You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by cs...@apache.org on 2017/08/17 14:30:10 UTC
[18/27] karaf git commit: Extract common code in test
Extract common code in test
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/0853a353
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/0853a353
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/0853a353
Branch: refs/heads/model_features
Commit: 0853a353afa4c8eabad38327e3943b1543fd4c0a
Parents: 3b72701
Author: Christian Schneider <ch...@die-schneider.net>
Authored: Wed Aug 16 13:41:17 2017 +0200
Committer: Christian Schneider <ch...@die-schneider.net>
Committed: Wed Aug 16 13:41:17 2017 +0200
----------------------------------------------------------------------
.../jaas/modules/krb5/KarafKerberosITest.java | 51 ++++++++++
.../jaas/modules/krb5/Krb5LoginModuleTest.java | 102 +++----------------
.../modules/ldap/GSSAPILdapLoginModuleTest.java | 29 +-----
3 files changed, 66 insertions(+), 116 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/0853a353/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java
new file mode 100644
index 0000000..0b57930
--- /dev/null
+++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/KarafKerberosITest.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * under the License.
+ */
+package org.apache.karaf.jaas.modules.krb5;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.PrintStream;
+
+import org.apache.directory.api.util.Strings;
+import org.apache.directory.server.kerberos.kdc.AbstractKerberosITest;
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
+import org.apache.directory.shared.kerberos.crypto.checksum.ChecksumType;
+
+public class KarafKerberosITest extends AbstractKerberosITest {
+
+ protected String createKrb5Conf(ChecksumType checksumType, EncryptionType encryptionType, boolean isTcp) throws IOException {
+ File file = folder.newFile("krb5.conf");
+ PrintStream out = new PrintStream(file);
+ out.println("[libdefaults]");
+ out.println("default_realm = " + REALM);
+ out.println("default_tkt_enctypes = " + encryptionType.getName());
+ out.println("default_tgs_enctypes = " + encryptionType.getName());
+ out.println("permitted_enctypes = " + encryptionType.getName());
+ out.println("default-checksum_type = " + checksumType.getName());
+ if (isTcp) {
+ out.println("udp_preference_limit = 1");
+ }
+ out.println("[realms]");
+ out.println(REALM + " = {");
+ out.println("kdc = " + HOSTNAME + ":" + kdcServer.getTransports()[0].getPort());
+ out.println("}");
+ out.println("[domain_realm]");
+ out.println("." + Strings.lowerCaseAscii(REALM) + " = " + REALM);
+ out.println(Strings.lowerCaseAscii(REALM) + " = " + REALM);
+ out.close();
+ return file.getAbsolutePath();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/karaf/blob/0853a353/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java
index e6caf7b..d88955d 100644
--- a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java
+++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/krb5/Krb5LoginModuleTest.java
@@ -16,13 +16,10 @@
*/
package org.apache.karaf.jaas.modules.krb5;
-import org.apache.commons.io.FileUtils;
-import org.apache.commons.lang.SystemUtils;
import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
-import org.apache.directory.api.util.Strings;
import org.apache.directory.ldap.client.api.Krb5LoginConfiguration;
import org.apache.directory.server.annotations.CreateKdcServer;
import org.apache.directory.server.annotations.CreateLdapServer;
@@ -35,7 +32,6 @@ import org.apache.directory.server.core.annotations.CreateIndex;
import org.apache.directory.server.core.annotations.CreatePartition;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
-import org.apache.directory.server.kerberos.kdc.AbstractKerberosITest;
import org.apache.directory.server.kerberos.kdc.KerberosTestUtils;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
import org.apache.directory.server.kerberos.shared.keytab.Keytab;
@@ -65,8 +61,6 @@ import javax.security.auth.kerberos.KerberosTicket;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginException;
import java.io.File;
-import java.io.IOException;
-import java.security.Principal;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collections;
@@ -75,8 +69,10 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import static org.apache.karaf.jaas.modules.PrincipalHelper.names;
+import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertThat;
