubject();
503: System.out.println("Subject: " + subject);
504:
505: Set groups = subject.getPrincipals(Group.class);
506: assertTrue("Principals contains jduke", subject.getPrincipals()
507: .contains(new SimplePrincipal("jduke")));
508: assertTrue("Principals contains Roles", groups
509: .contains(new SimplePrincipal("Roles")));
510: Group roles = (Group) groups.iterator().next();
511: assertTrue("Echo is a role", roles
512: .isMember(new SimplePrincipal("Echo")));
513: assertTrue("TheDuke is a role", roles
514: .isMember(new SimplePrincipal("TheDuke")));
515:
516: lc.logout();
517: }
518:
519: public void testLdapExample11Encrypt() throws Exception {
520: System.out.println("testLdapExample11Encrypt");
521: MBeanServer server = MBeanServerFactory
522: .createMBeanServer("jboss");
523: JaasSecurityDomain secDomain = new JaasSecurityDomain(
524: "testLdapExample11Encrypt");
525: secDomain.setSalt("abcdefgh");
526: secDomain.setIterationCount(13);
527: secDomain.setKeyStorePass("master");
528: secDomain.setManagerServiceName(null);
529: secDomain.start();
530: ObjectName name = new ObjectName(
531: "jboss.test:service=JaasSecurityDomain,domain=testLdapExample11Encrypt");
532: server.registerMBean(secDomain, name);
533:
534: // secret1 encrypts to 7hInTB4HCBL
535: UsernamePasswordHandler handler = new UsernamePasswordHandler(
536: "jduke", "theduke".toCharArray());
537: LoginContext lc = new LoginContext("testLdapExample11Encrypt",
538: handler);
539: lc.login();
540:
541: Subject subject = lc.getSubject();
542: System.out.println("Subject: " + subject);
543:
544: Set groups = subject.getPrincipals(Group.class);
545: assertTrue("Principals contains jduke", subject.getPrincipals()
546: .contains(new SimplePrincipal("jduke")));
547: assertTrue("Principals contains Roles", groups
548: .contains(new SimplePrincipal("Roles")));
549: Group roles = (Group) groups.iterator().next();
550: assertTrue("Echo is a role", roles
551: .isMember(new SimplePrincipal("Echo")));
552: assertTrue("TheDuke is a role", roles
553: .isMember(new SimplePrincipal("TheDuke")));
554:
555: lc.logout();
556: MBeanServerFactory.releaseMBeanServer(server);
557: }
558:
559: /*
560: version: 1
561: dn: o=example2,dc=jboss,dc=org
562: objectClass: top
563: objectClass: dcObject
564: objectClass: organization
565: dc: jboss
566: o: JBoss
567:
568: dn: ou=People,o=example2,dc=jboss,dc=org
569: objectClass: top
570: objectClass: organizationalUnit
571: ou: People
572:
573: dn: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
574: objectClass: top
575: objectClass: uidObject
576: objectClass: person
577: objectClass: inetOrgPerson
578: cn: Java Duke
579: employeeNumber: judke-123
580: sn: Duke
581: uid: jduke
582: userPassword:: dGhlZHVrZQ==
583:
584: dn: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
585: objectClass: top
586: objectClass: uidObject
587: objectClass: person
588: objectClass: inetOrgPerson
589: cn: Java Duke2
590: employeeNumber: judke2-123
591: sn: Duke2
592: uid: jduke2
593: userPassword:: dGhlZHVrZTI=
594:
595: dn: ou=Roles,o=example2,dc=jboss,dc=org
596: objectClass: top
597: objectClass: organizationalUnit
598: ou: Roles
599:
600: dn: uid=jduke,ou=Roles,o=example2,dc=jboss,dc=org
601: objectClass: top
602: objectClass: groupUserEx
603: memberOf: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
604: memberOf: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
605: uid: jduke
606:
607: dn: uid=jduke2,ou=Roles,o=example2,dc=jboss,dc=org
608: objectClass: top
609: objectClass: groupUserEx
610: memberOf: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
611: memberOf: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
612: uid: jduke2
613:
614: dn: cn=Echo,ou=Roles,o=example2,dc=jboss,dc=org
615: objectClass: top
616: objectClass: groupOfNames
617: cn: Echo
618: description: the echo role
619: member: uid=jduke,ou=People,dc=jboss,dc=org
620:
621: dn: cn=TheDuke,ou=Roles,o=example2,dc=jboss,dc=org
622: objectClass: groupOfNames
