You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/07/25 10:37:57 UTC
directory-kerby git commit: Refactoring integration tests
Repository: directory-kerby
Updated Branches:
refs/heads/trunk 57023fcd1 -> a043f7bbd
Refactoring integration tests
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/a043f7bb
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/a043f7bb
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/a043f7bb
Branch: refs/heads/trunk
Commit: a043f7bbd10a2300e66088acdf085fd700a3c664
Parents: 57023fc
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 25 11:37:36 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 25 11:37:36 2017 +0100
----------------------------------------------------------------------
.../kerb/integration/test/gss/GssAppClient.java | 12 +-
.../integration/test/gss/GssJAASAppClient.java | 127 -------------------
.../kerb/integration/test/GssAppTest.java | 27 +---
.../kerb/integration/test/KerbyGssAppTest.java | 4 +-
.../src/test/resources/kerberos.jaas | 3 -
5 files changed, 17 insertions(+), 156 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a043f7bb/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppClient.java b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppClient.java
index 32fdf5c..ba99857 100644
--- a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppClient.java
+++ b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppClient.java
@@ -35,6 +35,7 @@ public class GssAppClient extends AppClient {
private String clientPrincipal;
private String serverPrincipal;
private GSSManager manager;
+ private boolean createContextWithCred = true;
public GssAppClient(String[] args) throws Exception {
super(args);
@@ -67,10 +68,15 @@ public class GssAppClient extends AppClient {
Oid oid = new Oid(AppUtil.JGSS_KERBEROS_OID);
GSSName clientName = manager.createName(clientPrincipal,
GSSName.NT_USER_NAME);
- GSSCredential myCred = manager.createCredential(clientName,
+
+ GSSCredential myCred = null;
+ if (createContextWithCred) {
+ myCred = manager.createCredential(clientName,
GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.INITIATE_ONLY);
+ }
GSSContext context = manager.createContext(serverName,
krb5Oid, myCred, GSSContext.DEFAULT_LIFETIME);
+
context.requestMutualAuth(true);
context.requestConf(true);
context.requestInteg(true);
@@ -108,4 +114,8 @@ public class GssAppClient extends AppClient {
//System.out.println("Verified received MIC for message.");
context.dispose();
}
+
+ public void setCreateContextWithCred(boolean createContextWithCred) {
+ this.createContextWithCred = createContextWithCred;
+ }
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a043f7bb/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssJAASAppClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssJAASAppClient.java b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssJAASAppClient.java
deleted file mode 100644
index 3296408..0000000
--- a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssJAASAppClient.java
+++ /dev/null
@@ -1,127 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.integration.test.gss;
-
-import org.apache.kerby.kerberos.kerb.integration.test.AppClient;
-import org.apache.kerby.kerberos.kerb.integration.test.Transport;
-import org.ietf.jgss.GSSContext;
-import org.ietf.jgss.GSSException;
-import org.ietf.jgss.GSSManager;
-import org.ietf.jgss.GSSName;
-import org.ietf.jgss.MessageProp;
-import org.ietf.jgss.Oid;
-
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import java.security.PrivilegedExceptionAction;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.login.LoginContext;
-
-/**
- * A variant of GssAppClient that uses JAAS to get a tgt.