@RunWith(FrameworkRunner.class)
@CreateDS(name = "Krb5LoginModuleTest-class",
@@ -130,8 +126,7 @@ import static org.junit.Assert.assertTrue;
"objectClass: organizationalUnit",
"ou: users"
})
-public class Krb5LoginModuleTest extends AbstractKerberosITest {
-
+public class Krb5LoginModuleTest extends KarafKerberosITest {
@Before
public void setUp() throws Exception {
@@ -155,7 +150,6 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest {
@Test
public void testKeytabSuccess() throws Exception {
-
Map<String, Object> props = new HashMap<>();
props.put("debug", "true");
props.put("useKeyTab", "true");
@@ -164,11 +158,9 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest {
props.put("doNotPrompt", "true");
props.put("storeKey", "true");
props.put("detailed.login.exception", "true");
-
-
Subject subject = new Subject();
-
Krb5LoginModule module = new Krb5LoginModule();
+
module.initialize(subject, null, null, props);
assertEquals("Precondition", 0, subject.getPrincipals().size());
@@ -177,27 +169,11 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest {
Assert.assertTrue(module.commit());
assertEquals(1, subject.getPrincipals().size());
+ assertThat(names(subject.getPrincipals(KerberosPrincipal.class)), containsInAnyOrder("hnelson@EXAMPLE.COM"));
- boolean foundUser = false;
- for (Principal pr : subject.getPrincipals()) {
- if (pr instanceof KerberosPrincipal) {
- assertEquals("hnelson@EXAMPLE.COM", pr.getName());
- foundUser = true;
- break;
- }
- }
- assertTrue(foundUser);
-
- boolean foundToken = false;
- for (Object crd : subject.getPrivateCredentials()) {
- if (crd instanceof KerberosTicket) {
- assertEquals("hnelson@EXAMPLE.COM", ((KerberosTicket) crd).getClient().getName());
- assertEquals("krbtgt/EXAMPLE.COM@EXAMPLE.COM", ((KerberosTicket) crd).getServer().getName());
- foundToken = true;
- break;
- }
- }
- assertTrue(foundToken);
+ KerberosTicket ticket = subject.getPrivateCredentials(KerberosTicket.class).iterator().next();
+ assertEquals("hnelson@EXAMPLE.COM", ticket.getClient().getName());
+ assertEquals("krbtgt/EXAMPLE.COM@EXAMPLE.COM", ticket.getServer().getName());
Assert.assertTrue(module.logout());
@@ -215,9 +191,7 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest {
props.put("storeKey", "true");
props.put("detailed.login.exception", "true");
-
Subject subject = new Subject();
-
Krb5LoginModule module = new Krb5LoginModule();
module.initialize(subject, null, null, props);
@@ -230,7 +204,6 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest {
@Test
public void testLoginSuccess() throws Exception {
Subject subject = new Subject();
-
Krb5LoginModule module = new Krb5LoginModule();
module.initialize(subject, new NamePasswordCallbackHandler("hnelson", "secret"), null, new HashMap<>());
@@ -240,27 +213,11 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest {
Assert.assertTrue(module.commit());
assertEquals(1, subject.getPrincipals().size());
+ assertThat(names(subject.getPrincipals(KerberosPrincipal.class)), containsInAnyOrder("hnelson@EXAMPLE.COM"));
- boolean foundUser = false;
- for (Principal pr : subject.getPrincipals()) {
- if (pr instanceof KerberosPrincipal) {
- assertEquals("hnelson@EXAMPLE.COM", pr.getName());
- foundUser = true;
- break;
- }
- }
- assertTrue(foundUser);
-
- boolean foundToken = false;
- for (Object crd : subject.getPrivateCredentials()) {
- if (crd instanceof KerberosTicket) {
- assertEquals("hnelson@EXAMPLE.COM", ((KerberosTicket) crd).getClient().getName());
- assertEquals("krbtgt/EXAMPLE.COM@EXAMPLE.COM", ((KerberosTicket) crd).getServer().getName());
- foundToken = true;
- break;
- }
- }
- assertTrue(foundToken);
+ KerberosTicket ticket = subject.getPrivateCredentials(KerberosTicket.class).iterator().next();
+ assertEquals("hnelson@EXAMPLE.COM", ticket.getClient().getName());
+ assertEquals("krbtgt/EXAMPLE.COM@EXAMPLE.COM", ticket.getServer().getName());
Assert.assertTrue(module.logout());
@@ -328,39 +285,6 @@ public class Krb5LoginModuleTest extends AbstractKerberosITest {
conn.add(entry);
}
- private String createKrb5Conf(ChecksumType checksumType, EncryptionType encryptionType, boolean isTcp) throws IOException {
- File file = folder.newFile("krb5.conf");
-
- String data = "";
-
- data += "[libdefaults]" + SystemUtils.LINE_SEPARATOR;
- data += "default_realm = " + REALM + SystemUtils.LINE_SEPARATOR;
- data += "default_tkt_enctypes = " + encryptionType.getName() + SystemUtils.LINE_SEPARATOR;
