@Test
public void testServerAuthIndirect_Client() throws Exception {
Map<String, Object> props = new HashMap<String, Object>();
// No properties are set, an appropriate EntitySaslClient should be returned
SaslClient client =
Sasl.createSaslClient(
new String[] {SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC},
"TestUser",
"TestProtocol",
"TestServer",
props,
null);
assertEquals(EntitySaslClient.class, client.getClass());
assertEquals(
SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC, client.getMechanismName());
// If we set SERVER_AUTH to true even though only unilateral mechanisms are specified, no client
// should be returned
props.put(Sasl.SERVER_AUTH, Boolean.toString(true));
client =
Sasl.createSaslClient(
new String[] {
SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
SaslMechanismInformation.Names.IEC_ISO_9798_U_DSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_U_ECDSA_SHA1
},
"TestUser",
"TestProtocol",
"TestServer",
props,
null);
assertNull(client);
// If we set SERVER_AUTH to true, an appropriate EntitySaslClient should be returned
props.put(Sasl.SERVER_AUTH, Boolean.toString(true));
client =
Sasl.createSaslClient(
new String[] {
SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
SaslMechanismInformation.Names.IEC_ISO_9798_U_DSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_U_ECDSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_M_RSA_SHA1_ENC,
SaslMechanismInformation.Names.IEC_ISO_9798_M_DSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_M_ECDSA_SHA1
},
"TestUser",
"TestProtocol",
"TestServer",
props,
null);
assertEquals(EntitySaslClient.class, client.getClass());
assertEquals(
SaslMechanismInformation.Names.IEC_ISO_9798_M_RSA_SHA1_ENC, client.getMechanismName());
}
private Properties getAuthenticationHandlerConfiguration(boolean anonymousAllowed) {
Properties props = new Properties();
props.setProperty(AuthenticationFilter.AUTH_TYPE, "simple");
props.setProperty(
PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, Boolean.toString(anonymousAllowed));
return props;
}
@Test
public void testServerAuthDirect_Client() {
SaslClientFactory factory = obtainSaslClientFactory(EntitySaslClientFactory.class);
assertNotNull("SaslClientFactory not registered", factory);
String[] mechanisms;
Map<String, Object> props = new HashMap<String, Object>();
// No properties set
mechanisms = factory.getMechanismNames(props);
assertMechanisms(
new String[] {
SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
SaslMechanismInformation.Names.IEC_ISO_9798_M_RSA_SHA1_ENC,
SaslMechanismInformation.Names.IEC_ISO_9798_U_DSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_M_DSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_U_ECDSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_M_ECDSA_SHA1
},
mechanisms);
// Request server auth
props.put(Sasl.SERVER_AUTH, Boolean.toString(true));
mechanisms = factory.getMechanismNames(props);
assertMechanisms(
new String[] {
SaslMechanismInformation.Names.IEC_ISO_9798_M_RSA_SHA1_ENC,
SaslMechanismInformation.Names.IEC_ISO_9798_M_DSA_SHA1,
SaslMechanismInformation.Names.IEC_ISO_9798_M_ECDSA_SHA1
},
mechanisms);
}
@Test
public void testServerAuthIndirect_Server() throws Exception {
Map<String, Object> props = new HashMap<String, Object>();
// No properties are set, an appropriate EntitySaslServer should be returned
SaslServer server =
Sasl.createSaslServer(
SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
"TestProtocol",
"TestServer",
props,
null);
assertEquals(EntitySaslServer.class, server.getClass());
assertEquals(
SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC, server.getMechanismName());
// If we set SERVER_AUTH to true even though a unilateral mechanism is specified, no server
// should be returned
props.put(Sasl.SERVER_AUTH, Boolean.toString(true));
server =
Sasl.createSaslServer(
SaslMechanismInformation.Names.IEC_ISO_9798_U_RSA_SHA1_ENC,
"TestProtocol",
"TestServer",
props,
null);
assertNull(server);
}
@Test
public void killTopologyWhileAuthenticated() {
final String requestTopologyId = "topology-test";
final int requestWaitTimeSecs = 10;
final boolean async = true;
doNothing()
.when(topologyServiceMock)
.killTopology(requestTopologyId, requestWaitTimeSecs, async, TEST_SUBJECT_ID);
mockAuthenticatedSubject();
ClientResponse clientResponse =
resource()
.path("/api/topologies/" + requestTopologyId + "/kill")
.queryParam("waitTimeSecs", Integer.toString(requestWaitTimeSecs))
.queryParam("async", Boolean.toString(async))
.get(ClientResponse.class);
assertEquals("Response HTTP status code should be 200 (OK)", clientResponse.getStatus(), 200);
verify(topologyServiceMock)
.killTopology(requestTopologyId, requestWaitTimeSecs, async, TEST_SUBJECT_ID);
}
