jdk-sandbox: jdk/test/sun/security/krb5/auto/BasicProc.java@f8bc1966fb30 (annotated)

18536 092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	1	/*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	2	* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	4	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	7	* published by the Free Software Foundation.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	8	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	13	* accompanied this code).
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	14	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	18	*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	21	* questions.
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	22	*/
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	23
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	24	/*
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	25	* @test
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	26	* @bug 8009977
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	27	* @summary A test library to launch multiple Java processes
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	28	* @library ../../../../java/security/testlibrary/
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	29	* @compile -XDignore.symbol.file BasicProc.java
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	30	* @run main/othervm BasicProc
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	31	*/
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	32
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	33	import java.io.File;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	34	import org.ietf.jgss.Oid;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	35
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	36	import javax.security.auth.PrivateCredentialPermission;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	37
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	38	public class BasicProc {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	39
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	40	static String CONF = "krb5.conf";
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	41	static String KTAB = "ktab";
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	42	public static void main(String[] args) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	43	String HOST = "localhost";
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	44	String SERVER = "server/" + HOST;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	45	String BACKEND = "backend/" + HOST;
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	46	String USER = "user";
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	47	char[] PASS = "password".toCharArray();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	48	String REALM = "REALM";
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	49
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	50	Oid oid = new Oid("1.2.840.113554.1.2.2");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	51
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	52	if (args.length == 0) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	53	System.setProperty("java.security.krb5.conf", CONF);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	54	KDC kdc = KDC.create(REALM, HOST, 0, true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	55	kdc.addPrincipal(USER, PASS);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	56	kdc.addPrincipalRandKey("krbtgt/" + REALM);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	57	kdc.addPrincipalRandKey(SERVER);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	58	kdc.addPrincipalRandKey(BACKEND);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	59
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	60	String cwd = System.getProperty("user.dir");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	61	kdc.writeKtab(KTAB);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	62	KDC.saveConfig(CONF, kdc, "forwardable = true");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	63
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	64	Proc pc = Proc.create("BasicProc")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	65	.args("client")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	66	.prop("java.security.krb5.conf", CONF)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	67	.prop("java.security.manager", "")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	68	.perm(new java.util.PropertyPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	69	"sun.security.krb5.principal", "read"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	70	.perm(new javax.security.auth.AuthPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	71	"modifyPrincipals"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	72	.perm(new javax.security.auth.AuthPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	73	"modifyPrivateCredentials"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	74	.perm(new javax.security.auth.AuthPermission("doAs"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	75	.perm(new javax.security.auth.kerberos.ServicePermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	76	"krbtgt/" + REALM + "@" + REALM, "initiate"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	77	.perm(new javax.security.auth.kerberos.ServicePermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	78	"server/localhost@" + REALM, "initiate"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	79	.perm(new javax.security.auth.kerberos.DelegationPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	80	"\"server/localhost@" + REALM + "\" " +
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	81	"\"krbtgt/" + REALM + "@" + REALM + "\""))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	82	.debug("C")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	83	.start();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	84	Proc ps = Proc.create("BasicProc")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	85	.args("server")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	86	.prop("java.security.krb5.conf", CONF)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	87	.prop("java.security.manager", "")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	88	.perm(new java.util.PropertyPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	89	"sun.security.krb5.principal", "read"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	90	.perm(new javax.security.auth.AuthPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	91	"modifyPrincipals"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	92	.perm(new javax.security.auth.AuthPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	93	"modifyPrivateCredentials"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	94	.perm(new javax.security.auth.AuthPermission("doAs"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	95	.perm(new PrivateCredentialPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	96	"javax.security.auth.kerberos.KeyTab * \"*\"",
