jdk/test/sun/security/krb5/auto/principalProperty/PrincipalSystemPropTest.java - edge/openjdk - Git at Google

 /*
  * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.
  *
  * This code is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * version 2 for more details (a copy is included in the LICENSE file that
  * accompanied this code).
  *
  * You should have received a copy of the GNU General Public License version
  * 2 along with this work; if not, write to the Free Software Foundation,
  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  * or visit www.oracle.com if you need additional information or have any
  * questions.
  */

 /*
  * @test
  * @bug 8075301
  * @library /sun/security/krb5/auto
  * @summary New test for sun.security.krb5.principal system property.
  * The principal can set using the system property sun.security.krb5.principal.
  * This property is checked during login. If this property is not set,
  * then the principal name from the configuration is used.
  * @run main/othervm/java.security.policy=principalSystemPropTest.policy
  * PrincipalSystemPropTest
  */

 import java.io.File;
 import java.util.HashMap;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.login.LoginContext;
 import com.sun.security.auth.callback.TextCallbackHandler;

 public class PrincipalSystemPropTest {

     private static final boolean PASS = Boolean.TRUE;
     private static final boolean FAIL = Boolean.FALSE;
     private static final String VALID_PRINCIPAL_JAAS_ENTRY =
             "ValidPrincipalSystemPropTest";
     private static final String INVALID_PRINCIPAL_JAAS_ENTRY =
             "InvalidPrincipalSystemPropTest";
     private static final String NO_PRINCIPAL_JAAS_ENTRY =
             "NoPrincipalSystemPropTest";
     private static final String SAME_PRINCIPAL_JAAS_ENTRY =
             "SelfPrincipalSystemPropTest";
     private static final String HOST = "localhost";
     private static final String KTAB_FILENAME = "krb5.keytab.data";
     private static final String REALM = "TEST.REALM";
     private static final String TEST_SRC = System.getProperty("test.src", ".");
     private static final String USER = "USER";
     private static final String AVAILABLE_USER = "AVAILABLE";
     private static final String USER_PASSWORD = "password";
     private static final String FS = System.getProperty("file.separator");
     private static final String KRB5_CONF_FILENAME = "krb5.conf";
     private static final String JAAS_CONF_FILENAME = "jaas.conf";
     private static final String KRBTGT_PRINCIPAL = "krbtgt/" + REALM;
     private static final String USER_PRINCIPAL = USER + "@" + REALM;
     private static final String AVAILABLE_USER_PRINCIPAL =
             AVAILABLE_USER + "@" + REALM;

     public static void main(String[] args) throws Exception {

         setupTest();

         // Expected result, Jaas Config Entry, Login Principal Expected,
         // Principal passed through System property
         runTest(PASS, VALID_PRINCIPAL_JAAS_ENTRY,
                 USER_PRINCIPAL, "USER@TEST.REALM");
         runTest(PASS, VALID_PRINCIPAL_JAAS_ENTRY,
                 AVAILABLE_USER_PRINCIPAL,  null);
         runTest(PASS, INVALID_PRINCIPAL_JAAS_ENTRY,
                 USER_PRINCIPAL, "USER@TEST.REALM");
         runTest(FAIL, INVALID_PRINCIPAL_JAAS_ENTRY, null,  null);
         runTest(PASS, NO_PRINCIPAL_JAAS_ENTRY,
                 USER_PRINCIPAL, "USER@TEST.REALM");
         runTest(FAIL, NO_PRINCIPAL_JAAS_ENTRY, null, null);
         runTest(PASS, SAME_PRINCIPAL_JAAS_ENTRY,
                 USER_PRINCIPAL, "USER@TEST.REALM");

     }

     private static void setupTest() {

         System.setProperty("java.security.krb5.conf", KRB5_CONF_FILENAME);
         System.setProperty("java.security.auth.login.config",
                 TEST_SRC + FS + JAAS_CONF_FILENAME);

         Map<String, String> principals = new HashMap<>();
         principals.put(USER_PRINCIPAL, USER_PASSWORD);
         principals.put(AVAILABLE_USER_PRINCIPAL, USER_PASSWORD);
         principals.put(KRBTGT_PRINCIPAL, null);
         KDC.startKDC(HOST, KRB5_CONF_FILENAME, REALM, principals,
                 KTAB_FILENAME, KDC.KtabMode.APPEND);

     }

     private static void runTest(boolean expected, String jaasConfigEntry,
             String expectedLoginUser, String loginUserBySysProp) {

         if(loginUserBySysProp != null) {
             System.setProperty("sun.security.krb5.principal",
                     loginUserBySysProp);
         } else {
             System.clearProperty("sun.security.krb5.principal");
         }

         try {
             LoginContext lc = new LoginContext(jaasConfigEntry,
                     new TextCallbackHandler());
             lc.login();
             System.out.println(String.format(
                     "Authentication completed with Subject '%s' ",
                     lc.getSubject()));

             if (!expected) {
                 throw new RuntimeException(
                         "TEST FAILED - JAAS login success isn't expected");
             }
             if(expectedLoginUser != null && !lc.getSubject().getPrincipals()
                     .stream().map(p -> p.getName()).filter(
                             expectedLoginUser :: equals).findFirst()
                             .isPresent()) {
                 throw new RuntimeException(String.format(
                         "TEST FAILED - Login principal is not matched "
                         + "to expected principal '%s'.", expectedLoginUser));
             }
             System.out.println(
                     "TEST PASSED - JAAS login success is expected.");
         } catch (LoginException ie) {
             System.out.println(String.format(
                     "Authentication failed with exception: %s",
                     ie.getMessage()));
             if (expected) {
                 System.out.println(
                         "TEST FAILED - JAAS login failure isn't expected");
                 throw new RuntimeException(ie);
             }
             System.out.println(
                     "TEST PASSED - JAAS login failure is expected.");
         }

