001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.security.test;
023:
024: import java.security.Principal;
025:
026: import javax.management.MBeanServerConnection;
027: import javax.management.ObjectName;
028: import javax.security.auth.login.LoginContext;
029: import javax.security.auth.login.LoginException;
030:
031: import junit.extensions.TestSetup;
032: import junit.framework.Test;
033: import junit.framework.TestSuite;
034:
035: import org.apache.log4j.Category;
036: import org.jboss.security.SecurityAssociation;
037: import org.jboss.security.Util;
038: import org.jboss.security.auth.callback.AppCallbackHandler;
039: import org.jboss.test.JBossTestCase;
040: import org.jboss.test.JBossTestSetup;
041:
042: /** Test of the secure remote password(SRP) service and its usage via JAAS
043: login modules.
044:
045: @author Scott.Stark@jboss.org
046: @version $Revision: 57211 $
047: */
048: public class SRPLoginModuleUnitTestCase extends JBossTestCase {
049: static final String JAR = "security-srp.sar";
050: static String username = "scott";
051: static char[] password = "echoman".toCharArray();
052:
053: LoginContext lc;
054: boolean loggedIn;
055:
056: public SRPLoginModuleUnitTestCase(String name) {
057: super (name);
058: }
059:
060: /** Test a login against the SRP service using the SRPLoginModule
061: */
062: public void testSRPLogin() throws Exception {
063: log.debug("+++ testSRPLogin");
064: login("srp-test", username, password, null);
065: logout();
066: }
067:
068: /** Test a login against the SRP service using the SRPLoginModule, logout,
069: * and repeat twice.
070: */
071: public void testSRPLogins() throws Exception {
072: log.debug("+++ testSRPLogins");
073: login("srp-test", username, password, null);
074: logout();
075: login("srp-test", username, password, null);
076: logout();
077: login("srp-test", username, password, null);
078: logout();
079: }
080:
081: /** Test a login against the SRP service using the SRPLoginModule
082: */
083: public void testSRPLoginHTTP() throws Exception {
084: log.debug("+++ testSRPLoginHTTP");
085: login("srp-test-http", username, password, null);
086: logout();
087: }
088:
089: /** Test a login against the SRP service using the SRPLoginModule
090: */
091: public void testSRPLoginHTTPHA() throws Exception {
092: log.debug("+++ testSRPLoginHTTPHA");
093: login("srp-test-http-ha", username, password, null);
094: logout();
095: }
096:
097: /** Test a login against the SRP service using the SRPLoginModule and
098: specify the random number used in the client A public key.
099: */
100: public void testSRPLoginWithExternalA() throws Exception {
101: log.debug("+++ testSRPLoginWithExternalA");
102: byte[] abytes = "abcdefgh".getBytes();
103: login("srp-test-ex", username, password, abytes);
104: logout();
105: }
106:
107: /** Test a login against the SRP service using the SRPLoginModule and
108: provide an auxillarly challenge to be validated by the server.
