J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. |
| 8 | * |
| 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| 13 | * accompanied this code). |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License version |
| 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 18 | * |
| 19 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 20 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 21 | * have any questions. |
| 22 | */ |
| 23 | |
| 24 | /** |
| 25 | * @test |
| 26 | * @bug 4703361 |
| 27 | * @summary can not specify Configuration to LoginContext constructor |
| 28 | * |
| 29 | * @run main/othervm/policy=ConfigConstructor.policy -Djava.security.auth.login.config=file:${test.src}/ConfigConstructor.config ConfigConstructor |
| 30 | * |
| 31 | */ |
| 32 | |
| 33 | /** |
| 34 | * This test shares the login config with ConfigConstructorNoPerm. |
| 35 | * This test has all necessary permissions configured in the policy |
| 36 | * (ConfigConstructorNoPerm has no perms and checks for SecurityExceptions). |
| 37 | */ |
| 38 | |
| 39 | import java.util.Map; |
| 40 | import javax.security.auth.*; |
| 41 | import javax.security.auth.login.*; |
| 42 | import javax.security.auth.spi.*; |
| 43 | import javax.security.auth.callback.*; |
| 44 | |
| 45 | public class ConfigConstructor { |
| 46 | |
| 47 | private static Subject s = new Subject(); |
| 48 | private static CallbackHandler ch = |
| 49 | new com.sun.security.auth.callback.TextCallbackHandler(); |
| 50 | private static Configuration c = new MyConfig(); |
| 51 | |
| 52 | public static void main(String[] args) throws Exception { |
| 53 | |
| 54 | // test non-null behavior with provided config |
| 55 | LoginContext lc = new LoginContext |
| 56 | ("module1", |
| 57 | s, |
| 58 | ch, |
| 59 | c); |
| 60 | lc.login(); |
| 61 | System.out.println("Test 1 Passed"); |
| 62 | |
| 63 | // test null behavior with provided config |
| 64 | LoginContext lc2 = new LoginContext |
| 65 | ("module2", |
| 66 | null, |
| 67 | null, |
| 68 | c); |
| 69 | lc2.login(); |
| 70 | System.out.println("Test 2 Passed"); |
| 71 | |
| 72 | // test null config |
| 73 | LoginContext lc3 = new LoginContext |
| 74 | ("module3", |
| 75 | s, |
| 76 | ch, |
| 77 | null); |
| 78 | lc3.login(); |
| 79 | System.out.println("Test 3 Passed"); |
| 80 | |
| 81 | // test null config |
| 82 | LoginContext lc4 = new LoginContext |
| 83 | ("module4", |
| 84 | null, |
| 85 | null, |
| 86 | null); |
| 87 | lc4.login(); |
| 88 | System.out.println("Test 4 Passed"); |
| 89 | |
| 90 | // test security (without permission) |
| 91 | try { |
| 92 | LoginContext lc5 = new LoginContext |
| 93 | ("module5", |
| 94 | null, |
| 95 | null, |
| 96 | c); |
| 97 | lc5.login(); |
| 98 | throw new SecurityException("test failed - security check failed"); |
| 99 | } catch (LoginException le) { |
| 100 | if (le.getCause() instanceof SecurityException) { |
| 101 | // test passed |
| 102 | } else { |
| 103 | le.printStackTrace(); |
| 104 | throw new SecurityException("test failed: " + |
| 105 | "LoginException did not have chained SecurityException"); |
| 106 | } |
| 107 | } |
| 108 | System.out.println("Test 5 Passed"); |
| 109 | |
| 110 | // test security (with permission) |
| 111 | LoginContext lc6 = new LoginContext |
| 112 | ("module6", |
| 113 | null, |
| 114 | null, |
| 115 | c); |
| 116 | lc6.login(); |
| 117 | System.out.println("Test 6 Passed"); |
| 118 | |
| 119 | // test other |
| 120 | LoginContext lc7 = new LoginContext |
| 121 | ("goToOther", |
| 122 | null, |
| 123 | null, |
| 124 | c); |
| 125 | lc7.login(); |
| 126 | System.out.println("Test 7 Passed"); |
| 127 | |
| 128 | // test other old constructor |
| 129 | LoginContext lc8 = new LoginContext |
| 130 | ("goToOther"); |
| 131 | lc8.login(); |
| 132 | System.out.println("Test 8 Passed"); |
| 133 | } |
| 134 | |
| 135 | private static class MyConfig extends Configuration { |
| 136 | public MyConfig() { } |
| 137 | public AppConfigurationEntry[] getAppConfigurationEntry(String name) { |
| 138 | java.util.HashMap map = new java.util.HashMap(); |
| 139 | AppConfigurationEntry[] entries = new AppConfigurationEntry[1]; |
| 140 | |
| 141 | if (name.equals("module1")) { |
| 142 | AppConfigurationEntry entry = new AppConfigurationEntry |
| 143 | ("ConfigConstructor$MyModule1", |
| 144 | AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, |
| 145 | map); |
| 146 | entries[0] = entry; |
| 147 | } else if (name.equals("module2")) { |
| 148 | AppConfigurationEntry entry = new AppConfigurationEntry |
| 149 | ("ConfigConstructor$MyModule2", |
| 150 | AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, |
| 151 | map); |
| 152 | entries[0] = entry; |
| 153 | } else if (name.equals("module3")) { |
| 154 | AppConfigurationEntry entry = new AppConfigurationEntry |
| 155 | ("ConfigConstructor$MyModule3", |
| 156 | AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, |
| 157 | map); |
| 158 | entries[0] = entry; |
| 159 | } else if (name.equals("module4")) { |
| 160 | AppConfigurationEntry entry = new AppConfigurationEntry |
| 161 | ("ConfigConstructor$MyModule4", |
| 162 | AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, |
| 163 | map); |
| 164 | entries[0] = entry; |
