author | weijun |
Mon, 14 May 2018 13:05:11 +0800 | |
branch | JDK-8199569-branch |
changeset 56551 | 5eb8262e8c5f |
parent 49682 | 2918e1146106 |
child 53273 | bbc79e0ec9ee |
permissions | -rw-r--r-- |
18536 | 1 |
/* |
48668 | 2 |
* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. |
18536 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. |
|
8 |
* |
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
13 |
* accompanied this code). |
|
14 |
* |
|
15 |
* You should have received a copy of the GNU General Public License version |
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 |
* |
|
19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 |
* or visit www.oracle.com if you need additional information or have any |
|
21 |
* questions. |
|
22 |
*/ |
|
23 |
||
24 |
/* |
|
25 |
* @test |
|
56551 | 26 |
* @bug 8009977 8186884 8194486 8201627 |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
27 |
* @summary A test to launch multiple Java processes using either Java GSS |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
28 |
* or native GSS |
48668 | 29 |
* @library ../../../../java/security/testlibrary/ /test/lib |
18536 | 30 |
* @compile -XDignore.symbol.file BasicProc.java |
48668 | 31 |
* @run main jdk.test.lib.FileInstaller TestHosts TestHosts |
32 |
* @run main/othervm -Djdk.net.hosts.file=TestHosts BasicProc launcher |
|
18536 | 33 |
*/ |
34 |
||
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
35 |
import java.nio.file.Files; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
36 |
import java.nio.file.Paths; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
37 |
import java.nio.file.attribute.PosixFilePermission; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
38 |
import java.util.Arrays; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
39 |
import java.util.PropertyPermission; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
40 |
import java.util.Set; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
41 |
|
56551 | 42 |
import jdk.test.lib.Asserts; |
49682
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
43 |
import jdk.test.lib.Platform; |
18536 | 44 |
import org.ietf.jgss.Oid; |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
45 |
import sun.security.krb5.Config; |
18536 | 46 |
|
47 |
import javax.security.auth.PrivateCredentialPermission; |
|
48 |
||
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
49 |
/** |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
50 |
* Run this test automatically and test Java GSS with embedded KDC. |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
51 |
* |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
52 |
* Run with customized native.krb5.libs to test interop between Java GSS |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
53 |
* and native GSS, and native.kdc.path with a native KDC. For example, |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
54 |
* run the following command to test interop among Java, default native, |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
55 |
* MIT, and Heimdal krb5 libraries with the Heimdal KDC: |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
56 |
* |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
57 |
* jtreg -Dnative.krb5.libs=j=, |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
58 |
* n=, |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
59 |
* k=/usr/local/krb5/lib/libgssapi_krb5.so, |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
60 |
* h=/space/install/heimdal/lib/libgssapi.so \ |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
61 |
* -Dnative.kdc.path=/usr/local/heimdal \ |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
62 |
* BasicProc.java |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
63 |
* |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
64 |
* Note: The first 4 lines should be concatenated to make a long system |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
65 |
* property value with no blank around ",". This comma-separated value |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
66 |
* has each element being name=libpath. The special name "j" means the |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
67 |
* Java library and libpath is ignored. Otherwise it means a native library, |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
68 |
* and libpath (can be empty) will be the value for the sun.security.jgss.lib |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
69 |
* system property. If this system property is not set, only the Java |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
70 |
* library will be tested. |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
71 |
*/ |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
72 |
|
18536 | 73 |
public class BasicProc { |
74 |
||
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
75 |
private static final String CONF = "krb5.conf"; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
76 |
private static final String KTAB_S = "server.ktab"; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
77 |
private static final String KTAB_B = "backend.ktab"; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
78 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
79 |
private static final String HOST = "localhost"; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
80 |
private static final String SERVER = "server/" + HOST; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
81 |
private static final String BACKEND = "backend/" + HOST; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
82 |
private static final String USER = "user"; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
83 |
private static final char[] PASS = "password".toCharArray(); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
84 |
private static final String REALM = "REALM"; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
85 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
86 |
private static final int MSGSIZE = 1024; |
56551 | 87 |
private static final byte[] MSG = new byte[MSGSIZE]; |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
88 |
