jdk-sandbox: jdk/test/sun/security/krb5/auto/KeyTabCompat.java@f3115698a012 (annotated)

9499 f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	1	/*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	2	* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	4	*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	7	* published by the Free Software Foundation.
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	8	*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	13	* accompanied this code).
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	14	*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	18	*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	21	* questions.
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	22	*/
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	23
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	24	/*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	25	* @test
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	26	* @bug 6894072
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	27	* @compile -XDignore.symbol.file KeyTabCompat.java
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	28	* @run main/othervm KeyTabCompat
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	29	* @summary always refresh keytab
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	30	*/
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	31
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	32	import javax.security.auth.kerberos.KerberosKey;
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	33	import sun.security.jgss.GSSUtil;
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	34
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	35	/*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	36	* There are 2 compat issues to check:
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	37	*
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	38	* 1. If there is only KerberosKeys in private credential set and no
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	39	* KerberosPrincipal. JAAS login should go on.
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	40	* 2. Even if KeyTab is used, user can still get KerberosKeys from
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	41	* private credentials set.
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	42	*/
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	43	public class KeyTabCompat {
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	44
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	45	public static void main(String[] args)
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	46	throws Exception {
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	47	OneKDC kdc = new OneKDC("aes128-cts");
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	48	kdc.writeJAASConf();
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	49	kdc.addPrincipal(OneKDC.SERVER, "pass1".toCharArray());
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	50	kdc.writeKtab(OneKDC.KTAB);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	51
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	52	Context c, s;
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	53
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	54	// Part 1
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	55	c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	56	s = Context.fromUserPass(OneKDC.USER2, OneKDC.PASS2, true);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	57
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	58	s.s().getPrincipals().clear();
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	59
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	60	c.startAsClient(OneKDC.USER2, GSSUtil.GSS_KRB5_MECH_OID);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	61	s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	62
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	63	Context.handshake(c, s);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	64
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	65	// Part 2
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	66	c = Context.fromJAAS("client");
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	67	s = Context.fromJAAS("server");
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	68
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	69	c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	70	s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	71	s.status();
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	72
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	73	if (s.s().getPrivateCredentials(KerberosKey.class).size() != 1) {
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	74	throw new Exception("There should be one KerberosKey");
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	75	}
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	76
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	77	Thread.sleep(2000); // make sure ktab timestamp is different
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	78
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	79	kdc.addPrincipal(OneKDC.SERVER, "pass2".toCharArray());
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	80	kdc.writeKtab(OneKDC.KTAB);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	81
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	82	Context.handshake(c, s);
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	83	s.status();
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	84
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	85	if (s.s().getPrivateCredentials(KerberosKey.class).size() != 1) {
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	86	throw new Exception("There should be only one KerberosKey");
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	87	}
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	88
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	89	}
f3115698a012 6894072: always refresh keytab weijun parents: diff changeset	90	}

author	weijun
	Wed, 20 Apr 2011 18:41:32 +0800
changeset 9499	f3115698a012
child 14769	22808af10edd
permissions	-rw-r--r--