jdk-sandbox: jdk/test/sun/security/krb5/auto/OneKDC.java@dd50d75d88e6 (annotated)

1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	1	/*
3046 dd50d75d88e6 6849275: enhance krb5 reg tests weijun parents: 1456 diff changeset	2	* Copyright 2008-2009 Sun Microsystems, Inc. All Rights Reserved.
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	4	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	7	* published by the Free Software Foundation.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	8	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	13	* accompanied this code).
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	14	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	18	*
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	19	* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	20	* CA 95054 USA or visit www.sun.com if you need additional information or
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	21	* have any questions.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	22	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	23
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	24	import java.io.File;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	25	import java.io.FileOutputStream;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	26	import java.io.IOException;
1456 1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	27	import java.net.InetAddress;
1d3c6724de2f 6761072: new krb5 tests fail on multiple platforms weijun parents: 1454 diff changeset	28	import java.net.UnknownHostException;
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	29	import java.security.Security;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	30	import javax.security.auth.callback.Callback;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	31	import javax.security.auth.callback.CallbackHandler;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	32	import javax.security.auth.callback.NameCallback;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	33	import javax.security.auth.callback.PasswordCallback;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	34	import sun.security.krb5.Config;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	35
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	36	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	37	* This class starts a simple KDC with one realm, several typical principal
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	38	* names, generates delete-on-exit krb5.conf and keytab files, and setup
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	39	* system properties for them. There's also a helper method to generate a
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	40	* JAAS login config file that can be used for JAAS or JGSS apps.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	41	* <p>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	42	* Just call this line to start everything:
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	43	* <pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	44	* new OneKDC(null).writeJaasConf();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	45	* </pre>
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	46	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	47	public class OneKDC extends KDC {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	48
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	49	public static final String USER = "dummy";
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	50	public static final char[] PASS = "bogus".toCharArray();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	51	public static final String KRB5_CONF = "localkdc-krb5.conf";
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	52	public static final String KTAB = "localkdc.ktab";
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	53	public static final String JAAS_CONF = "localkdc-jaas.conf";
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	54	public static final String REALM = "RABBIT.HOLE";
3046 dd50d75d88e6 6849275: enhance krb5 reg tests weijun parents: 1456 diff changeset	55	public static String SERVER = "server/host." + REALM.toLowerCase();
dd50d75d88e6 6849275: enhance krb5 reg tests weijun parents: 1456 diff changeset	56	public static String BACKEND = "backend/host." + REALM.toLowerCase();
dd50d75d88e6 6849275: enhance krb5 reg tests weijun parents: 1456 diff changeset	57	public static String KDCHOST = "kdc." + REALM.toLowerCase();
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	58	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	59	* Creates the KDC and starts it.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	60	* @param etype Encryption type, null if not specified
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	61	* @throws java.lang.Exception if there's anything wrong
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	62	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	63	public OneKDC(String etype) throws Exception {
3046 dd50d75d88e6 6849275: enhance krb5 reg tests weijun parents: 1456 diff changeset	64	super(REALM, KDCHOST, 0, true);
1454 d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	65	addPrincipal(USER, PASS);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	66	addPrincipalRandKey("krbtgt/" + REALM);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	67	addPrincipalRandKey(SERVER);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	68	addPrincipalRandKey(BACKEND);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	69	KDC.saveConfig(KRB5_CONF, this,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	70	"forwardable = true",
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	71	"default_keytab_name = " + KTAB,
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	72	etype == null ? "" : "default_tkt_enctypes=" + etype + "\ndefault_tgs_enctypes=" + etype);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	73	System.setProperty("java.security.krb5.conf", KRB5_CONF);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	74	// Whatever krb5.conf had been loaded before, we reload ours now.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	75	Config.refresh();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	76
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	77	writeKtab(KTAB);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	78	new File(KRB5_CONF).deleteOnExit();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	79	new File(KTAB).deleteOnExit();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	80	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	81
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	82	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	83	* Writes a JAAS login config file, which contains as many as useful
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	84	* entries, including JGSS style initiator/acceptor and normal JAAS
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	85	* entries with names using existing OneKDC principals.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	86	* @throws java.lang.Exception if anything goes wrong
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	87	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	88	public void writeJAASConf() throws IOException {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	89	System.setProperty("java.security.auth.login.config", JAAS_CONF);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	90	File f = new File(JAAS_CONF);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	91	FileOutputStream fos = new FileOutputStream(f);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	92	fos.write((
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	93	"com.sun.security.jgss.krb5.initiate {\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	94	" com.sun.security.auth.module.Krb5LoginModule required;\n};\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	95	"com.sun.security.jgss.krb5.accept {\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	96	" com.sun.security.auth.module.Krb5LoginModule required\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	97	" principal=\"" + SERVER + "\"\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	98	" useKeyTab=true\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	99	" isInitiator=false\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	100	" storeKey=true;\n};\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	101	"client {\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	102	" com.sun.security.auth.module.Krb5LoginModule required;\n};\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	103	"server {\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	104	" com.sun.security.auth.module.Krb5LoginModule required\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	105	" principal=\"" + SERVER + "\"\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	106	" useKeyTab=true\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	107	" storeKey=true;\n};\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	108	"backend {\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	109	" com.sun.security.auth.module.Krb5LoginModule required\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	110	" principal=\"" + BACKEND + "\"\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	111	" useKeyTab=true\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	112	" storeKey=true\n" +
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	113	" isInitiator=false;\n};\n"
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	114	).getBytes());
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	115	fos.close();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	116	f.deleteOnExit();
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	117	Security.setProperty("auth.login.defaultCallbackHandler", "OneKDC$CallbackForClient");
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	118	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	119
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	120	/**
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	121	* The default callback handler for JAAS login. Note that this handler is
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	122	* hard coded to provide only info for USER1. If you need to provide info
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	123	* for another principal, please use Context.fromUserPass() instead.
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	124	*/
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	125	public static class CallbackForClient implements CallbackHandler {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	126	public void handle(Callback[] callbacks) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	127	String user = OneKDC.USER;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	128	char[] pass = OneKDC.PASS;
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	129	for (Callback callback : callbacks) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	130	if (callback instanceof NameCallback) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	131	System.out.println("Callback for name: " + user);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	132	((NameCallback) callback).setName(user);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	133	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	134	if (callback instanceof PasswordCallback) {
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	135	System.out.println("Callback for pass: "
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	136	+ new String(pass));
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	137	((PasswordCallback) callback).setPassword(pass);
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	138	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	139	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	140	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	141	}
d9b6f1de641f 6706974: Add krb5 test infrastructure weijun parents: diff changeset	142	}

author	weijun
	Wed, 17 Jun 2009 15:26:58 +0800
changeset 3046	dd50d75d88e6
parent 1456	1d3c6724de2f
child 4531	3a9206343ab2
permissions	-rw-r--r--