blob: 72545d2513cd0a3a4bbb8bf59422f4de96ad263e [file] [log] [blame]
/*
* Copyright 2001-2009 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.juddi.auth;
import java.io.File;
import java.io.IOException;
import java.io.StringWriter;
import java.security.InvalidKeyException;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.juddi.api.impl.API_010_PublisherTest;
import org.apache.juddi.config.AppConfig;
import org.apache.juddi.config.Property;
import org.apache.juddi.v3.client.cryptor.AES128Cryptor;
import org.apache.juddi.v3.client.cryptor.AES256Cryptor;
import org.apache.juddi.v3.client.cryptor.Cryptor;
import org.apache.juddi.cryptor.CryptorFactory;
import org.apache.juddi.v3.client.cryptor.DefaultCryptor;
import org.apache.juddi.v3.client.cryptor.TripleDESCrytor;
import org.apache.juddi.v3.auth.Authenticator;
import org.apache.juddi.v3.auth.CryptedXMLDocAuthenticator;
import org.apache.juddi.v3.auth.JUDDIAuthenticator;
import org.apache.juddi.v3.auth.JuddiUsers;
import org.apache.juddi.v3.auth.MD5XMLDocAuthenticator;
import org.apache.juddi.v3.auth.User;
import org.apache.juddi.v3.auth.XMLDocAuthenticator;
import org.apache.juddi.v3.error.AuthenticationException;
import org.apache.juddi.v3.error.FatalErrorException;
import org.apache.juddi.v3.error.UnknownUserException;
import org.junit.Assert;
import org.junit.Test;
/**
* @author <a href="mailto:kstam@apache.org">Kurt T Stam</a>
*/
public class AuthenticatorTest
{
private Log logger = LogFactory.getLog(this.getClass());
/**
* The DefaultAuthenticator is basically a pass-through.
* @throws ConfigurationException
*/
@Test
public void testDefaultAuthenticator()
{
System.out.println("testDefaultAuthenticator");
Authenticator auth = new JUDDIAuthenticator();
try {
API_010_PublisherTest api010 = new API_010_PublisherTest();
api010.saveJoePublisher();
api010.saveSamSyndicator();
auth.authenticate("joepublisher","password");
auth.authenticate("ssyndicator","badpass");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testCreateJuddiUsers() throws Exception
{
System.out.println("testCreateJuddiUsers");
try {
JuddiUsers juddiUsers = new JuddiUsers();
juddiUsers.getUser().add(new User("anou_mana","password"));
juddiUsers.getUser().add(new User("bozo","clown"));
juddiUsers.getUser().add(new User("sviens","password"));
StringWriter writer = new StringWriter();
JAXBContext context = JAXBContext.newInstance(juddiUsers.getClass());
Marshaller marshaller = context.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
marshaller.marshal(juddiUsers, writer);
logger.info("\n" + writer.toString());
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
/**
* The credentials will be read from the juddi-users.xml in the test/resources directory
* of this module. We're expecting the following authentication requests to succeed.
*/
@Test
public void testXMLDocAuthenticator()
{
System.out.println("testXMLDocAuthenticator");
try {
Authenticator auth = new XMLDocAuthenticator();
auth.authenticate("anou_mana","password");
auth.authenticate("bozo","clown");
auth.authenticate("sviens","password");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
/**
* The credentials will be read from the juddi-users.xml in the test/resources directory
* of this module. We're expecting the following authentication request to fail due
* to a bad password.