|
18536 | 89 |
public static void main(String[] args) throws Exception { |
90 |
||
91 |
Oid oid = new Oid("1.2.840.113554.1.2.2"); |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
92 |
byte[] token, msg; |
18536 | 93 |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
94 |
switch (args[0]) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
95 |
case "launcher": |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
96 |
KDC kdc = KDC.create(REALM, HOST, 0, true); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
97 |
try { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
98 |
kdc.addPrincipal(USER, PASS); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
99 |
kdc.addPrincipalRandKey("krbtgt/" + REALM); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
100 |
kdc.addPrincipalRandKey(SERVER); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
101 |
kdc.addPrincipalRandKey(BACKEND); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
102 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
103 |
// Native lib might do some name lookup |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
104 |
KDC.saveConfig(CONF, kdc, |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
105 |
"dns_lookup_kdc = no", |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
106 |
"ticket_lifetime = 1h", |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
107 |
"dns_lookup_realm = no", |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
108 |
"dns_canonicalize_hostname = false", |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
109 |
"forwardable = true"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
110 |
System.setProperty("java.security.krb5.conf", CONF); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
111 |
Config.refresh(); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
112 |
kdc.writeKtab(KTAB_S, false, SERVER); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
113 |
kdc.writeKtab(KTAB_B, false, BACKEND); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
114 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
115 |
String[] tmp = System.getProperty("native.krb5.libs", "j=") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
116 |
.split(","); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
117 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
118 |
// Library paths. The 1st one is always null which means |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
119 |
// Java, "" means the default native lib. |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
120 |
String[] libs = new String[tmp.length]; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
121 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
122 |
// Names for each lib above. Use in file names. |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
123 |
String[] names = new String[tmp.length]; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
124 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
125 |
boolean hasNative = false; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
126 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
127 |
for (int i = 0; i < tmp.length; i++) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
128 |
if (tmp[i].isEmpty()) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
129 |
throw new Exception("Invalid native.krb5.libs"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
130 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
131 |
String[] pair = tmp[i].split("=", 2); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
132 |
names[i] = pair[0]; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
133 |
if (!pair[0].equals("j")) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
134 |
libs[i] = pair.length > 1 ? pair[1] : ""; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
135 |
hasNative = true; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
136 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
137 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
138 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
139 |
if (hasNative) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
140 |
kdc.kinit(USER, "base.ccache"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
141 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
142 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
143 |
// Try the same lib first |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
144 |
for (int i = 0; i < libs.length; i++) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
145 |
once(names[i] + names[i] + names[i], |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
146 |
libs[i], libs[i], libs[i]); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
147 |
} |
18536 | 148 |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
149 |
for (int i = 0; i < libs.length; i++) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
150 |
for (int j = 0; j < libs.length; j++) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
151 |
for (int k = 0; k < libs.length; k++) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
152 |
if (i != j || i != k) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
153 |
once(names[i] + names[j] + names[k], |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
154 |
libs[i], libs[j], libs[k]); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
155 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
156 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
157 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
158 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
159 |
} finally { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
160 |
kdc.terminate(); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
161 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
162 |
break; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
163 |
case "client": |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
164 |
Context c = args[1].equals("n") ? |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
165 |
Context.fromThinAir() : |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
166 |
