@After public void tearDown() throws Exception { if (handler != null) { handler.destroy(); handler = null; } } }
@After public void tearDown() throws Exception { if (handler != null) { handler.destroy(); handler = null; } } }
@After public void tearDown() throws Exception { if (handler != null) { handler.destroy(); handler = null; } } }
@Test(timeout=60000) public void testDynamicPrincipalDiscoveryMissingPrincipals() throws Exception { String[] keytabUsers = new String[]{"hdfs/localhost"}; String keytab = KerberosTestUtils.getKeytabFile(); getKdc().createPrincipal(new File(keytab), keytabUsers); // destroy handler created in setUp() handler.destroy(); Properties props = new Properties(); props.setProperty(KerberosAuthenticationHandler.KEYTAB, keytab); props.setProperty(KerberosAuthenticationHandler.PRINCIPAL, "*"); handler = getNewAuthenticationHandler(); try { handler.init(props); Assert.fail("init should have failed"); } catch (ServletException ex) { Assert.assertEquals("Principals do not exist in the keytab", ex.getCause().getMessage()); } catch (Throwable t) { Assert.fail("wrong exception: "+t); } }
@Test(timeout=60000) public void testDynamicPrincipalDiscoveryMissingPrincipals() throws Exception { String[] keytabUsers = new String[]{"hdfs/localhost"}; String keytab = KerberosTestUtils.getKeytabFile(); getKdc().createPrincipal(new File(keytab), keytabUsers); // destroy handler created in setUp() handler.destroy(); Properties props = new Properties(); props.setProperty(KerberosAuthenticationHandler.KEYTAB, keytab); props.setProperty(KerberosAuthenticationHandler.PRINCIPAL, "*"); handler = getNewAuthenticationHandler(); try { handler.init(props); Assert.fail("init should have failed"); } catch (ServletException ex) { Assert.assertEquals("Principals do not exist in the keytab", ex.getCause().getMessage()); } catch (Throwable t) { Assert.fail("wrong exception: "+t); } }
@Test(timeout=60000) public void testDynamicPrincipalDiscoveryMissingPrincipals() throws Exception { String[] keytabUsers = new String[]{"hdfs/localhost"}; String keytab = KerberosTestUtils.getKeytabFile(); getKdc().createPrincipal(new File(keytab), keytabUsers); // destroy handler created in setUp() handler.destroy(); Properties props = new Properties(); props.setProperty(KerberosAuthenticationHandler.KEYTAB, keytab); props.setProperty(KerberosAuthenticationHandler.PRINCIPAL, "*"); handler = getNewAuthenticationHandler(); try { handler.init(props); Assert.fail("init should have failed"); } catch (ServletException ex) { Assert.assertEquals("Principals do not exist in the keytab", ex.getCause().getMessage()); } catch (Throwable t) { Assert.fail("wrong exception: "+t); } }
@Test(timeout=60000) public void testNonDefaultNonBrowserUserAgentAsBrowser() throws Exception { HttpServletRequest request = Mockito.mock(HttpServletRequest.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); if (handler != null) { handler.destroy(); handler = null; } handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty("alt-kerberos.non-browser.user-agents", "foo, bar"); try { handler.init(props); } catch (Exception ex) { handler = null; throw ex; } // Pretend we're something that will not match with "foo" (or "bar") Mockito.when(request.getHeader("User-Agent")).thenReturn("blah"); // Should use alt authentication AuthenticationToken token = handler.authenticate(request, response); Assert.assertEquals("A", token.getUserName()); Assert.assertEquals("B", token.getName()); Assert.assertEquals(getExpectedType(), token.getType()); }
@Test(timeout=60000) public void testNonDefaultNonBrowserUserAgentAsBrowser() throws Exception { HttpServletRequest request = Mockito.mock(HttpServletRequest.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); if (handler != null) { handler.destroy(); handler = null; } handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty("alt-kerberos.non-browser.user-agents", "foo, bar"); try { handler.init(props); } catch (Exception ex) { handler = null; throw ex; } // Pretend we're something that will not match with "foo" (or "bar") Mockito.when(request.getHeader("User-Agent")).thenReturn("blah"); // Should use alt authentication AuthenticationToken token = handler.authenticate(request, response); Assert.assertEquals("A", token.getUserName()); Assert.assertEquals("B", token.getName()); Assert.assertEquals(getExpectedType(), token.getType()); }
