/* * JBoss, Home of Professional Open Source * * Distributable under LGPL license. * See terms of license at gnu.org. */ package org.jboss.test; import java.lang.reflect.Method; import java.security.acl.Group; import java.util.HashMap; import java.util.Set; import javax.security.auth.Subject; import javax.security.auth.login.AppConfigurationEntry; import javax.security.auth.login.Configuration; import javax.security.auth.login.LoginContext; import junit.framework.TestCase; import junit.framework.TestSuite; import org.jboss.security.SimplePrincipal; import org.jboss.security.auth.callback.UsernamePasswordHandler; /** Tests of the LoginModule classes. @author Scott.Stark@jboss.org @version $Revision: 1.7.6.2 $ */ public class LoginModulesTestCase extends TestCase { static { try { Configuration.setConfiguration(new TestConfig()); System.out.println("Installed TestConfig as JAAS Configuration"); } catch(Exception e) { e.printStackTrace(); } } /** Hard coded login configurations for the test cases. The configuration name corresponds to the unit test function that uses the configuration. */ static class TestConfig extends Configuration { public void refresh() { } public AppConfigurationEntry[] getAppConfigurationEntry(String name) { AppConfigurationEntry[] entry = null; try { Class[] parameterTypes = {}; Method m = getClass().getDeclaredMethod(name, parameterTypes); Object[] args = {}; entry = (AppConfigurationEntry[]) m.invoke(this, args); } catch(Exception e) { } return entry; } AppConfigurationEntry[] testLdapExample1() { String name = "org.jboss.security.auth.spi.LdapLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://lamia/"); options.put("java.naming.security.authentication", "simple"); options.put("principalDNPrefix", "uid="); options.put("principalDNSuffix", ",ou=People,dc=jboss,dc=org"); options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org"); options.put("uidAttributeID", "member"); options.put("matchOnUserDN", "true"); options.put("roleAttributeID", "cn"); options.put("roleAttributeIsDN", "false"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } AppConfigurationEntry[] testLdapExample11() { String name = "org.jboss.security.auth.spi.LdapLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://lamia/"); options.put("java.naming.security.authentication", "simple"); options.put("java.naming.security.principal", "cn=Root,dc=jboss,dc=org"); options.put("java.naming.security.credentials", "secret1"); options.put("principalDNPrefix", "uid="); options.put("principalDNSuffix", ",ou=People,dc=jboss,dc=org"); options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org"); options.put("uidAttributeID", "member"); options.put("matchOnUserDN", "true"); options.put("roleAttributeID", "cn"); options.put("roleAttributeIsDN", "false"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } AppConfigurationEntry[] testLdapExample2() { String name = "org.jboss.security.auth.spi.LdapLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://lamia/"); options.put("java.naming.security.authentication", "simple"); options.put("principalDNPrefix", "uid="); options.put("principalDNSuffix", ",ou=People,o=example2,dc=jboss,dc=org"); options.put("rolesCtxDN", "ou=Roles,o=example2,dc=jboss,dc=org"); options.put("uidAttributeID", "uid"); options.put("matchOnUserDN", "false"); options.put("roleAttributeID", "memberOf"); options.put("roleAttributeIsDN", "true"); options.put("roleNameAttributeID", "cn"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } /** testLdapExample21 { org.jboss.security.auth.spi.LdapExtLoginModule java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory java.naming.provider.url="ldap://lamia/" java.naming.security.authentication=simple bindDN="cn=Root,dc=jboss,dc=org" bindCredential=secret1 baseCtxDN="ou=People,dc=jboss,dc=org" baseFilter="(uid={0})" rolesCtxDN="ou=Roles,dc=jboss,dc=org"; roleFilter="(member={1})" roleAttributeID="cn" roleRecursion=0 }; */ AppConfigurationEntry[] testLdapExample21() { String name = "org.jboss.security.auth.spi.LdapExtLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://lamia/"); options.put("java.naming.security.authentication", "simple"); options.put("bindDN", "cn=Root,dc=jboss,dc=org"); options.put("bindCredential", "secret1"); options.put("baseCtxDN", "ou=People,dc=jboss,dc=org"); options.put("baseFilter", "(uid={0})"); options.put("rolesCtxDN", "ou=Roles,dc=jboss,dc=org"); options.put("roleFilter", "(member={1})"); options.put("roleAttributeID", "cn"); options.put("roleRecursion", "0"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } /** testLdapExample23 { org.jboss.security.auth.spi.LdapExtLoginModule java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory java.naming.provider.url="ldap://lamia/" java.naming.security.authentication=simple bindDN="cn=Root,dc=jboss,dc=org" bindCredential=secret1 baseCtxDN="ou=People,o=example3,dc=jboss,dc=org" baseFilter="(cn={0})" rolesCtxDN="ou=Roles,o=example3,dc=jboss,dc=org"; roleFilter="(member={1})" roleAttributeID="cn" roleRecursion=0 }; */ AppConfigurationEntry[] testLdapExample23() { String name = "org.jboss.security.auth.spi.LdapExtLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://lamia/"); options.put("java.naming.security.authentication", "simple"); options.put("bindDN", "cn=Root,dc=jboss,dc=org"); options.put("bindCredential", "secret1"); options.put("baseCtxDN", "ou=People,o=example3,dc=jboss,dc=org"); options.put("baseFilter", "(cn={0})"); options.put("rolesCtxDN", "ou=Roles,o=example3,dc=jboss,dc=org"); options.put("roleFilter", "(member={1})"); options.put("roleAttributeID", "cn"); options.put("roleRecursion", "0"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } /** testLdapExample22 { org.jboss.security.auth.spi.LdapExtLoginModule java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory java.naming.provider.url="ldap://lamia/" java.naming.security.authentication=simple bindDN="cn=Root,dc=jboss,dc=org" bindCredential=secret1 baseCtxDN="ou=People,o=example2,dc=jboss,dc=org" baseFilter="(uid={0})" rolesCtxDN="ou=Roles,o=example2,dc=jboss,dc=org"; roleFilter="(uid={0})" roleAttributeIsDN="cn" roleAttributeID="memberOf" roleNameAttributeID="cn" roleRecursion=0 }; */ AppConfigurationEntry[] testLdapExample22() { String name = "org.jboss.security.auth.spi.LdapExtLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://lamia/"); options.put("java.naming.security.authentication", "simple"); options.put("bindDN", "cn=Root,dc=jboss,dc=org"); options.put("bindCredential", "secret1"); options.put("baseCtxDN", "ou=People,o=example2,dc=jboss,dc=org"); options.put("baseFilter", "(uid={0})"); options.put("rolesCtxDN", "ou=Roles,o=example2,dc=jboss,dc=org"); options.put("roleFilter", "(uid={0})"); options.put("roleAttributeID", "memberOf"); options.put("roleAttributeIsDN", "true"); options.put("roleNameAttributeID", "cn"); options.put("roleRecursion", "0"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } /** testLdapExample24 { org.jboss.security.auth.spi.LdapExtLoginModule java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory java.naming.provider.url="ldap://lamia/" java.naming.security.authentication=simple bindDN="cn=Root,dc=jboss,dc=org" bindCredential=secret1 baseCtxDN="ou=People,o=example4,dc=jboss,dc=org" baseFilter="(cn={0})" rolesCtxDN="ou=Roles,o=example4,dc=jboss,dc=org"; roleFilter="(member={1})" roleAttributeID="memberOf" roleRecursion=1 }; */ AppConfigurationEntry[] testLdapExample24() { String name = "org.jboss.security.auth.spi.LdapExtLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://lamia/"); options.put("java.naming.security.authentication", "simple"); options.put("bindDN", "cn=Root,dc=jboss,dc=org"); options.put("bindCredential", "secret1"); options.put("baseCtxDN", "ou=People,o=example4,dc=jboss,dc=org"); options.put("baseFilter", "(cn={0})"); options.put("rolesCtxDN", "ou=Roles,o=example4,dc=jboss,dc=org"); options.put("roleFilter", "(member={1})"); options.put("roleAttributeID", "cn"); options.put("roleRecursion", "1"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } } public LoginModulesTestCase(String testName) { super(testName); } public void testLdapExample1() throws Exception { System.out.println("testLdapExample1"); UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray()); LoginContext lc = new LoginContext("testLdapExample1", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke"))); assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles"))); Group roles = (Group) groups.iterator().next(); assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo"))); assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke"))); lc.logout(); } public void testLdapExample11() throws Exception { System.out.println("testLdapExample11"); UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray()); LoginContext lc = new LoginContext("testLdapExample11", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke"))); assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles"))); Group roles = (Group) groups.iterator().next(); assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo"))); assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke"))); lc.logout(); } public void testLdapExample2() throws Exception { System.out.println("testLdapExample2"); UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray()); LoginContext lc = new LoginContext("testLdapExample2", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); assertTrue("Principals contains jduke", subject.getPrincipals().contains(new SimplePrincipal("jduke"))); assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles"))); Group roles = (Group) groups.iterator().next(); assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo"))); assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke"))); lc.logout(); } public void testLdapExample21() throws Exception { System.out.println("testLdapExample21"); UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray()); LoginContext lc = new LoginContext("testLdapExample21", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); Set principals = subject.getPrincipals(); assertTrue("Principals contains jduke", principals.contains(new SimplePrincipal("jduke"))); assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles"))); Group roles = (Group) groups.iterator().next(); assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo"))); assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke"))); lc.logout(); } public void testLdapExample23() throws Exception { System.out.println("testLdapExample23"); UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke", "theduke".toCharArray()); LoginContext lc = new LoginContext("testLdapExample23", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); Set principals = subject.getPrincipals(); assertTrue("Principals contains Java Duke", principals.contains(new SimplePrincipal("Java Duke"))); assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles"))); Group roles = (Group) groups.iterator().next(); assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo"))); assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke"))); lc.logout(); } public void testLdapExample22() throws Exception { System.out.println("testLdapExample22"); UsernamePasswordHandler handler = new UsernamePasswordHandler("jduke", "theduke".toCharArray()); LoginContext lc = new LoginContext("testLdapExample22", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); Set principals = subject.getPrincipals(); assertTrue("Principals contains jduke", principals.contains(new SimplePrincipal("jduke"))); assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles"))); Group roles = (Group) groups.iterator().next(); assertTrue("Echo is a role", roles.isMember(new SimplePrincipal("Echo"))); assertTrue("TheDuke is a role", roles.isMember(new SimplePrincipal("TheDuke"))); lc.logout(); } public void testLdapExample24() throws Exception { System.out.println("testLdapExample24"); UsernamePasswordHandler handler = new UsernamePasswordHandler("Java Duke", "theduke".toCharArray()); LoginContext lc = new LoginContext("testLdapExample24", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); Set principals = subject.getPrincipals(); assertTrue("Principals contains Java Duke", principals.contains(new SimplePrincipal("Java Duke"))); assertTrue("Principals contains Roles", groups.contains(new SimplePrincipal("Roles"))); Group roles = (Group) groups.iterator().next(); assertTrue("RG2 is a role", roles.isMember(new SimplePrincipal("RG2"))); assertTrue("R1 is a role", roles.isMember(new SimplePrincipal("R1"))); assertTrue("R2 is a role", roles.isMember(new SimplePrincipal("R2"))); assertTrue("R3 is a role", roles.isMember(new SimplePrincipal("R3"))); assertFalse("R4 is NOT a role", roles.isMember(new SimplePrincipal("R4"))); assertTrue("R5 is a role", roles.isMember(new SimplePrincipal("R5"))); lc.logout(); } public static void main(java.lang.String[] args) { System.setErr(System.out); TestSuite suite = new TestSuite(LoginModulesTestCase.class); junit.textui.TestRunner.run(suite); } }