*
* @throws AuthenticationException
* @throws FatalErrorException
* @throws IOException
* @throws JAXBException
*/
@Test(expected=UnknownUserException.class)
public void testBadXMLDocAuthenticator() throws Exception
{
System.out.println("testBadXMLDocAuthenticator");
Authenticator auth = new XMLDocAuthenticator();
auth.authenticate("anou_mana","badpass");
}
@Test
public void testCreateJuddiUsersEncrypted() throws Exception
{
System.out.println("testCreateJuddiUsersEncrypted");
try {
Cryptor cryptor = CryptorFactory.getCryptor();
JuddiUsers juddiUsers = new JuddiUsers();
juddiUsers.getUser().add(new User("anou_mana",cryptor.encrypt("password")));
juddiUsers.getUser().add(new User("bozo",cryptor.encrypt("clown")));
juddiUsers.getUser().add(new User("sviens",cryptor.encrypt("password")));
StringWriter writer = new StringWriter();
JAXBContext context = JAXBContext.newInstance(juddiUsers.getClass());
Marshaller marshaller = context.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
marshaller.marshal(juddiUsers, writer);
logger.info("\n" + writer.toString());
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
/**
* The credentials will be read from the juddi-users.xml in the test/resources directory
* of this module. We're expecting the following authentication requests to succeed.
*/
@Test
public void testCryptedXMLDocAuthenticator()
{
System.out.println("testCryptedXMLDocAuthenticator");
try {
Authenticator auth = new CryptedXMLDocAuthenticator();
auth.authenticate("anou_mana","password");
auth.authenticate("bozo","clown");
auth.authenticate("sviens","password");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
/**
* The credentials will be read from the juddi-users-encrypted.xml in the test/resources directory
* of this module. We're expecting the following authentication request to fail due
* to a bad password.
*
* @throws AuthenticationException
* @throws FatalErrorException
* @throws IOException
* @throws JAXBException
*/
@Test(expected=UnknownUserException.class)
public void testBadCryptedXMLDocAuthenticator() throws Exception
{
System.out.println("testBadCryptedXMLDocAuthenticator");
Authenticator auth = new CryptedXMLDocAuthenticator();
auth.authenticate("anou_mana","badpass");
}
@Test
public void testMD5XMLDocAuthenticator()
{
System.out.println("testMD5XMLDocAuthenticator");
try {
Authenticator auth = new MD5XMLDocAuthenticator();
auth.authenticate("anou_mana","password");
auth.authenticate("bozo","clown");
auth.authenticate("sviens","password");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test(expected=UnknownUserException.class)
public void testBadMD5XMLDocAuthenticator() throws Exception
{
Authenticator auth = new MD5XMLDocAuthenticator();
auth.authenticate("anou_mana","badpass");
}
@Test
public void testAES128Cryptor()
{
System.out.println("testAES128Cryptor");
try {
Cryptor auth = new AES128Cryptor();
String encrypt = auth.encrypt("test");
Assert.assertNotNull(encrypt);
Assert.assertNotSame(encrypt, "test");
String test=auth.decrypt(encrypt);
Assert.assertEquals(test, "test");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testTripleDESCryptor()
{
System.out.println("testTripleDESCryptor");
try {
Cryptor auth = new TripleDESCrytor();
String encrypt = auth.encrypt("test");
Assert.assertNotNull(encrypt);
Assert.assertNotSame(encrypt, "test");
String test=auth.decrypt(encrypt);
Assert.assertEquals(test, "test");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testDefaultCryptor()
{
System.out.println("testDefaultCryptor");
try {
Cryptor auth = new DefaultCryptor();
String encrypt = auth.encrypt("test");
Assert.assertNotNull(encrypt);
Assert.assertNotSame(encrypt, "test");
String test=auth.decrypt(encrypt);
Assert.assertEquals(test, "test");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testAES256Cryptor()
{
System.out.println("testAES256Cryptor");
try {
Cryptor auth = new AES256Cryptor();
String encrypt = auth.encrypt("test");
Assert.assertNotNull(encrypt);
Assert.assertNotSame(encrypt, "test");
String test=auth.decrypt(encrypt);
Assert.assertEquals(test, "test");
}
catch (InvalidKeyException e)
{
logger.error("Hey, you're probably using the Oracle JRE without the Unlimited Strength Java Crypto Extensions installed. AES256 won't work until you download and install it", e);
