changeset 12812:ebb557eaea32

8050427: LoginContext tests to cover JDK-4703361 Reviewed-by: weijun
author amjiang
date Thu, 24 Sep 2015 10:23:01 +0800
parents 86e39496209e
children 791ce879cf01
files test/javax/security/auth/login/LoginContext/DummyLoginModule.java test/javax/security/auth/login/LoginContext/DynamicConfigurationTest.java test/javax/security/auth/login/LoginContext/MyConfiguration.java test/javax/security/auth/login/LoginContext/SmartLoginModule.java
diffstat 4 files changed, 554 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/DummyLoginModule.java	Thu Sep 24 10:23:01 2015 +0800
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import javax.security.auth.login.LoginException;
+
+/**
+ * Login module which passes all the time
+ */
+
+public class DummyLoginModule extends SmartLoginModule {
+    private final String header;
+
+    public DummyLoginModule() {
+        header = "DummyLoginModule: ";
+    }
+
+    @Override
+    public boolean login() throws LoginException {
+        System.out.println("\t\t" + header + " login method is called ");
+        System.out.println("\t\t" + header + " login:PASS");
+        return true;
+    }
+
+    @Override
+    public boolean commit() throws LoginException {
+        System.out.println("\t\t" + header + " commit method is called");
+        System.out.println("\t\t" + header + " commit:PASS");
+        return true;
+    }
+
+    @Override
+    public boolean abort() throws LoginException {
+        System.out.println("\t\t" + header + " abort method is called ");
+        System.out.println("\t\t" + header + " abort:PASS");
+
+        return true;
+    }
+
+    @Override
+    public boolean logout() throws LoginException {
+        System.out.println("\t\t" + header + " logout method is called");
+        System.out.println("\t\t" + header + " logout:PASS");
+        return true;
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/DynamicConfigurationTest.java	Thu Sep 24 10:23:01 2015 +0800
@@ -0,0 +1,165 @@
+/*
+ * Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.IOException;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+/**
+ * @test
+ * @bug 8050427 4703361
+ * @summary Test case for RFE: 4703361. Tests the Dynamic Configuration of
+ * Authentication Modules with different methods
+ * @compile SmartLoginModule.java DummyLoginModule.java MyConfiguration.java
+ * @run main/othervm DynamicConfigurationTest
+ */
+public class DynamicConfigurationTest {
+
+    public static void main(String... args) {
+        String rightConfigName = "PT";
+        String wrongConfigName = "NT";
+        char[] rightPwd = new char[]{'t', 'e', 's', 't', 'P', 'a', 's', 's',
+            'w', 'o', 'r', 'd', '1'};
+        char[] wrongPwd = new char[]{'w', 'r', 'o', 'n', 'g', 'P', 'a', 's',
+            's','w', 'o', 'r', 'd'};
+
+        // Test with wrong configuration name
+        // Expect LoginException when initiate a new LoginContext object
+        testConfigName(wrongConfigName, true);
+        System.out.println("Wrong Config Name Test passed ");
+
+        // Spedify two loginModules: SmartLoginModule and DummyLoginModule
+        // Flags: required-required
+        // Test with right password for SmartLoginModule
+        // No exception is expected
+        Configuration cf = new MyConfiguration();
+        testLogin(rightConfigName, rightPwd, cf, false);
+        System.out.println("Positive test passed");
+
+        // Spedify two loginModules: SmartLoginModule and DummyLoginModule
+        // Flags: required-required
+        // Test with wrong password for SmartLoginModule
+        // Expect LoginException by calling LoginContext.login() method
+        testLogin(rightConfigName, wrongPwd, cf, true);
+        System.out.println("Should fail test passed");
+
+        // Spedify two loginModules: SmartLoginModule and DummyLoginModule
+        // Change the flags from required-required to optional-sufficient
+        // Test with wrong password for SmartLoginModule, while DummyLoginModule
+        // always passes
+        // No Exception is expected
+        cf = new MyConfiguration(true);
+        testLogin(rightConfigName, wrongPwd, cf, false);
+        System.out.println("One module fails where are other module succeeeds "
+                + "Test passed with optional-sufficient flags");
+    }
+
+    public static void testConfigName(String confName,
+            boolean expectException) {
+        String expectedMsg = "No LoginModules configured for " + confName;
+        try {
+            LoginContext lc = new LoginContext(confName, new Subject(),
+                    new MyCallbackHandler(), new MyConfiguration());
+
+            if (expectException) {
+                throw new RuntimeException("Wrong Config Name Test failed: "
+                        + "expected LoginException not thrown.");
+            }
+        } catch (LoginException le) {
+            if (!expectException || !le.getMessage().equals(expectedMsg)) {
+                System.out.println("Wrong Config Name Test failed: "
+                        + "received Unexpected exception.");
+                throw new RuntimeException(le);
+            }
+        }
+    }
+
+    public static void testLogin(String confName, char[] passwd,
+            Configuration cf, boolean expectException) {
+        try {
+            CallbackHandler ch = new MyCallbackHandler("testUser", passwd);
+            LoginContext lc = new LoginContext(confName, new Subject(),
+                    ch, cf);
+            lc.login();
+            if (expectException) {
+                throw new RuntimeException("Login Test failed: "
+                        + "expected LoginException not thrown");
+            }
+        } catch (LoginException le) {
+            if (!expectException) {
+                System.out.println("Login Test failed: "
+                        + "received Unexpected exception.");
+                throw new RuntimeException(le);
+            }
+        }
+    }
+}
+
+/**
+ * The application simulates the CallbackHandler. It simulates! which means all
+ * process to get username and password is ignored. We have to take this
+ * approach for automation purpose. So, this is not a real world example at all.