623: objectClass: top
624: cn: TheDuke
625: description: the duke role
626: member: uid=jduke,ou=People,o=example2,dc=jboss,dc=org
627:
628: dn: cn=Echo2,ou=Roles,o=example2,dc=jboss,dc=org
629: objectClass: top
630: objectClass: groupOfNames
631: cn: Echo2
632: description: the Echo2 role
633: member: uid=jduke2,ou=People,dc=jboss,dc=org
634:
635: dn: cn=TheDuke2,ou=Roles,o=example2,dc=jboss,dc=org
636: objectClass: groupOfNames
637: objectClass: top
638: cn: TheDuke2
639: description: the duke2 role
640: member: uid=jduke2,ou=People,o=example2,dc=jboss,dc=org
641:
642: dn: cn=JBossAdmin,ou=Roles,o=example2,dc=jboss,dc=org
643: objectClass: top
644: objectClass: groupOfNames
645: cn: JBossAdmin
646: description: the JBossAdmin group
647: member: uid=jduke,ou=People,dc=jboss,dc=org
648: */
649: public void testLdapExample2() throws Exception {
650: System.out.println("testLdapExample2");
651: UsernamePasswordHandler handler = new UsernamePasswordHandler(
652: "jduke", "theduke".toCharArray());
653: LoginContext lc = new LoginContext("testLdapExample2", handler);
654: lc.login();
655:
656: Subject subject = lc.getSubject();
657: System.out.println("Subject: " + subject);
658:
659: Set groups = subject.getPrincipals(Group.class);
660: assertTrue("Principals contains jduke", subject.getPrincipals()
661: .contains(new SimplePrincipal("jduke")));
662: assertTrue("Principals contains Roles", groups
663: .contains(new SimplePrincipal("Roles")));
664: Group roles = (Group) groups.iterator().next();
665: assertTrue("Echo is a role", roles
666: .isMember(new SimplePrincipal("Echo")));
667: assertTrue("TheDuke is a role", roles
668: .isMember(new SimplePrincipal("TheDuke")));
669: assertFalse("Echo2 is NOT a role", roles
670: .isMember(new SimplePrincipal("Echo2")));
671: assertFalse("TheDuke2 is NOT a role", roles
672: .isMember(new SimplePrincipal("TheDuke2")));
673:
674: lc.logout();
675: }
676:
677: public void testLdapExample21() throws Exception {
678: System.out.println("testLdapExample21");
679: UsernamePasswordHandler handler = new UsernamePasswordHandler(
680: "jduke", "theduke".toCharArray());
681: LoginContext lc = new LoginContext("testLdapExample21", handler);
682: lc.login();
683:
684: Subject subject = lc.getSubject();
685: System.out.println("Subject: " + subject);
686:
687: Set groups = subject.getPrincipals(Group.class);
688: Set principals = subject.getPrincipals();
689: assertTrue("Principals contains jduke", principals
690: .contains(new SimplePrincipal("jduke")));
691: assertTrue("Principals contains Roles", groups
692: .contains(new SimplePrincipal("Roles")));
693: Group roles = (Group) groups.iterator().next();
694: assertTrue("Echo is a role", roles
695: .isMember(new SimplePrincipal("Echo")));
696: assertTrue("TheDuke is a role", roles
697: .isMember(new SimplePrincipal("TheDuke")));
698:
699: lc.logout();
700: }
701:
702: public void testLdapExample21Encrypt() throws Exception {
703: System.out.println("testLdapExample21Encrypt");
704: MBeanServer server = MBeanServerFactory
705: .createMBeanServer("jboss");
706: JaasSecurityDomain secDomain = new JaasSecurityDomain(
707: "testLdapExample21Encrypt");
708: secDomain.setSalt("abcdefgh");
709: secDomain.setIterationCount(13);
710: secDomain.setKeyStorePass("master");
711: secDomain.setManagerServiceName(null);
712: secDomain.start();
713: ObjectName name = new ObjectName(
714: "jboss.test:service=JaasSecurityDomain,domain=testLdapExample21Encrypt");
715: server.registerMBean(secDomain, name);
716:
717: UsernamePasswordHandler handler = new UsernamePasswordHandler(
718: "jduke", "theduke".toCharArray());
719: LoginContext lc = new LoginContext("testLdapExample21Encrypt",
720: handler);
721: lc.login();
722:
723: Subject subject = lc.getSubject();
724: System.out.println("Subject: " + subject);
725:
726: Set groups = subject.getPrincipals(Group.class);
727: Set principals = subject.getPrincipals();
728: assertTrue("Principals contains jduke", principals
