31801
|
1 |
/*
|
|
2 |
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
|
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
4 |
*
|
|
5 |
* This code is free software; you can redistribute it and/or modify it
|
|
6 |
* under the terms of the GNU General Public License version 2 only, as
|
|
7 |
* published by the Free Software Foundation.
|
|
8 |
*
|
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that
|
|
13 |
* accompanied this code).
|
|
14 |
*
|
|
15 |
* You should have received a copy of the GNU General Public License version
|
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
18 |
*
|
|
19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
20 |
* or visit www.oracle.com if you need additional information or have any
|
|
21 |
* questions.
|
|
22 |
*/
|
|
23 |
|
|
24 |
import java.io.File;
|
|
25 |
import java.io.IOException;
|
|
26 |
import java.util.HashMap;
|
|
27 |
import java.util.Map;
|
|
28 |
import javax.security.auth.callback.CallbackHandler;
|
|
29 |
import javax.security.auth.login.LoginContext;
|
|
30 |
import javax.security.auth.login.LoginException;
|
|
31 |
|
|
32 |
/*
|
|
33 |
* @test
|
|
34 |
* @bug 4745056 8075297
|
|
35 |
* @summary Checks if refreshKrb5Config is set to true for Krb5LoginModule,
|
|
36 |
* then configuration will be refreshed before login() method is called
|
|
37 |
* @run main/othervm RefreshKrb5Config
|
|
38 |
*/
|
|
39 |
public class RefreshKrb5Config {
|
|
40 |
|
|
41 |
static final String TEST_SRC = System.getProperty("test.src", ".");
|
|
42 |
static final String HOST = "localhost";
|
|
43 |
static final String NOT_EXISTING_HOST = "not.existing.host";
|
|
44 |
static final String REALM = "TEST.REALM";
|
|
45 |
static final String USER = "USER";
|
|
46 |
static final String USER_PRINCIPAL = USER + "@" + REALM;
|
|
47 |
static final String USER_PASSWORD = "password";
|
|
48 |
static final String KRBTGT_PRINCIPAL = "krbtgt/" + REALM;
|
|
49 |
static final String KRB5_CONF_FILENAME = "krb5.conf";
|
|
50 |
|
|
51 |
public static void main(String[] args) throws LoginException, IOException {
|
|
52 |
Map<String, String> principals = new HashMap<>();
|
|
53 |
principals.put(USER_PRINCIPAL, USER_PASSWORD);
|
|
54 |
principals.put(KRBTGT_PRINCIPAL, null);
|
|
55 |
|
|
56 |
System.setProperty("java.security.krb5.conf", KRB5_CONF_FILENAME);
|
|
57 |
|
|
58 |
// start a local KDC, and save krb5 config
|
|
59 |
KDC kdc = KDC.startKDC(HOST, null, REALM, principals, null, null);
|
|
60 |
KDC.saveConfig(KRB5_CONF_FILENAME, kdc, "max_retries = 1");
|
|
61 |
|
|
62 |
System.setProperty("java.security.auth.login.config",
|
|
63 |
TEST_SRC + File.separator + "refreshKrb5Config.jaas");
|
|
64 |
|
|
65 |
CallbackHandler handler = new Helper.UserPasswordHandler(
|
|
66 |
USER, USER_PASSWORD);
|
|
67 |
|
|
68 |
// set incorrect KDC
|
|
69 |
System.out.println("java.security.krb5.kdc = " + NOT_EXISTING_HOST);
|
|
70 |
System.setProperty("java.security.krb5.kdc", NOT_EXISTING_HOST);
|
|
71 |
System.out.println("java.security.krb5.realm = " + REALM);
|
|
72 |
System.setProperty("java.security.krb5.realm", REALM);
|
|
73 |
try {
|
|
74 |
new LoginContext("Refreshable", handler).login();
|
|
75 |
throw new RuntimeException("Expected exception not thrown");
|
|
76 |
} catch (LoginException le) {
|
|
77 |
System.out.println("Expected login failure: " + le);
|
|
78 |
}
|
|
79 |
|
|
80 |
// reset properties
|
|
81 |
System.out.println("Reset java.security.krb5.kdc");
|
|
82 |
System.clearProperty("java.security.krb5.kdc");
|
|
83 |
System.out.println("Reset java.security.krb5.realm");
|
|
84 |
System.clearProperty("java.security.krb5.realm");
|
|
85 |
|
|
86 |
// login with not-refreshable config
|
|
87 |
try {
|
|
88 |
new LoginContext("NotRefreshable", handler).login();
|
|
89 |
throw new RuntimeException("Expected exception not thrown");
|
|
90 |
} catch (LoginException le) {
|
|
91 |
System.out.println("Expected login failure: " + le);
|
|
92 |
}
|
|
93 |
|
|
94 |
// login with refreshable config
|
|
95 |
new LoginContext("Refreshable", handler).login();
|
|
96 |
|
|
97 |
System.out.println("Test passed");
|
|
98 |
}
|
|
99 |
|
|
100 |
}
|