You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@taverna.apache.org by st...@apache.org on 2015/02/17 21:43:50 UTC
[46/51] [partial] incubator-taverna-engine git commit: temporarily
empty repository
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplTest.java
----------------------------------------------------------------------
diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplTest.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplTest.java
deleted file mode 100644
index 931fa07..0000000
--- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplTest.java
+++ /dev/null
@@ -1,872 +0,0 @@
-/*******************************************************************************
- * Copyright (C) 2008-2010 The University of Manchester
- *
- * Modifications to the initial code base are copyright of their
- * respective authors, or their employers as appropriate.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- ******************************************************************************/
-package net.sf.taverna.t2.security.credentialmanager.impl;
-
-import static org.junit.Assert.*;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URL;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.Security;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.Random;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import net.sf.taverna.t2.lang.observer.Observable;
-import net.sf.taverna.t2.lang.observer.Observer;
-import net.sf.taverna.t2.security.credentialmanager.CMException;
-import net.sf.taverna.t2.security.credentialmanager.CredentialManager;
-import net.sf.taverna.t2.security.credentialmanager.CredentialManager.KeystoreType;
-import net.sf.taverna.t2.security.credentialmanager.JavaTruststorePasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.KeystoreChangedEvent;
-import net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.ServiceUsernameAndPasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.TrustConfirmationProvider;
-import net.sf.taverna.t2.security.credentialmanager.UsernamePassword;
-
-import org.apache.commons.io.FileUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-/**
- * Tests here should not require Java strong/unlimited cryptography policy to be installed,
- * although if something goes wrong that is the first thing to be checked for.
- *
- * Java by default comes with the weak policy
- * that disables the use of certain cryto algorithms and bigger key sizes. Although
- * it is claimed that as of Java 6 the default policy is strong, we have seen otherwise,
- * so make sure you install it.
- *
- * For Java 6, strong/unlimited cryptography policy can be downloaded
- * (together with the installation instructions) from:
- * http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
- *
- * An empty Keystore/Truststore is created before each test so we always start afresh
- * (see the setUp() method).
- * s
- * @author Alex Nenadic
- *
- */
-public class CredentialManagerImplTest {
-
- private CredentialManagerImpl credentialManager;
- private String masterPassword = "uber";
- private DummyMasterPasswordProvider masterPasswordProvider;
- private File credentialManagerDirectory;
-
- private static UsernamePassword usernamePassword;
- private static URI serviceURI;
-
- private static Key privateKey;
- private static Certificate[] privateKeyCertChain;
- private static URL privateKeyFileURL = CredentialManagerImplTest.class.getResource(
- "/security/test-private-key-cert.p12");
- private static final String privateKeyAndPKCS12KeystorePassword = "test"; // password for the test PKCS#12 keystore in resources
-
- private static X509Certificate trustedCertficate;
- private static URL trustedCertficateFileURL = CredentialManagerImplTest.class.getResource(
- "/security/google-trusted-certificate.pem");
-
- private static Observer<KeystoreChangedEvent> keystoreChangedObserver;
-
- /**
- * @throws java.lang.Exception
- */
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
-
- // Just in case, add the BouncyCastle provider
- // It gets added from the CredentialManagerImpl constructor as well
- // but we may need some crypto operations before we invoke the Cred. Manager
- Security.addProvider(new BouncyCastleProvider());
-
- // Create a test username and password for a service
- serviceURI = new URI("http://someservice");
- usernamePassword = new UsernamePassword("testuser", "testpasswd");
-
- // Load the test private key and its certificate
- File privateKeyCertFile = new File(privateKeyFileURL.getPath());
- KeyStore pkcs12Keystore = java.security.KeyStore.getInstance("PKCS12", "BC"); // We have to use the BC provider here as the certificate chain is not loaded if we use whichever provider is first in Java!!!
- FileInputStream inStream = new FileInputStream(privateKeyCertFile);
- pkcs12Keystore.load(inStream, privateKeyAndPKCS12KeystorePassword.toCharArray());
- // KeyStore pkcs12Keystore = credentialManager.loadPKCS12Keystore(privateKeyCertFile, privateKeyPassword);
- Enumeration<String> aliases = pkcs12Keystore.aliases();
- while (aliases.hasMoreElements()) {
- // The test-private-key-cert.p12 file contains only one private key
- // and corresponding certificate entry
- String alias = aliases.nextElement();
- if (pkcs12Keystore.isKeyEntry(alias)) { // is it a (private) key entry?
- privateKey = pkcs12Keystore.getKey(alias,
- privateKeyAndPKCS12KeystorePassword.toCharArray());
- privateKeyCertChain = pkcs12Keystore.getCertificateChain(alias);
- break;
- }
- }
- inStream.close();
-
- // Load the test trusted certificate (belonging to *.Google.com)
- File trustedCertFile = new File(trustedCertficateFileURL.getPath());
- inStream = new FileInputStream(trustedCertFile);
- CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
- trustedCertficate = (X509Certificate) certFactory.generateCertificate(inStream);
- try{
- inStream.close();
- }
- catch (Exception e) {
- // Ignore
- }
-
- keystoreChangedObserver = new Observer<KeystoreChangedEvent>() {
-
- @Override
- public void notify(Observable<KeystoreChangedEvent> sender,
- KeystoreChangedEvent message) throws Exception {
- // TODO Auto-generated method stub
-
- }
- };
- }
-
- /**
- * @throws java.lang.Exception
- */
- @Before
- public void setUp() throws Exception {
-
- try {
- credentialManager = new CredentialManagerImpl();
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
- Random randomGenerator = new Random();
- String credentialManagerDirectoryPath = System
- .getProperty("java.io.tmpdir")
- + System.getProperty("file.separator")
- + "taverna-security-"
- + randomGenerator.nextInt(1000000);
- System.out.println("Credential Manager's directory path: "
- + credentialManagerDirectoryPath);
- credentialManagerDirectory = new File(credentialManagerDirectoryPath);
- try {
- credentialManager
- .setConfigurationDirectoryPath(credentialManagerDirectory);
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
-
- // Create the dummy master password provider
- masterPasswordProvider = new DummyMasterPasswordProvider();
- masterPasswordProvider.setMasterPassword(masterPassword);
- List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
- masterPasswordProviders.add(masterPasswordProvider);
- credentialManager.setMasterPasswordProviders(masterPasswordProviders);
-
- // Set an empty list for service username and password providers
- credentialManager.setServiceUsernameAndPasswordProviders(new ArrayList<ServiceUsernameAndPasswordProvider>());
-
- credentialManager.setJavaTruststorePasswordProviders(new ArrayList<JavaTruststorePasswordProvider>());
-
- credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());
-
- }
-
- @After
- // Clean up the credentialManagerDirectory we created for testing
- public void cleanUp(){
-// assertTrue(credentialManagerDirectory.exists());
-// assertFalse(credentialManagerDirectory.listFiles().length == 0); // something was created there
-
- if (credentialManagerDirectory.exists()){
- try {
- FileUtils.deleteDirectory(credentialManagerDirectory);
- System.out.println("Deleting Credential Manager's directory: "
- + credentialManagerDirectory.getAbsolutePath());
- } catch (IOException e) {
- System.out.println(e.getStackTrace());
- }
- }
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#CredentialManagerImpl()}.
- * @throws CMException
- */
- @Test
- public void testCredentialManagerImpl() throws CMException {
- new CredentialManagerImpl();
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getUsernameAndPasswordForService(java.net.URI, boolean, java.lang.String)}.
- * @throws URISyntaxException
- * @throws CMException
- */
- @Test
- public void testGetUsernameAndPasswordForServiceURI() throws URISyntaxException, CMException {
- // The Credential Manage's Keystore is empty so we should not be able to find anything initially
- assertNull(credentialManager.getUsernameAndPasswordForService(serviceURI, false, ""));
-
- credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
-
- UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
- assertNotNull(testUsernamePassword);
- assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
- assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addUsernameAndPasswordForService(net.sf.taverna.t2.security.credentialmanager.UsernamePassword, java.net.URI)}.
