This project has retired. For details please refer to its Attic page.
AuthenticatorTest xref
View Javadoc
1   /*
2    * Copyright 2001-2009 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *      http://www.apache.org/licenses/LICENSE-2.0
8    * 
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  package org.apache.juddi.auth;
16  
17  import java.io.File;
18  import java.io.IOException;
19  import java.io.StringWriter;
20  import java.security.InvalidKeyException;
21  
22  import javax.xml.bind.JAXBContext;
23  import javax.xml.bind.JAXBException;
24  import javax.xml.bind.Marshaller;
25  import org.apache.commons.configuration.Configuration;
26  import org.apache.commons.configuration.ConfigurationException;
27  
28  import org.apache.commons.logging.Log;
29  import org.apache.commons.logging.LogFactory;
30  import org.apache.juddi.api.impl.API_010_PublisherTest;
31  import org.apache.juddi.config.AppConfig;
32  import org.apache.juddi.config.Property;
33  import org.apache.juddi.v3.client.cryptor.AES128Cryptor;
34  import org.apache.juddi.v3.client.cryptor.AES256Cryptor;
35  import org.apache.juddi.v3.client.cryptor.Cryptor;
36  import org.apache.juddi.cryptor.CryptorFactory;
37  import org.apache.juddi.v3.client.cryptor.DefaultCryptor;
38  import org.apache.juddi.v3.client.cryptor.TripleDESCrytor;
39  import org.apache.juddi.v3.auth.Authenticator;
40  import org.apache.juddi.v3.auth.CryptedXMLDocAuthenticator;
41  import org.apache.juddi.v3.auth.JUDDIAuthenticator;
42  import org.apache.juddi.v3.auth.JuddiUsers;
43  import org.apache.juddi.v3.auth.MD5XMLDocAuthenticator;
44  import org.apache.juddi.v3.auth.User;
45  import org.apache.juddi.v3.auth.XMLDocAuthenticator;
46  import org.apache.juddi.v3.error.AuthenticationException;
47  import org.apache.juddi.v3.error.FatalErrorException;
48  import org.apache.juddi.v3.error.UnknownUserException;
49  import org.junit.Assert;
50  import org.junit.Test;
51  
52  /**
53   * @author <a href="mailto:kstam@apache.org">Kurt T Stam</a>
54   */
55  public class AuthenticatorTest 
56  {
57  	private Log logger = LogFactory.getLog(this.getClass());
58  	/**
59  	 * The DefaultAuthenticator is basically a pass-through.
60  	 * @throws ConfigurationException
61  	 */
62  	@Test
63  	public void testDefaultAuthenticator()
64  	{
65              System.out.println("testDefaultAuthenticator");
66  		Authenticator auth = new JUDDIAuthenticator();
67  		try {
68  			API_010_PublisherTest api010 = new API_010_PublisherTest();
69  			api010.saveJoePublisher();
70  			api010.saveSamSyndicator();
71  
72  			auth.authenticate("joepublisher","password");
73  			auth.authenticate("ssyndicator","badpass");
74  			
75  		} catch (Exception e) {
76  			logger.error(e.getMessage(),e);
77  			Assert.fail("unexpected");
78  		}
79  	}
80  	@Test
81  	public void testCreateJuddiUsers() throws Exception
82  	{
83              System.out.println("testCreateJuddiUsers");
84  		try {
85  			JuddiUsers juddiUsers = new JuddiUsers();
86  			juddiUsers.getUser().add(new User("anou_mana","password"));
87  			juddiUsers.getUser().add(new User("bozo","clown"));
88  			juddiUsers.getUser().add(new User("sviens","password"));
89  			
90  			StringWriter writer = new StringWriter();
91  			JAXBContext context = JAXBContext.newInstance(juddiUsers.getClass());
92  			Marshaller marshaller = context.createMarshaller();
93  			marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
94  			marshaller.marshal(juddiUsers, writer);
95  			logger.info("\n" +  writer.toString());
96  		} catch (Exception e) {
97  			logger.error(e.getMessage(),e);
98  			Assert.fail("unexpected");
99  		}
100 	}
101 	/**
102 	 * The credentials will be read from the juddi-users.xml in the test/resources directory 
103 	 * of this module. We're expecting the following authentication requests to succeed.
