You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/07/25 10:54:01 UTC
directory-kerby git commit: DIRKRB-637 - Testcase to reproduce.
Repository: directory-kerby
Updated Branches:
refs/heads/trunk a043f7bbd -> e46d06e31
DIRKRB-637 - Testcase to reproduce.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/e46d06e3
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/e46d06e3
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/e46d06e3
Branch: refs/heads/trunk
Commit: e46d06e314c2c14ba4f2883661bec76a1aecd16e
Parents: a043f7b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 25 11:53:06 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 25 11:53:06 2017 +0100
----------------------------------------------------------------------
.../kerb/integration/test/gss/GssAppServer.java | 23 +++++---
.../kerb/integration/test/GssAppTest.java | 57 ++++++++++++++++++++
.../kerb/integration/test/KerbyGssAppTest.java | 10 ++--
3 files changed, 77 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e46d06e3/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
index 3e5d3cf..c7b5ae4 100644
--- a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
+++ b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/gss/GssAppServer.java
@@ -33,6 +33,7 @@ public class GssAppServer extends AppServer {
private String serverPrincipal;
private GSSManager manager;
private GSSContext context;
+ private boolean createContextWithCred = true;
public GssAppServer(String[] args) throws Exception {
super(args);
@@ -42,12 +43,6 @@ public class GssAppServer extends AppServer {
this.serverPrincipal = args[1];
this.manager = GSSManager.getInstance();
- GSSName gssService = manager.createName(
- serverPrincipal, GSSName.NT_USER_NAME);
- Oid oid = new Oid(AppUtil.JGSS_KERBEROS_OID);
- GSSCredential credentials = manager.createCredential(gssService,
- GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.ACCEPT_ONLY);
- this.context = manager.createContext(credentials);
}
public static void main(String[] args) throws Exception {
@@ -63,6 +58,18 @@ public class GssAppServer extends AppServer {
@Override
protected void onConnection(Transport.Connection conn) throws Exception {
+ GSSName gssService = manager.createName(serverPrincipal, GSSName.NT_USER_NAME);
+ Oid oid = new Oid(AppUtil.JGSS_KERBEROS_OID);
+
+ if (createContextWithCred) {
+ GSSCredential credentials =
+ manager.createCredential(gssService, GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.ACCEPT_ONLY);
+ this.context = manager.createContext(credentials);
+ } else {
+ this.context = manager.createContext(gssService.canonicalize(oid),
+ oid, null, GSSContext.DEFAULT_LIFETIME);
+ }
+
byte[] token;
// System.out.print("Starting negotiating security context");
@@ -105,4 +112,8 @@ public class GssAppServer extends AppServer {
//+ token.length);
conn.sendToken(token);
}
+
+ public void setCreateContextWithCred(boolean createContextWithCred) {
+ this.createContextWithCred = createContextWithCred;
+ }
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e46d06e3/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
index c92c20f..162aacd 100644
--- a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/GssAppTest.java
@@ -19,12 +19,35 @@
*/
package org.apache.kerby.kerberos.kerb.integration.test;
+import java.security.PrivilegedAction;
+
+import javax.security.auth.Subject;
+
import org.apache.kerby.kerberos.kerb.integration.test.gss.GssAppClient;
import org.apache.kerby.kerberos.kerb.integration.test.gss.GssAppServer;
+import org.apache.kerby.util.NetworkUtil;
+import org.junit.Before;
import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class GssAppTest extends AppTest {
+ private static final Logger LOG = LoggerFactory.getLogger(GssAppTest.class);
+
+ private int serverPort2;
+ private AppServer appServer2;
+
+ @Before
+ @Override
+ public void setUp() throws Exception {
+ super.setUp();
+
+ serverPort2 = NetworkUtil.getServerPort();
+
+ setupAppServer2();
+ }
+
@Override
protected AppServer createAppServer() throws Exception {
return new GssAppServer(new String[] {
@@ -45,6 +68,18 @@ public class GssAppTest extends AppTest {
runAppClient(appClient);
}
+ @Test
+ public void testServerWithoutInitialCredential() throws Exception {
+ AppClient appClient =
+ new GssAppClient(new String[] {
+ getHostname(),
+ String.valueOf(serverPort2),
+ getClientPrincipal(),
+ getServerPrincipal()
+ });
+ runAppClient(appClient);
+ }
+
private AppClient createAppClient() throws Exception {
return new GssAppClient(new String[] {
getHostname(),
@@ -54,4 +89,26 @@ public class GssAppTest extends AppTest {
});
}
+ private void setupAppServer2() throws Exception {
+ Subject subject = loginServiceUsingKeytab();
+ Subject.doAs(subject, new PrivilegedAction<Object>() {
+ @Override
+ public Object run() {
+ try {
+ appServer2 =
+ new GssAppServer(new String[] {
+ String.valueOf(serverPort2),
+ getServerPrincipal()
+ });
+ ((GssAppServer) appServer2).setCreateContextWithCred(false);
+ appServer2.start();
+ } catch (Exception ex) {
+ LOG.error(ex.toString());
+ }
+
+ return null;
+ }
+ });
+ }
+
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e46d06e3/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
index a79d3e2..df1bb7b 100644
--- a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/KerbyGssAppTest.java
@@ -36,12 +36,8 @@ public class KerbyGssAppTest extends GssAppTest {
}
@Test
- public void test() throws Exception {
- super.test();
- }
-
- @Test
- public void testWithoutInitialCredential() throws Exception {
- super.testWithoutInitialCredential();
+ @org.junit.Ignore
+ public void testServerWithoutInitialCredential() throws Exception {
+ super.testServerWithoutInitialCredential();
}
}