- * @throws URISyntaxException
- * @throws CMException
- */
- @Test
- public void testAddUsernameAndPasswordForService() throws CMException, URISyntaxException {
-
- String alias = credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
-
- UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
- assertNotNull(testUsernamePassword);
- assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
- assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
- assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#hasUsernamePasswordForService(java.net.URI)}.
- * @throws CMException
- */
- @Test
- public void testHasUsernamePasswordForService() throws CMException {
-
- UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
- assertNull(testUsernamePassword);
-
- String alias = credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
- testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
- assertNotNull(testUsernamePassword);
- assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
- assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
- assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteUsernameAndPasswordForService(java.net.URI)}.
- * @throws URISyntaxException
- * @throws CMException
- */
- @Test
- public void testDeleteUsernameAndPasswordForServiceURI() throws URISyntaxException, CMException {
-
- // The Credential Manage's Keystore is empty initially so this should
- // have no effect apart from initializing the Keystore/Truststore
- credentialManager.deleteUsernameAndPasswordForService(serviceURI);
-
- credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
- credentialManager.deleteUsernameAndPasswordForService(serviceURI);
-
- assertNull(credentialManager.getUsernameAndPasswordForService(serviceURI, false, ""));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addKeyPair(java.security.Key, java.security.cert.Certificate[])}.
- * @throws CMException
- * @throws KeyStoreException
- * @throws NoSuchAlgorithmException
- * @throws UnrecoverableKeyException
- * @throws IOException
- * @throws FileNotFoundException
- * @throws CertificateException
- */
- @Test
- public void testAddKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
-
- String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
- assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
-
- credentialManager.deleteKeyPair(alias);
- assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
- assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#hasKeyPair(java.security.Key, java.security.cert.Certificate[])}.
- * @throws CMException
- * @throws KeyStoreException
- * @throws NoSuchAlgorithmException
- * @throws UnrecoverableKeyException
- * @throws IOException
- * @throws FileNotFoundException
- * @throws CertificateException
- */
- @Test
- public void testHasKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
- assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
- credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteKeyPair(java.lang.String)}.
- * @throws CMException
- * @throws KeyStoreException
- * @throws NoSuchAlgorithmException
- * @throws UnrecoverableKeyException
- * @throws IOException
- * @throws FileNotFoundException
- * @throws CertificateException
- */
- @Test
- public void testDeleteKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
- // The Credential Manage's Keystore is empty initially so this should
- // have no effect apart from initializing the Keystore/Truststore
- credentialManager.deleteKeyPair("somealias");
-
- String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- credentialManager.deleteKeyPair(alias);
- assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteKeyPair(Key, Certificate[])}.
- * @throws CMException
- */
- @Test
- public void testDeleteKeyPair2() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
- credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
- credentialManager.deleteKeyPair(privateKey, privateKeyCertChain);
- assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#exportKeyPair(java.lang.String, java.io.File, java.lang.String)}.
- * @throws CMException
- * @throws KeyStoreException
- * @throws NoSuchAlgorithmException
- * @throws UnrecoverableKeyException
- */
- @Test
- public void testExportKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
- String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- File fileToExportTo = new File(credentialManagerDirectory, "test-export-key.p12");
- credentialManager.exportKeyPair(alias, fileToExportTo, privateKeyAndPKCS12KeystorePassword);
- assertTrue(fileToExportTo.exists());
- // Load it back from the file we just saved
- KeyStore ks = credentialManager.loadPKCS12Keystore(fileToExportTo, privateKeyAndPKCS12KeystorePassword);
- Enumeration<String> aliases = ks.aliases();
- Key newPrivateKey = null;
- Certificate[] newPrivateKeyCerts = null;
- while (aliases.hasMoreElements()) {
- // The test-private-key-cert.p12 file contains only one private key
- // and corresponding certificate entry
- alias = aliases.nextElement();
- if (ks.isKeyEntry(alias)) { // is it a (private) key entry?
- newPrivateKey = ks.getKey(alias,
- privateKeyAndPKCS12KeystorePassword.toCharArray());
- newPrivateKeyCerts = ks.getCertificateChain(alias);
- break;
- }
- }
- assertNotNull(newPrivateKey);
- assertNotNull(newPrivateKeyCerts);
- //assertTrue(Arrays.equals(newPrivateKey.getEncoded(), privateKey.getEncoded()));
- assertTrue(newPrivateKey.equals(privateKey));
- assertTrue(Arrays.equals(newPrivateKeyCerts, privateKeyCertChain));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getCertificate(java.lang.String, java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testGetCertificate() throws CMException {
- String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- // Get certificate from the Keystore associated with the private key we just inserted
- Certificate privateKeyCertificate = credentialManager.getCertificate(CredentialManager.KeystoreType.KEYSTORE, alias);
- assertNotNull(privateKeyCertificate);
- assertTrue(privateKeyCertChain[0].equals(privateKeyCertificate));
-
- // We should also have some trusted certificates in the Truststore
- // Need to get their aliases
- ArrayList<String> truststoreAliases = credentialManager.getAliases(CredentialManager.KeystoreType.TRUSTSTORE);
- assertTrue(!truststoreAliases.isEmpty());
- // Just get the first one
- Certificate trustedCertificate = credentialManager.getCertificate(CredentialManager.KeystoreType.TRUSTSTORE, truststoreAliases.get(0));
- assertNotNull(trustedCertificate);
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getKeyPairsCertificateChain(java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testGetKeyPairCertificateChain() throws CMException {
- String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- Certificate[] keyPairCertificateChain = credentialManager.getKeyPairsCertificateChain(alias);
- assertNotNull(keyPairCertificateChain);
- assertTrue(Arrays.equals(privateKeyCertChain, keyPairCertificateChain));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getKeyPairsPrivateKey(java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testGetKeyPairsPrivateKey() throws CMException {
- String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- Key prvKey = credentialManager.getKeyPairsPrivateKey(alias);
- assertNotNull(prvKey);
- assertEquals(privateKey, prvKey);
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addTrustedCertificate(java.security.cert.X509Certificate)}.
- * @throws CMException
- */
- @Test
- public void testAddTrustedCertificate() throws CMException {
-
- String alias = credentialManager.addTrustedCertificate(trustedCertficate);
- assertTrue(credentialManager.hasTrustedCertificate(trustedCertficate));
- assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
-
- credentialManager.deleteTrustedCertificate(alias);
- assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
- assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#createTrustedCertificateAlias(java.security.cert.X509Certificate)}.
- * @throws CMException
- */
- @Test
- public void testGetX509CertificateAlias() throws CMException {
-
- String alias = credentialManager.createTrustedCertificateAlias(trustedCertficate);
- String alias2 = credentialManager.addTrustedCertificate(trustedCertficate);
- assertEquals(alias, alias2);
-
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteTrustedCertificate(java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testDeleteTrustedCertificate() throws CMException {
- // The Credential Manage's Truststore is empty initially so this should
- // have no effect apart from initializing the Keystore/Truststore
- credentialManager.deleteTrustedCertificate("somealias");
-
- String alias = credentialManager.addTrustedCertificate(trustedCertficate);
- assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
- credentialManager.deleteTrustedCertificate(alias);
- assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
- assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteTrustedCertificate(X509Certificate)}.
