changeset 11683:9ab7b0147a41

8050409: Test for JAAS getPrivateCredentials Reviewed-by: weijun
author amjiang
date Fri, 19 Jun 2015 14:06:24 +0800
parents 6d9a4a31bc44
children b5b42a5de068
files test/javax/security/auth/PrivateCredentialPermission/MoreThenOnePrincipals.java test/javax/security/auth/PrivateCredentialPermission/MoreThenOnePrincipals.policy
diffstat 2 files changed, 108 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/PrivateCredentialPermission/MoreThenOnePrincipals.java	Fri Jun 19 14:06:24 2015 +0800
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import com.sun.security.auth.NTUserPrincipal;
+import com.sun.security.auth.UnixPrincipal;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import javax.security.auth.Subject;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
+
+/*
+ * @test
+ * @bug 8050409
+ * @summary Tests with Subject.getPrivateCredentials to check permission checks with one or more principals.
+ * @run testng/othervm/policy=MoreThenOnePrincipals.policy MoreThenOnePrincipals
+ */
+public class MoreThenOnePrincipals {
+    private static final String[] CRED_VALUES =
+            new String[]{"testPrivateCredential-1", "testPrivateCredentials-2"};
+    private static final HashSet CREDS = new HashSet<>(Arrays.asList(CRED_VALUES));
+
+    /**
+     * Policy file grants access to the private Credential,belonging to a
+     * Subject with at least two associated Principals:"com.sun.security.auth
+     * .NTUserPrincipal", with the name,"NTUserPrincipal-1", and
+     * "com.sun.security.auth.UnixPrincipal", with the name, "UnixPrincipals-1".
+     *
+     * For test1 and test2, subjects are associated with none or only one of
+     * principals mentioned above, SecurityException is expected.
+     * For test 3 and test 4, subjects are associated with two or more
+     * Principals (above principals are included), no exception is expected.
+     *
+     */
+
+    @Test(dataProvider = "Provider1", expectedExceptions = SecurityException.class)
+    public void test1(Subject s) {
+        s.getPrivateCredentials(String.class);
+    }
+
+    @Test(dataProvider = "Provider1", expectedExceptions = SecurityException.class)
+    public void test2(Subject s) {
+        s.getPrivateCredentials().iterator().next();
+    }
+
+    @Test(dataProvider = "Provider2")
+    public void test3(Subject s) {
+        s.getPrivateCredentials(String.class);
+    }
+
+    @Test(dataProvider = "Provider2")
+    public void test4(Subject s) {
+        s.getPrivateCredentials().iterator().next();
+    }
+
+    @DataProvider
+    public Object[][] Provider1() {
+        Subject s1 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+        s1.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-2"));
+        Subject s2 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+        s2.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-1"));
+        return new Object[][]{{s1}, {s2}};
+    }
+
+    @DataProvider
+    public Object[][] Provider2() {
+        Subject s3 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+        s3.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-1"));
+        s3.getPrincipals().add(new UnixPrincipal("UnixPrincipals-1"));
+        Subject s4 = new Subject(false, Collections.EMPTY_SET, Collections.EMPTY_SET, CREDS);
+        s4.getPrincipals().add(new NTUserPrincipal("NTUserPrincipal-1"));
+        s4.getPrincipals().add(new UnixPrincipal("UnixPrincipals-1"));
+        s4.getPrincipals().add(new UnixPrincipal("UnixPrincipals-2"));
+        return new Object[][]{{s3}, {s4}};
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/PrivateCredentialPermission/MoreThenOnePrincipals.policy	Fri Jun 19 14:06:24 2015 +0800
@@ -0,0 +1,10 @@
+grant{
+// permissions for TestNG execution
+permission java.io.FilePermission "*","read,write";
+permission java.lang.RuntimePermission "accessDeclaredMembers";
+permission java.util.PropertyPermission "*","read";
+permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+// permissions for test itself
+permission javax.security.auth.AuthPermission "modifyPrincipals";
+permission javax.security.auth.PrivateCredentialPermission "* com.sun.security.auth.NTUserPrincipal \"NTUserPrincipal-1\" com.sun.security.auth.UnixPrincipal \"UnixPrincipals-1\"", "read";
+};