001: package com.ecyrd.jspwiki.auth.login;
002:
003: import java.security.Principal;
004: import java.util.Properties;
005: import java.util.Set;
006:
007: import javax.security.auth.Subject;
008: import javax.security.auth.callback.CallbackHandler;
009: import javax.security.auth.login.LoginContext;
010: import javax.security.auth.login.LoginException;
011:
012: import junit.framework.TestCase;
013:
014: import com.ecyrd.jspwiki.NoRequiredPropertyException;
015: import com.ecyrd.jspwiki.TestAuthorizer;
016: import com.ecyrd.jspwiki.TestEngine;
017: import com.ecyrd.jspwiki.TestHttpServletRequest;
018: import com.ecyrd.jspwiki.WikiEngine;
019: import com.ecyrd.jspwiki.auth.Authorizer;
020: import com.ecyrd.jspwiki.auth.WikiPrincipal;
021: import com.ecyrd.jspwiki.auth.authorize.Role;
022: import com.ecyrd.jspwiki.auth.user.UserDatabase;
023: import com.ecyrd.jspwiki.auth.user.XMLUserDatabase;
024:
025: /**
026: * @author Andrew R. Jaquith
027: */
028: public class WebContainerLoginModuleTest extends TestCase {
029: Authorizer authorizer;
030:
031: UserDatabase db;
032:
033: Subject subject;
034:
035: private WikiEngine m_engine;
036:
037: public final void testLogin() {
038: Principal principal = new WikiPrincipal("Andrew Jaquith");
039: Principal wrapper = new PrincipalWrapper(principal);
040: TestHttpServletRequest request = new TestHttpServletRequest();
041: request.setUserPrincipal(principal);
042: try {
043: // Test using Principal (WebContainerLoginModule succeeds)
044: CallbackHandler handler = new WebContainerCallbackHandler(
045: m_engine, request, authorizer);
046: LoginContext context = new LoginContext(
047: "JSPWiki-container", subject, handler);
048: context.login();
049: Set principals = subject.getPrincipals();
050: assertEquals(3, principals.size());
051: assertTrue(principals.contains(wrapper));
052: assertFalse(principals.contains(Role.ANONYMOUS));
053: assertFalse(principals.contains(Role.ASSERTED));
054: assertTrue(principals.contains(Role.AUTHENTICATED));
055: assertTrue(principals.contains(Role.ALL));
056:
057: // Test using remote user (WebContainerLoginModule succeeds)
058: subject = new Subject();
059: request = new TestHttpServletRequest();
060: request.setRemoteUser("Andrew Jaquith");
061: handler = new WebContainerCallbackHandler(m_engine,
062: request, authorizer);
063: context = new LoginContext("JSPWiki-container", subject,
064: handler);
065: context.login();
066: principals = subject.getPrincipals();
067: assertEquals(3, principals.size());
068: assertTrue(principals.contains(wrapper));
069: assertFalse(principals.contains(Role.ANONYMOUS));
070: assertFalse(principals.contains(Role.ASSERTED));
071: assertTrue(principals.contains(Role.AUTHENTICATED));
072: assertTrue(principals.contains(Role.ALL));
073:
074: // Test using IP address (AnonymousLoginModule succeeds)
075: subject = new Subject();
076: request = new TestHttpServletRequest();
077: request.setRemoteAddr("53.33.128.9");
078: handler = new WebContainerCallbackHandler(m_engine,
079: request, authorizer);
080: context = new LoginContext("JSPWiki-container", subject,
081: handler);
082: context.login();
083: principals = subject.getPrincipals();
084: assertEquals(3, principals.size());
085: assertFalse(principals.contains(principal));
086: assertTrue(principals.contains(Role.ANONYMOUS));
087: assertFalse(principals.contains(Role.ASSERTED));
088: assertFalse(principals.contains(Role.AUTHENTICATED));
089: assertTrue(principals.contains(Role.ALL));
090: } catch (LoginException e) {
091: System.err.println(e.getMessage());
092: assertTrue(false);
093: }
094: }
095:
096: public final void testLoginWithRoles() throws Exception {
097: // Create user with 2 container roles; TestAuthorizer knows about these
098: Principal principal = new WikiPrincipal("Andrew Jaquith");
099: Principal wrapper = new PrincipalWrapper(principal);
100: TestHttpServletRequest request = new TestHttpServletRequest();
101: request.setUserPrincipal(principal);
102: request.setRoles(new String[] { "IT", "Engineering" });
103:
104: // Test using Principal (WebContainerLoginModule succeeds)
105: CallbackHandler handler = new WebContainerCallbackHandler(
106: m_engine, request, authorizer);
107: LoginContext context = new LoginContext("JSPWiki-container",
108: subject, handler);
109: context.login();
110: Set principals = subject.getPrincipals();
111: assertEquals(5, principals.size());
112: assertTrue(principals.contains(wrapper));
113: assertFalse(principals.contains(Role.ANONYMOUS));
114: assertFalse(principals.contains(Role.ASSERTED));
115: assertTrue(principals.contains(Role.AUTHENTICATED));
116: assertTrue(principals.contains(Role.ALL));
117: assertTrue(principals.contains(new Role("IT")));
118: assertTrue(principals.contains(new Role("Engineering")));
119: }
120:
121: public final void testLogout() {
122: Principal principal = new WikiPrincipal("Andrew Jaquith");
123: Principal wrapper = new PrincipalWrapper(principal);
124: TestHttpServletRequest request = new TestHttpServletRequest();
125: request.setUserPrincipal(principal);
126: try {
127: CallbackHandler handler = new WebContainerCallbackHandler(
128: m_engine, request, authorizer);
129: LoginContext context = new LoginContext(
130: "JSPWiki-container", subject, handler);
131: context.login();
132: Set principals = subject.getPrincipals();
133: assertEquals(3, principals.size());
134: assertTrue(principals.contains(wrapper));
135: assertTrue(principals.contains(Role.AUTHENTICATED));
136: assertTrue(principals.contains(Role.ALL));
137: context.logout();
138: assertEquals(0, principals.size());
139: } catch (LoginException e) {
140: System.err.println(e.getMessage());
141: assertTrue(false);
142: }
143: }
144:
145: /**
146: * @see junit.framework.TestCase#setUp()
147: */
148: protected void setUp() throws Exception {
149: Properties props = new Properties();
150: props.load(TestEngine.findTestProperties());
151: props.put(XMLUserDatabase.PROP_USERDATABASE,
152: "tests/etc/userdatabase.xml");
153: m_engine = new TestEngine(props);
154: authorizer = new TestAuthorizer();
155: authorizer.initialize(m_engine, props);
156: db = new XMLUserDatabase();
157: subject = new Subject();
158: try {
159: db.initialize(m_engine, props);
160: } catch (NoRequiredPropertyException e) {
161: System.err.println(e.getMessage());
162: assertTrue(false);
163: }
164: }
165:
166: }
|