001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.security;
018:
019: import java.util.ArrayList;
020: import java.util.Iterator;
021: import java.util.List;
022:
023: import junit.framework.Test;
024: import junit.framework.TestSuite;
025:
026: import org.apache.jetspeed.security.impl.AuthenticationProviderImpl;
027: import org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl;
028: import org.apache.jetspeed.security.impl.GroupManagerImpl;
029: import org.apache.jetspeed.security.impl.LoginModuleProxyImpl;
030: import org.apache.jetspeed.security.impl.RoleManagerImpl;
031: import org.apache.jetspeed.security.impl.SecurityProviderImpl;
032: import org.apache.jetspeed.security.impl.UserManagerImpl;
033: import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
034:
035: /**
036: * <p>
037: * Unit testing for {@link TestAuthenticationProviderProxy}.
038: * </p>
039: *
040: * TODO Needs an LDAP server configured for most of those tests to be valid.
041: * Commented until embedded ldap is supported.
042: *
043: * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
044: */
045: public class TestAuthenticationProviderProxy extends
046: AbstractSecurityTestcase {
047: int userCount = 0;
048: int usersAdded = 0;
049:
050: /**
051: * @see junit.framework.TestCase#setUp()
052: */
053: protected void setUp() throws Exception {
054: super .setUp();
055: destroyTestData();
056:
057: // The LDAP user security handler.
058: // is supported.
059: // UserSecurityHandler ldapUsh = new LdapUserSecurityHandler();
060: // The LDAP credential handler.
061: // CredentialHandler ldapCh = new LdapCredentialHandler();
062:
063: // Security Providers.
064: AuthenticationProvider defaultAtnProvider = new AuthenticationProviderImpl(
065: "DefaultAuthenticator", "The default authenticator",
066: "login.conf", ch, ush);
067: // AuthenticationProvider ldapAtnProvider = new
068: // AuthenticationProviderImpl("LdapAuthenticator", "The ldap
069: // authenticator", ldapCh, ldapUsh);
070:
071: List atnProviders = new ArrayList();
072: atnProviders.add(defaultAtnProvider);
073: // atnProviders.add(ldapAtnProvider);
074: AuthenticationProviderProxy atnProviderProxy = new AuthenticationProviderProxyImpl(
075: atnProviders, "DefaultAuthenticator");
076:
077: // Need to override the AbstractSecurityTestcase behavior.
078: securityProvider = new SecurityProviderImpl(atnProviderProxy,
079: rsh, gsh, smh);
080: ums = new UserManagerImpl(securityProvider);
081: gms = new GroupManagerImpl(securityProvider);
082: rms = new RoleManagerImpl(securityProvider);
083:
084: // Login module.
085: new LoginModuleProxyImpl(ums);
086: }
087:
088: /**
089: * @see junit.framework.TestCase#tearDown()
090: */
091: public void tearDown() throws Exception {
092: destroyTestData();
093: super .tearDown();
094: }
095:
096: public static Test suite() {
097: return new TestSuite(TestAuthenticationProviderProxy.class);
098: }
099:
100: /**
101: * <p>
102: * Test user manager.
103: * </p>
104: */
105: public void testUserManager() {
106: initTestData();
107:
108: try {
109: // Get user.
110: // From LDAP.
111: // ldap is supported.
112: // User user = ums.getUser("ldap1");
113: // assertNotNull(user);
114: // assertEquals("ldap1",
115: // SecurityHelper.getPrincipal(user.getSubject(),
116: // UserPrincipal.class).getName());
117:
118: // From RDBMS.
119: User user = ums.getUser("anonuser1");
120: assertNotNull(user);
121: assertEquals("anonuser1", SecurityHelper.getPrincipal(
122: user.getSubject(), UserPrincipal.class).getName());
123:
124: // Authenticate.
125: // From Ldap.
126: // assertTrue(ums.authenticate("ldap2", "password"));
127: // assertFalse(ums.authenticate("ldap3", "pword"));
128:
129: // From RDBMS.
130: assertTrue(ums.authenticate("anonuser2", "password"));
131: assertFalse(ums.authenticate("anonuser3", "pword"));
132:
133: // Get all users. 5 rdbms users + 3 ldap users.
134: Iterator users = ums.getUsers("");
135: int count = 0;
136: while (users.hasNext()) {
137: users.next();
138: count++;
139: }
140:
141: // assertEquals(8, count);
142:
143: assertEquals(userCount + usersAdded, count);
144: } catch (SecurityException sex) {
145: assertTrue("security exception caught: " + sex, false);
146: }
147:
148: destroyTestData();
149: }
150:
151: /**
152: * <p>
153: * Test role manager.
154: * </p>
155: */
156: /*
157: public void testRoleManager()
158: {
159: initTestData();
160:
161: try
162: {
163: // Add user to role.
164: // Mapping only.
165: rms.addRoleToUser("ldap1", "testrole1.subrole1");
166: // Get role mapping.
167: Collection roles = rms.getRolesForUser("ldap1");
168: assertNotNull(roles);
169: // Given the hierarchy resolution. Should contain 2 roles.
170: assertEquals("should contain 2 roles", 2, roles.size());
171:
172: // Is user in roles?
173: assertTrue(rms.isUserInRole("ldap1", "testrole1"));
174: assertTrue(rms.isUserInRole("ldap1", "testrole1.subrole1"));
175:
176: // Remove role mapping.
