diff options
Diffstat (limited to 'qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java')
-rw-r--r-- | qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java | 156 |
1 files changed, 133 insertions, 23 deletions
diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java index b5034d9f5d..413b974986 100644 --- a/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java +++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.java @@ -22,8 +22,10 @@ package org.apache.qpid.server.security.auth.database; import junit.framework.TestCase; +import javax.security.auth.callback.PasswordCallback; import javax.security.auth.login.AccountNotFoundException; +import org.apache.commons.codec.binary.Base64; import org.apache.qpid.server.security.auth.sasl.UsernamePrincipal; import java.io.BufferedReader; @@ -33,7 +35,9 @@ import java.io.FileNotFoundException; import java.io.FileReader; import java.io.FileWriter; import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.security.Principal; +import java.util.Arrays; import java.util.List; import java.util.regex.Pattern; @@ -41,12 +45,38 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase { private static final String TEST_COMMENT = "# Test Comment"; - private String USERNAME = "testUser"; - private String _username = this.getClass().getName()+"username"; - private char[] _password = "password".toCharArray(); - private Principal _principal = new UsernamePrincipal(_username); + + private static final String USERNAME = "testUser"; + private static final String PASSWORD = "guest"; + private static final String PASSWORD_B64MD5HASHED = "CE4DQ6BIb/BVMN9scFyLtA=="; + private static char[] PASSWORD_MD5_CHARS; + private static final String PRINCIPAL_USERNAME = "testUserPrincipal"; + private static final Principal PRINCIPAL = new UsernamePrincipal(PRINCIPAL_USERNAME); private Base64MD5PasswordFilePrincipalDatabase _database; private File _pwdFile; + + static + { + try + { + Base64 b64 = new Base64(); + byte[] md5passBytes = PASSWORD_B64MD5HASHED.getBytes(Base64MD5PasswordFilePrincipalDatabase.DEFAULT_ENCODING); + byte[] decoded = b64.decode(md5passBytes); + + PASSWORD_MD5_CHARS = new char[decoded.length]; + + int index = 0; + for (byte c : decoded) + { + PASSWORD_MD5_CHARS[index++] = (char) c; + } + } + catch (UnsupportedEncodingException e) + { + fail("Unable to perform B64 decode to get the md5 char[] password"); + } + } + public void setUp() throws Exception { @@ -111,7 +141,56 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase loadPasswordFile(testFile); - final String CREATED_PASSWORD = "createdPassword"; + + Principal principal = new Principal() + { + public String getName() + { + return USERNAME; + } + }; + + assertTrue("New user not created.", _database.createPrincipal(principal, PASSWORD.toCharArray())); + + PasswordCallback callback = new PasswordCallback("prompt",false); + try + { + _database.setPassword(principal, callback); + } + catch (AccountNotFoundException e) + { + fail("user account did not exist"); + } + assertTrue("Password returned was incorrect.", Arrays.equals(PASSWORD_MD5_CHARS, callback.getPassword())); + + loadPasswordFile(testFile); + + try + { + _database.setPassword(principal, callback); + } + catch (AccountNotFoundException e) + { + fail("user account did not exist"); + } + assertTrue("Password returned was incorrect.", Arrays.equals(PASSWORD_MD5_CHARS, callback.getPassword())); + + assertNotNull("Created User was not saved", _database.getUser(USERNAME)); + + assertFalse("Duplicate user created.", _database.createPrincipal(principal, PASSWORD.toCharArray())); + + testFile.delete(); + } + + public void testCreatePrincipalIsSavedToFile() + { + + File testFile = createPasswordFile(1, 0); + + loadPasswordFile(testFile); + + final String CREATED_PASSWORD = "guest"; + final String CREATED_B64MD5HASHED_PASSWORD = "CE4DQ6BIb/BVMN9scFyLtA=="; final String CREATED_USERNAME = "createdUser"; Principal principal = new Principal() @@ -122,16 +201,37 