| 165 | } else if (name.equals("module5")) { |
| 166 | AppConfigurationEntry entry = new AppConfigurationEntry |
| 167 | ("ConfigConstructor$MyModule5", |
| 168 | AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, |
| 169 | map); |
| 170 | entries[0] = entry; |
| 171 | } else if (name.equals("module6")) { |
| 172 | AppConfigurationEntry entry = new AppConfigurationEntry |
| 173 | ("ConfigConstructor$MyModule6", |
| 174 | AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, |
| 175 | map); |
| 176 | entries[0] = entry; |
| 177 | } else if (name.equalsIgnoreCase("other")) { |
| 178 | AppConfigurationEntry entry = new AppConfigurationEntry |
| 179 | ("ConfigConstructor$MyModule2", |
| 180 | AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, |
| 181 | map); |
| 182 | entries[0] = entry; |
| 183 | } else { |
| 184 | entries = null; |
| 185 | } |
| 186 | return entries; |
| 187 | } |
| 188 | public void refresh() { } |
| 189 | } |
| 190 | |
| 191 | public static class MyModule1 implements LoginModule { |
| 192 | |
| 193 | public MyModule1() { } |
| 194 | |
| 195 | public void initialize(Subject s, CallbackHandler ch, |
| 196 | Map<String,?> state, Map<String,?> options) { |
| 197 | if (s != ConfigConstructor.s || |
| 198 | ch != ConfigConstructor.ch) { |
| 199 | throw new SecurityException("Module 1 failed"); |
| 200 | } |
| 201 | } |
| 202 | |
| 203 | public boolean login() throws LoginException { return true; } |
| 204 | public boolean commit() throws LoginException { return true; } |
| 205 | public boolean abort() throws LoginException { return true; } |
| 206 | public boolean logout() throws LoginException { return true; } |
| 207 | } |
| 208 | |
| 209 | public static class MyModule2 implements LoginModule { |
| 210 | |
| 211 | public MyModule2() { } |
| 212 | |
| 213 | public void initialize(Subject s, CallbackHandler ch, |
| 214 | Map<String,?> state, Map<String,?> options) { |
| 215 | if (s == ConfigConstructor.s || |
| 216 | ch != null) { |
| 217 | throw new SecurityException("Module 2 failed"); |
| 218 | } |
| 219 | } |
| 220 | |
| 221 | public boolean login() throws LoginException { return true; } |
| 222 | public boolean commit() throws LoginException { return true; } |
| 223 | public boolean abort() throws LoginException { return true; } |
| 224 | public boolean logout() throws LoginException { return true; } |
| 225 | } |
| 226 | |
| 227 | public static class MyModule3 implements LoginModule { |
| 228 | |
| 229 | public MyModule3() { } |
| 230 | |
| 231 | public void initialize(Subject s, CallbackHandler ch, |
| 232 | Map<String,?> state, Map<String,?> options) { |
| 233 | if (s != ConfigConstructor.s || |
| 234 | ch == null || |
| 235 | ch == ConfigConstructor.ch) { |
| 236 | throw new SecurityException("Module 3 failed"); |
| 237 | } |
| 238 | } |
| 239 | |
| 240 | public boolean login() throws LoginException { return true; } |
| 241 | public boolean commit() throws LoginException { return true; } |
| 242 | public boolean abort() throws LoginException { return true; } |
| 243 | public boolean logout() throws LoginException { return true; } |
| 244 | } |
| 245 | |
| 246 | public static class MyModule4 implements LoginModule { |
| 247 | |
| 248 | public MyModule4() { } |
| 249 | |
| 250 | public void initialize(Subject s, CallbackHandler ch, |
| 251 | Map<String,?> state, Map<String,?> options) { |
| 252 | if (s == ConfigConstructor.s || |
| 253 | ch != null) { |
| 254 | throw new SecurityException("Module 4 failed"); |
| 255 | } |
| 256 | } |
| 257 | |
| 258 | public boolean login() throws LoginException { return true; } |
| 259 | public boolean commit() throws LoginException { return true; } |
| 260 | public boolean abort() throws LoginException { return true; } |
| 261 | public boolean logout() throws LoginException { return true; } |
| 262 | } |
| 263 | |
| 264 | public static class MyModule5 implements LoginModule { |
| 265 | |
| 266 | public MyModule5() { } |
| 267 | |
| 268 | public void initialize(Subject s, CallbackHandler ch, |
| 269 | Map<String,?> state, Map<String,?> options) { } |
| 270 | |
| 271 | public boolean login() throws LoginException { |
| 272 | // do something security-sensitive |
| 273 | System.out.println(System.getProperty("user.name")); |
| 274 | return true; |
| 275 | } |
| 276 | public boolean commit() throws LoginException { return true; } |
| 277 | public boolean abort() throws LoginException { return true; } |
| 278 | public boolean logout() throws LoginException { return true; } |
| 279 | } |
| 280 | |
| 281 | public static class MyModule6 implements LoginModule { |
| 282 | |
| 283 | public MyModule6() { } |
| 284 | |
| 285 | public void initialize(Subject s, CallbackHandler ch, |
| 286 | Map<String,?> state, Map<String,?> options) { } |
| 287 | |
| 288 | public boolean login() throws LoginException { |
| 289 | // do something security-sensitive |
| 290 | System.out.println(System.getProperty("user.home")); |
| 291 | return true; |
| 292 | } |
| 293 | public boolean commit() throws LoginException { return true; } |
| 294 | public boolean abort() throws LoginException { return true; } |
| 295 | public boolean logout() throws LoginException { return true; } |
| 296 | } |
| 297 | } |