- * @throws CMException
- */
- @Test
- public void testDeleteTrustedCertificate2() throws CMException {
-
- credentialManager.addTrustedCertificate(trustedCertficate);
- assertTrue(credentialManager.hasTrustedCertificate(trustedCertficate));
- credentialManager.deleteTrustedCertificate(trustedCertficate);
- assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#isKeyEntry(java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testIsKeyEntry() throws CMException {
- // The Credential Manage's Keystore/Truststore is empty initially so this should
- // have no effect apart from initializing them
- // This should throw an exception
- assertFalse(credentialManager.isKeyEntry("somealias"));
-
- String aliasPassword = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
- String aliasKeyPair = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- String aliasTrustedCert = credentialManager.addTrustedCertificate(trustedCertficate);
-
- assertTrue(credentialManager.isKeyEntry(aliasPassword)); // passwords are saves as symmetric key entries
- assertTrue(credentialManager.isKeyEntry(aliasKeyPair));
- assertFalse(credentialManager.isKeyEntry(aliasTrustedCert));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#hasEntryWithAlias(java.lang.String, java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testHasEntryWithAlias() throws CMException {
-
- String aliasTrustedCert = credentialManager.createTrustedCertificateAlias(trustedCertficate);
- assertFalse(credentialManager.hasEntryWithAlias(KeystoreType.TRUSTSTORE, aliasTrustedCert));
-
- String aliasTrustedCert2 = credentialManager.addTrustedCertificate(trustedCertficate);
- assertTrue(credentialManager.hasEntryWithAlias(KeystoreType.TRUSTSTORE, aliasTrustedCert2));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getAliases(net.sf.taverna.t2.security.credentialmanager.CredentialManager.KeystoreType)}.
- * @throws CMException
- */
- @Test
- public void testGetAliases() throws CMException {
-
- ArrayList<String> keystoreAliases = credentialManager.getAliases(KeystoreType.KEYSTORE);
- ArrayList<String> truststoreAliases = credentialManager.getAliases(KeystoreType.TRUSTSTORE);
-
- // Initially Keystore/Truststore is empty
- assertTrue(keystoreAliases.isEmpty());
-
- String aliasPassword = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
- String aliasKeyPair = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- String aliasTrustedCert = credentialManager.addTrustedCertificate(trustedCertficate);
-
- keystoreAliases = credentialManager.getAliases(KeystoreType.KEYSTORE);
- truststoreAliases = credentialManager.getAliases(KeystoreType.TRUSTSTORE);
-
- assertTrue(keystoreAliases.size() == 2);
- assertTrue(truststoreAliases.size() >= 1); // we at least have the one we inserted but could be more copied from Java's defauls truststore
-
- assertTrue(keystoreAliases.contains(aliasPassword));
- assertTrue(keystoreAliases.contains(aliasKeyPair));
- assertTrue(truststoreAliases.contains(aliasTrustedCert));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getServiceURIsForAllUsernameAndPasswordPairs()}.
- * @throws CMException
- * @throws URISyntaxException
- */
- @Test
- public void testGetServiceURIsForAllUsernameAndPasswordPairs() throws CMException, URISyntaxException {
- // Initially empty so this
- assertTrue(credentialManager.getServiceURIsForAllUsernameAndPasswordPairs().isEmpty());
-
- credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
-
- URI serviceURI2 = new URI("http://someservice2");
- UsernamePassword usernamePassword2 = new UsernamePassword("testuser2", "testpasswd2");
- credentialManager.addUsernameAndPasswordForService(usernamePassword2, serviceURI2);
-
- List<URI> serviceURIs = credentialManager.getServiceURIsForAllUsernameAndPasswordPairs();
- assertTrue(credentialManager.getServiceURIsForAllUsernameAndPasswordPairs().size() == 2);
- assertTrue(serviceURIs.contains(serviceURI));
- assertTrue(serviceURIs.contains(serviceURI2));
-
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#loadPKCS12Keystore(java.io.File, java.lang.String)}.
- * @throws CMException
- * @throws KeyStoreException
- * @throws NoSuchAlgorithmException
- * @throws UnrecoverableKeyException
- */
- @Test
- public void testLoadPKCS12Keystore() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
- KeyStore pkcs12Keystore = credentialManager.loadPKCS12Keystore(new File(privateKeyFileURL.getPath()), privateKeyAndPKCS12KeystorePassword);
-
- Key privateKey2 = null;
- Certificate[] privateKeyCertChain2 = null;
-
- Enumeration<String> aliases = pkcs12Keystore.aliases();
- while (aliases.hasMoreElements()) {
- // The test-private-key-cert.p12 file contains only one private key
- // and corresponding certificate entry
- String alias = aliases.nextElement();
- if (pkcs12Keystore.isKeyEntry(alias)) { // is it a (private) key entry?
- privateKey2 = pkcs12Keystore.getKey(alias,
- privateKeyAndPKCS12KeystorePassword.toCharArray());
- privateKeyCertChain2 = pkcs12Keystore.getCertificateChain(alias);
- break;
- }
- }
- assertNotNull(privateKey2);
- assertNotNull(privateKeyCertChain2);
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addObserver(net.sf.taverna.t2.lang.observer.Observer)}.
- */
- @Test
- public void testAddObserver() {
-
- credentialManager.addObserver(keystoreChangedObserver);
- assertEquals(keystoreChangedObserver, credentialManager.getObservers().get(0));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getObservers()}.
- */
- @Test
- public void testGetObservers() {
- // Initially there are no observers
- assertTrue(credentialManager.getObservers().isEmpty());
-
- credentialManager.addObserver(keystoreChangedObserver);
-
- assertEquals(keystoreChangedObserver, credentialManager.getObservers().get(0));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#removeObserver(net.sf.taverna.t2.lang.observer.Observer)}.
- */
- @Test
- public void testRemoveObserver() {
- credentialManager.addObserver(keystoreChangedObserver);
- assertTrue(credentialManager.getObservers().size() == 1);
- credentialManager.removeObserver(keystoreChangedObserver);
- assertTrue(credentialManager.getObservers().size() == 0);
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#confirmMasterPassword(java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testConfirmMasterPassword() throws CMException {
- credentialManager.confirmMasterPassword("uber");
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#changeMasterPassword(java.lang.String)}.
- * @throws CMException
- */
- @Test
- public void testChangeMasterPassword() throws CMException {
- // Test the changeMasterPassword() method first to see if
- // it will initialize Credential Manager properly
- credentialManager.changeMasterPassword("blah");
- credentialManager.confirmMasterPassword("blah");
-
- // Add new stuff - key pair and password entries - under the new master password
- String keyPairAlias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
- credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
-
- // Change the master password again and try to retrieve the private key and password
- credentialManager.changeMasterPassword("hlab");
- assertArrayEquals(credentialManager.getUsernameAndPasswordForService(serviceURI, false, "").getPassword(), usernamePassword.getPassword());
- assertEquals(privateKey, credentialManager.getKeyPairsPrivateKey(keyPairAlias));
- assertTrue(Arrays.equals(privateKeyCertChain, credentialManager.getKeyPairsCertificateChain(keyPairAlias)));
-
- // Load the Credential Manager back from the saved file to see of entries will be picked up properly
- CredentialManagerImpl credentialManagerNew = null;
- try {
- credentialManagerNew = new CredentialManagerImpl();
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
- try {
- credentialManagerNew
- .setConfigurationDirectoryPath(credentialManagerDirectory);
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
-
- // Create the dummy master password provider
- masterPasswordProvider = new DummyMasterPasswordProvider();
- masterPasswordProvider.setMasterPassword("hlab");
- List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
- masterPasswordProviders.add(masterPasswordProvider);
- credentialManager.setMasterPasswordProviders(masterPasswordProviders);
-
- // Set an empty list for service username and password providers
- credentialManagerNew.setServiceUsernameAndPasswordProviders(new ArrayList<ServiceUsernameAndPasswordProvider>());
-
- credentialManager.setJavaTruststorePasswordProviders(new ArrayList<JavaTruststorePasswordProvider>());
-
- credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());
-
- assertArrayEquals(credentialManager.getUsernameAndPasswordForService(serviceURI, false, "").getPassword(), usernamePassword.getPassword());
- assertEquals(privateKey, credentialManager.getKeyPairsPrivateKey(keyPairAlias));
- assertTrue(Arrays.equals(privateKeyCertChain, credentialManager.getKeyPairsCertificateChain(keyPairAlias)));
-
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#initializeSSL()}.
- * @throws CMException
- */
- @Test
- public void testInitializeSSL() throws CMException {
- //credentialManager.initializeSSL();
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getTavernaSSLSocketFactory()}.