Context.fromUserPass(USER, PASS, false); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
167 |
c.startAsClient(SERVER, oid); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
168 |
c.x().requestCredDeleg(true); |
56551 | 169 |
c.x().requestMutualAuth(true); |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
170 |
Proc.binOut(c.take(new byte[0])); // AP-REQ |
56551 | 171 |
c.take(Proc.binIn()); // AP-REP |
172 |
Proc.binOut(c.wrap(MSG, true)); |
|
173 |
Proc.binOut(c.getMic(MSG)); |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
174 |
break; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
175 |
case "server": |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
176 |
Context s = args[1].equals("n") ? |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
177 |
Context.fromThinAir() : |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
178 |
Context.fromUserKtab(SERVER, KTAB_S, true); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
179 |
s.startAsServer(oid); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
180 |
token = Proc.binIn(); // AP-REQ |
56551 | 181 |
Proc.binOut(s.take(token)); // AP-REP |
182 |
msg = s.unwrap(Proc.binIn(), true); |
|
183 |
Asserts.assertTrue(Arrays.equals(msg, MSG)); |
|
184 |
s.verifyMic(Proc.binIn(), msg); |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
185 |
Context s2 = s.delegated(); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
186 |
s2.startAsClient(BACKEND, oid); |
56551 | 187 |
s2.x().requestMutualAuth(false); |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
188 |
Proc.binOut(s2.take(new byte[0])); // AP-REQ |
56551 | 189 |
msg = s2.unwrap(Proc.binIn(), true); |
190 |
Asserts.assertTrue(Arrays.equals(msg, MSG)); |
|
191 |
s2.verifyMic(Proc.binIn(), msg); |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
192 |
break; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
193 |
case "backend": |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
194 |
Context b = args[1].equals("n") ? |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
195 |
Context.fromThinAir() : |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
196 |
Context.fromUserKtab(BACKEND, KTAB_B, true); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
197 |
b.startAsServer(oid); |
56551 | 198 |
token = b.take(Proc.binIn()); // AP-REQ |
199 |
Asserts.assertTrue(token == null); |
|
200 |
Proc.binOut(b.wrap(MSG, true)); |
|
201 |
Proc.binOut(b.getMic(MSG)); |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
202 |
break; |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
203 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
204 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
205 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
206 |
/** |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
207 |
* One test run. |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
208 |
* |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
209 |
* @param label test label |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
210 |
* @param lc lib of client |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
211 |
* @param ls lib of server |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
212 |
* @param lb lib of backend |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
213 |
*/ |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
214 |
private static void once(String label, String lc, String ls, String lb) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
215 |
throws Exception { |
18536 | 216 |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
217 |
Proc pc = proc(lc) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
218 |
.args("client", lc == null ? "j" : "n") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
219 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
220 |
"krbtgt/" + REALM + "@" + REALM, "initiate")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
221 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
222 |
SERVER + "@" + REALM, "initiate")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
223 |
.perm(new javax.security.auth.kerberos.DelegationPermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
224 |
"\"" + SERVER + "@" + REALM + "\" " + |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
225 |
"\"krbtgt/" + REALM + "@" + REALM + "\"")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
226 |
.debug(label + "-C"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
227 |
if (lc == null) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
228 |
// for Krb5LoginModule::promptForName |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
229 |
pc.perm(new PropertyPermission("user.name", "read")); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
230 |
} else { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
231 |
Files.copy(Paths.get("base.ccache"), Paths.get(label + ".ccache")); |
49682
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
232 |
if (!Platform.isWindows()) { |
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
233 |
Files.setPosixFilePermissions(Paths.get(label + ".ccache"), |
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
234 |
Set.of(PosixFilePermission.OWNER_READ, |
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
235 |
PosixFilePermission.OWNER_WRITE)); |
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
236 |
} |
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
237 |
pc.env("KRB5CCNAME", "FILE:" + label + ".ccache"); |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
238 |
// Do not try system ktab if ccache fails |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
239 |
pc.env("KRB5_KTNAME", "none"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
240 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
241 |
pc.start(); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
242 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
243 |
Proc ps = proc(ls) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
244 |
.args("server", ls == null ? "j" : "n") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
245 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
246 |
