/*
* JBoss, Home of Professional Open Source.
* Copyright 2008, Red Hat Middleware LLC, and individual contributors
* as indicated by the @author tags. See the copyright.txt file in the
* distribution for a full listing of individual contributors.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this software; if not, write to the Free
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.test.security.test;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.lang.reflect.Method;
import java.security.Principal;
import java.util.HashMap;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import junit.framework.TestCase;
import org.jboss.logging.Logger;
import org.jboss.logging.XLevel;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;
//$Id: RoleMappingModuleUnitTestCase.java 81036 2008-11-14 13:36:39Z dimitris@jboss.org $
/**
* JBAS-3323: Role Mapping Login Module that maps application role to
* declarative role
* @author <a href="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
* @since Jun 22, 2006
* @version $Revision: 81036 $
*/
public class RoleMappingModuleUnitTestCase extends TestCase
{
private static String tmpDir = System.getProperty("java.io.tmpdir");
private static String rolesFile = "file:" + tmpDir + "/rolesmapping-roles.properties";
static class TestConfig extends Configuration
{
public void refresh()
{
}
public AppConfigurationEntry[] getAppConfigurationEntry(String name)
{
AppConfigurationEntry[] entry = null;
try
{
Class[] parameterTypes = {};
Method m = getClass().getDeclaredMethod(name, parameterTypes);
Object[] args = {};
entry = (AppConfigurationEntry[]) m.invoke(this, args);
}
catch(Exception e)
{
}
return entry;
}
AppConfigurationEntry[] testRoleMapping()
{
AppConfigurationEntry ace = getIdentityLoginModuleEntry();
String name2 = "org.jboss.security.auth.spi.RoleMappingLoginModule";
HashMap options2 = new HashMap();
options2.put("rolesProperties", rolesFile);
AppConfigurationEntry ace2 = new AppConfigurationEntry(name2,
AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, options2);
AppConfigurationEntry[] entry = {ace,ace2};
return entry;
}
AppConfigurationEntry[] testRoleMappingWithReplace()
{
AppConfigurationEntry ace = getIdentityLoginModuleEntry();
String name2 = "org.jboss.security.auth.spi.RoleMappingLoginModule";
HashMap options2 = new HashMap();
options2.put("rolesProperties", rolesFile);
options2.put("replaceRole", "true");
AppConfigurationEntry ace2 = new AppConfigurationEntry(name2,
AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, options2);
AppConfigurationEntry[] entry = {ace,ace2};
return entry;
}
private AppConfigurationEntry getIdentityLoginModuleEntry()
{
String name = "org.jboss.security.auth.spi.IdentityLoginModule";
HashMap options = new HashMap();
options.put("principal", "stark");
options.put("roles", "Role3,Role4");
AppConfigurationEntry ace = new AppConfigurationEntry(name,
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
return ace;
}
}
public RoleMappingModuleUnitTestCase(String name)
{
super(name);
}
protected void setUp() throws Exception
{
// Install the custom JAAS configuration
Configuration.setConfiguration(new TestConfig());
}
/**
* Test the RoleMappingLoginModule with no option to replace the role
* @throws Exception
*/
public void testRoleMappingModule() throws Exception
{
File file = createRolesFile();
assertTrue("File exists",file.exists());
processLogin("testRoleMapping", false);
clearRolesFile(file);
}
/**
* Test the RoleMappingLoginModule with an option to replace the role
* @throws Exception
*/
public void testRoleMappingModuleWithReplace() throws Exception
{
File file = createRolesFile();
assertTrue("File exists",file.exists());
processLogin("testRoleMappingWithReplace",true);
clearRolesFile(file);
}
/**
* Do the JAAS Login that includes the RoleMappingLoginModule
* @param config Jaas Configuration Name
* @param replaceRole flag whether the role has been replaced in the subject
* @throws LoginException
*/
private void processLogin(String config, boolean replaceRole) throws LoginException
{
Subject subject = new Subject();
LoginContext lc = new LoginContext(config,subject, new TestCallbackHandler());
lc.login();
subject = lc.getSubject();
Iterator iter = subject.getPrincipals().iterator();
boolean ranAsserts = false;
while(iter.hasNext())
{
Principal p = (Principal)iter.next();
if(p instanceof SimpleGroup)
{
SimpleGroup sg = (SimpleGroup)p;
ranAsserts = true;
assertTrue("testRole exists?", sg.isMember(new SimplePrincipal("testRole")));
assertTrue("testRole2 exists?", sg.isMember(new SimplePrincipal("testRole2")));
assertTrue("Role4 exists?", sg.isMember(new SimplePrincipal("Role4")));
if(replaceRole)
assertFalse("Role3 does not exist?", sg.isMember(new SimplePrincipal("Role3")));
else
assertTrue("Role3 exists?", sg.isMember(new SimplePrincipal("Role3")));
}
}
assertTrue("Ran Asserts?",ranAsserts);
}
/**
* Delete the properties file created for the test
* @param file
*/
private void clearRolesFile(File file)
{
if(file.exists())
file.delete();
assertFalse("File does not exist",file.exists());
}
/**
* Create a properties file for the test
* @return
* @throws IOException
*/
private File createRolesFile() throws IOException
{
File file = new File(tmpDir + "/rolesmapping-roles.properties");
clearRolesFile(file); //Delete residual files (if any)
FileWriter fw = new FileWriter(file);
fw.write("Role3=testRole,testRole2");
fw.close();
return file;
}
/**
*
* A TestCallbackHandler.
* Does not do anything.
* @author <a href="anil.saldhana@jboss.com">Anil Saldhana</a>
* @version $Revision: 81036 $
*/
private class TestCallbackHandler implements CallbackHandler
{
public void handle(Callback[] arg0) throws IOException,
UnsupportedCallbackException
{
}
}
}