729: .contains(new SimplePrincipal("jduke")));
730: assertTrue("Principals contains Roles", groups
731: .contains(new SimplePrincipal("Roles")));
732: Group roles = (Group) groups.iterator().next();
733: assertTrue("Echo is a role", roles
734: .isMember(new SimplePrincipal("Echo")));
735: assertTrue("TheDuke is a role", roles
736: .isMember(new SimplePrincipal("TheDuke")));
737:
738: lc.logout();
739: MBeanServerFactory.releaseMBeanServer(server);
740: }
741:
742: public void testLdapExample23() throws Exception {
743: System.out.println("testLdapExample23");
744: UsernamePasswordHandler handler = new UsernamePasswordHandler(
745: "Java Duke", "theduke".toCharArray());
746: LoginContext lc = new LoginContext("testLdapExample23", handler);
747: lc.login();
748:
749: Subject subject = lc.getSubject();
750: System.out.println("Subject: " + subject);
751:
752: Set groups = subject.getPrincipals(Group.class);
753: Set principals = subject.getPrincipals();
754: assertTrue("Principals contains Java Duke", principals
755: .contains(new SimplePrincipal("Java Duke")));
756: assertTrue("Principals contains Roles", groups
757: .contains(new SimplePrincipal("Roles")));
758: Group roles = (Group) groups.iterator().next();
759: assertTrue("Echo is a role", roles
760: .isMember(new SimplePrincipal("Echo")));
761: assertTrue("TheDuke is a role", roles
762: .isMember(new SimplePrincipal("TheDuke")));
763:
764: lc.logout();
765: }
766:
767: public void testLdapExample22() throws Exception {
768: System.out.println("testLdapExample22");
769: UsernamePasswordHandler handler = new UsernamePasswordHandler(
770: "jduke", "theduke".toCharArray());
771: LoginContext lc = new LoginContext("testLdapExample22", handler);
772: lc.login();
773:
774: Subject subject = lc.getSubject();
775: System.out.println("Subject: " + subject);
776:
777: Set groups = subject.getPrincipals(Group.class);
778: Set principals = subject.getPrincipals();
779: assertTrue("Principals contains jduke", principals
780: .contains(new SimplePrincipal("jduke")));
781: assertTrue("Principals contains Roles", groups
782: .contains(new SimplePrincipal("Roles")));
783: Group roles = (Group) groups.iterator().next();
784: assertTrue("Echo is a role", roles
785: .isMember(new SimplePrincipal("Echo")));
786: assertTrue("TheDuke is a role", roles
787: .isMember(new SimplePrincipal("TheDuke")));
788:
789: lc.logout();
790: }
791:
792: public void testLdapExample24() throws Exception {
793: System.out.println("testLdapExample24");
794: UsernamePasswordHandler handler = new UsernamePasswordHandler(
795: "Java Duke", "theduke".toCharArray());
796: LoginContext lc = new LoginContext("testLdapExample24", handler);
797: lc.login();
798:
799: Subject subject = lc.getSubject();
800: System.out.println("Subject: " + subject);
801:
802: Set groups = subject.getPrincipals(Group.class);
803: Set principals = subject.getPrincipals();
804: assertTrue("Principals contains Java Duke", principals
805: .contains(new SimplePrincipal("Java Duke")));
806: assertTrue("Principals contains Roles", groups
807: .contains(new SimplePrincipal("Roles")));
808: Group roles = (Group) groups.iterator().next();
809: assertTrue("RG2 is a role", roles.isMember(new SimplePrincipal(
810: "RG2")));
811: assertTrue("R1 is a role", roles.isMember(new SimplePrincipal(
812: "R1")));
813: assertTrue("R2 is a role", roles.isMember(new SimplePrincipal(
814: "R2")));
815: assertTrue("R3 is a role", roles.isMember(new SimplePrincipal(
816: "R3")));
817: assertFalse("R4 is NOT a role", roles
818: .isMember(new SimplePrincipal("R4")));
819: assertTrue("R5 is a role", roles.isMember(new SimplePrincipal(
820: "R5")));
821:
822: lc.logout();
823: }
824:
825: /* JBAS-3312 testcase
826: dn: DC=uz,DC=kuleuven,DC=ac,DC=be
827: objectClass: top
828:
829: dn: ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
830: objectClass: organizationalUnit
831: ou: People
832:
833: dn: CN=jduke,ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