104 	 */
105 	@Test
106 	public void testXMLDocAuthenticator() 
107 	{
108             System.out.println("testXMLDocAuthenticator");
109 		try {
110 			Authenticator auth = new XMLDocAuthenticator();
111 			auth.authenticate("anou_mana","password");
112 			auth.authenticate("bozo","clown");
113 			auth.authenticate("sviens","password");
114 		} catch (Exception e) {
115 			logger.error(e.getMessage(),e);
116 			Assert.fail("unexpected");
117 		}
118 	}
119 	/**
120 	 * The credentials will be read from the juddi-users.xml in the test/resources directory 
121 	 * of this module. We're expecting the following authentication request to fail due
122 	 * to a bad password.
123 	 * 
124 	 * @throws AuthenticationException
125 	 * @throws FatalErrorException
126 	 * @throws IOException 
127 	 * @throws JAXBException 
128 	 */
129 	@Test(expected=UnknownUserException.class) 
130 	public void testBadXMLDocAuthenticator() throws Exception
131 	{
132             System.out.println("testBadXMLDocAuthenticator");
133 		Authenticator auth = new XMLDocAuthenticator();
134 		auth.authenticate("anou_mana","badpass");
135 	}
136 	@Test
137 	public void testCreateJuddiUsersEncrypted() throws Exception
138 	{
139             System.out.println("testCreateJuddiUsersEncrypted");
140 		try {
141 			Cryptor cryptor = CryptorFactory.getCryptor();
142 			JuddiUsers juddiUsers = new JuddiUsers();
143 			juddiUsers.getUser().add(new User("anou_mana",cryptor.encrypt("password")));
144 			juddiUsers.getUser().add(new User("bozo",cryptor.encrypt("clown")));
145 			juddiUsers.getUser().add(new User("sviens",cryptor.encrypt("password")));
146 			
147 			StringWriter writer = new StringWriter();
148 			JAXBContext context = JAXBContext.newInstance(juddiUsers.getClass());
149 			Marshaller marshaller = context.createMarshaller();
150 			marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
151 			marshaller.marshal(juddiUsers, writer);
152 			logger.info("\n" +  writer.toString());
153 		} catch (Exception e) {
154 			logger.error(e.getMessage(),e);
155 			Assert.fail("unexpected");
156 		}
157 	}
158 	/**
159 	 * The credentials will be read from the juddi-users.xml in the test/resources directory 
160 	 * of this module. We're expecting the following authentication requests to succeed.
161 	 */
162 	@Test
163 	public void testCryptedXMLDocAuthenticator() 
164 	{
165             System.out.println("testCryptedXMLDocAuthenticator");
166 		try {
167 			Authenticator auth = new CryptedXMLDocAuthenticator();
168 			auth.authenticate("anou_mana","password");
169 			auth.authenticate("bozo","clown");
170 			auth.authenticate("sviens","password");
171 		} catch (Exception e) {
172 			logger.error(e.getMessage(),e);
173 			Assert.fail("unexpected");
174 		}
175 	}
176 	/**
177 	 * The credentials will be read from the juddi-users-encrypted.xml in the test/resources directory 
178 	 * of this module. We're expecting the following authentication request to fail due
179 	 * to a bad password.
180 	 * 
181 	 * @throws AuthenticationException
182 	 * @throws FatalErrorException
183 	 * @throws IOException 
184 	 * @throws JAXBException 
185 	 */
186 	@Test(expected=UnknownUserException.class) 
187 	public void testBadCryptedXMLDocAuthenticator() throws Exception
188                 
189 	{
190             System.out.println("testBadCryptedXMLDocAuthenticator");
191  		Authenticator auth = new CryptedXMLDocAuthenticator();
192 		auth.authenticate("anou_mana","badpass");
193 	}
194         
195         
196         @Test
197 	public void testMD5XMLDocAuthenticator() 
198 	{
199             System.out.println("testMD5XMLDocAuthenticator");
200 		try {
201 			Authenticator auth = new MD5XMLDocAuthenticator();
202 			auth.authenticate("anou_mana","password");
203 			auth.authenticate("bozo","clown");
204 			auth.authenticate("sviens","password");
205 		} catch (Exception e) {
206 			logger.error(e.getMessage(),e);
207 			Assert.fail("unexpected");
208 		}
209 	}
210         
211         
212         
213         @Test(expected=UnknownUserException.class) 
214 	public void testBadMD5XMLDocAuthenticator() throws Exception
215 	{
216 		Authenticator auth = new MD5XMLDocAuthenticator();
217 		auth.authenticate("anou_mana","badpass");
218 	}
219         
220         
221         @Test
222 	public void testAES128Cryptor() 
223 	{
224             System.out.println("testAES128Cryptor");
225 		try {
226 			Cryptor auth = new AES128Cryptor();
227                         String encrypt = auth.encrypt("test");
228                         Assert.assertNotNull(encrypt);
229                         Assert.assertNotSame(encrypt, "test");
230                         String test=auth.decrypt(encrypt);
231                         Assert.assertEquals(test, "test");
232 		} catch (Exception e) {
233 			logger.error(e.getMessage(),e);
234 			Assert.fail("unexpected");
235 		}
236 	}
237         
238         
239         @Test
240 	public void testTripleDESCryptor() 
241 	{
242             System.out.println("testTripleDESCryptor");
243 		try {
244 			Cryptor auth = new TripleDESCrytor();
