Search in sources :

Example 11 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class PropertiesLoginModuleTest method testCannotLoginAsGroupDirectly.

private void testCannotLoginAsGroupDirectly(final String name) throws IOException, LoginException {
    File f = File.createTempFile(getClass().getName(), ".tmp");
    try {
        Properties p = new Properties(f);
        PropertiesBackingEngine pbe = new PropertiesBackingEngine(p);
        pbe.addUser("abc", "xyz");
        pbe.addRole("abc", "myrole");
        pbe.addUser("pqr", "abc");
        pbe.addGroup("pqr", "group1");
        pbe.addGroupRole("group1", "r1");
        PropertiesLoginModule module = new PropertiesLoginModule();
        Map<String, String> options = new HashMap<>();
        options.put(PropertiesLoginModule.USER_FILE, f.getAbsolutePath());
        module.initialize(new Subject(), new NamePasswordCallbackHandler(name, "group"), null, options);
        try {
            module.login();
            Assert.fail("The login should have failed as you cannot log in under a group name directly");
        } catch (FailedLoginException fle) {
        // good
        }
    } finally {
        if (!f.delete()) {
            Assert.fail("Could not delete temporary file: " + f);
        }
    }
}
Also used : FailedLoginException(javax.security.auth.login.FailedLoginException) HashMap(java.util.HashMap) NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) Properties(org.apache.felix.utils.properties.Properties) File(java.io.File) Subject(javax.security.auth.Subject)

Example 12 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class PropertiesLoginModuleTest method testLoginIncorrectPassword.

@Test
public void testLoginIncorrectPassword() throws Exception {
    File f = File.createTempFile(getClass().getName(), ".tmp");
    try {
        Properties p = new Properties(f);
        PropertiesBackingEngine pbe = new PropertiesBackingEngine(p);
        pbe.addUser("abc", "xyz");
        pbe.addUser("pqr", "abc");
        PropertiesLoginModule module = new PropertiesLoginModule();
        Map<String, String> options = new HashMap<>();
        options.put(PropertiesLoginModule.USER_FILE, f.getAbsolutePath());
        module.initialize(new Subject(), new NamePasswordCallbackHandler("abc", "abc"), null, options);
        try {
            module.login();
            Assert.fail("The login should have failed as the passwords didn't match");
        } catch (FailedLoginException fle) {
        // good
        }
    } finally {
        if (!f.delete()) {
            Assert.fail("Could not delete temporary file: " + f);
        }
    }
}
Also used : FailedLoginException(javax.security.auth.login.FailedLoginException) HashMap(java.util.HashMap) NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) Properties(org.apache.felix.utils.properties.Properties) File(java.io.File) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 13 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class PropertiesLoginModuleTest method testLoginWithGroups.

@Test
public void testLoginWithGroups() throws Exception {
    File f = File.createTempFile(getClass().getName(), ".tmp");
    try {
        Properties p = new Properties(f);
        PropertiesBackingEngine pbe = new PropertiesBackingEngine(p);
        pbe.addUser("abc", "xyz");
        pbe.addRole("abc", "myrole");
        pbe.addUser("pqr", "abc");
        pbe.addGroup("pqr", "group1");
        pbe.addGroupRole("group1", "r1");
        PropertiesLoginModule module = new PropertiesLoginModule();
        Map<String, String> options = new HashMap<>();
        options.put(PropertiesLoginModule.USER_FILE, f.getAbsolutePath());
        Subject subject = new Subject();
        module.initialize(subject, new NamePasswordCallbackHandler("pqr", "abc"), null, options);
        Assert.assertEquals("Precondition", 0, subject.getPrincipals().size());
        Assert.assertTrue(module.login());
        Assert.assertTrue(module.commit());
        Assert.assertEquals(3, subject.getPrincipals().size());
        boolean foundUser = false;
        boolean foundRole = false;
        boolean foundGroup = false;
        for (Principal pr : subject.getPrincipals()) {
            if (pr instanceof UserPrincipal) {
                Assert.assertEquals("pqr", pr.getName());
                foundUser = true;
            } else if (pr instanceof GroupPrincipal) {
                Assert.assertEquals("group1", pr.getName());
                foundGroup = true;
            } else if (pr instanceof RolePrincipal) {
                Assert.assertEquals("r1", pr.getName());
                foundRole = true;
            }
        }
        Assert.assertTrue(foundUser);
        Assert.assertTrue(foundGroup);
        Assert.assertTrue(foundRole);
    } finally {
        if (!f.delete()) {
            Assert.fail("Could not delete temporary file: " + f);
        }
    }
}
Also used : HashMap(java.util.HashMap) Properties(org.apache.felix.utils.properties.Properties) Subject(javax.security.auth.Subject) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) GroupPrincipal(org.apache.karaf.jaas.boot.principal.GroupPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) File(java.io.File) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) GroupPrincipal(org.apache.karaf.jaas.boot.principal.GroupPrincipal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) Test(org.junit.Test)

Example 14 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class Krb5LoginModuleTest method testLoginPasswordFailure.

@Test(expected = LoginException.class)
public void testLoginPasswordFailure() throws Exception {
    Subject subject = new Subject();
    Krb5LoginModule module = new Krb5LoginModule();
    module.initialize(subject, new NamePasswordCallbackHandler("hnelson", "secret0"), null, new HashMap<>());
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    Assert.assertFalse(module.login());
}
Also used : NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) Subject(javax.security.auth.Subject) AbstractKerberosITest(org.apache.directory.server.kerberos.kdc.AbstractKerberosITest) Test(org.junit.Test)

Example 15 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class GSSAPILdapLoginModuleTest method testUserNotFound.

@Test(expected = LoginException.class)
public void testUserNotFound() throws Exception {
    Properties options = ldapLoginModuleOptions();
    GSSAPILdapLoginModule module = new GSSAPILdapLoginModule();
    Subject subject = new Subject();
    module.initialize(subject, new NamePasswordCallbackHandler("test", "test"), null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertFalse(module.login());
}
Also used : NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) Properties(org.apache.felix.utils.properties.Properties) Subject(javax.security.auth.Subject) AbstractKerberosITest(org.apache.directory.server.kerberos.kdc.AbstractKerberosITest) Test(org.junit.Test)

Aggregations

Subject (javax.security.auth.Subject)26 NamePasswordCallbackHandler (org.apache.karaf.jaas.modules.NamePasswordCallbackHandler)26 Test (org.junit.Test)25 Properties (org.apache.felix.utils.properties.Properties)21 Principal (java.security.Principal)13 RolePrincipal (org.apache.karaf.jaas.boot.principal.RolePrincipal)13 UserPrincipal (org.apache.karaf.jaas.boot.principal.UserPrincipal)13 AbstractKerberosITest (org.apache.directory.server.kerberos.kdc.AbstractKerberosITest)8 File (java.io.File)4 HashMap (java.util.HashMap)4 ArrayList (java.util.ArrayList)3 GroupPrincipal (org.apache.karaf.jaas.boot.principal.GroupPrincipal)3 KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)2 KerberosTicket (javax.security.auth.kerberos.KerberosTicket)2 FailedLoginException (javax.security.auth.login.FailedLoginException)2 LoginException (javax.security.auth.login.LoginException)2 Attribute (javax.naming.directory.Attribute)1 Attributes (javax.naming.directory.Attributes)1 BasicAttribute (javax.naming.directory.BasicAttribute)1 BasicAttributes (javax.naming.directory.BasicAttributes)1