177: rms.removeRoleFromUser("ldap1", "testrole1.subrole1");
178: // Get role mapping.
179: roles = rms.getRolesForUser("ldap1");
180: assertNotNull(roles);
181: assertEquals("should not contain any role", 0, roles.size());
182:
183: // The mapping entry should be gone.
184: assertNull(securityAccess.getInternalUserPrincipal("ldap1", true));
185:
186: // Is user in roles?
187: assertFalse(rms.isUserInRole("ldap1", "testrole1"));
188: assertFalse(rms.isUserInRole("ldap1", "testrole1.subrole1"));
189: }
190: catch (SecurityException sex)
191: {
192: assertTrue("security exception caught: " + sex, false);
193: }
194:
195: destroyTestData();
196: }
197: */
198:
199: /**
200: * <p>
201: * Test group manager.
202: * </p>
203: */
204: /*
205: public void testGroupManager()
206: {
207: initTestData();
208:
209: try
210: {
211: // Add user to group.
212: // Mapping only.
213: gms.addUserToGroup("ldap1", "testgroup1.subgroup1");
214: // Get group mapping.
215: Collection groups = gms.getGroupsForUser("ldap1");
216: assertNotNull(groups);
217: // Given the hierarchy resolution. Should contain 2 groups.
218: assertEquals("should contain 2 groups", 2, groups.size());
219:
220: // Is user in groups?
221: assertTrue(gms.isUserInGroup("ldap1", "testgroup1"));
222: assertTrue(gms.isUserInGroup("ldap1", "testgroup1.subgroup1"));
223:
224: // Remove group mapping.
225: gms.removeUserFromGroup("ldap1", "testgroup1.subgroup1");
226: // Get group mapping.
227: groups = gms.getGroupsForUser("ldap1");
228: assertNotNull(groups);
229: assertEquals("should not contain any group", 0, groups.size());
230:
231: // The mapping entry should be gone.
232: assertNull(securityAccess.getInternalUserPrincipal("ldap1", true));
233:
234: // Is user in groups?
235: assertFalse(gms.isUserInGroup("ldap1", "testgroup1"));
236: assertFalse(gms.isUserInGroup("ldap1", "testgroup1.subgroup1"));
237: }
238: catch (SecurityException sex)
239: {
240: assertTrue("security exception caught: " + sex, false);
241: }
242:
243: destroyTestData();
244: }
245: */
246:
247: /**
248: * <p>
249: * Init test data.
250: * </p>
251: */
252: private void initTestData() {
253: final String[] users = new String[] { "anonuser1", "anonuser2",
254: "anonuser3", "anonuser4", "anonuser5", };
255: final String[] roles = new String[] { "testrole1",
256: "testrole1.subrole1", "testrole1.subrole1.subrole2",
257: "testrole2", "testrole2.subrole1" };
258: final String[] groups = new String[] { "testgroup1",
259: "testgroup1.subgroup1",
260: "testgroup1.subgroup1.subgroup2", "testgroup2",
261: "testgroup2.subgroup1" };
262:
263: //before we adding users make sure we know how mnay we have
264: try {
265: Iterator it = ums.getUsers("");
266: userCount = 0;
267: while (it.hasNext()) {
268: it.next();
269: userCount++;
270: }
271: } catch (Exception e) {
272:
273: }
274:
275: usersAdded = 0;
276: for (int i = 0; i < users.length; i++) {
277: try {
278: ums.addUser(users[i], "password");
279: usersAdded++;
280: } catch (SecurityException e) {
281: System.err.println(e.toString());
282: }
283: }
284:
285: for (int i = 0; i < roles.length; i++) {
286: try {
287: rms.addRole(roles[i]);
288: } catch (SecurityException e) {
289: System.err.println(e.toString());
290: }
291: }
292:
293: for (int i = 0; i < groups.length; i++) {
294: try {
295: gms.addGroup(groups[i]);
296: } catch (SecurityException e) {
297: System.err.println(e.toString());
298: }
299: }
300: }
301:
302: /**
303: * <p>
304: * Destroy test data.
305: * </p>
306: */
307: private void destroyTestData() {
308: try {
309: Iterator userIter = ums.getUsers("");
310: User user;
311: String userName;
312: while (userIter.hasNext()) {
313: user = (User) userIter.next();
314: userName = SecurityHelper.getPrincipal(
315: user.getSubject(), UserPrincipal.class)
316: .getName();
317: if (!userName.equals(ums.getAnonymousUser())) {
318: ums.removeUser(userName);
319: }
320: }
321: } catch (SecurityException e) {
322: System.err.println(e.toString());
323: }
324:
325: final String[] roles = new String[] { "testrole1",
326: "testrole1.subrole1", "testrole1.subrole1.subrole2",
327: "testrole2", "testrole2.subrole1" };
328: final String[] groups = new String[] { "testgroup1",
329: "testgroup1.subgroup1",
330: "testgroup1.subgroup1.subgroup2", "testgroup2",
331: "testgroup2.subgroup1" };
332:
333: for (int i = 0; i < roles.length; i++) {
334: try {
335: rms.removeRole(roles[i]);
336: } catch (SecurityException e) {
337: System.err.println(e.toString());
338: }
339: }
340:
341: for (int i = 0; i < groups.length; i++) {
342: try {
343: gms.removeGroup(groups[i]);
344: } catch (SecurityException e) {
345: System.err.println(e.toString());
346: }
347: }
348: }
349: }
|