245                         String encrypt = auth.encrypt("test");
246                         Assert.assertNotNull(encrypt);
247                         Assert.assertNotSame(encrypt, "test");
248                         String test=auth.decrypt(encrypt);
249                         Assert.assertEquals(test, "test");
250 		} catch (Exception e) {
251 			logger.error(e.getMessage(),e);
252 			Assert.fail("unexpected");
253 		}
254 	}
255         
256         
257         @Test
258 	public void testDefaultCryptor() 
259 	{
260             System.out.println("testDefaultCryptor");
261 		try {
262 			Cryptor auth = new DefaultCryptor();
263                         String encrypt = auth.encrypt("test");
264                         Assert.assertNotNull(encrypt);
265                         Assert.assertNotSame(encrypt, "test");
266                         String test=auth.decrypt(encrypt);
267                         Assert.assertEquals(test, "test");
268 		} catch (Exception e) {
269 			logger.error(e.getMessage(),e);
270 			Assert.fail("unexpected");
271 		}
272 	}
273         
274         
275         @Test
276 	public void testAES256Cryptor() 
277 	{
278                 System.out.println("testAES256Cryptor");
279 		try {
280 			Cryptor auth = new AES256Cryptor();
281                         String encrypt = auth.encrypt("test");
282                         Assert.assertNotNull(encrypt);
283                         Assert.assertNotSame(encrypt, "test");
284                         String test=auth.decrypt(encrypt);
285                         Assert.assertEquals(test, "test");
286                 }
287                 catch (InvalidKeyException e)
288                 {
289                     logger.error("Hey, you're probably using the Oracle JRE without the Unlimited Strength Java Crypto Extensions installed. AES256 won't work until you download and install it", e);
290 		} catch (Exception e) {
291 			logger.error(e.getMessage(),e);
292 			Assert.fail("unexpected");
293 		}
294 	}
295         
296          @Test
297 	public void testDecryptFromConfigXML_InMemory() 
298 	{
299                 System.out.println("testDecryptFromConfigXML_InMemory");
300 		try {
301                     Configuration config =AppConfig.getConfiguration();
302                     
303 			Cryptor auth = new AES128Cryptor();
304                         String encrypt = auth.encrypt("test");
305                         Assert.assertNotNull(encrypt);
306                         Assert.assertNotSame(encrypt, "test");
307                         
308                         //add to the config
309                         config.addProperty("testDecryptFromConfigXML", encrypt);
310                         config.addProperty("testDecryptFromConfigXML"+ Property.ENCRYPTED_ATTRIBUTE, "true");
311                         
312                         //retrieve it
313                         String pwd = config.getString("testDecryptFromConfigXML");
314                         Assert.assertNotNull(pwd);
315                         //test for encryption
316                         if (config.getBoolean("testDecryptFromConfigXML" + Property.ENCRYPTED_ATTRIBUTE, false))
317                         {
318                             String test=auth.decrypt(pwd);
319                             Assert.assertEquals(test, "test");
320                         }
321                         else
322                         {
323                             Assert.fail("config reports that the setting is not encrypted");
324                        }
325                 }
326                 catch (Exception e) {
327 			logger.error(e.getMessage(),e);
328 			Assert.fail("unexpected");
329 		}
330 	}
331          
332         @Test
333 	public void testDecryptFromConfigXML_Disk_Default() 
334 	{
335                 System.out.println("testDecryptFromConfigXML_Disk_Default");
336 		try {
337                     File f = new File(".");
338                     System.out.println("Current working dir is " + f.getAbsolutePath());
339                     System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY,f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-default.xml");
340                     AppConfig.reloadConfig();
341                     Configuration config =AppConfig.getConfiguration();
342                     
343 			Cryptor auth = new DefaultCryptor();
344                         
345                         //retrieve it
346                         String pwd = config.getString("juddi.mail.smtp.password");
347                         Assert.assertNotNull(pwd);
348                         //test for encryption
349                         if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
350                         {
351                             String test=auth.decrypt(pwd);
352                             Assert.assertEquals(test, "password");
353                         }
354                         else
355                         {
356                             Assert.fail("config reports that the setting is not encrypted");