834: memberOf: ou=People,dc=uz,dc=kuleuven,dc=ac,dc=be
835: objectClass: top
836: objectClass: person
837: objectClass: organizationalPerson
838: objectClass: user
839: cn: JDuke
840: name: Java Duke
841: sn: TheDuke
842: sAMAccountName: jduke
843: userPrincipalName: jduke@jboss.org
844: userPassword: theduke
845:
846: dn: OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
847: objectClass: top
848: objectClass: organizationalUnit
849: objectClass: orgUnitEx
850: ou: Groups
851: objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
852:
853:
854: dn: OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
855: objectClass: top
856: objectClass: organizationalUnit
857: objectClass: orgUnitEx
858: ou: Informatiesystemen
859: objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
860:
861:
862: dn: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
863: objectClass: top
864: objectClass: group
865: cn: inf_map_informatiesystemen_lijst
866: member: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
867: member: CN=inf_map_carenet_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
868: sAMAccountName: inf_map_informatiesystemen_lijst
869: objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
870:
871:
872: dn: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
873: objectClass: top
874: objectClass: group
875: cn: inf_map_vmware_Lijst
876: description: \\uz\data\Admin\VMWare Lijst
877:member: CN=inf_map_vmware_iso_S,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
878:member: CN=inf_map_vmware_iso_L,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
879:memberOf: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
880:sAMAccountName: inf_map_vmware_Lijst
881:objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
882:
883:
884:dn: CN=inf_map_vmware_iso_S,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
885:objectClass: top
886:objectClass: group
887:cn: inf_map_vmware_iso_S
888:description: \\uz\data\Admin\VMWare\ISO Schrijven
889:member: CN=markv,OU=People,DC=uz,DC=kuleuven,DC=ac,DC=be
890:member: CN=jduke,OU=People,DC=uz,DC=kuleuven,DC=ac,DC=be
891:memberOf: CN=inf_map_informatiesystemen_lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
892:memberOf: CN=inf_map_vmware_Lijst,OU=Informatiesystemen,OU=Groups,DC=uz,DC=kuleuven,DC=ac,DC=be
893:sAMAccountName: inf_map_vmware_iso_S
894:objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=uz,DC=kuleuven,DC=ac,DC=be
895: */
896: public void testJBAS3312() throws Exception {
897: System.out.println("testJBAS3312");
898: UsernamePasswordHandler handler = new UsernamePasswordHandler(
899: "jduke", "theduke".toCharArray());
900: LoginContext lc = new LoginContext("testJBAS3312", handler);
901: lc.login();
902:
903: Subject subject = lc.getSubject();
904: System.out.println("Subject: " + subject);
905:
906: Set groups = subject.getPrincipals(Group.class);
907: Set principals = subject.getPrincipals();
908: assertTrue("Principals contains Java Duke", principals
909: .contains(new SimplePrincipal("jduke")));
910: assertTrue("Principals contains Roles", groups
911: .contains(new SimplePrincipal("Roles")));
912: Group roles = (Group) groups.iterator().next();
913: Enumeration names = roles.members();
914: while (names.hasMoreElements()) {
915: System.out.println(names.nextElement());
916: }
917: assertTrue("inf_map_vmware_iso_S is a role", roles
918: .isMember(new SimplePrincipal("inf_map_vmware_iso_S")));
919: assertTrue("inf_map_informatiesystemen_lijst is a role", roles
920: .isMember(new SimplePrincipal(
921: "inf_map_informatiesystemen_lijst")));
922: assertTrue("inf_map_vmware_Lijst is a role", roles
923: .isMember(new SimplePrincipal("inf_map_vmware_Lijst")));
924:
925: lc.logout();
926: }
927:
928: public static void main(java.lang.String[] args) {
929: System.setErr(System.out);
930: TestSuite suite = new TestSuite(LoginModulesTestCase.class);
931: junit.textui.TestRunner.run(suite);
932: }
933:
934: }
|