jdk-sandbox: jdk/test/sun/security/krb5/auto/Context.java@4c792c19266e (annotated)

1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	1	/*
3482 4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	2	* Copyright 2008-2009 Sun Microsystems, Inc. All Rights Reserved.
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	4	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	7	* published by the Free Software Foundation.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	8	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	13	* accompanied this code).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	14	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	18	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	19	* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	20	* CA 95054 USA or visit www.sun.com if you need additional information or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	21	* have any questions.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	22	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	23
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	24	import com.sun.security.auth.module.Krb5LoginModule;
3482 4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	25	import java.security.Key;
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	26	import java.security.PrivilegedActionException;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	27	import java.security.PrivilegedExceptionAction;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	28	import java.util.Arrays;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	29	import java.util.HashMap;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	30	import java.util.Map;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	31	import javax.security.auth.Subject;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	32	import javax.security.auth.kerberos.KerberosKey;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	33	import javax.security.auth.kerberos.KerberosTicket;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	34	import javax.security.auth.login.LoginContext;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	35	import org.ietf.jgss.GSSContext;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	36	import org.ietf.jgss.GSSCredential;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	37	import org.ietf.jgss.GSSException;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	38	import org.ietf.jgss.GSSManager;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	39	import org.ietf.jgss.GSSName;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	40	import org.ietf.jgss.MessageProp;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	41	import org.ietf.jgss.Oid;
3482 4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	42	import com.sun.security.jgss.ExtendedGSSContext;
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	43	import com.sun.security.jgss.InquireType;
3483 a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	44	import com.sun.security.jgss.AuthorizationDataEntry;
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	45
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	46	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	47	* Context of a JGSS subject, encapsulating Subject and GSSContext.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	48	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	49	* Three "constructors", which acquire the (private) credentials and fill
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	50	* it into the Subject:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	51	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	52	* 1. static fromJAAS(): Creates a Context using a JAAS login config entry
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	53	* 2. static fromUserPass(): Creates a Context using a username and a password
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	54	* 3. delegated(): A new context which uses the delegated credentials from a
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	55	* previously established acceptor Context
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	56	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	57	* Two context initiators, which create the GSSContext object inside:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	58	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	59	* 1. startAsClient()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	60	* 2. startAsServer()
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	61	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	62	* Privileged action:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	63	* doAs(): Performs an action in the name of the Subject
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	64	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	65	* Handshake process:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	66	* static handShake(initiator, acceptor)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	67	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	68	* A four-phase typical data communication which includes all four GSS
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	69	* actions (wrap, unwrap, getMic and veryfyMiC):
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	70	* static transmit(message, from, to)
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	71	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	72	public class Context {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	73
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	74	private Subject s;
4336 4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	75	private ExtendedGSSContext x;
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	76	private boolean f; // context established?
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	77	private String name;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	78	private GSSCredential cred; // see static method delegated().
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	79
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	80	private Context() {}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	81
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	82	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	83	* Using the delegated credentials from a previous acceptor
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	84	* @param c
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	85	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	86	public Context delegated() throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	87	Context out = new Context();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	88	out.s = s;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	89	out.cred = x.getDelegCred();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	90	out.name = name + " as " + out.cred.getName().toString();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	91	return out;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	92	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	93
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	94	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	95	* Logins with a JAAS login config entry name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	96	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	97	public static Context fromJAAS(final String name) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	98	Context out = new Context();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	99	out.name = name;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	100	LoginContext lc = new LoginContext(name);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	101	lc.login();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	102	out.s = lc.getSubject();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	103	return out;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	104	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	105
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	106	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	107	* Logins with a username and a password, using Krb5LoginModule directly
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	108	* @param storeKey true if key should be saved, used on acceptor side
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	109	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	110	public static Context fromUserPass(String user, char[] pass, boolean storeKey) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	111	Context out = new Context();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	112	out.name = user;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	113	out.s = new Subject();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	114	Krb5LoginModule krb5 = new Krb5LoginModule();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	115	Map<String, String> map = new HashMap<String, String>();
1575 e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	116	Map<String, Object> shared = new HashMap<String, Object>();
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	117
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	118	if (pass != null) {
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	119	map.put("useFirstPass", "true");
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	120	shared.put("javax.security.auth.login.name", user);
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	121	shared.put("javax.security.auth.login.password", pass);
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	122	} else {
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	123	map.put("doNotPrompt", "true");
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	124	map.put("useTicketCache", "true");
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	125	if (user != null) {
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	126	map.put("principal", user);
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	127	}
e0f1979051b5 6765491: Krb5LoginModule a little too restrictive, and the doc is not clear. weijun parents: 1574 diff changeset	128	}
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	129	if (storeKey) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	130	map.put("storeKey", "true");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	131	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	132
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	133	krb5.initialize(out.s, null, shared, map);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	134	krb5.login();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	135	krb5.commit();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	136	return out;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	137	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	138
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	139	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	140	* Starts as a client
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	141	* @param target communication peer
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	142	* @param mech GSS mech
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	143	* @throws java.lang.Exception
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	144	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	145	public void startAsClient(final String target, final Oid mech) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	146	doAs(new Action() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	147	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	148	public byte[] run(Context me, byte[] dummy) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	149	GSSManager m = GSSManager.getInstance();
4336 4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	150	me.x = (ExtendedGSSContext)m.createContext(
4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	151	target.indexOf('@') < 0 ?