- * @throws CMException
- */
- @Test
- public void testGetTavernaSSLSocketFactory() throws CMException {
- SSLSocketFactory sslSocketFactory = credentialManager.getTavernaSSLSocketFactory();
- assertNotNull(sslSocketFactory);
-
- // This should also create Taverna's SSLSocketFactory backed by Credential Manager's Keystore and Truststore
- // if not already created
- credentialManager.initializeSSL();
- assertEquals(sslSocketFactory, credentialManager.getTavernaSSLSocketFactory());
-
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setMasterPasswordProviders(java.util.List)}.
- */
- @Test
- public void testSetMasterPasswordProviders() {
-
- List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
- masterPasswordProviders.add(masterPasswordProvider);
-
- credentialManager.setMasterPasswordProviders(masterPasswordProviders);
-
- assertTrue(credentialManager.getMasterPasswordProviders().contains(masterPasswordProvider));
-
- // Set it to null and see what happens
- credentialManager.setMasterPasswordProviders(null);
- assertNull(credentialManager.getMasterPasswordProviders());
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getMasterPasswordProviders()}.
- */
- @Test
- public void testGetMasterPasswordProviders() {
-
- assertFalse(credentialManager.getMasterPasswordProviders().isEmpty());
- assertTrue(credentialManager.getMasterPasswordProviders().contains(masterPasswordProvider));
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setJavaTruststorePasswordProviders(java.util.List)}.
- */
- @Test
- public void testSetJavaTruststorePasswordProviders() {
-
- List<JavaTruststorePasswordProvider> javaTruststorePasswordProviders = new ArrayList<JavaTruststorePasswordProvider>();
- JavaTruststorePasswordProvider javaTruststorePasswordProvider = new DummyJavaTruststorePasswordProvider();
- javaTruststorePasswordProvider.setJavaTruststorePassword("blah");
- javaTruststorePasswordProviders.add(javaTruststorePasswordProvider);
-
- credentialManager.setJavaTruststorePasswordProviders(javaTruststorePasswordProviders);
-
- assertTrue(credentialManager.getJavaTruststorePasswordProviders().contains(javaTruststorePasswordProvider));
-
- // Set it to null and see what happens
- credentialManager.setJavaTruststorePasswordProviders(null);
- assertNull(credentialManager.getJavaTruststorePasswordProviders());
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getJavaTruststorePasswordProviders()}.
- */
- @Test
- public void testGetJavaTruststorePasswordProviders() {
-
- assertTrue(credentialManager.getJavaTruststorePasswordProviders().isEmpty());
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setServiceUsernameAndPasswordProviders(java.util.List)}.
- * @throws URISyntaxException
- */
- @Test
- public void testSetServiceUsernameAndPasswordProviders() throws URISyntaxException {
-
- List<ServiceUsernameAndPasswordProvider> serviceUsernameAndPasswordProviders = new ArrayList<ServiceUsernameAndPasswordProvider>();
- ServiceUsernameAndPasswordProvider serviceUsernameAndPasswordProvider = new DummyServiceUsernameAndPasswordProvider();
- serviceUsernameAndPasswordProvider.setServiceUsernameAndPassword(new URI("http://someservice"), new UsernamePassword("blah", "blah"));
- serviceUsernameAndPasswordProviders.add(serviceUsernameAndPasswordProvider);
-
- credentialManager.setServiceUsernameAndPasswordProviders(serviceUsernameAndPasswordProviders);
-
- assertTrue(credentialManager.getServiceUsernameAndPasswordProviders().contains(serviceUsernameAndPasswordProvider));
-
- // Set it to null and see what happens
- credentialManager.setServiceUsernameAndPasswordProviders(null);
- assertNull(credentialManager.getServiceUsernameAndPasswordProviders());
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getServiceUsernameAndPasswordProviders()}.
- */
- @Test
- public void testGetServiceUsernameAndPasswordProviders() {
-
- assertTrue(credentialManager.getServiceUsernameAndPasswordProviders().isEmpty());
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setTrustConfirmationProviders(java.util.List)}.
- * @throws IOException
- */
- @Test
- public void testSetTrustConfirmationProviders() throws IOException {
- List<TrustConfirmationProvider> trustConfirmationProviders = new ArrayList<TrustConfirmationProvider>();
- TrustConfirmationProvider trustConfirmationProvider = new TrustAlwaysTrustConfirmationProvider();
- trustConfirmationProviders.add(trustConfirmationProvider);
-
- credentialManager.setTrustConfirmationProviders(trustConfirmationProviders);
-
- assertTrue(credentialManager.getTrustConfirmationProviders().contains(trustConfirmationProvider));
-
- // Set it to null and see what happens
- credentialManager.setTrustConfirmationProviders(null);
- assertNull(credentialManager.getTrustConfirmationProviders());
- }
-
- /**
- * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getTrustConfirmationProviders()}.
- */
- @Test
- public void testGetTrustConfirmationProviders() {
-
- assertTrue(credentialManager.getTrustConfirmationProviders().isEmpty());
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyJavaTruststorePasswordProvider.java
----------------------------------------------------------------------
diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyJavaTruststorePasswordProvider.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyJavaTruststorePasswordProvider.java
deleted file mode 100644
index 6a1b9dc..0000000
--- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyJavaTruststorePasswordProvider.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*******************************************************************************
- * Copyright (C) 2008-2010 The University of Manchester
- *
- * Modifications to the initial code base are copyright of their
- * respective authors, or their employers as appropriate.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- ******************************************************************************/
-package net.sf.taverna.t2.security.credentialmanager.impl;
-
-import net.sf.taverna.t2.security.credentialmanager.JavaTruststorePasswordProvider;
-
-public class DummyJavaTruststorePasswordProvider implements JavaTruststorePasswordProvider{
-
- String javaTruststorePassword;
-
- @Override
- public String getJavaTruststorePassword() {
- return javaTruststorePassword;
- }
-
- @Override
- public void setJavaTruststorePassword(String password) {
- javaTruststorePassword = password;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyMasterPasswordProvider.java
----------------------------------------------------------------------
diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyMasterPasswordProvider.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyMasterPasswordProvider.java
deleted file mode 100644
index ddcd7e6..0000000
--- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyMasterPasswordProvider.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*******************************************************************************
- * Copyright (C) 2008-2010 The University of Manchester
- *
- * Modifications to the initial code base are copyright of their
- * respective authors, or their employers as appropriate.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- ******************************************************************************/
-package net.sf.taverna.t2.security.credentialmanager.impl;
-
-import net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider;
-
-public class DummyMasterPasswordProvider implements MasterPasswordProvider{
-
- private String masterPassword;
- private int priority = 0;
-
- @Override
- public String getMasterPassword(boolean firstTime) {
- return masterPassword;
- }
-
- @Override
- public int getProviderPriority() {
- return priority;
- }
-
- @Override
- public void setMasterPassword(String password) {
- masterPassword = password;
- }
-
-// @Override
-// public void setProviderPriority(int priority) {
-// this.priority = priority;
-// }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyServiceUsernameAndPasswordProvider.java
----------------------------------------------------------------------
diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyServiceUsernameAndPasswordProvider.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyServiceUsernameAndPasswordProvider.java
deleted file mode 100644
index f2227fc..0000000
--- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/DummyServiceUsernameAndPasswordProvider.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*******************************************************************************
- * Copyright (C) 2008-2010 The University of Manchester
- *
- * Modifications to the initial code base are copyright of their
- * respective authors, or their employers as appropriate.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- ******************************************************************************/
-package net.sf.taverna.t2.security.credentialmanager.impl;
-
-import java.net.URI;
-
-import net.sf.taverna.t2.security.credentialmanager.ServiceUsernameAndPasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.UsernamePassword;
-
-public class DummyServiceUsernameAndPasswordProvider implements ServiceUsernameAndPasswordProvider{
-
- private UsernamePassword usernamePassword;
- private URI serviceURI;
- private String requestingMessage;
-
- @Override
- public UsernamePassword getServiceUsernameAndPassword(URI serviceURI,
- String requestingMessage) {
- this.requestingMessage = requestingMessage;
- this.serviceURI = serviceURI;
- return usernamePassword;
- }
-
- @Override
- public void setServiceUsernameAndPassword(URI serviceURI,
- UsernamePassword usernamePassword) {
-
- //this.serviceURI = serviceURI;
- this.usernamePassword = usernamePassword;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorIT.java
----------------------------------------------------------------------
diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorIT.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorIT.java
deleted file mode 100644
index 18068db..0000000
--- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorIT.java
+++ /dev/null
@@ -1,535 +0,0 @@
-/*******************************************************************************
- * Copyright (C) 2008-2010 The University of Manchester
- *
- * Modifications to the initial code base are copyright of their
- * respective authors, or their employers as appropriate.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- ******************************************************************************/
-package net.sf.taverna.t2.security.credentialmanager.impl;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-
-import java.io.File;
-import java.io.IOException;
-import java.net.Authenticator;
-import java.net.PasswordAuthentication;
-import java.net.URL;
-import java.net.URLConnection;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Random;
-
-import net.sf.taverna.t2.security.credentialmanager.CMException;
-import net.sf.taverna.t2.security.credentialmanager.CredentialManager;
-import net.sf.taverna.t2.security.credentialmanager.JavaTruststorePasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.ServiceUsernameAndPasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.TrustConfirmationProvider;
-import net.sf.taverna.t2.security.credentialmanager.UsernamePassword;
-
-import org.apache.commons.io.FileUtils;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.mortbay.jetty.Connector;
-import org.mortbay.jetty.Handler;
-import org.mortbay.jetty.Server;
-import org.mortbay.jetty.handler.DefaultHandler;
-import org.mortbay.jetty.handler.HandlerCollection;
-import org.mortbay.jetty.nio.SelectChannelConnector;
-import org.mortbay.jetty.security.Constraint;
-import org.mortbay.jetty.security.ConstraintMapping;
-import org.mortbay.jetty.security.HashUserRealm;
-import org.mortbay.jetty.security.SecurityHandler;
-import org.mortbay.jetty.webapp.WebAppContext;
-
-/**
- *
- * Based on net.sf.tavenra.security.credentialmanager.FixedPasswordProvider from the
- * Taverna 2 codebase.