@Test(timeout=60000) public void testNonDefaultNonBrowserUserAgentAsBrowser() throws Exception { HttpServletRequest request = Mockito.mock(HttpServletRequest.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); if (handler != null) { handler.destroy(); handler = null; } handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty("alt-kerberos.non-browser.user-agents", "foo, bar"); try { handler.init(props); } catch (Exception ex) { handler = null; throw ex; } // Pretend we're something that will not match with "foo" (or "bar") Mockito.when(request.getHeader("User-Agent")).thenReturn("blah"); // Should use alt authentication AuthenticationToken token = handler.authenticate(request, response); Assert.assertEquals("A", token.getUserName()); Assert.assertEquals("B", token.getName()); Assert.assertEquals(getExpectedType(), token.getType()); }
@Test(timeout=60000) public void testDynamicPrincipalDiscovery() throws Exception { String[] keytabUsers = new String[]{ "HTTP/host1", "HTTP/host2", "HTTP2/host1", "XHTTP/host" }; String keytab = KerberosTestUtils.getKeytabFile(); getKdc().createPrincipal(new File(keytab), keytabUsers); // destroy handler created in setUp() handler.destroy(); Properties props = new Properties(); props.setProperty(KerberosAuthenticationHandler.KEYTAB, keytab); props.setProperty(KerberosAuthenticationHandler.PRINCIPAL, "*"); handler = getNewAuthenticationHandler(); handler.init(props); Assert.assertEquals(KerberosTestUtils.getKeytabFile(), handler.getKeytab()); Set<KerberosPrincipal> loginPrincipals = handler.getPrincipals(); for (String user : keytabUsers) { Principal principal = new KerberosPrincipal( user + "@" + KerberosTestUtils.getRealm()); boolean expected = user.startsWith("HTTP/"); Assert.assertEquals("checking for "+user, expected, loginPrincipals.contains(principal)); } }
@Test(timeout=60000) public void testDynamicPrincipalDiscovery() throws Exception { String[] keytabUsers = new String[]{ "HTTP/host1", "HTTP/host2", "HTTP2/host1", "XHTTP/host" }; String keytab = KerberosTestUtils.getKeytabFile(); getKdc().createPrincipal(new File(keytab), keytabUsers); // destroy handler created in setUp() handler.destroy(); Properties props = new Properties(); props.setProperty(KerberosAuthenticationHandler.KEYTAB, keytab); props.setProperty(KerberosAuthenticationHandler.PRINCIPAL, "*"); handler = getNewAuthenticationHandler(); handler.init(props); Assert.assertEquals(KerberosTestUtils.getKeytabFile(), handler.getKeytab()); Set<KerberosPrincipal> loginPrincipals = handler.getPrincipals(); for (String user : keytabUsers) { Principal principal = new KerberosPrincipal( user + "@" + KerberosTestUtils.getRealm()); boolean expected = user.startsWith("HTTP/"); Assert.assertEquals("checking for "+user, expected, loginPrincipals.contains(principal)); } }
@Test(timeout=60000) public void testDynamicPrincipalDiscovery() throws Exception { String[] keytabUsers = new String[]{ "HTTP/host1", "HTTP/host2", "HTTP2/host1", "XHTTP/host" }; String keytab = KerberosTestUtils.getKeytabFile(); getKdc().createPrincipal(new File(keytab), keytabUsers); // destroy handler created in setUp() handler.destroy(); Properties props = new Properties(); props.setProperty(KerberosAuthenticationHandler.KEYTAB, keytab); props.setProperty(KerberosAuthenticationHandler.PRINCIPAL, "*"); handler = getNewAuthenticationHandler(); handler.init(props); Assert.assertEquals(KerberosTestUtils.getKeytabFile(), handler.getKeytab()); Set<KerberosPrincipal> loginPrincipals = handler.getPrincipals(); for (String user : keytabUsers) { Principal principal = new KerberosPrincipal( user + "@" + KerberosTestUtils.getRealm()); boolean expected = user.startsWith("HTTP/"); Assert.assertEquals("checking for "+user, expected, loginPrincipals.contains(principal)); } }
