--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/auto/RefreshKrb5Config.java Fri Jul 17 17:30:55 2015 -0700
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.File;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+/*
+ * @test
+ * @bug 4745056 8075297
+ * @summary Checks if refreshKrb5Config is set to true for Krb5LoginModule,
+ * then configuration will be refreshed before login() method is called
+ * @run main/othervm RefreshKrb5Config
+ */
+public class RefreshKrb5Config {
+
+ static final String TEST_SRC = System.getProperty("test.src", ".");
+ static final String HOST = "localhost";
+ static final String NOT_EXISTING_HOST = "not.existing.host";
+ static final String REALM = "TEST.REALM";
+ static final String USER = "USER";
+ static final String USER_PRINCIPAL = USER + "@" + REALM;
+ static final String USER_PASSWORD = "password";
+ static final String KRBTGT_PRINCIPAL = "krbtgt/" + REALM;
+ static final String KRB5_CONF_FILENAME = "krb5.conf";
+
+ public static void main(String[] args) throws LoginException, IOException {
+ Map<String, String> principals = new HashMap<>();
+ principals.put(USER_PRINCIPAL, USER_PASSWORD);
+ principals.put(KRBTGT_PRINCIPAL, null);
+
+ System.setProperty("java.security.krb5.conf", KRB5_CONF_FILENAME);
+
+ // start a local KDC, and save krb5 config
+ KDC kdc = KDC.startKDC(HOST, null, REALM, principals, null, null);
+ KDC.saveConfig(KRB5_CONF_FILENAME, kdc, "max_retries = 1");
+
+ System.setProperty("java.security.auth.login.config",
+ TEST_SRC + File.separator + "refreshKrb5Config.jaas");
+
+ CallbackHandler handler = new Helper.UserPasswordHandler(
+ USER, USER_PASSWORD);
+
+ // set incorrect KDC
+ System.out.println("java.security.krb5.kdc = " + NOT_EXISTING_HOST);
+ System.setProperty("java.security.krb5.kdc", NOT_EXISTING_HOST);
+ System.out.println("java.security.krb5.realm = " + REALM);
+ System.setProperty("java.security.krb5.realm", REALM);
+ try {
+ new LoginContext("Refreshable", handler).login();
+ throw new RuntimeException("Expected exception not thrown");
+ } catch (LoginException le) {
+ System.out.println("Expected login failure: " + le);
+ }
+
+ // reset properties
+ System.out.println("Reset java.security.krb5.kdc");
+ System.clearProperty("java.security.krb5.kdc");
+ System.out.println("Reset java.security.krb5.realm");
+ System.clearProperty("java.security.krb5.realm");
+
+ // login with not-refreshable config
+ try {
+ new LoginContext("NotRefreshable", handler).login();
+ throw new RuntimeException("Expected exception not thrown");
+ } catch (LoginException le) {
+ System.out.println("Expected login failure: " + le);
+ }
+
+ // login with refreshable config
+ new LoginContext("Refreshable", handler).login();
+
+ System.out.println("Test passed");
+ }
+
+}