109: */
110: public void testSRPLoginWithAuxChallenge() throws Exception {
111: log.debug("+++ testSRPLoginWithAuxChallenge");
112: // Check for javax/crypto/SealedObject
113: try {
114: Class.forName("javax.crypto.SealedObject");
115: log.debug("Found javax/crypto/SealedObject");
116: login("srp-test-aux", username, password, null, "token-123");
117: } catch (ClassNotFoundException e) {
118: log
119: .debug("Failed to find javax/crypto/SealedObject, skipping test");
120: return;
121: } catch (NoClassDefFoundError e) {
122: log
123: .debug("Failed to find javax/crypto/SealedObject, skipping test");
124: return;
125: } catch (LoginException e) {
126: boolean hasUnlimitedCrypto = Util.hasUnlimitedCrypto();
127: log.warn("login failure, hasUnlimitedCrypto="
128: + hasUnlimitedCrypto, e);
129: // See if
130: if (hasUnlimitedCrypto == true)
131: fail("Unable to complete login: " + e.getMessage());
132: log.info("Skipping test due to missing UnlimitedCrypto");
133: return;
134: } catch (Exception e) {
135: log
136: .error(
137: "Non CNFE exception during testSRPLoginWithAuxChallenge",
138: e);
139: fail("Non CNFE exception during testSRPLoginWithAuxChallenge");
140: }
141:
142: logout();
143: }
144:
145: /** Test a login against the SRP service using the SRPLoginModule with
146: multiple sessions for the same user. This creates two threads
147: */
148: public void testSRPLoginWithMultipleSessions() throws Exception {
149: log.debug("+++ testSRPLoginWithMultipleSessions");
150: AppCallbackHandler handler = new AppCallbackHandler(username,
151: password, null);
152: MBeanServerConnection server = super .getServer();
153:
154: // Session #1
155: SessionThread t1 = new SessionThread(log, handler, server);
156: t1.start();
157:
158: // Session #2
159: SessionThread t2 = new SessionThread(log, handler, server);
160: t2.start();
161:
162: t1.join();
163: t2.join();
164: assertTrue("Session1.error == null", t1.getError() == null);
165: assertTrue("Session2.error == null", t2.getError() == null);
166: }
167:
168: static class SessionThread extends Thread {
169: private Throwable error;
170: private Category log;
171: private AppCallbackHandler handler;
172: private MBeanServerConnection server;
173:
174: SessionThread(Category log, AppCallbackHandler handler,
175: MBeanServerConnection server) {
176: super ("SRPSession");
177: this .log = log;
178: this .handler = handler;
179: this .server = server;
180: }
181:
182: public Throwable getError() {
183: return error;
184: }
185:
186: public void run() {
187: try {
188: log.debug("Creating LoginContext(srp-test-multi): "
189: + getName());
190: LoginContext lc = new LoginContext("srp-test-multi",
191: handler);
192: lc.login();
193: log.debug("Created LoginContext, subject="
194: + lc.getSubject());
195: // Invoke the
196: ObjectName service = new ObjectName(
197: "jboss.security.tests:service=SRPCacheTest");
198: Principal user = SecurityAssociation.getPrincipal();
199: byte[] key = (byte[]) SecurityAssociation
200: .getCredential();
201: Object[] args = { user, key };
202: String[] sig = { Principal.class.getName(),
203: key.getClass().getName() };
204: for (int n = 0; n < 5; n++)
205: server.invoke(service, "testSession", args, sig);
206: lc.logout();
207: } catch (Throwable t) {
208: error = t;
209: log.error("Session failed", t);
210: }
211: }
212: }
213:
214: /** Login using the given confName login configuration with the provided
215: username and password credential.
216: */
217: private void login(String confName, String username,
218: char[] password, byte[] data) throws Exception {
219: this .login(confName, username, password, data, null);
220: }
221:
222: private void login(String confName, String username,
223: char[] password, byte[] data, String text) throws Exception {
224: if (loggedIn)
225: return;
226:
227: lc = null;
228: AppCallbackHandler handler = new AppCallbackHandler(username,
229: password, data, text);
230: log.debug("Creating LoginContext(" + confName + ")");
231: lc = new LoginContext(confName, handler);
232: lc.login();
233: log.debug("Created LoginContext, subject=" + lc.getSubject());
234: loggedIn = true;
235: }
236:
237: private void logout() throws Exception {
238: if (loggedIn) {
239: loggedIn = false;
240: lc.logout();
241: }
242: }
243:
244: /**
245: * Setup the test suite.
246: */
247: public static Test suite() throws Exception {
248: TestSuite suite = new TestSuite();
249: suite.addTest(new TestSuite(SRPLoginModuleUnitTestCase.class));
250:
251: // Create an initializer for the test suite
252: TestSetup wrapper = new JBossTestSetup(suite) {
253: protected void setUp() throws Exception {
254: super .setUp();
255: super .redeploy(JAR);
256: // Establish the JAAS login config
257: String authConfPath = super
258: .getResourceURL("security-srp/auth.conf");
259: System.setProperty("java.security.auth.login.config",
260: authConfPath);
261: }
262:
263: protected void tearDown() throws Exception {
264: undeploy(JAR);
265: super.tearDown();
266: }
267: };
268: return wrapper;
269: }
270:
271: }
|