001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.security.test;
023:
024: import java.io.File;
025: import java.io.FileWriter;
026: import java.io.IOException;
027: import java.lang.reflect.Method;
028: import java.security.Principal;
029: import java.util.HashMap;
030: import java.util.Iterator;
031:
032: import javax.security.auth.Subject;
033: import javax.security.auth.callback.Callback;
034: import javax.security.auth.callback.CallbackHandler;
035: import javax.security.auth.callback.UnsupportedCallbackException;
036: import javax.security.auth.login.AppConfigurationEntry;
037: import javax.security.auth.login.Configuration;
038: import javax.security.auth.login.LoginContext;
039: import javax.security.auth.login.LoginException;
040:
041: import junit.framework.TestCase;
042:
043: import org.apache.log4j.Logger;
044: import org.jboss.logging.XLevel;
045: import org.jboss.security.SimpleGroup;
046: import org.jboss.security.SimplePrincipal;
047:
048: //$Id: RoleMappingModuleUnitTestCase.java 57211 2006-09-26 12:39:46Z dimitris@jboss.org $
049:
050: /**
051: * JBAS-3323: Role Mapping Login Module that maps application role to
052: * declarative role
053: * @author <a href="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
054: * @since Jun 22, 2006
055: * @version $Revision: 57211 $
056: */
057: public class RoleMappingModuleUnitTestCase extends TestCase {
058: private static String tmpDir = System.getProperty("java.io.tmpdir");
059: private static String rolesFile = "file:" + tmpDir
060: + "/rolesmapping-roles.properties";
061:
062: static class TestConfig extends Configuration {
063: public void refresh() {
064: }
065:
066: public AppConfigurationEntry[] getAppConfigurationEntry(
067: String name) {
068: AppConfigurationEntry[] entry = null;
069: try {
070: Class[] parameterTypes = {};
071: Method m = getClass().getDeclaredMethod(name,
072: parameterTypes);
073: Object[] args = {};
074: entry = (AppConfigurationEntry[]) m.invoke(this , args);
075: } catch (Exception e) {
076: }
077: return entry;
078: }
079:
080: AppConfigurationEntry[] testRoleMapping() {
081: AppConfigurationEntry ace = getIdentityLoginModuleEntry();
082:
083: String name2 = "org.jboss.security.auth.spi.RoleMappingLoginModule";
084: HashMap options2 = new HashMap();
085: options2.put("rolesProperties", rolesFile);
086: AppConfigurationEntry ace2 = new AppConfigurationEntry(
087: name2,
088: AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL,
089: options2);
090:
091: AppConfigurationEntry[] entry = { ace, ace2 };
092: return entry;
093: }
094:
095: AppConfigurationEntry[] testRoleMappingWithReplace() {
096: AppConfigurationEntry ace = getIdentityLoginModuleEntry();
097:
098: String name2 = "org.jboss.security.auth.spi.RoleMappingLoginModule";
099: HashMap options2 = new HashMap();
100: options2.put("rolesProperties", rolesFile);
101: options2.put("replaceRole", "true");
102: AppConfigurationEntry ace2 = new AppConfigurationEntry(
103: name2,
104: AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL,
105: options2);
106:
107: AppConfigurationEntry[] entry = { ace, ace2 };
108: return entry;
109: }
110:
111: private AppConfigurationEntry getIdentityLoginModuleEntry() {
112: String name = "org.jboss.security.auth.spi.IdentityLoginModule";
113: HashMap options = new HashMap();
114: options.put("principal", "stark");
115: options.put("roles", "Role3,Role4");
116: AppConfigurationEntry ace = new AppConfigurationEntry(
117: name,
118: AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
119: options);
120: return ace;
121: }
122: }
123:
124: public RoleMappingModuleUnitTestCase(String name) {
125: super (name);
126: }
127:
128: protected void setUp() throws Exception {
129: // Install the custom JAAS configuration
130: Configuration.setConfiguration(new TestConfig());
131:
132: // Turn on trace level logging
133: Logger root = Logger.getRootLogger();
134: root.setLevel(XLevel.TRACE);
135: }
136:
137: /**
138: * Test the RoleMappingLoginModule with no option to replace the role
139: * @throws Exception
140: */
141: public void testRoleMappingModule() throws Exception {
142: File file = createRolesFile();
143: assertTrue("File exists", file.exists());
144: processLogin("testRoleMapping", false);
145: clearRolesFile(file);
146: }
147:
148: /**
149: * Test the RoleMappingLoginModule with an option to replace the role
150: * @throws Exception
151: */
152: public void testRoleMappingModuleWithReplace() throws Exception {
153: File file = createRolesFile();
154: assertTrue("File exists", file.exists());
155: processLogin("testRoleMappingWithReplace", true);
156: clearRolesFile(file);
157: }
158:
159: /**
160: * Do the JAAS Login that includes the RoleMappingLoginModule
161: * @param config Jaas Configuration Name
162: * @param replaceRole flag whether the role has been replaced in the subject
163: * @throws LoginException
164: */
165: private void processLogin(String config, boolean replaceRole)
166: throws LoginException {
167: Subject subject = new Subject();
168: LoginContext lc = new LoginContext(config, subject,
169: new TestCallbackHandler());
170: lc.login();
171: subject = lc.getSubject();
172: Iterator iter = subject.getPrincipals().iterator();
173: boolean ranAsserts = false;
174: while (iter.hasNext()) {
175: Principal p = (Principal) iter.next();
176: if (p instanceof SimpleGroup) {
177: SimpleGroup sg = (SimpleGroup) p;
178: ranAsserts = true;
179: assertTrue("testRole exists?", sg
180: .isMember(new SimplePrincipal("testRole")));
181: assertTrue("testRole2 exists?", sg
182: .isMember(new SimplePrincipal("testRole2")));
183: assertTrue("Role4 exists?", sg
184: .isMember(new SimplePrincipal("Role4")));
185: if (replaceRole)
186: assertFalse("Role3 does not exist?", sg
187: .isMember(new SimplePrincipal("Role3")));
188: else
189: assertTrue("Role3 exists?", sg
190: .isMember(new SimplePrincipal("Role3")));
191: }
192: }
193: assertTrue("Ran Asserts?", ranAsserts);
194: }
195:
196: /**
197: * Delete the properties file created for the test
198: * @param file
199: */
200: private void clearRolesFile(File file) {
201: if (file.exists())
202: file.delete();
203: assertFalse("File does not exist", file.exists());
204: }
205:
206: /**
207: * Create a properties file for the test
208: * @return
209: * @throws IOException
210: */
211: private File createRolesFile() throws IOException {
212: File file = new File(tmpDir + "/rolesmapping-roles.properties");
213: clearRolesFile(file); //Delete residual files (if any)
214: FileWriter fw = new FileWriter(file);
215: fw.write("Role3=testRole,testRole2");
216: fw.close();
217: return file;
218: }
219:
220: /**
221: *
222: * A TestCallbackHandler.
223: * Does not do anything.
224: * @author <a href="anil.saldhana@jboss.com">Anil Saldhana</a>
225: * @version $Revision: 57211 $
226: */
227: private class TestCallbackHandler implements CallbackHandler {
228: public void handle(Callback[] arg0) throws IOException,
229: UnsupportedCallbackException {
230: }
231: }
232: }
|