@Test(timeout=60000) public void testNonDefaultNonBrowserUserAgentAsNonBrowser() throws Exception { if (handler != null) { handler.destroy(); handler = null; } handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty("alt-kerberos.non-browser.user-agents", "foo, bar"); try { handler.init(props); } catch (Exception ex) { handler = null; throw ex; } // Run the kerberos tests again testRequestWithoutAuthorization(); testRequestWithInvalidAuthorization(); testRequestWithAuthorization(); testRequestWithInvalidKerberosAuthorization(); } }
@Test(timeout=60000) public void testNonDefaultNonBrowserUserAgentAsNonBrowser() throws Exception { if (handler != null) { handler.destroy(); handler = null; } handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty("alt-kerberos.non-browser.user-agents", "foo, bar"); try { handler.init(props); } catch (Exception ex) { handler = null; throw ex; } // Run the kerberos tests again testRequestWithoutAuthorization(); testRequestWithInvalidAuthorization(); testRequestWithAuthorization(); testRequestWithInvalidKerberosAuthorization(); } }
@Test(timeout=60000) public void testNonDefaultNonBrowserUserAgentAsNonBrowser() throws Exception { if (handler != null) { handler.destroy(); handler = null; } handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty("alt-kerberos.non-browser.user-agents", "foo, bar"); try { handler.init(props); } catch (Exception ex) { handler = null; throw ex; } // Run the kerberos tests again testRequestWithoutAuthorization(); testRequestWithInvalidAuthorization(); testRequestWithAuthorization(); testRequestWithInvalidKerberosAuthorization(); } }
@Test(timeout=60000) public void testNameRules() throws Exception { KerberosName kn = new KerberosName(KerberosTestUtils.getServerPrincipal()); Assert.assertEquals(KerberosTestUtils.getRealm(), kn.getRealm()); //destroy handler created in setUp() handler.destroy(); KerberosName.setRules("RULE:[1:$1@$0](.*@FOO)s/@.*//\nDEFAULT"); handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty(KerberosAuthenticationHandler.NAME_RULES, "RULE:[1:$1@$0](.*@BAR)s/@.*//\nDEFAULT"); try { handler.init(props); } catch (Exception ex) { } kn = new KerberosName("bar@BAR"); Assert.assertEquals("bar", kn.getShortName()); kn = new KerberosName("bar@FOO"); Assert.assertEquals("bar@FOO", kn.getShortName()); }
@Test(timeout=60000) public void testNameRules() throws Exception { KerberosName kn = new KerberosName(KerberosTestUtils.getServerPrincipal()); Assert.assertEquals(KerberosTestUtils.getRealm(), kn.getRealm()); //destroy handler created in setUp() handler.destroy(); KerberosName.setRules("RULE:[1:$1@$0](.*@FOO)s/@.*//\nDEFAULT"); handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty(KerberosAuthenticationHandler.NAME_RULES, "RULE:[1:$1@$0](.*@BAR)s/@.*//\nDEFAULT"); try { handler.init(props); } catch (Exception ex) { } kn = new KerberosName("bar@BAR"); Assert.assertEquals("bar", kn.getShortName()); kn = new KerberosName("bar@FOO"); Assert.assertEquals("bar@FOO", kn.getShortName()); }
@Test(timeout=60000) public void testNameRules() throws Exception { KerberosName kn = new KerberosName(KerberosTestUtils.getServerPrincipal()); Assert.assertEquals(KerberosTestUtils.getRealm(), kn.getRealm()); //destroy handler created in setUp() handler.destroy(); KerberosName.setRules("RULE:[1:$1@$0](.*@FOO)s/@.*//\nDEFAULT"); handler = getNewAuthenticationHandler(); Properties props = getDefaultProperties(); props.setProperty(KerberosAuthenticationHandler.NAME_RULES, "RULE:[1:$1@$0](.*@BAR)s/@.*//\nDEFAULT"); try { handler.init(props); } catch (Exception ex) { } kn = new KerberosName("bar@BAR"); Assert.assertEquals("bar", kn.getShortName()); kn = new KerberosName("bar@FOO"); try { kn.getShortName(); Assert.fail(); } catch (Exception ex) { } }