API tools faq
paste
Guest User

Untitled

a guest
Nov 21st, 2017
84
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.20 KB | None | 0 0
raw download clone embed print report
  1. import java.io.File;
  2.  
  3. import javax.security.auth.kerberos.KerberosPrincipal;
  4. import javax.security.auth.login.LoginContext;
  5. import javax.security.auth.login.LoginException;
  6.  
  7. import org.junit.BeforeClass;
  8. import org.junit.ClassRule;
  9. import org.junit.Test;
  10. import org.junit.rules.TemporaryFolder;
  11. import org.apache.log4j.Logger;
  12.  
  13. import static org.hamcrest.Matchers.contains;
  14. import static org.hamcrest.Matchers.equalTo;
  15. import static org.hamcrest.Matchers.notNullValue;
  16. import static org.junit.Assert.assertThat;
  17.  
  18.  
  19. /**
  20. * Basic KDC tests - these just show that the test environment is properly
  21. * configured.
  22. *
  23. * IMPORTANT: The UserGroupInformation.loginUserFromKeytabAndReturnUGI() method
  24. * does not currently work with the KDC junit Rule. We must use the Subject-based
  25. * method when testing HDFS + Kerberos.
  26. */
  27. public class BasicKdcTest {
  28. @SuppressWarnings("unused")
  29. private static final Logger LOG = Logger.getLogger(BasicKdcTest.class);
  30.  
  31. @ClassRule
  32. public static final TemporaryFolder tmpDir = new TemporaryFolder();
  33.  
  34. @ClassRule
  35. public static final EmbeddedKdcResource kdc = new EmbeddedKdcResource();
  36.  
  37. private static KerberosPrincipal alice;
  38. private static KerberosPrincipal bob;
  39. private static File keytabFile;
  40. private static File ticketCacheFile;
  41.  
  42. private KerberosUtilities utils = new KerberosUtilities();
  43.  
  44. @BeforeClass
  45. public static void createKeytabs() throws Exception {
  46. // create Kerberos principal and keytab filename.
  47. alice = new KerberosPrincipal("alice@" + kdc.getRealm());
  48. bob = new KerberosPrincipal("bob@" + kdc.getRealm());
  49. keytabFile = tmpDir.newFile("users.keytab");
  50. ticketCacheFile = tmpDir.newFile("krb5cc_alice");
  51.  
  52. // create keytab file containing key for Alice but not Bob.
  53. kdc.createKeytabFile(keytabFile, "alice");
  54. }
  55.  
  56. /**
  57. * Test LoginContext login without TGT ticket (success).
  58. *
  59. * @throws LoginException
  60. */
  61. @Test
  62. public void testLoginWithoutTgtSuccess() throws LoginException {
  63. final LoginContext lc = utils.getKerberosLoginContext(alice, keytabFile);
  64. lc.login();
  65. assertThat("subject does not contain expected principal", lc.getSubject().getPrincipals(),
  66. contains(alice));
  67. lc.logout();
  68. }
  69.  
  70. /**
  71. * Test LoginContext login without TGT ticket (unknown user). This only
  72. * tests for missing keytab entry, not a valid keytab file with an unknown user.
  73. *
  74. * @throws LoginException
  75. */
  76. @Test(expected = LoginException.class)
  77. public void testLoginWithoutTgtUnknownUser() throws LoginException {
  78. @SuppressWarnings("unused")
  79. final LoginContext lc = utils.getKerberosLoginContext(bob, keytabFile);
  80. }
  81.  
  82. /**
  83. * Test LoginContext login with TGT ticket.
  84. *
  85. * @throws LoginException
  86. */
  87. @Test
  88. public void testLoginWithTgtSuccess() throws LoginException {
  89. final LoginContext lc = utils.getKerberosLoginContext(alice, keytabFile, true, ticketCacheFile);
  90. lc.login();
  91. assertThat("subject does not contain expected principal", lc.getSubject().getPrincipals(),
  92. contains(alice));
  93.  
  94. assertThat("ticket cache does not exist", ticketCacheFile.exists(), equalTo(true));
  95.  
  96. lc.logout();
  97. }
  98.  
  99.  
  100. /**
  101. * Test LoginContext login with TGT ticket (unknown user). This only
  102. * tests for missing keytab entry, not a valid keytab file with an unknown user.
  103. *
  104. * @throws LoginException
  105. */
  106. @Test(expected = LoginException.class)
  107. public void testLoginWithTgtUnknownUser() throws LoginException {
  108. @SuppressWarnings("unused")
  109. final LoginContext lc = utils.getKerberosLoginContext(bob, keytabFile, true, ticketCacheFile);
  110. }
  111.  
  112. /**
  113. * Test getKeyTab() method (success)
  114. */
  115. @Test
  116. public void testGetKeyTabSuccess() throws LoginException {
  117. assertThat("failed to see key", utils.getKeyTab(alice, keytabFile), notNullValue());
  118. }
  119.  
  120. /**
  121. * Test getKeyTab() method (unknown user)
  122. */
  123. @Test(expected = LoginException.class)
  124. public void testGetKeyTabUnknownUser() throws LoginException {
  125. assertThat("failed to see key", utils.getKeyTab(bob, keytabFile), notNullValue());
  126. }
  127. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!