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase } }; - assertTrue("New user not created.", _database.createPrincipal(principal, CREATED_PASSWORD.toCharArray())); + _database.createPrincipal(principal, CREATED_PASSWORD.toCharArray()); - loadPasswordFile(testFile); + try + { + BufferedReader reader = new BufferedReader(new FileReader(testFile)); + + assertTrue("File has no content", reader.ready()); + + assertEquals("Comment line has been corrupted.", TEST_COMMENT, reader.readLine()); - assertNotNull("Created User was not saved", _database.getUser(CREATED_USERNAME)); + assertTrue("File is missing user data.", reader.ready()); - assertFalse("Duplicate user created.", _database.createPrincipal(principal, CREATED_PASSWORD.toCharArray())); + String userLine = reader.readLine(); + + String[] result = Pattern.compile(":").split(userLine); + assertEquals("User line not complete '" + userLine + "'", 2, result.length); + + assertEquals("Username not correct,", CREATED_USERNAME, result[0]); + assertEquals("Password not correct,", CREATED_B64MD5HASHED_PASSWORD, result[1]); + + assertFalse("File has more content", reader.ready()); + + } + catch (IOException e) + { + fail("Unable to valdate file contents due to:" + e.getMessage()); + } testFile.delete(); } + public void testDeletePrincipal() { @@ -228,8 +328,8 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase assertNotNull(testUser); - String NEW_PASSWORD = "NewPassword"; - String NEW_PASSWORD_HASH = "TmV3UGFzc3dvcmQ="; + String NEW_PASSWORD = "guest"; + String NEW_PASSWORD_HASH = "CE4DQ6BIb/BVMN9scFyLtA=="; try { _database.updatePassword(testUser, NEW_PASSWORD.toCharArray()); @@ -268,7 +368,7 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase testFile.delete(); } - public void testSetPasswordWithMissingFile() + public void testSetPasswordFileWithMissingFile() { try { @@ -285,7 +385,7 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase } - public void testSetPasswordWithReadOnlyFile() + public void testSetPasswordFileWithReadOnlyFile() { File testFile = createPasswordFile(0, 0); @@ -310,28 +410,38 @@ public class Base64MD5PasswordFilePrincipalDatabaseTest extends TestCase public void testCreateUserPrincipal() throws IOException { - _database.createPrincipal(_principal, _password); - Principal newPrincipal = _database.getUser(_username); + _database.createPrincipal(PRINCIPAL, PASSWORD.toCharArray()); + Principal newPrincipal = _database.getUser(PRINCIPAL_USERNAME); assertNotNull(newPrincipal); - assertEquals(_principal.getName(), newPrincipal.getName()); + assertEquals(PRINCIPAL.getName(), newPrincipal.getName()); } public void testVerifyPassword() throws IOException, AccountNotFoundException { testCreateUserPrincipal(); //assertFalse(_pwdDB.verifyPassword(_username, null)); - assertFalse(_database.verifyPassword(_username, new char[]{})); - assertFalse(_database.verifyPassword(_username, "massword".toCharArray())); - assertTrue(_database.verifyPassword(_username, _password)); + assertFalse(_database.verifyPassword(PRINCIPAL_USERNAME, new char[]{})); + assertFalse(_database.verifyPassword(PRINCIPAL_USERNAME, (PASSWORD+"z").toCharArray())); + assertTrue(_database.verifyPassword(PRINCIPAL_USERNAME, PASSWORD.toCharArray())); + + try + { + _database.verifyPassword("made.up.username", PASSWORD.toCharArray()); + fail("Should not have been able to verify this non-existant users password."); + } + catch (AccountNotFoundException e) + { + // pass + } } public void testUpdatePassword() throws IOException, AccountNotFoundException { testCreateUserPrincipal(); char[] newPwd = "newpassword".toCharArray(); - _database.updatePassword(_principal, newPwd); - assertFalse(_database.verifyPassword(_username, _password)); - assertTrue(_database.verifyPassword(_username, newPwd)); + _database.updatePassword(PRINCIPAL, newPwd); + assertFalse(_database.verifyPassword(PRINCIPAL_USERNAME, PASSWORD.toCharArray())); + assertTrue(_database.verifyPassword(PRINCIPAL_USERNAME, newPwd)); } - + } |