- data += "default_tgs_enctypes = " + encryptionType.getName() + SystemUtils.LINE_SEPARATOR;
- data += "permitted_enctypes = " + encryptionType.getName() + SystemUtils.LINE_SEPARATOR;
- // data += "default_checksum = " + checksumType.getName() + SystemUtils.LINE_SEPARATOR;
- // data += "ap_req_checksum_type = " + checksumType.getName() + SystemUtils.LINE_SEPARATOR;
- data += "default-checksum_type = " + checksumType.getName() + SystemUtils.LINE_SEPARATOR;
-
- if (isTcp) {
- data += "udp_preference_limit = 1" + SystemUtils.LINE_SEPARATOR;
- }
-
-
- data += "[realms]" + SystemUtils.LINE_SEPARATOR;
- data += REALM + " = {" + SystemUtils.LINE_SEPARATOR;
- data += "kdc = " + HOSTNAME + ":" + kdcServer.getTransports()[0].getPort() + SystemUtils.LINE_SEPARATOR;
- data += "}" + SystemUtils.LINE_SEPARATOR;
-
- data += "[domain_realm]" + SystemUtils.LINE_SEPARATOR;
- data += "." + Strings.lowerCaseAscii(REALM) + " = " + REALM + SystemUtils.LINE_SEPARATOR;
- data += Strings.lowerCaseAscii(REALM) + " = " + REALM + SystemUtils.LINE_SEPARATOR;
-
- FileUtils.writeStringToFile(file, data);
-
- return file.getAbsolutePath();
- }
-
private KeytabEntry createKeytabEntry() throws ParseException {
String principalName = "hnelson@EXAMPLE.COM";
int principalType = 1;
http://git-wip-us.apache.org/repos/asf/karaf/blob/0853a353/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java
index 11daa72..b664bc3 100644
--- a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java
+++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/GSSAPILdapLoginModuleTest.java
@@ -22,7 +22,6 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
-import java.io.PrintStream;
import java.security.Principal;
import java.util.Collections;
@@ -36,7 +35,6 @@ import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
-import org.apache.directory.api.util.Strings;
import org.apache.directory.server.annotations.CreateKdcServer;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
@@ -48,7 +46,6 @@ import org.apache.directory.server.core.annotations.CreateIndex;
import org.apache.directory.server.core.annotations.CreatePartition;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
-import org.apache.directory.server.kerberos.kdc.AbstractKerberosITest;
import org.apache.directory.server.kerberos.kdc.KerberosTestUtils;
import org.apache.directory.server.ldap.handlers.sasl.cramMD5.CramMd5MechanismHandler;
import org.apache.directory.server.ldap.handlers.sasl.digestMD5.DigestMd5MechanismHandler;
@@ -63,6 +60,7 @@ import org.apache.felix.utils.properties.Properties;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.jaas.boot.principal.UserPrincipal;
import org.apache.karaf.jaas.modules.NamePasswordCallbackHandler;
+import org.apache.karaf.jaas.modules.krb5.KarafKerberosITest;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -131,7 +129,7 @@ import org.junit.runner.RunWith;
"cn: admin",
"member: uid=hnelson,ou=users,dc=example,dc=com"
})
-public class GSSAPILdapLoginModuleTest extends AbstractKerberosITest {
+public class GSSAPILdapLoginModuleTest extends KarafKerberosITest {
private static boolean loginConfigUpdated;
@@ -314,29 +312,6 @@ public class GSSAPILdapLoginModuleTest extends AbstractKerberosITest {
"ldap", "randall", servicePrincipal);
}
- private String createKrb5Conf(ChecksumType checksumType, EncryptionType encryptionType, boolean isTcp) throws IOException {
- File file = folder.newFile("krb5.conf");
- PrintStream out = new PrintStream(file);
- out.println("[libdefaults]");
- out.println("default_realm = " + REALM);
- out.println("default_tkt_enctypes = " + encryptionType.getName());
- out.println("default_tgs_enctypes = " + encryptionType.getName());
- out.println("permitted_enctypes = " + encryptionType.getName());
- out.println("default-checksum_type = " + checksumType.getName());
- if (isTcp) {
- out.println("udp_preference_limit = 1");
- }
- out.println("[realms]");
- out.println(REALM + " = {");
- out.println("kdc = " + HOSTNAME + ":" + kdcServer.getTransports()[0].getPort());
- out.println("}");
- out.println("[domain_realm]");
- out.println("." + Strings.lowerCaseAscii(REALM) + " = " + REALM);
- out.println(Strings.lowerCaseAscii(REALM) + " = " + REALM);
- out.close();
- return file.getAbsolutePath();
- }
-
private void createPrincipal(String rdn, String sn, String cn,
String uid, String userPassword, String principalName) throws LdapException {
Entry entry = new DefaultEntry();