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	97	"read"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	98	.perm(new javax.security.auth.kerberos.ServicePermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	99	"server/localhost@" + REALM, "accept"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	100	.perm(new java.io.FilePermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	101	cwd + File.separator + KTAB, "read"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	102	.perm(new javax.security.auth.kerberos.ServicePermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	103	"backend/localhost@" + REALM, "initiate"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	104	.debug("S")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	105	.start();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	106	Proc pb = Proc.create("BasicProc")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	107	.args("backend")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	108	.prop("java.security.krb5.conf", CONF)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	109	.prop("java.security.manager", "")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	110	.perm(new java.util.PropertyPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	111	"sun.security.krb5.principal", "read"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	112	.perm(new javax.security.auth.AuthPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	113	"modifyPrincipals"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	114	.perm(new javax.security.auth.AuthPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	115	"modifyPrivateCredentials"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	116	.perm(new javax.security.auth.AuthPermission("doAs"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	117	.perm(new PrivateCredentialPermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	118	"javax.security.auth.kerberos.KeyTab * \"*\"",
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	119	"read"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	120	.perm(new javax.security.auth.kerberos.ServicePermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	121	"backend/localhost@" + REALM, "accept"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	122	.perm(new java.io.FilePermission(
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	123	cwd + File.separator + KTAB, "read"))
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	124	.debug("B")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	125	.start();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	126
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	127	// Client and server handshake
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	128	String token = pc.readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	129	ps.println(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	130	token = ps.readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	131	pc.println(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	132	// Server and backend handshake
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	133	token = ps.readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	134	pb.println(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	135	token = pb.readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	136	ps.println(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	137	// wrap/unwrap/getMic/verifyMic and plain text
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	138	token = ps.readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	139	pb.println(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	140	token = pb.readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	141	ps.println(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	142	token = pb.readData();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	143	ps.println(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	144
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	145	if ((pc.waitFor() \| ps.waitFor() \| pb.waitFor()) != 0) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	146	throw new Exception();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	147	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	148	} else if (args[0].equals("client")) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	149	Context c = Context.fromUserPass(USER, PASS, false);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	150	c.startAsClient(SERVER, oid);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	151	c.x().requestCredDeleg(true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	152	Proc.binOut(c.take(new byte[0]));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	153	byte[] token = Proc.binIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	154	c.take(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	155	} else if (args[0].equals("server")) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	156	Context s = Context.fromUserKtab(SERVER, KTAB, true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	157	s.startAsServer(oid);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	158	byte[] token = Proc.binIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	159	token = s.take(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	160	Proc.binOut(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	161	Context s2 = s.delegated();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	162	s2.startAsClient(BACKEND, oid);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	163	Proc.binOut(s2.take(new byte[0]));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	164	token = Proc.binIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	165	s2.take(token);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	166	byte[] msg = "Hello".getBytes();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	167	Proc.binOut(s2.wrap(msg, true));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	168	s2.verifyMic(Proc.binIn(), msg);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	169	String in = Proc.textIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	170	if (!in.equals("Hello")) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	171	throw new Exception();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	172	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	173	} else if (args[0].equals("backend")) {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	174	Context b = Context.fromUserKtab(BACKEND, KTAB, true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	175	b.startAsServer(oid);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	176	byte[] token = Proc.binIn();
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	177	Proc.binOut(b.take(token));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	178	byte[] msg = b.unwrap(Proc.binIn(), true);
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	179	Proc.binOut(b.getMic(msg));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	180	Proc.textOut(new String(msg));
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	181	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	182	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	183	// create a native server
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	184	private static Proc ns(Proc p) throws Exception {
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	185	return p
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	186	.env("KRB5_CONFIG", CONF)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	187	.env("KRB5_KTNAME", KTAB)
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	188	.prop("sun.security.jgss.native", "true")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	189	.prop("javax.security.auth.useSubjectCredsOnly", "false")
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	190	.prop("sun.security.nativegss.debug", "true");
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	191	}
092411ced388 8001326: Improve Kerberos caching weijun parents: diff changeset	192	}

author	stefank
	Mon, 25 Aug 2014 09:10:13 +0200
changeset 26314	f8bc1966fb30
parent 18536	092411ced388
child 30820	0d4717a011d3
permissions	-rw-r--r--