- */
-public class GssJAASAppClient extends AppClient {
- private String serverPrincipal;
- private GSSManager manager;
- private String contextName;
- private CallbackHandler callbackHandler;
-
- public GssJAASAppClient(String[] args, CallbackHandler callbackHandler) throws Exception {
- super(args);
-
- serverPrincipal = args[2];
- contextName = args[3];
- this.callbackHandler = callbackHandler;
- this.manager = GSSManager.getInstance();
- }
-
- @Override
- protected void withConnection(final Transport.Connection conn) throws Exception {
- Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
-
- GSSName serverName = manager.createName(serverPrincipal, GSSName.NT_USER_NAME);
-
- LoginContext lc = new LoginContext(contextName, null, callbackHandler, null);
- lc.login();
- Subject subject = lc.getSubject();
-
- GSSContext context = manager.createContext(serverName,
- krb5Oid, null, GSSContext.DEFAULT_LIFETIME);
- context.requestMutualAuth(true);
- context.requestConf(true);
- context.requestInteg(true);
-
- byte[] token = (byte[]) Subject.doAs(subject, new CreateServiceTicketAction(context, conn));
-
- //System.out.println("Context Established! ");
- //System.out.println("Client is " + context.getSrcName());
- //System.out.println("Server is " + context.getTargName());
-
- //if (context.getMutualAuthState()) {
- //System.out.println("Mutual authentication took place!");
- //}
-
- byte[] messageBytes = "Hello There!\0".getBytes(StandardCharsets.UTF_8);
- MessageProp prop = new MessageProp(0, true);
- token = context.wrap(messageBytes, 0, messageBytes.length, prop);
- //System.out.println("Will send wrap token of size " + token.length);
- conn.sendToken(token);
-
- token = conn.recvToken();
- context.verifyMIC(token, 0, token.length,
- messageBytes, 0, messageBytes.length, prop);
- setTestOK(true);
-
- //System.out.println("Verified received MIC for message.");
- context.dispose();
- lc.logout();
- }
-
- private static final class CreateServiceTicketAction implements PrivilegedExceptionAction<byte[]> {
- private final GSSContext context;
- private Transport.Connection conn;
-
- private CreateServiceTicketAction(GSSContext context, final Transport.Connection conn) {
- this.context = context;
- this.conn = conn;
- }
-
- public byte[] run() throws GSSException {
- byte[] token = new byte[0];
- while (!context.isEstablished()) {
- token = context.initSecContext(token, 0, token.length);
- try {
- if (token != null) {
- conn.sendToken(token);
- }
- if (!context.isEstablished()) {
- token = conn.recvToken();
- }
- } catch (IOException ex) {
- throw new GSSException(GSSException.FAILURE);
- }
- }
-
- return token;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a043f7bb/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
index 1bcce92..c92c20f 100644
--- a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
@@ -19,11 +19,8 @@
*/
package org.apache.kerby.kerberos.kerb.integration.test;
-import java.io.File;
-
import org.apache.kerby.kerberos.kerb.integration.test.gss.GssAppClient;
import org.apache.kerby.kerberos.kerb.integration.test.gss.GssAppServer;
-import org.apache.kerby.kerberos.kerb.integration.test.gss.GssJAASAppClient;
import org.junit.Test;
public class GssAppTest extends AppTest {
@@ -42,18 +39,10 @@ public class GssAppTest extends AppTest {
}
@Test
- public void testJAAS() throws Exception {
- String basedir = System.getProperty("basedir");
- if (basedir == null) {
- basedir = new File(".").getCanonicalPath();
- }
-
- try {
- System.setProperty("java.security.auth.login.config", basedir + "/target/test-classes/kerberos.jaas");
- runAppClient(createAppJAASClient());
- } finally {
- System.clearProperty("java.security.auth.login.config");
- }
+ public void testWithoutInitialCredential() throws Exception {
+ AppClient appClient = createAppClient();
+ ((GssAppClient) appClient).setCreateContextWithCred(false);
+ runAppClient(appClient);
}
private AppClient createAppClient() throws Exception {
@@ -65,12 +54,4 @@ public class GssAppTest extends AppTest {
});
}
- private AppClient createAppJAASClient() throws Exception {
- return new GssJAASAppClient(new String[] {
- getHostname(),
- String.valueOf(getServerPort()),
- getServerPrincipal(),
- "drankye"
- }, new NamePasswordCallbackHandler(super.getClientPrincipalName(), super.getClientPassword()));
- }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a043f7bb/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
index 2e01975..a79d3e2 100644
--- a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
@@ -41,7 +41,7 @@ public class KerbyGssAppTest extends GssAppTest {
}
@Test
- public void testJAAS() throws Exception {
- super.testJAAS();
+ public void testWithoutInitialCredential() throws Exception {
+ super.testWithoutInitialCredential();
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a043f7bb/kerby-kerb/integration-test/src/test/resources/kerberos.jaas
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/resources/kerberos.jaas b/kerby-kerb/integration-test/src/test/resources/kerberos.jaas
deleted file mode 100644
index f20f65f..0000000
--- a/kerby-kerb/integration-test/src/test/resources/kerberos.jaas
+++ /dev/null
@@ -1,3 +0,0 @@
-drankye {
- com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useKeyTab=false principal="drankye";
-};