- *
- * @author Stian Soiland-Reyes
- * @author Alex Nenadic
- *
- */
-public class HTTPAuthenticatorIT {
-
- protected static final String WRONG_PASSWORD = "wrongOne";
- protected final static String PASSWORD = "basicPassword";
- protected static final String PASSWORD2 = "password2";
- protected static final String PASSWORD3 = "password3";
- protected static final String PASSWORD4 = "password4";
- protected static final String REALM = "realm1";
- protected static final String REALM2 = "realm2";
- protected final static String USERNAME = "basicUser";
-
- protected static final int PORT = 9638;
-
- private final class CountingAuthenticator extends
- CredentialManagerAuthenticator {
-
- public CountingAuthenticator(CredentialManager credManager) {
- super(credManager);
- }
-
- private int calls;
-
- @Override
- protected PasswordAuthentication getPasswordAuthentication() {
- calls++;
- return super.getPasswordAuthentication();
- }
- }
-
- public class NullAuthenticator extends Authenticator {
- }
-
- protected static final String ROLE_NAME = "user";
- protected static final String HTML = "/html/";
- protected static Server server;
- protected static HashUserRealm userRealm;
- private static SecurityHandler sh;
-
- private static CredentialManagerImpl credentialManager;
- private static File credentialManagerDirectory;
- private static DummyMasterPasswordProvider masterPasswordProvider;
- private static HTTPAuthenticatorServiceUsernameAndPasswordProvider httpAuthProvider;
-
- @BeforeClass
- public static void startCredentialManager() throws CMException, IOException {
-
- try {
- credentialManager = new CredentialManagerImpl();
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
- Random randomGenerator = new Random();
- String credentialManagerDirectoryPath = System
- .getProperty("java.io.tmpdir")
- + System.getProperty("file.separator")
- + "taverna-security-"
- + randomGenerator.nextInt(1000000);
- System.out.println("Credential Manager's directory path: "
- + credentialManagerDirectoryPath);
- credentialManagerDirectory = new File(credentialManagerDirectoryPath);
- try {
- credentialManager
- .setConfigurationDirectoryPath(credentialManagerDirectory);
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
-
- // Create the dummy master password provider
- masterPasswordProvider = new DummyMasterPasswordProvider();
- /* Short password to avoid issues with key sizes and Java strong crypto policy*/
- masterPasswordProvider.setMasterPassword("uber");
- List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
- masterPasswordProviders.add(masterPasswordProvider);
- credentialManager.setMasterPasswordProviders(masterPasswordProviders);
-
- // Put our HTTP authenticator in the list of service username and password providers
- httpAuthProvider = new HTTPAuthenticatorServiceUsernameAndPasswordProvider();
- ArrayList<ServiceUsernameAndPasswordProvider> serviceUsernameAndPasswordProviders = new ArrayList<ServiceUsernameAndPasswordProvider>();
- serviceUsernameAndPasswordProviders.add(httpAuthProvider);
- credentialManager.setServiceUsernameAndPasswordProviders(serviceUsernameAndPasswordProviders);
-
- // These can be empty
- credentialManager.setJavaTruststorePasswordProviders(new ArrayList<JavaTruststorePasswordProvider>());
- credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());
- }
-
- @AfterClass
- // Clean up the credentialManagerDirectory we created for testing
- public static void cleanUp(){
-
- if (credentialManagerDirectory.exists()){
- try {
- FileUtils.deleteDirectory(credentialManagerDirectory);
- System.out.println("Deleting Credential Manager's directory: "
- + credentialManagerDirectory.getAbsolutePath());
- } catch (IOException e) {
- System.out.println(e.getStackTrace());
- }
- }
- }
-
- @BeforeClass
- public static void jettyServer() throws Exception {
-
- server = new Server();
-
- Connector connector = new SelectChannelConnector();
- connector.setPort(PORT);
- server.setConnectors(new Connector[] { connector });
- ConstraintMapping cm = new ConstraintMapping();
- Constraint constraint = new Constraint();
- constraint.setName(Constraint.__BASIC_AUTH);
- constraint.setRoles(new String[] { ROLE_NAME });
- constraint.setAuthenticate(true);
- cm.setConstraint(constraint);
- cm.setPathSpec("/*");
-
- sh = new SecurityHandler();
- userRealm = new HashUserRealm(REALM);
- userRealm.put(USERNAME, PASSWORD);
- userRealm.addUserToRole(USERNAME, ROLE_NAME);
- sh.setUserRealm(userRealm);
- sh.setConstraintMappings(new ConstraintMapping[] { cm });
-
- WebAppContext webappcontext = new WebAppContext();
- webappcontext.setContextPath("/");
-
- URL htmlRoot = HTTPAuthenticatorIT.class.getResource(HTML);
- assertNotNull("Could not find " + HTML, htmlRoot);
- webappcontext.setWar(htmlRoot.toExternalForm());
-
- webappcontext.addHandler(sh);
-
- HandlerCollection handlers = new HandlerCollection();
- handlers.setHandlers(new Handler[] { webappcontext,
- new DefaultHandler() });
-
- server.setHandler(handlers);
- server.start();
- }
-
-
- @AfterClass
- public static void shutdownJetty() throws Exception {
- server.stop();
- }
-
- @Before
- @After
- public void resetAuthenticator() throws CMException {
- Authenticator.setDefault(new NullAuthenticator());
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.resetCalls();
- }
-
- @Before
- public void resetAuthCache() throws CMException {
- credentialManager.resetAuthCache();
- }
-
- @Before
- public void resetUserRealmPassword() {
- userRealm.put(USERNAME, PASSWORD);
- userRealm.setName(REALM);
- }
-
- @Test()
- public void failsWithoutAuthenticator() throws Exception {
- URL url = new URL("http://localhost:" + PORT + "/test.html");
- URLConnection c = url.openConnection();
- assertEquals("HTTP/1.1 401 Unauthorized", c.getHeaderField(0));
- }
-
- @Test()
- public void withAuthenticator() throws Exception {
- assertEquals("Unexpected calls to password provider", 0,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- // Set the authenticator to our Credential Manager-backed one that also
- // counts calls to itself
- CountingAuthenticator authenticator = new CountingAuthenticator(credentialManager);
- assertEquals("Unexpected calls to authenticator", 0,
- authenticator.calls);
- Authenticator.setDefault(authenticator);
-// FixedPasswordProvider.setUsernamePassword(new UsernamePassword(
-// USERNAME, PASSWORD));
-
- URL url = new URL("http://localhost:" + PORT + "/test.html");
- httpAuthProvider.setServiceUsernameAndPassword(url.toURI(), new UsernamePassword(
- USERNAME, PASSWORD));
- URLConnection c = url.openConnection();
-
- c.connect();
- try {
- c.getContent();
- } catch (Exception ex) {
- }
- System.out.println(c.getHeaderField(0));
- assertEquals("Did not invoke authenticator", 1, authenticator.calls);
- assertEquals("Did not invoke our password provider", 1,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- assertEquals("HTTP/1.1 200 OK", c.getHeaderField(0));
-
-
- assertEquals("Unexpected prompt/realm", REALM, httpAuthProvider.getRequestMessage());
- assertEquals("Unexpected URI", url.toURI().toASCIIString() + "#" + REALM, HTTPAuthenticatorServiceUsernameAndPasswordProvider
- .getServiceURI().toASCIIString());
-
- // And test Java's cache:
- URLConnection c2 = url.openConnection();
- c2.connect();
- assertEquals("HTTP/1.1 200 OK", c2.getHeaderField(0));
- assertEquals("JVM invoked our authenticator again instead of caching", 1,
- authenticator.calls);
- assertEquals("Invoked our password provider again instead of caching",
- 1, HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
-
- }
-
- @Test()
- public void withAuthenticatorResetJava() throws Exception {
- assertTrue("Could not reset JVMs authCache, ignore on non-Sun JVM",
- credentialManager.resetAuthCache());
-
- assertEquals("Unexpected calls to password provider", 0,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- CountingAuthenticator authenticator = new CountingAuthenticator(credentialManager);
- assertEquals("Unexpected calls to authenticator", 0,
- authenticator.calls);
- Authenticator.setDefault(authenticator);
-// FixedPasswordProvider.setUsernamePassword(new UsernamePassword(
-// USERNAME, PASSWORD));
-
