Chapter 15. Example of Authentication
The following is a test case for the default implementation's
JBossAuthenticationManager.
package org.jboss.test.authentication;
import java.security.Principal;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.auth.callback.AppCallbackHandler;
import org.jboss.security.plugins.JBossAuthenticationManager;
import junit.framework.TestCase;
//$Id$
/**
* Unit tests for the JBossAuthenticationManager
*/
public class JBossAuthenticationManagerUnitTestCase extends TestCase
{
@Override
protected void setUp() throws Exception
{
super.setUp();
establishSecurityConfiguration();
}
public void testSecurityDomain() throws Exception
{
AuthenticationManager am = new JBossAuthenticationManager("test1",
new AppCallbackHandler("a","b".toCharArray()));
assertEquals("test1", am.getSecurityDomain());
}
public void testLogin() throws Exception
{
Principal p = new SimplePrincipal("jduke");
AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
assertTrue(am.isValid(p, "theduke"));
assertNotNull("Subject is valid",am.getActiveSubject());
assertTrue("Principal is present",
am.getActiveSubject().getPrincipals().contains(p));
}
public void testUnsuccessfulLogin() throws Exception
{
Principal p = new SimplePrincipal("jduke");
AppCallbackHandler acbh = new AppCallbackHandler("jduke","bad".toCharArray());
AuthenticationManager am = new JBossAuthenticationManager("test",acbh);
assertFalse(am.isValid(p, "bad"));
}
public void testSecurityCache() throws Exception
{
Principal p = new SimplePrincipal("jduke");
AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
JBossAuthenticationManager am = new JBossAuthenticationManager("test",acbh);
assertFalse("Cache Validation is false", am.fromCache());
assertTrue(am.isValid(p, "theduke"));
assertNotNull("Subject is valid",am.getActiveSubject());
assertTrue("Principal is present",
am.getActiveSubject().getPrincipals().contains(p));
assertFalse("Cache Validation is false", am.fromCache());
assertTrue(am.isValid(p, "theduke"));
assertTrue("Cache Validation", am.fromCache());
assertTrue(am.isValid(p, "theduke"));
assertTrue("Cache Validation", am.fromCache());
acbh = new AppCallbackHandler("jduke","dummy".toCharArray());
am = new JBossAuthenticationManager("test",acbh);
assertFalse(am.isValid(p, "dummy"));
assertFalse("Cache Validation is false", am.fromCache());
}
public void testSecurityCacheInjection() throws Exception
{
Principal p = new SimplePrincipal("jduke");
AppCallbackHandler acbh = new AppCallbackHandler("jduke","theduke".toCharArray());
JBossAuthenticationManager am = new JBossAuthenticationManager("test",acbh);
am.setSecurityCache(TestSecurityCache.class.getName());
assertFalse("Cache Validation is false", am.fromCache());
assertTrue(am.isValid(p, "theduke"));
assertNotNull("Subject is valid",am.getActiveSubject());
assertTrue("Principal is present",
am.getActiveSubject().getPrincipals().contains(p));
assertFalse("Cache Validation is false", am.fromCache());
assertTrue(am.isValid(p, "theduke"));
assertTrue("Cache Validation", am.fromCache());
assertTrue(am.isValid(p, "theduke"));
assertTrue("Cache Validation", am.fromCache());
acbh = new AppCallbackHandler("jduke","dummy".toCharArray());
am = new JBossAuthenticationManager("test",acbh);
assertFalse(am.isValid(p, "dummy"));
assertFalse("Cache Validation is false", am.fromCache());
}
private void establishSecurityConfiguration()
{
Configuration.setConfiguration(new TestConfig());
}
public class TestConfig extends Configuration
{
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name)
{
HashMap map = new HashMap();
map.put("usersProperties", "users.properties");
map.put("rolesProperties", "roles.properties");
String moduleName = "org.jboss.security.auth.spi.UsersRolesLoginModule";
AppConfigurationEntry ace = new AppConfigurationEntry(moduleName,
LoginModuleControlFlag.REQUIRED, map);
return new AppConfigurationEntry[]{ace};
}
@Override
public void refresh()
{
}
}
}
This test case should be used with the Java Authentication and Authorization Service (JAAS) configuration.