     }

 }
	/*
	* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	/*
	* @test
	* @bug 8075301
	* @library /sun/security/krb5/auto
	* @summary New test for sun.security.krb5.principal system property.
	* The principal can set using the system property sun.security.krb5.principal.
	* This property is checked during login. If this property is not set,
	* then the principal name from the configuration is used.
	* @run main/othervm/java.security.policy=principalSystemPropTest.policy
	* PrincipalSystemPropTest
	*/

	import java.io.File;
	import java.util.HashMap;
	import java.util.ArrayList;
	import java.util.List;
	import java.util.Map;
	import javax.security.auth.login.LoginException;
	import javax.security.auth.login.LoginContext;
	import com.sun.security.auth.callback.TextCallbackHandler;

	public class PrincipalSystemPropTest {

	private static final boolean PASS = Boolean.TRUE;
	private static final boolean FAIL = Boolean.FALSE;
	private static final String VALID_PRINCIPAL_JAAS_ENTRY =
	"ValidPrincipalSystemPropTest";
	private static final String INVALID_PRINCIPAL_JAAS_ENTRY =
	"InvalidPrincipalSystemPropTest";
	private static final String NO_PRINCIPAL_JAAS_ENTRY =
	"NoPrincipalSystemPropTest";
	private static final String SAME_PRINCIPAL_JAAS_ENTRY =
	"SelfPrincipalSystemPropTest";
	private static final String HOST = "localhost";
	private static final String KTAB_FILENAME = "krb5.keytab.data";
	private static final String REALM = "TEST.REALM";
	private static final String TEST_SRC = System.getProperty("test.src", ".");
	private static final String USER = "USER";
	private static final String AVAILABLE_USER = "AVAILABLE";
	private static final String USER_PASSWORD = "password";
	private static final String FS = System.getProperty("file.separator");
	private static final String KRB5_CONF_FILENAME = "krb5.conf";
	private static final String JAAS_CONF_FILENAME = "jaas.conf";
	private static final String KRBTGT_PRINCIPAL = "krbtgt/" + REALM;
	private static final String USER_PRINCIPAL = USER + "@" + REALM;
	private static final String AVAILABLE_USER_PRINCIPAL =
	AVAILABLE_USER + "@" + REALM;

	public static void main(String[] args) throws Exception {

	setupTest();

	// Expected result, Jaas Config Entry, Login Principal Expected,
	// Principal passed through System property
	runTest(PASS, VALID_PRINCIPAL_JAAS_ENTRY,
	USER_PRINCIPAL, "USER@TEST.REALM");
	runTest(PASS, VALID_PRINCIPAL_JAAS_ENTRY,
	AVAILABLE_USER_PRINCIPAL, null);
	runTest(PASS, INVALID_PRINCIPAL_JAAS_ENTRY,
	USER_PRINCIPAL, "USER@TEST.REALM");
	runTest(FAIL, INVALID_PRINCIPAL_JAAS_ENTRY, null, null);
	runTest(PASS, NO_PRINCIPAL_JAAS_ENTRY,
	USER_PRINCIPAL, "USER@TEST.REALM");
	runTest(FAIL, NO_PRINCIPAL_JAAS_ENTRY, null, null);
	runTest(PASS, SAME_PRINCIPAL_JAAS_ENTRY,
	USER_PRINCIPAL, "USER@TEST.REALM");

	}

	private static void setupTest() {

	System.setProperty("java.security.krb5.conf", KRB5_CONF_FILENAME);
	System.setProperty("java.security.auth.login.config",
	TEST_SRC + FS + JAAS_CONF_FILENAME);

	Map<String, String> principals = new HashMap<>();
	principals.put(USER_PRINCIPAL, USER_PASSWORD);
	principals.put(AVAILABLE_USER_PRINCIPAL, USER_PASSWORD);
	principals.put(KRBTGT_PRINCIPAL, null);
	KDC.startKDC(HOST, KRB5_CONF_FILENAME, REALM, principals,
	KTAB_FILENAME, KDC.KtabMode.APPEND);

	}

	private static void runTest(boolean expected, String jaasConfigEntry,
	String expectedLoginUser, String loginUserBySysProp) {

	if(loginUserBySysProp != null) {
	System.setProperty("sun.security.krb5.principal",
	loginUserBySysProp);
	} else {
	System.clearProperty("sun.security.krb5.principal");
	}

	try {
	LoginContext lc = new LoginContext(jaasConfigEntry,
	new TextCallbackHandler());
	lc.login();
	System.out.println(String.format(
	"Authentication completed with Subject '%s' ",
	lc.getSubject()));

	if (!expected) {
	throw new RuntimeException(
	"TEST FAILED - JAAS login success isn't expected");
	}
	if(expectedLoginUser != null && !lc.getSubject().getPrincipals()
	.stream().map(p -> p.getName()).filter(
	expectedLoginUser :: equals).findFirst()
	.isPresent()) {
	throw new RuntimeException(String.format(
	"TEST FAILED - Login principal is not matched "
	+ "to expected principal '%s'.", expectedLoginUser));
	}
	System.out.println(
	"TEST PASSED - JAAS login success is expected.");
	} catch (LoginException ie) {
	System.out.println(String.format(
	"Authentication failed with exception: %s",
	ie.getMessage()));
	if (expected) {
	System.out.println(
	"TEST FAILED - JAAS login failure isn't expected");
	throw new RuntimeException(ie);
	}
	System.out.println(
	"TEST PASSED - JAAS login failure is expected.");
	}

	}

	}