- URL url = new URL("http://localhost:" + PORT + "/test.html");
- httpAuthProvider.setServiceUsernameAndPassword(url.toURI(), new UsernamePassword(
- USERNAME, PASSWORD));
- URLConnection c = url.openConnection();
-
- c.connect();
- try {
- c.getContent();
- } catch (Exception ex) {
- }
-
- assertEquals("HTTP/1.1 200 OK", c.getHeaderField(0));
-
- assertEquals("Did not invoke authenticator", 1, authenticator.calls);
- assertEquals("Did not invoke our password provider", 1,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
-
- assertEquals("Unexpected prompt/realm", REALM, httpAuthProvider.getRequestMessage());
- assertEquals("Unexpected URI", url.toURI().toASCIIString() + "#" + REALM, HTTPAuthenticatorServiceUsernameAndPasswordProvider
- .getServiceURI().toASCIIString());
-
-
-
- // And without Java's cache:
- assertTrue("Could not reset VMs authCache, ignore on non-Sun VM",
- credentialManager.resetAuthCache());
-
- URLConnection c2 = url.openConnection();
- c2.connect();
- assertEquals("HTTP/1.1 200 OK", c2.getHeaderField(0));
- assertEquals("Did not invoke our authenticator again", 2,
- authenticator.calls);
- assertEquals("Did not invoke our password provider again",
- 2, HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
-
- }
-
-
- @Test()
- public void differentRealm() throws Exception {
-
- assertEquals("Unexpected calls to password provider", 0,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- CountingAuthenticator authenticator = new CountingAuthenticator(credentialManager);
- assertEquals("Unexpected calls to authenticator", 0,
- authenticator.calls);
- Authenticator.setDefault(authenticator);
- // Different password in case resetAuthCache() did not run
- UsernamePassword userPassword = new UsernamePassword(
- USERNAME, PASSWORD4);
- userRealm.put(USERNAME, PASSWORD4);
-// userPassword.setShouldSave(true);
- //FixedPasswordProvider.setUsernamePassword(userPassword);
-
- URL url = new URL("http://localhost:" + PORT + "/test.html");
- httpAuthProvider.setServiceUsernameAndPassword(url.toURI(), userPassword);
- URLConnection c = url.openConnection();
-
- c.connect();
- try {
- c.getContent();
- } catch (Exception ex) {
- }
-
- assertEquals("Unexpected prompt/realm", REALM, httpAuthProvider.getRequestMessage());
- assertEquals("Unexpected URI", url.toURI().toASCIIString() + "#" + REALM, HTTPAuthenticatorServiceUsernameAndPasswordProvider
- .getServiceURI().toASCIIString());
-
- assertEquals("HTTP/1.1 200 OK", c.getHeaderField(0));
-
- assertEquals("Did not invoke authenticator", 1, authenticator.calls);
- assertEquals("Did not invoke our password provider", 1,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
-
-
- // different realm should be treated as a second connection, and not even use saved credentials
-
- credentialManager.resetAuthCache();
- userRealm.setName(REALM2);
-
- URLConnection c2 = url.openConnection();
- c2.connect();
- try {
- c.getContent();
- } catch (Exception ex) {
- }
-
- assertEquals("HTTP/1.1 200 OK", c2.getHeaderField(0));
-
- assertEquals("Did not invoke authenticator again", 2,
- authenticator.calls);
- assertEquals("Did not invoke provider again",
- 2, HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
-
- assertEquals("Unexpected prompt/realm", REALM2, httpAuthProvider
- .getRequestMessage());
- assertEquals("Unexpected URI", url.toURI().toASCIIString() + "#" + REALM2, HTTPAuthenticatorServiceUsernameAndPasswordProvider
- .getServiceURI().toASCIIString());
- }
-
-
- @Test()
- public void wrongPasswordDontSave() throws Exception {
- assertEquals("Unexpected calls to password provider", 0,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- CountingAuthenticator authenticator = new CountingAuthenticator(credentialManager);
- assertEquals("Unexpected calls to authenticator", 0,
- authenticator.calls);
- Authenticator.setDefault(authenticator);
-
- // Make the server expect different password so our cache is no longer
- // valid
- userRealm.put(USERNAME, PASSWORD2);
- // But we'll try with the old one, which we'll this time ask to save in
- // DB
- UsernamePassword usernamePassword = new UsernamePassword(USERNAME,
- PASSWORD);
- assertFalse("Should not be set to save by default", usernamePassword
- .isShouldSave());
- //FixedPasswordProvider.setUsernamePassword(usernamePassword);
-
- URL url = new URL("http://localhost:" + PORT + "/test.html");
- httpAuthProvider.setServiceUsernameAndPassword(url.toURI(), usernamePassword);
- URLConnection c = url.openConnection();
- try {
- c.getContent();
- } catch (Exception ex) {
- }
-
- assertEquals("Unexpected prompt/realm", REALM, httpAuthProvider
- .getRequestMessage());
- assertEquals("Unexpected URI", url.toURI().toASCIIString() + "#" + REALM, HTTPAuthenticatorServiceUsernameAndPasswordProvider
- .getServiceURI().toASCIIString());
-
- assertEquals("HTTP/1.1 401 Unauthorized", c.getHeaderField(0));
-
- assertTrue("Did not invoke authenticator enough times",
- authenticator.calls > 1);
- assertEquals("Should have asked provider as much as authenticator",
- authenticator.calls, HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
-
-
- // Update provider to now provide the right one
-// HTTPAuthenticatorServiceUsernameAndPasswordProvider.setUsernamePassword(new UsernamePassword(
-// USERNAME, PASSWORD2));
- httpAuthProvider.setServiceUsernameAndPassword(url.toURI(), new UsernamePassword(
- USERNAME, PASSWORD2));
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.resetCalls();
- authenticator.calls = 0;
-
- URLConnection c2 = url.openConnection();
- try {
- c2.getContent();
- } catch (Exception ex) {
- }
- assertEquals("Did not call authenticator again with cache pw invalid",
- 1, authenticator.calls);
- assertEquals(
- "id not called our password provider once",
- 1, HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- assertEquals("HTTP/1.1 200 OK", c2.getHeaderField(0));
- }
-
- @Test()
- public void saveToDatabase() throws Exception {
- assertEquals("Unexpected calls to password provider", 0,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- CountingAuthenticator authenticator = new CountingAuthenticator(credentialManager);
- assertEquals("Unexpected calls to authenticator", 0,
- authenticator.calls);
- Authenticator.setDefault(authenticator);
-
- // Make the server expect different password so our cache is no longer
- // valid (In case CredManager.resetAuthCache() did not succeed on non-Sun VMs)
- userRealm.put(USERNAME, PASSWORD3);
- // But we'll try with the old one, which we'll this time ask to save in
- // DB
- UsernamePassword usernamePassword = new UsernamePassword(USERNAME,
- PASSWORD2);
- usernamePassword.setShouldSave(true);
- //HTTPAuthenticatorServiceUsernameAndPasswordProvider.setUsernamePassword(usernamePassword);
-
- URL url = new URL("http://localhost:" + PORT + "/test.html");
- httpAuthProvider.setServiceUsernameAndPassword(url.toURI(), usernamePassword);
- URLConnection c = url.openConnection();
- try {
- c.getContent();
- } catch (Exception ex) {
- }
-
- assertEquals("Unexpected prompt/realm", REALM, httpAuthProvider
- .getRequestMessage());
- assertEquals("Unexpected URI", url.toURI().toASCIIString() + "#" + REALM, HTTPAuthenticatorServiceUsernameAndPasswordProvider
- .getServiceURI().toASCIIString());
-
- assertEquals("HTTP/1.1 401 Unauthorized", c.getHeaderField(0));
-
- assertTrue("Did not invoke authenticator enough times",
- authenticator.calls > 1);
- assertEquals(
- "Asked our provider more than once, not saved in credMan?", 1,
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
-
-
-
- // Expect the old one again
- userRealm.put(USERNAME, PASSWORD2);
- // We'll now set our provider to give an invalid password, but we should
- // not be asked
- // as the old one (now correct agian) is stored in DB
-// HTTPAuthenticatorServiceUsernameAndPasswordProvider.setUsernamePassword(new UsernamePassword(
-// USERNAME, WRONG_PASSWORD));
- httpAuthProvider.setServiceUsernameAndPassword(url.toURI(), new UsernamePassword(
- USERNAME, WRONG_PASSWORD));
-
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.resetCalls();
- authenticator.calls = 0;
-
- URLConnection c2 = url.openConnection();
- try {
- c2.getContent();
- } catch (Exception ex) {
- }