+ */
+class MyCallbackHandler implements CallbackHandler {
+
+    String userName;
+    char[] password;
+
+    /**
+     * This is simply a workaround approach for IO approach to get username and
+     * password. For automation purpose only.
+     */
+    public MyCallbackHandler() {
+        super();
+    }
+
+    public MyCallbackHandler(String username, char[] password) {
+        super();
+        userName = username;
+        this.password = password;
+    }
+
+    @Override
+    public void handle(Callback[] callbacks) throws IOException,
+            UnsupportedCallbackException {
+        for (Callback callback : callbacks) {
+            if (callback instanceof NameCallback) {
+                NameCallback nc = (NameCallback) callback;
+                nc.setName(userName);
+            } else if (callback instanceof PasswordCallback) {
+                PasswordCallback pc = (PasswordCallback) callback;
+                pc.setPassword(password);
+            } else {
+                throw new UnsupportedCallbackException(callback,
+                        "Unrecognized Callback");
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/MyConfiguration.java	Thu Sep 24 10:23:01 2015 +0800
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.util.HashMap;
+import javax.security.auth.login.AppConfigurationEntry;
+import static javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
+import static javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
+import static javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
+import javax.security.auth.login.Configuration;
+
+/**
+ * This class is used to test LoginContext constructor API. It simply contains
+ * one configuration entry: PT.
+ */
+public class MyConfiguration extends Configuration {
+
+    private static final AppConfigurationEntry[] ptAE
+            = new AppConfigurationEntry[2];
+    private static final HashMap<String, String> map = new HashMap<>();
+    private boolean optionOrder = false;
+
+    public MyConfiguration() {
+        setupConfiguration();
+    }
+
+    public MyConfiguration(boolean optionOrder) {
+        this.optionOrder = optionOrder;
+        setupConfiguration();
+    }
+
+    private void setupConfiguration() {
+        ptAE[0] = new AppConfigurationEntry("SmartLoginModule",
+                optionOrder ? OPTIONAL : REQUIRED,
+                map);
+        ptAE[1] = new AppConfigurationEntry("DummyLoginModule",
+                optionOrder ? SUFFICIENT : REQUIRED,
+                map);
+    }
+
+    @Override
+    public AppConfigurationEntry[]
+            getAppConfigurationEntry(String applicationName) {
+        if (applicationName.equals("PT")) {
+            return ptAE;
+        } else {
+            return null;
+        }
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/SmartLoginModule.java	Thu Sep 24 10:23:01 2015 +0800
@@ -0,0 +1,253 @@
+/*
+ * Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.Map;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+/**
+ * This code was based on JAAS demo code, small modification is made for testing
+ * purpose.
+ */
+public class SmartLoginModule implements LoginModule {
+
+    // initial state
+    private Subject subject;
+    private CallbackHandler callbackHandler;
+
+    // the authentication status
+    private boolean succeeded = false;
+    private boolean commitSucceeded = false;
+
+    // username and password
+    private String username;
+    private char[] password;
+
+    // Default values for this login module. In real world,
+    // don't do it in this way!