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testDecryptFromConfigXML_InMemory()
{
System.out.println("testDecryptFromConfigXML_InMemory");
try {
Configuration config =AppConfig.getConfiguration();
Cryptor auth = new AES128Cryptor();
String encrypt = auth.encrypt("test");
Assert.assertNotNull(encrypt);
Assert.assertNotSame(encrypt, "test");
//add to the config
config.addProperty("testDecryptFromConfigXML", encrypt);
config.addProperty("testDecryptFromConfigXML"+ Property.ENCRYPTED_ATTRIBUTE, "true");
//retrieve it
String pwd = config.getString("testDecryptFromConfigXML");
Assert.assertNotNull(pwd);
//test for encryption
if (config.getBoolean("testDecryptFromConfigXML" + Property.ENCRYPTED_ATTRIBUTE, false))
{
String test=auth.decrypt(pwd);
Assert.assertEquals(test, "test");
}
else
{
Assert.fail("config reports that the setting is not encrypted");
}
}
catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testDecryptFromConfigXML_Disk_Default()
{
System.out.println("testDecryptFromConfigXML_Disk_Default");
try {
File f = new File(".");
System.out.println("Current working dir is " + f.getAbsolutePath());
System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY,f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-default.xml");
AppConfig.reloadConfig();
Configuration config =AppConfig.getConfiguration();
Cryptor auth = new DefaultCryptor();
//retrieve it
String pwd = config.getString("juddi.mail.smtp.password");
Assert.assertNotNull(pwd);
//test for encryption
if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
{
String test=auth.decrypt(pwd);
Assert.assertEquals(test, "password");
}
else
{
Assert.fail("config reports that the setting is not encrypted");
}
}
catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testDecryptFromConfigXML_Disk_3DES()
{
System.out.println("testDecryptFromConfigXML_Disk_3DES");
try {
File f = new File(".");
System.out.println("Current working dir is " + f.getAbsolutePath());
System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() +"/src/test/resources/juddiv3-enc-3des.xml");
AppConfig.reloadConfig();
Configuration config =AppConfig.getConfiguration();
Cryptor auth = new TripleDESCrytor();
//retrieve it
String pwd = config.getString("juddi.mail.smtp.password");
Assert.assertNotNull(pwd);
//test for encryption
if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
{
String test=auth.decrypt(pwd);
Assert.assertEquals(test, "password");
}
else
{
Assert.fail("config reports that the setting is not encrypted");
}
}
catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testDecryptFromConfigXML_Disk_AES128()
{
System.out.println("testDecryptFromConfigXML_Disk_AES128");
try {
File f = new File(".");
System.out.println("Current working dir is " + f.getAbsolutePath());
System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() +"/src/test/resources/juddiv3-enc-aes128.xml");
AppConfig.reloadConfig();
Configuration config =AppConfig.getConfiguration();
Cryptor auth = new AES128Cryptor();
//retrieve it
String pwd = config.getString("juddi.mail.smtp.password");
Assert.assertNotNull(pwd);
//test for encryption
if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
{
String test=auth.decrypt(pwd);
Assert.assertEquals(test, "password");
}
else
{
Assert.fail("config reports that the setting is not encrypted");
}
}
catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
@Test
public void testDecryptFromConfigXML_Disk_AES256()
{
System.out.println("testDecryptFromConfigXML_Disk_AES256");
try {
File f = new File(".");
System.out.println("Current working dir is " + f.getAbsolutePath());
System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-aes256.xml");
AppConfig.reloadConfig();
Configuration config =AppConfig.getConfiguration();
Cryptor auth = new AES256Cryptor();
//retrieve it
String pwd = config.getString("juddi.mail.smtp.password");
Assert.assertNotNull(pwd);
//test for encryption
if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
{
String test=auth.decrypt(pwd);
Assert.assertEquals(test, "password");
}
else
{
Assert.fail("config reports that the setting is not encrypted");
}
} catch (InvalidKeyException e)
{
logger.error("Hey, you're probably using the Oracle JRE without the Unlimited Strength Java Crypto Extensions installed. AES256 won't work until you download and install it", e);
}
catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
}