- assertEquals("Did not call authenticator again with cache pw invalid",
- 1, authenticator.calls);
- assertEquals(
- "Called our password provider instead of using credMan saved one",
- 0, HTTPAuthenticatorServiceUsernameAndPasswordProvider.getCalls());
- assertEquals("HTTP/1.1 200 OK", c2.getHeaderField(0));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorServiceUsernameAndPasswordProvider.java
----------------------------------------------------------------------
diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorServiceUsernameAndPasswordProvider.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorServiceUsernameAndPasswordProvider.java
deleted file mode 100644
index 5d3d6f2..0000000
--- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPAuthenticatorServiceUsernameAndPasswordProvider.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*******************************************************************************
- * Copyright (C) 2008-2010 The University of Manchester
- *
- * Modifications to the initial code base are copyright of their
- * respective authors, or their employers as appropriate.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- ******************************************************************************/
-package net.sf.taverna.t2.security.credentialmanager.impl;
-
-import java.net.URI;
-
-import net.sf.taverna.t2.security.credentialmanager.ServiceUsernameAndPasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.UsernamePassword;
-
-/**
- *
- * @author Stian Soiland-Reyes
- * @author Alex Nenadic
- *
- */
-public class HTTPAuthenticatorServiceUsernameAndPasswordProvider implements ServiceUsernameAndPasswordProvider {
-
- private static UsernamePassword usernamePassword;
- private static URI serviceURI;
- private static String requestMessage;
- private static long calls = 0;
-
- public static long getCalls() {
- return calls;
- }
-
-
- public static void resetCalls() {
- calls = 0;
- }
-
- @Override
- public UsernamePassword getServiceUsernameAndPassword(URI serviceURI,
- String requestMessage) {
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.serviceURI = serviceURI;
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.requestMessage = requestMessage;
- calls++;
- return usernamePassword.clone();
- }
-
- @Override
- public void setServiceUsernameAndPassword(URI serviceURI,
- UsernamePassword usernamePassword) {
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.serviceURI = serviceURI;
- HTTPAuthenticatorServiceUsernameAndPasswordProvider.usernamePassword = usernamePassword;
- }
-
- public static URI getServiceURI() {
- return serviceURI;
- }
-
- public String getRequestMessage() {
- return requestMessage;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPSConnectionAndTrustConfirmationIT.java
----------------------------------------------------------------------
diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPSConnectionAndTrustConfirmationIT.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPSConnectionAndTrustConfirmationIT.java
deleted file mode 100644
index a9211b1..0000000
--- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/HTTPSConnectionAndTrustConfirmationIT.java
+++ /dev/null
@@ -1,336 +0,0 @@
-/*******************************************************************************
- * Copyright (C) 2008-2010 The University of Manchester
- *
- * Modifications to the initial code base are copyright of their
- * respective authors, or their employers as appropriate.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- ******************************************************************************/
-package net.sf.taverna.t2.security.credentialmanager.impl;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.net.URL;
-import java.security.KeyManagementException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Random;
-
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLHandshakeException;
-import javax.net.ssl.TrustManagerFactory;
-
-import net.sf.taverna.t2.security.credentialmanager.CMException;
-import net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider;
-import net.sf.taverna.t2.security.credentialmanager.TrustConfirmationProvider;
-
-import org.apache.commons.io.FileUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-//import org.apache.log4j.Logger;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class HTTPSConnectionAndTrustConfirmationIT {
-
-
- private static CredentialManagerImpl credentialManager;
- private static DummyMasterPasswordProvider masterPasswordProvider;
- private static File credentialManagerDirectory;
- //private static URL trustedCertficateFileURL = HTTPSConnectionAndTrustConfirmationIT.class.getResource("/security/tomcat_heater_certificate.pem");
-
- // Log4J Logger
- //private static Logger logger = Logger.getLogger(HTTPSConnectionAndTrustConfirmationIT.class);
-
-// public static void main(String[] args){
-//
-// try {
-// CredentialManagerOld.initialiseSSL();
-// //CredentialManager.getInstance();
-// //HttpsURLConnection.setDefaultSSLSocketFactory(CredentialManager.createTavernaSSLSocketFactory());
-// URL url = new URL ("https://rpc103.cs.man.ac.uk:8443/wsrf/services/cagrid/SecureHelloWorld?wsdl");
-// HttpsURLConnection httpsConnection = (HttpsURLConnection) url.openConnection();
-// // user should be asked automatically if they want to trust the connection
-// httpsConnection.connect();
-//
-// } catch (CMException e) {
-// logger.error("", e);
-// } catch (MalformedURLException e) {
-// logger.error("", e);
-// } catch (IOException e) {
-// logger.error("", e);
-// }
-// catch(Exception ex){ // anything we did not expect
-// logger.error("", ex);
-// }
-//
-// }
-
- /**
- * @throws java.lang.Exception
- */
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
-
- // Just in case, add the BouncyCastle provider
- // It gets added from the CredentialManagerImpl constructor as well
- // but we may need some crypto operations before we invoke the Cred. Manager
- Security.addProvider(new BouncyCastleProvider());
- }
-
- /**
- * @throws java.lang.Exception
- */
- @Before
- public void setUp() throws Exception {
-
- try {
- credentialManager = new CredentialManagerImpl();
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
- Random randomGenerator = new Random();
- String credentialManagerDirectoryPath = System
- .getProperty("java.io.tmpdir")
- + System.getProperty("file.separator")
- + "taverna-security-"
- + randomGenerator.nextInt(1000000);
- System.out.println("Credential Manager's directory path: "
- + credentialManagerDirectoryPath);
- credentialManagerDirectory = new File(credentialManagerDirectoryPath);
- try {
- credentialManager
- .setConfigurationDirectoryPath(credentialManagerDirectory);
- } catch (CMException e) {
- System.out.println(e.getStackTrace());
- }
-
- // Create the dummy master password provider
- masterPasswordProvider = new DummyMasterPasswordProvider();
- masterPasswordProvider.setMasterPassword("uber");
- List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
- masterPasswordProviders.add(masterPasswordProvider);
- credentialManager.setMasterPasswordProviders(masterPasswordProviders);
-
- // Set an empty list for trust confirmation providers
- credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());
- }
-
- @After
- // Clean up the credentialManagerDirectory we created for testing
- public void cleanUp() throws NoSuchAlgorithmException, KeyManagementException, NoSuchProviderException, KeyStoreException, UnrecoverableKeyException, CertificateException, IOException{
-// assertTrue(credentialManagerDirectory.exists());
-// assertFalse(credentialManagerDirectory.listFiles().length == 0); // something was created there
-
- if (credentialManagerDirectory.exists()){
- try {
- FileUtils.deleteDirectory(credentialManagerDirectory);
- System.out.println("Deleting Credential Manager's directory: "
- + credentialManagerDirectory.getAbsolutePath());
- } catch (IOException e) {
- System.out.println(e.getStackTrace());
- }
- }
-
- // Reset the SSLSocketFactory in JVM so we always have a clean start
- SSLContext sc = null;
- sc = SSLContext.getInstance("SSLv3");
-
- // Create a "default" JSSE X509KeyManager.
- KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509",
- "SunJSSE");
- KeyStore ks = KeyStore.getInstance("JKS");
- ks.load(null, null);
- kmf.init(ks, "blah".toCharArray());
-
- // Create a "default" JSSE X509TrustManager.
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(
- "SunX509", "SunJSSE");
- KeyStore ts = KeyStore.getInstance("JKS");
- ts.load(null, null);
- tmf.init(ts);
-
- sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());
- SSLContext.setDefault(sc);
- HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
- }
-
- @Test
- public void testTrustConfirmationProvidersTrustAlways() throws IOException, CMException {
- // Initially trust provider list is empty, we only verify by what is in
- // Credential Manager's Truststore (and it does not contains the certificate for https://heater.cs.man.ac.uk:7443/)
-
- // Do not forget to initialise Taverna's/Credential Manager's SSLSocketFactory
- credentialManager.initializeSSL();
-
- URL url = new URL("https://heater.cs.man.ac.uk:7443/");
- HttpsURLConnection conn;
- conn = (HttpsURLConnection) url.openConnection();
- try{
- // This should fail
- conn.connect();
- fail("Connection to https://heater.cs.man.ac.uk:7443/ should be untrusted at this point.");
- }
- catch(SSLHandshakeException sslex){
- // expected to fail so all is good
- System.out.println(sslex.getStackTrace());
- }
- finally{
- conn.disconnect();
- }
-
- // Add the trust confirmation provider that trusts everyone
- List<TrustConfirmationProvider> trustProviders = new ArrayList<TrustConfirmationProvider>();
- trustProviders.add(new TrustAlwaysTrustConfirmationProvider());
- credentialManager.setTrustConfirmationProviders(trustProviders);
-
- HttpsURLConnection conn2 = (HttpsURLConnection) url.openConnection();
- // This should work now
- conn2.connect();
- System.out.println("Status header: "+ conn2.getHeaderField(0));
-
- assertEquals("HTTP/1.1 200 OK", conn2.getHeaderField(0));
- conn2.disconnect();
- }
-
- @Test
- public void testTrustConfirmationProvidersTrustNever() throws IOException, CMException {
- // Initially trust provider list is empty, we only verify by what is in
- // Credential Manager's Truststore (and it does not contains the certificate for https://heater.cs.man.ac.uk:7443/)
-
- // Do not forget to initialise Taverna's/Credential Manager's SSLSocketFactory
- credentialManager.initializeSSL();
-
- URL url = new URL("https://heater.cs.man.ac.uk:7443/");
- HttpsURLConnection conn;
- conn = (HttpsURLConnection) url.openConnection();
- try{
- // This should fail
- conn.connect();
- fail("Connection to https://heater.cs.man.ac.uk:7443/ should be untrusted at this point.");
- }
- catch(SSLHandshakeException sslex){
- // expected to fail so all is good
- }
- finally{
- conn.disconnect();
- }
-
- // Add the trust confirmation provider that trusts no one
- List<TrustConfirmationProvider> trustProviders = new ArrayList<TrustConfirmationProvider>();
- credentialManager.setTrustConfirmationProviders(trustProviders);
- trustProviders = new ArrayList<TrustConfirmationProvider>();
- trustProviders.add(new TrustNeverTrustConfimationProvider());
- credentialManager.setTrustConfirmationProviders(trustProviders);
-
- HttpsURLConnection conn2 = (HttpsURLConnection) url.openConnection();
- try{
- // This should still fail as our trust providers are not trusting anyone
- // and we have not added heater's certificate to Credential Manager's Truststore
- conn2.connect();
- fail("Connection to https://heater.cs.man.ac.uk:7443/ should be untrusted at this point.");
- }
- catch(SSLHandshakeException sslex){
- // expected to fail so all is good
- }
- finally{
- conn2.disconnect();
- }
- }
-
- @Test
- public void testTrustConfirmationAddDeleteCertificateDirectly() throws CMException, IOException, CertificateException{
- // Initially trust provider list is empty, we only verify by what is in
- // Credential Manager's Truststore (and it does not contains the certificate for https://heater.cs.man.ac.uk:7443/)
-
- // Do not forget to initialise Taverna's/Credential Manager's SSLSocketFactory
- credentialManager.initializeSSL();
-
- URL url = new URL("https://heater.cs.man.ac.uk:7443/");
- HttpsURLConnection conn;
- conn = (HttpsURLConnection) url.openConnection();
- try{
- // This should fail
- conn.connect();
- fail("Connection to https://heater.cs.man.ac.uk:7443/ should be untrusted at this point.");
- }
- catch(SSLHandshakeException sslex){
- // expected to fail so all is good
- }
- finally{
- conn.disconnect();
- }
-
- // Add heater's certificate directly to Credential Manager's Truststore
-
- // Load the test trusted certificate (belonging to heater.cs.man.ac.uk)
- X509Certificate trustedCertficate;
- URL trustedCertficateFileURL = getClass().getResource("/security/tomcat_heater_certificate.pem");
- System.out.println("testTrustConfirmationAddDeleteCertificateDirectly: trusted certficate file URL " + trustedCertficateFileURL);
- File trustedCertFile = new File(trustedCertficateFileURL.getPath());
- FileInputStream inStream = new FileInputStream(trustedCertFile);
- //InputStream inStream = getClass().getClassLoader().getResourceAsStream("security/tomcat_heater_certificate.pem");
- CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
- trustedCertficate = (X509Certificate) certFactory.generateCertificate(inStream);
- try{
- inStream.close();
- }
- catch (Exception e) {
- // Ignore
- }
- String alias = credentialManager.addTrustedCertificate(trustedCertficate);
-
- HttpsURLConnection conn2 = (HttpsURLConnection) url.openConnection();
- // This should work now
- conn2.connect();
- //System.out.println(conn2.getHeaderField(0));
-
- assertEquals("HTTP/1.1 200 OK", conn2.getHeaderField(0));
- conn2.disconnect();
-
- // Now remove certificate and see if the "trust" changes
- credentialManager.deleteTrustedCertificate(alias);
- HttpsURLConnection conn3;
- conn3 = (HttpsURLConnection) url.openConnection();
- try{
- // This should fail
- conn3.connect();
- fail("Connection to https://heater.cs.man.ac.uk:7443/ should be untrusted at this point.");
- }
- catch(SSLHandshakeException sslex){
- // expected to fail so all is good
- }
- finally{
- conn3.disconnect();
- }
- }
-}