/*
* Copyright 2002-2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.authentication.jaas;
import static org.assertj.core.api.Assertions.*;
import org.junit.Test;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.jaas.AuthorityGranter;
import org.springframework.security.authentication.jaas.JaasAuthenticationCallbackHandler;
import org.springframework.security.authentication.jaas.JaasAuthenticationProvider;
import org.springframework.security.authentication.jaas.JaasNameCallbackHandler;
import org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
/**
* Tests bug reported in SEC-760.
*
* @author Ben Alex
*
*/
public class Sec760Tests {
public String resolveConfigFile(String filename) {
String resName = "/" + getClass().getPackage().getName().replace('.', '/')
+ filename;
return resName;
}
private void testConfigureJaasCase(JaasAuthenticationProvider p1,
JaasAuthenticationProvider p2) throws Exception {
p1.setLoginConfig(new ClassPathResource(resolveConfigFile("/test1.conf")));
p1.setLoginContextName("test1");
p1.setCallbackHandlers(new JaasAuthenticationCallbackHandler[] {
new TestCallbackHandler(), new JaasNameCallbackHandler(),
new JaasPasswordCallbackHandler() });
p1.setAuthorityGranters(new AuthorityGranter[] { new TestAuthorityGranter() });
p1.afterPropertiesSet();
testAuthenticate(p1);
p2.setLoginConfig(new ClassPathResource(resolveConfigFile("/test2.conf")));
p2.setLoginContextName("test2");
p2.setCallbackHandlers(new JaasAuthenticationCallbackHandler[] {
new TestCallbackHandler(), new JaasNameCallbackHandler(),
new JaasPasswordCallbackHandler() });
p2.setAuthorityGranters(new AuthorityGranter[] { new TestAuthorityGranter() });
p2.afterPropertiesSet();
testAuthenticate(p2);
}
private void testAuthenticate(JaasAuthenticationProvider p1) {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
"user", "password", AuthorityUtils.createAuthorityList("ROLE_ONE",
"ROLE_TWO"));
Authentication auth = p1.authenticate(token);
assertThat(auth).isNotNull();
}
@Test
public void testConfigureJaas() throws Exception {
testConfigureJaasCase(new JaasAuthenticationProvider(),
new JaasAuthenticationProvider());
}
}