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	152	m.createName(target, null) :
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	153	m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	154	mech,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	155	cred,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	156	GSSContext.DEFAULT_LIFETIME);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	157	return null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	158	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	159	}, null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	160	f = false;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	161	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	162
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	163	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	164	* Starts as a server
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	165	* @param mech GSS mech
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	166	* @throws java.lang.Exception
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	167	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	168	public void startAsServer(final Oid mech) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	169	doAs(new Action() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	170	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	171	public byte[] run(Context me, byte[] dummy) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	172	GSSManager m = GSSManager.getInstance();
4336 4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	173	me.x = (ExtendedGSSContext)m.createContext(m.createCredential(
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	174	null,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	175	GSSCredential.INDEFINITE_LIFETIME,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	176	mech,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	177	GSSCredential.ACCEPT_ONLY));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	178	return null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	179	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	180	}, null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	181	f = false;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	182	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	183
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	184	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	185	* Accesses the internal GSSContext object. Currently it's used for --
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	186	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	187	* 1. calling requestXXX() before handshake
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	188	* 2. accessing source name
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	189	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	190	* Note: If the application needs to do any privileged call on this
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	191	* object, please use doAs(). Otherwise, it can be done directly. The
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	192	* methods listed above are all non-privileged calls.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	193	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	194	* @return the GSSContext object
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	195	*/
4336 4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	196	public ExtendedGSSContext x() {
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	197	return x;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	198	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	199
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	200	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	201	* Disposes the GSSContext within
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	202	* @throws org.ietf.jgss.GSSException
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	203	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	204	public void dispose() throws GSSException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	205	x.dispose();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	206	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	207
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	208	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	209	* Does something using the Subject inside
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	210	* @param action the action
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	211	* @param in the input byte
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	212	* @return the output byte
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	213	* @throws java.lang.Exception
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	214	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	215	public byte[] doAs(final Action action, final byte[] in) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	216	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	217	return Subject.doAs(s, new PrivilegedExceptionAction<byte[]>() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	218
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	219	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	220	public byte[] run() throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	221	return action.run(Context.this, in);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	222	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	223	});
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	224	} catch (PrivilegedActionException pae) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	225	throw pae.getException();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	226	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	227	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	228
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	229	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	230	* Prints status of GSSContext and Subject
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	231	* @throws java.lang.Exception
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	232	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	233	public void status() throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	234	System.out.println("STATUS OF " + name.toUpperCase());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	235	try {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	236	StringBuffer sb = new StringBuffer();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	237	if (x.getAnonymityState()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	238	sb.append("anon, ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	239	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	240	if (x.getConfState()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	241	sb.append("conf, ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	242	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	243	if (x.getCredDelegState()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	244	sb.append("deleg, ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	245	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	246	if (x.getIntegState()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	247	sb.append("integ, ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	248	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	249	if (x.getMutualAuthState()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	250	sb.append("mutual, ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	251	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	252	if (x.getReplayDetState()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	253	sb.append("rep det, ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	254	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	255	if (x.getSequenceDetState()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	256	sb.append("seq det, ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	257	}