+    private String myUsername;
+    private char[] myPassword;
+    private String header;
+
+    // testUser's SamplePrincipal
+    private SamplePrincipal userPrincipal;
+
+    public SmartLoginModule() {
+        this("testUser",
+                new char[]{'t', 'e', 's', 't', 'P', 'a', 's', 's',
+                    'w', 'o', 'r', 'd', '1'},
+                "SmartLoginModule1: ");
+    }
+
+    public SmartLoginModule(String userName, char[] password, String header) {
+        myUsername = userName;
+        myPassword = password;
+        this.header = header;
+    }
+
+    @Override
+    public boolean abort() throws LoginException {
+        if (!succeeded) {
+            return false;
+        } else if (succeeded && !commitSucceeded) {
+            // login succeeded but overall authentication failed
+            succeeded = false;
+            username = null;
+            password = null;
+            userPrincipal = null;
+        } else {
+            // overall authentication succeeded and commit succeeded,
+            // but someone else's commit failed
+            logout();
+        }
+        return true;
+    }
+
+    @Override
+    public boolean commit() throws LoginException {
+        if (!succeeded) {
+            return false;
+        } else {
+            // add a Principal (authenticated identity) to the Subject
+            // assume the user we authenticated is the SamplePrincipal
+            userPrincipal = new SamplePrincipal(username);
+            if (!subject.getPrincipals().contains(userPrincipal)) {
+                subject.getPrincipals().add(userPrincipal);
+            }
+            // in any case, clean out state
+            username = null;
+            password = null;
+            commitSucceeded = true;
+            return true;
+        }
+    }
+
+    @Override
+    public void initialize(Subject subject, CallbackHandler callbackHandler,
+            Map<String, ?> sharedState, Map<String, ?> options) {
+        this.subject = subject;
+        this.callbackHandler = callbackHandler;
+    }
+
+    @Override
+    public boolean login() throws LoginException {
+        if (callbackHandler == null) {
+            throw new LoginException("Error: no CallbackHandler available to "
+                    + "garner authentication information from the user");
+        }
+
+        Callback[] callbacks = new Callback[2];
+        callbacks[0] = new NameCallback(header + "user name: ");
+        callbacks[1] = new PasswordCallback(header + "password: ", false);
+
+        try {
+            callbackHandler.handle(callbacks);
+            username = ((NameCallback) callbacks[0]).getName();
+            char[] tmpPassword
+                    = ((PasswordCallback) callbacks[1]).getPassword();
+            if (tmpPassword == null) {
+                tmpPassword = new char[0];
+            }
+            password = new char[tmpPassword.length];
+            System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length);
+            ((PasswordCallback) callbacks[1]).clearPassword();
+        } catch (java.io.IOException ioe) {
+            throw (LoginException) new LoginException().initCause(ioe);
+        } catch (UnsupportedCallbackException uce) {
+            throw new LoginException("Error: " + header
+                    + uce.getCallback().toString()
+                    + " not available to garner authentication information "
+                    + "from the user");
+        }
+
+        // verify the username/password
+        if (username.equals(myUsername)
+                && Arrays.equals(password, myPassword)) {
+            System.out.println("\t\t" + header + " authentication succeeded");
+            succeeded = true;
+            return true;
+        } else {
+            // authentication failed -- clean out state
+            System.out.println("\t\t" + header + " authentication failed");
+            printDebugInfo();
+            succeeded = false;
+            username = null;
+            password = null;
+            throw new FailedLoginException("User Name or Password Incorrect");
+        }
+    }
+
+    @Override
+    public boolean logout() throws LoginException {
+        subject.getPrincipals().remove(userPrincipal);
+        succeeded = false;
+        succeeded = commitSucceeded;
+        username = null;
+        password = null;
+        userPrincipal = null;
+        return true;
+    }
+
+    // print debugging information
+    private void printDebugInfo() {
+        System.out.println("\t\t" + header + " correct user name: "
+                + myUsername);
+        System.out.println("\t\t" + header + " user entered user name: "
+                + username);
+        System.out.print("\t\t" + header + " correct password: ");
+        for (char c : myPassword) {
+            System.out.print(c);
+        }
+        System.out.println();
+        System.out.print("\t\t" + header + " user entered password: ");
+        for (char c : password) {
+            System.out.print(c);
+        }
+        System.out.println();
+    }
+}
+
+class SamplePrincipal implements Principal, java.io.Serializable {
+
+    /**
+     * @serial
+     */
+    private String name;
+
+    /**
+     * Create a SamplePrincipal with a Sample username.
+     *
+     * @param name the Sample username for this user.
+     * @exception NullPointerException if the <code>name</code> is
+     * <code>null</code>.
+     */
+    public SamplePrincipal(String name) {
+        if (name == null) {
+            throw new NullPointerException("illegal null input");
+        }
+
+        this.name = name;
+    }
+
+    @Override
+    public String getName() {
+        return name;
+    }
+
+    @Override
+    public String toString() {
+        return "SamplePrincipal:  " + name;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (o == null) {
+            return false;
+        }
+
+        if (this == o) {
+            return true;
+        }
+
+        if (!(o instanceof SamplePrincipal)) {
+            return false;
+        }
+        SamplePrincipal that = (SamplePrincipal) o;
+
+        return this.getName().equals(that.getName());
+    }
+
+    @Override
+    public int hashCode() {
+        return name.hashCode();
+    }
+}