357                        }
358                 }
359                 catch (Exception e) {
360 			logger.error(e.getMessage(),e);
361 			Assert.fail("unexpected");
362 		}
363 	}
364         
365         
366         @Test
367 	public void testDecryptFromConfigXML_Disk_3DES() 
368 	{
369                 System.out.println("testDecryptFromConfigXML_Disk_3DES");
370 		try {
371                     File f = new File(".");
372                     System.out.println("Current working dir is " + f.getAbsolutePath());
373                     System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() +"/src/test/resources/juddiv3-enc-3des.xml");
374                     AppConfig.reloadConfig();
375                     Configuration config =AppConfig.getConfiguration();
376                     
377 			Cryptor auth = new TripleDESCrytor();
378                         
379                         //retrieve it
380                         String pwd = config.getString("juddi.mail.smtp.password");
381                         Assert.assertNotNull(pwd);
382                         //test for encryption
383                         if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
384                         {
385                             String test=auth.decrypt(pwd);
386                             Assert.assertEquals(test, "password");
387                         }
388                         else
389                         {
390                             Assert.fail("config reports that the setting is not encrypted");
391                        }
392                 }
393                 catch (Exception e) {
394 			logger.error(e.getMessage(),e);
395 			Assert.fail("unexpected");
396 		}
397 	}
398         
399         
400          @Test
401 	public void testDecryptFromConfigXML_Disk_AES128() 
402 	{
403                 System.out.println("testDecryptFromConfigXML_Disk_AES128");
404 		try {
405                     File f = new File(".");
406                     System.out.println("Current working dir is " + f.getAbsolutePath());
407                     
408                     System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() +"/src/test/resources/juddiv3-enc-aes128.xml");
409                     AppConfig.reloadConfig();
410                     Configuration config =AppConfig.getConfiguration();
411                     
412 			Cryptor auth = new AES128Cryptor();
413                         
414                         //retrieve it
415                         String pwd = config.getString("juddi.mail.smtp.password");
416                         Assert.assertNotNull(pwd);
417                         //test for encryption
418                         if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
419                         {
420                             String test=auth.decrypt(pwd);
421                             Assert.assertEquals(test, "password");
422                         }
423                         else
424                         {
425                             Assert.fail("config reports that the setting is not encrypted");
426                        }
427                 }
428                 catch (Exception e) {
429 			logger.error(e.getMessage(),e);
430 			Assert.fail("unexpected");
431 		}
432 	}
433          
434          
435          
436          @Test
437 	public void testDecryptFromConfigXML_Disk_AES256() 
438 	{
439                 System.out.println("testDecryptFromConfigXML_Disk_AES256");
440 		try {
441                     File f = new File(".");
442                     System.out.println("Current working dir is " + f.getAbsolutePath());
443                     System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-aes256.xml");
444                     AppConfig.reloadConfig();
445                     Configuration config =AppConfig.getConfiguration();
446                     
447 			Cryptor auth = new AES256Cryptor();
448                         
449                         //retrieve it
450                         String pwd = config.getString("juddi.mail.smtp.password");
451                         Assert.assertNotNull(pwd);
452                         //test for encryption
453                         if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false))
454                         {
455                             String test=auth.decrypt(pwd);
456                             Assert.assertEquals(test, "password");
457                         }
458                         else
459                         {
460                             Assert.fail("config reports that the setting is not encrypted");
461                        }
462                 } catch (InvalidKeyException e)
463                 {
464                     logger.error("Hey, you're probably using the Oracle JRE without the Unlimited Strength Java Crypto Extensions installed. AES256 won't work until you download and install it", e);
465 		}
466                 catch (Exception e) {
467 			logger.error(e.getMessage(),e);
468 			Assert.fail("unexpected");
469 		}
470 	}
471 
472 }