jdk/test/sun/security/krb5/auto/BadKdc.java
author weijun
Thu, 18 Mar 2010 18:26:37 +0800
changeset 5154 07af3c279166
parent 4531 3a9206343ab2
child 5506 202f599c92aa
permissions -rw-r--r--
6829283: HTTP/Negotiate: Autheticator triggered again when user cancels the first one Reviewed-by: chegar
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
4531
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     1
/*
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     2
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     4
 *
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     5
 * This code is free software; you can redistribute it and/or modify it
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     6
 * under the terms of the GNU General Public License version 2 only, as
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     7
 * published by the Free Software Foundation.
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     8
 *
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
     9
 * This code is distributed in the hope that it will be useful, but WITHOUT
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    12
 * version 2 for more details (a copy is included in the LICENSE file that
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    13
 * accompanied this code).
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    14
 *
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    15
 * You should have received a copy of the GNU General Public License version
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    16
 * 2 along with this work; if not, write to the Free Software Foundation,
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    18
 *
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    19
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    20
 * CA 95054 USA or visit www.sun.com if you need additional information or
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    21
 * have any questions.
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    22
 */
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    23
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    24
import java.io.*;
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    25
import java.util.regex.Matcher;
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    26
import java.util.regex.Pattern;
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    27
import sun.security.krb5.Config;
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    28
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    29
public class BadKdc {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    30
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    31
    // Matches the krb5 debug output:
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    32
    // >>> KDCCommunication: kdc=kdc.rabbit.hole UDP:14319, timeout=2000,...
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    33
    //                                               ^ kdc#         ^ timeout
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    34
    static final Pattern re = Pattern.compile(
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    35
            ">>> KDCCommunication: kdc=kdc.rabbit.hole UDP:(\\d)...., " +
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    36
            "timeout=(\\d)000,");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    37
    public static void go(int[]... expected)
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    38
            throws Exception {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    39
        System.setProperty("sun.security.krb5.debug", "true");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    40
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    41
        // Make sure KDCs' ports starts with 1 and 2 and 3,
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    42
        // useful for checking debug output.
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    43
        int p1 = 10000 + new java.util.Random().nextInt(10000);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    44
        int p2 = 20000 + new java.util.Random().nextInt(10000);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    45
        int p3 = 30000 + new java.util.Random().nextInt(10000);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    46
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    47
        FileWriter fw = new FileWriter("alternative-krb5.conf");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    48
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    49
        fw.write("[libdefaults]\n" +
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    50
                "default_realm = " + OneKDC.REALM + "\n" +
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    51
                "kdc_timeout = 2000\n");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    52
        fw.write("[realms]\n" + OneKDC.REALM + " = {\n" +
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    53
                "kdc = " + OneKDC.KDCHOST + ":" + p1 + "\n" +
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    54
                "kdc = " + OneKDC.KDCHOST + ":" + p2 + "\n" +
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    55
                "kdc = " + OneKDC.KDCHOST + ":" + p3 + "\n" +
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    56
                "}\n");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    57
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    58
        fw.close();
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    59
        System.setProperty("java.security.krb5.conf", "alternative-krb5.conf");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    60
        Config.refresh();
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    61
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    62
        // Turn on k3 only
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    63
        KDC k3 = on(p3);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    64
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    65
        test(expected[0]);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    66
        test(expected[1]);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    67
        Config.refresh();
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    68
        test(expected[2]);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    69
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    70
        k3.terminate(); // shutdown k3
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    71
        on(p2);         // k2 is on
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    72
        test(expected[3]);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    73
        on(p1);         // k1 and k2 is on
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    74
        test(expected[4]);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    75
    }
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    76
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    77
    private static KDC on(int p) throws Exception {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    78
        KDC k = new KDC(OneKDC.REALM, OneKDC.KDCHOST, p, true);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    79
        k.addPrincipal(OneKDC.USER, OneKDC.PASS);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    80
        k.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    81
        return k;
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    82
    }
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    83
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    84
    /**
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    85
     * One round of test for max_retries and timeout.
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    86
     * @param timeout the expected timeout
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    87
     * @param expected the expected kdc# timeout kdc# timeout...
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    88
     */
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    89
    private static void test(int... expected) throws Exception {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    90
        ByteArrayOutputStream bo = new ByteArrayOutputStream();
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    91
        PrintStream oldout = System.out;
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    92
        System.setOut(new PrintStream(bo));
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    93
        Context c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    94
        System.setOut(oldout);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    95
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    96
        String[] lines = new String(bo.toByteArray()).split("\n");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    97
        System.out.println("----------------- TEST -----------------");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    98
        int count = 0;
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
    99
        for (String line: lines) {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   100
            Matcher m = re.matcher(line);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   101
            if (m.find()) {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   102
                System.out.println(line);
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   103
                if (Integer.parseInt(m.group(1)) != expected[count++] ||
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   104
                        Integer.parseInt(m.group(2)) != expected[count++]) {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   105
                    throw new Exception("Fail here");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   106
                }
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   107
            }
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   108
        }
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   109
        if (count != expected.length) {
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   110
            throw new Exception("Less rounds");
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   111
        }
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   112
    }
3a9206343ab2 6843127: krb5 should not try to access unavailable kdc too often
weijun
parents:
diff changeset
   113
}