RefreshKrb5Config.java 4.0 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100
/*
 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/*
 * @test
 * @bug 4745056 8075297
 * @summary Checks if refreshKrb5Config is set to true for Krb5LoginModule,
 *          then configuration will be refreshed before login() method is called
 * @run main/othervm RefreshKrb5Config
 */
public class RefreshKrb5Config {

    static final String TEST_SRC = System.getProperty("test.src", ".");
    static final String HOST = "localhost";
    static final String NOT_EXISTING_HOST = "not.existing.host";
    static final String REALM = "TEST.REALM";
    static final String USER = "USER";
    static final String USER_PRINCIPAL = USER + "@" + REALM;
    static final String USER_PASSWORD = "password";
    static final String KRBTGT_PRINCIPAL = "krbtgt/" + REALM;
    static final String KRB5_CONF_FILENAME = "krb5.conf";

    public static void main(String[] args) throws LoginException, IOException {
        Map<String, String> principals = new HashMap<>();
        principals.put(USER_PRINCIPAL, USER_PASSWORD);
        principals.put(KRBTGT_PRINCIPAL, null);

        System.setProperty("java.security.krb5.conf", KRB5_CONF_FILENAME);

        // start a local KDC, and save krb5 config
        KDC kdc = KDC.startKDC(HOST, null, REALM, principals, null, null);
        KDC.saveConfig(KRB5_CONF_FILENAME, kdc, "max_retries = 1");

        System.setProperty("java.security.auth.login.config",
                TEST_SRC + File.separator + "refreshKrb5Config.jaas");

        CallbackHandler handler = new Helper.UserPasswordHandler(
                USER, USER_PASSWORD);

        // set incorrect KDC
        System.out.println("java.security.krb5.kdc = " + NOT_EXISTING_HOST);
        System.setProperty("java.security.krb5.kdc", NOT_EXISTING_HOST);
        System.out.println("java.security.krb5.realm = " + REALM);
        System.setProperty("java.security.krb5.realm", REALM);
        try {
            new LoginContext("Refreshable", handler).login();
            throw new RuntimeException("Expected exception not thrown");
        } catch (LoginException le) {
            System.out.println("Expected login failure: " + le);
        }

        // reset properties
        System.out.println("Reset java.security.krb5.kdc");
        System.clearProperty("java.security.krb5.kdc");
        System.out.println("Reset java.security.krb5.realm");
        System.clearProperty("java.security.krb5.realm");

        // login with not-refreshable config
        try {
            new LoginContext("NotRefreshable", handler).login();
            throw new RuntimeException("Expected exception not thrown");
        } catch (LoginException le) {
            System.out.println("Expected login failure: " + le);
        }

        // login with refreshable config
        new LoginContext("Refreshable", handler).login();

        System.out.println("Test passed");
    }

}