4336 4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	258	if (x instanceof ExtendedGSSContext) {
4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	259	if (((ExtendedGSSContext)x).getDelegPolicyState()) {
4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	260	sb.append("deleg policy, ");
4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	261	}
4c792c19266e 6853328: Support OK-AS-DELEGATE flag weijun parents: 3483 diff changeset	262	}
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	263	System.out.println("Context status of " + name + ": " + sb.toString());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	264	System.out.println(x.getSrcName() + " -> " + x.getTargName());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	265	} catch (Exception e) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	266	;// Don't care
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	267	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	268	System.out.println("=====================================");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	269	for (Object o : s.getPrivateCredentials()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	270	System.out.println(" " + o.getClass());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	271	if (o instanceof KerberosTicket) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	272	KerberosTicket kt = (KerberosTicket) o;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	273	System.out.println(" " + kt.getServer() + " for " + kt.getClient());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	274	} else if (o instanceof KerberosKey) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	275	KerberosKey kk = (KerberosKey) o;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	276	System.out.print(" " + kk.getKeyType() + " " + kk.getVersionNumber() + " " + kk.getAlgorithm() + " ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	277	for (byte b : kk.getEncoded()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	278	System.out.printf("%02X", b & 0xff);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	279	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	280	System.out.println();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	281	} else if (o instanceof Map) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	282	Map map = (Map) o;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	283	for (Object k : map.keySet()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	284	System.out.println(" " + k + ": " + map.get(k));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	285	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	286	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	287	}
3482 4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	288	if (x != null && x instanceof ExtendedGSSContext) {
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	289	if (x.isEstablished()) {
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	290	ExtendedGSSContext ex = (ExtendedGSSContext)x;
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	291	Key k = (Key)ex.inquireSecContext(
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	292	InquireType.KRB5_GET_SESSION_KEY);
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	293	if (k == null) {
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	294	throw new Exception("Session key cannot be null");
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	295	}
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	296	System.out.println("Session key is: " + k);
3483 a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	297	boolean[] flags = (boolean[])ex.inquireSecContext(
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	298	InquireType.KRB5_GET_TKT_FLAGS);
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	299	if (flags == null) {
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	300	throw new Exception("Ticket flags cannot be null");
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	301	}
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	302	System.out.println("Ticket flags is: " + Arrays.toString(flags));
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	303	String authTime = (String)ex.inquireSecContext(
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	304	InquireType.KRB5_GET_AUTHTIME);
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	305	if (authTime == null) {
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	306	throw new Exception("Auth time cannot be null");
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	307	}
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	308	System.out.println("AuthTime is: " + authTime);
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	309	if (!x.isInitiator()) {
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	310	AuthorizationDataEntry[] ad = (AuthorizationDataEntry[])ex.inquireSecContext(
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	311	InquireType.KRB5_GET_AUTHZ_DATA);
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	312	System.out.println("AuthzData is: " + Arrays.toString(ad));
a16fce1820ef 6821190: more InquireType values for ExtendedGSSContext weijun parents: 3482 diff changeset	313	}
3482 4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	314	}
4aaa66ce712d 6710360: export Kerberos session key to applications weijun parents: 1575 diff changeset	315	}
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	316	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	317
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	318	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	319	* Transmits a message from one Context to another. The sender wraps the
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	320	* message and sends it to the receiver. The receiver unwraps it, creates
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	321	* a MIC of the clear text and sends it back to the sender. The sender
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	322	* verifies the MIC against the message sent earlier.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	323	* @param message the message
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	324	* @param s1 the sender
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	325	* @param s2 the receiver
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	326	* @throws java.lang.Exception If anything goes wrong
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	327	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	328	static public void transmit(final String message, final Context s1,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	329	final Context s2) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	330	final byte[] messageBytes = message.getBytes();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	331	System.out.printf("-------------------- TRANSMIT from %s to %s------------------------\n",
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	332	s1.name, s2.name);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	333
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	334	byte[] t = s1.doAs(new Action() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	335	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	336	public byte[] run(Context me, byte[] dummy) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	337	System.out.println("wrap");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	338	MessageProp p1 = new MessageProp(0, true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	339	byte[] out = me.x.wrap(messageBytes, 0, messageBytes.length, p1);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	340	System.out.println(printProp(p1));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	341	return out;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	342	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	343	}, null);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	344
