jdk-sandbox: jdk/test/sun/security/krb5/auto/SaslBasic.java@f8bc1966fb30 (annotated)

14340 e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	1	/*
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	2	* Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	4	*
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	7	* published by the Free Software Foundation.
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	8	*
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	13	* accompanied this code).
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	14	*
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	18	*
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	21	* questions.
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	22	*/
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	23
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	24	/*
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	25	* @test
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	26	* @bug 7110803
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	27	* @summary SASL service for multiple hostnames
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	28	* @compile -XDignore.symbol.file SaslBasic.java
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	29	* @run main/othervm SaslBasic bound
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	30	* @run main/othervm SaslBasic unbound
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	31	*/
25403 e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	32	import com.sun.security.jgss.InquireType;
e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	33
14340 e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	34	import java.io.IOException;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	35	import java.util.Arrays;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	36	import java.util.HashMap;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	37	import java.util.Locale;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	38	import javax.security.auth.callback.Callback;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	39	import javax.security.auth.callback.CallbackHandler;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	40	import javax.security.auth.callback.UnsupportedCallbackException;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	41	import javax.security.sasl.*;
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	42
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	43	// The basic krb5 test skeleton you can copy from
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	44	public class SaslBasic {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	45
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	46	public static void main(String[] args) throws Exception {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	47
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	48	boolean bound = args[0].equals("bound");
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	49	String name = "host." + OneKDC.REALM.toLowerCase(Locale.US);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	50
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	51	new OneKDC(null).writeJAASConf();
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	52	System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	53
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	54	HashMap clntprops = new HashMap();
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	55	clntprops.put(Sasl.QOP, "auth-conf");
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	56	SaslClient sc = Sasl.createSaslClient(
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	57	new String[]{"GSSAPI"}, null, "server",
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	58	name, clntprops, null);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	59
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	60	final HashMap srvprops = new HashMap();
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	61	srvprops.put(Sasl.QOP, "auth,auth-int,auth-conf");
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	62	SaslServer ss = Sasl.createSaslServer("GSSAPI", "server",
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	63	bound? name: null, srvprops,
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	64	new CallbackHandler() {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	65	public void handle(Callback[] callbacks)
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	66	throws IOException, UnsupportedCallbackException {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	67	for (Callback cb : callbacks) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	68	if (cb instanceof RealmCallback) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	69	((RealmCallback) cb).setText(OneKDC.REALM);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	70	} else if (cb instanceof AuthorizeCallback) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	71	((AuthorizeCallback) cb).setAuthorized(true);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	72	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	73	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	74	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	75	});
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	76
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	77	byte[] token = new byte[0];
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	78	while (!sc.isComplete() \|\| !ss.isComplete()) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	79	if (!sc.isComplete()) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	80	token = sc.evaluateChallenge(token);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	81	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	82	if (!ss.isComplete()) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	83	token = ss.evaluateResponse(token);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	84	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	85	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	86	if (!bound) {
25403 e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	87	String boundName = (String)ss.getNegotiatedProperty(
e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	88	Sasl.BOUND_SERVER_NAME);
14340 e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	89	if (!boundName.equals(name)) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	90	throw new Exception("Wrong bound server name");
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	91	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	92	}
25403 e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	93	Object key = ss.getNegotiatedProperty(
e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	94	"com.sun.security.jgss.inquiretype.krb5_get_session_key");
e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	95	if (key == null) {
e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	96	throw new Exception("Extended negotiated property not read");
e982fe3e83a4 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL weijun parents: 14340 diff changeset	97	}
14340 e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	98	byte[] hello = "hello".getBytes();
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	99	token = sc.wrap(hello, 0, hello.length);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	100	token = ss.unwrap(token, 0, token.length);
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	101	if (!Arrays.equals(hello, token)) {
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	102	throw new Exception("Message altered");
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	103	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	104	}
e150cbaf584e 7110803: SASL service for multiple hostnames weijun parents: diff changeset	105	}

author	stefank
	Mon, 25 Aug 2014 09:10:13 +0200
changeset 26314	f8bc1966fb30
parent 25403	e982fe3e83a4
child 30820	0d4717a011d3
permissions	-rw-r--r--