@Test public void testAuthReplay() throws Exception { // This test covers the case where an attacker replays a challenge message sniffed from the // network, but doesn't know the actual secret. The server should close the connection as // soon as a message is sent after authentication is performed. This is emulated by removing // the client encryption handler after authentication. ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); assertNotNull(ctx.client.getChannel().pipeline() .remove(TransportCipher.ENCRYPTION_HANDLER_NAME)); try { ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); fail("Should have failed unencrypted RPC."); } catch (Exception e) { assertTrue(ctx.authRpcHandler.doDelegate); } }
@Test public void testAuthReplay() throws Exception { // This test covers the case where an attacker replays a challenge message sniffed from the // network, but doesn't know the actual secret. The server should close the connection as // soon as a message is sent after authentication is performed. This is emulated by removing // the client encryption handler after authentication. ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); assertNotNull(ctx.client.getChannel().pipeline() .remove(TransportCipher.ENCRYPTION_HANDLER_NAME)); try { ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); fail("Should have failed unencrypted RPC."); } catch (Exception e) { assertTrue(ctx.authRpcHandler.doDelegate); } }
@Test public void testAuthFailure() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("server"); try { ctx.createClient("client"); fail("Should have failed to create client."); } catch (Exception e) { assertFalse(ctx.authRpcHandler.doDelegate); assertFalse(ctx.serverChannel.isActive()); } }
void createServer(String secret) throws Exception { createServer(secret, true); }
void createServer(String secret) throws Exception { createServer(secret, true); }
@Test public void testAuthFailure() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("server"); try { ctx.createClient("client"); fail("Should have failed to create client."); } catch (Exception e) { assertFalse(ctx.authRpcHandler.doDelegate); assertFalse(ctx.serverChannel.isActive()); } }
@Test public void testSaslServerFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", true); ctx.createClient("secret", false); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testSaslClientFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", false); ctx.createClient("secret", true); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testSaslServerFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", true); ctx.createClient("secret", false); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testSaslClientFallback() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret", false); ctx.createClient("secret", true); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); }
@Test public void testNewAuth() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); assertTrue(ctx.authRpcHandler.doDelegate); assertFalse(ctx.authRpcHandler.delegate instanceof SaslRpcHandler); }
@Test public void testNewAuth() throws Exception { ctx = new AuthTestCtx(); ctx.createServer("secret"); ctx.createClient("secret"); ByteBuffer reply = ctx.client.sendRpcSync(JavaUtils.stringToBytes("Ping"), 5000); assertEquals("Pong", JavaUtils.bytesToString(reply)); assertTrue(ctx.authRpcHandler.doDelegate); assertFalse(ctx.authRpcHandler.delegate instanceof SaslRpcHandler); }