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	345	t = s2.doAs(new Action() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	346	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	347	public byte[] run(Context me, byte[] input) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	348	MessageProp p1 = new MessageProp(0, true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	349	byte[] bytes = me.x.unwrap(input, 0, input.length, p1);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	350	if (!Arrays.equals(messageBytes, bytes))
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	351	throw new Exception("wrap/unwrap mismatch");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	352	System.out.println("unwrap");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	353	System.out.println(printProp(p1));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	354	p1 = new MessageProp(0, true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	355	System.out.println("getMIC");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	356	bytes = me.x.getMIC(bytes, 0, bytes.length, p1);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	357	System.out.println(printProp(p1));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	358	return bytes;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	359	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	360	}, t);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	361	// Re-unwrap should make p2.isDuplicateToken() returns true
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	362	s1.doAs(new Action() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	363	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	364	public byte[] run(Context me, byte[] input) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	365	MessageProp p1 = new MessageProp(0, true);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	366	System.out.println("verifyMIC");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	367	me.x.verifyMIC(input, 0, input.length,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	368	messageBytes, 0, messageBytes.length,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	369	p1);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	370	System.out.println(printProp(p1));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	371	return null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	372	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	373	}, t);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	374	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	375
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	376	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	377	* Returns a string description of a MessageProp object
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	378	* @param prop the object
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	379	* @return the description
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	380	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	381	static public String printProp(MessageProp prop) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	382	StringBuffer sb = new StringBuffer();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	383	sb.append("MessagePop: ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	384	sb.append("QOP="+ prop.getQOP() + ", ");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	385	sb.append(prop.getPrivacy()?"privacy, ":"");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	386	sb.append(prop.isDuplicateToken()?"dup, ":"");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	387	sb.append(prop.isGapToken()?"gap, ":"");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	388	sb.append(prop.isOldToken()?"old, ":"");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	389	sb.append(prop.isUnseqToken()?"unseq, ":"");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	390	sb.append(prop.getMinorString()+ "(" + prop.getMinorStatus()+")");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	391	return sb.toString();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	392	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	393
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	394	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	395	* Handshake (security context establishment process) between two Contexts
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	396	* @param c the initiator
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	397	* @param s the acceptor
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	398	* @throws java.lang.Exception
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	399	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	400	static public void handshake(final Context c, final Context s) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	401	byte[] t = new byte[0];
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	402	while (!c.f \|\| !s.f) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	403	t = c.doAs(new Action() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	404	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	405	public byte[] run(Context me, byte[] input) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	406	if (me.x.isEstablished()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	407	me.f = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	408	System.out.println(c.name + " side established");
1574 7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	409	if (input != null) {
7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	410	throw new Exception("Context established but " +
7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	411	"still receive token at " + c.name);
7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	412	}
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	413	return null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	414	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	415	System.out.println(c.name + " call initSecContext");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	416	return me.x.initSecContext(input, 0, input.length);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	417	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	418	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	419	}, t);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	420
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	421	t = s.doAs(new Action() {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	422	@Override
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	423	public byte[] run(Context me, byte[] input) throws Exception {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	424	if (me.x.isEstablished()) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	425	me.f = true;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	426	System.out.println(s.name + " side established");
1574 7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	427	if (input != null) {
7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	428	throw new Exception("Context established but " +
7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	429	"still receive token at " + s.name);
7aad9fe14378 6733095: Failure when SPNEGO request non-Mutual weijun parents: 1454 diff changeset	430	}
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	431	return null;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	432	} else {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	433	System.out.println(s.name + " called acceptSecContext");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	434	return me.x.acceptSecContext(input, 0, input.length);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	435	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	436	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	437	}, t);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	438	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	439	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	440	}

author	weijun
	Fri, 27 Nov 2009 08:51:28 +0800
changeset 4336	4c792c19266e
parent 3483	a16fce1820ef
child 5506	202f599c92aa
permissions	-rw-r--r--