SERVER + "@" + REALM, "accept")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
247 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
248 |
BACKEND + "@" + REALM, "initiate")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
249 |
.debug(label + "-S"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
250 |
if (ls == null) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
251 |
ps.perm(new PrivateCredentialPermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
252 |
"javax.security.auth.kerberos.KeyTab * \"*\"", "read")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
253 |
.perm(new java.io.FilePermission(KTAB_S, "read")); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
254 |
} else { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
255 |
ps.env("KRB5_KTNAME", KTAB_S); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
256 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
257 |
ps.start(); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
258 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
259 |
Proc pb = proc(lb) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
260 |
.args("backend", lb == null ? "j" : "n") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
261 |
.perm(new javax.security.auth.kerberos.ServicePermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
262 |
BACKEND + "@" + REALM, "accept")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
263 |
.debug(label + "-B"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
264 |
if (lb == null) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
265 |
pb.perm(new PrivateCredentialPermission( |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
266 |
"javax.security.auth.kerberos.KeyTab * \"*\"", "read")) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
267 |
.perm(new java.io.FilePermission(KTAB_B, "read")); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
268 |
} else { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
269 |
pb.env("KRB5_KTNAME", KTAB_B); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
270 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
271 |
pb.start(); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
272 |
|
56551 | 273 |
// Client and server |
274 |
ps.println(pc.readData()); // AP-REQ |
|
275 |
pc.println(ps.readData()); // AP-REP |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
276 |
|
56551 | 277 |
ps.println(pc.readData()); // KRB-PRIV |
278 |
ps.println(pc.readData()); // KRB-SAFE |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
279 |
|
56551 | 280 |
// Server and backend |
281 |
pb.println(ps.readData()); // AP-REQ |
|
282 |
||
283 |
ps.println(pb.readData()); // KRB-PRIV |
|
284 |
ps.println(pb.readData()); // KRB-SAFE |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
285 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
286 |
if ((pc.waitFor() | ps.waitFor() | pb.waitFor()) != 0) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
287 |
throw new Exception("Process failed"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
288 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
289 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
290 |
|
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
291 |
/** |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
292 |
* A Proc for a child process. |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
293 |
* |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
294 |
* @param lib the library. Null is Java. "" is default native lib. |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
295 |
*/ |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
296 |
private static Proc proc(String lib) throws Exception { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
297 |
Proc p = Proc.create("BasicProc") |
48668 | 298 |
.inheritProp("jdk.net.hosts.file") |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
299 |
.prop("java.security.manager", "") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
300 |
.perm(new javax.security.auth.AuthPermission("doAs")); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
301 |
if (lib != null) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
302 |
p.env("KRB5_CONFIG", CONF) |
49682
2918e1146106
8200468: Port the native GSS-API bridge to Windows
weijun
parents:
48668
diff
changeset
|
303 |
.env("KRB5_TRACE", Platform.isWindows() ? "CON" : "/dev/stderr") |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
304 |
.prop("sun.security.jgss.native", "true") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
305 |
.prop("sun.security.jgss.lib", lib) |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
306 |
.prop("javax.security.auth.useSubjectCredsOnly", "false") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
307 |
.prop("sun.security.nativegss.debug", "true"); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
308 |
int pos = lib.lastIndexOf('/'); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
309 |
if (pos > 0) { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
310 |
p.env("LD_LIBRARY_PATH", lib.substring(0, pos)); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
311 |
p.env("DYLD_LIBRARY_PATH", lib.substring(0, pos)); |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
312 |
} |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
313 |
} else { |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
314 |
p.perm(new java.util.PropertyPermission( |
18536 | 315 |
"sun.security.krb5.principal", "read")) |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
316 |
// For Krb5LoginModule::login. |
18536 | 317 |
.perm(new javax.security.auth.AuthPermission( |
318 |
"modifyPrincipals")) |
|
319 |
.perm(new javax.security.auth.AuthPermission( |
|
320 |
"modifyPrivateCredentials")) |
|
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
321 |
.prop("sun.security.krb5.debug", "true") |
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
322 |
.prop("java.security.krb5.conf", CONF); |
18536 | 323 |
} |
47227
8052fa06e1b7
8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test
weijun
parents:
47216
diff
changeset
|
324 |
return p; |
18536 | 325 |
} |
326 |
} |