7852a473da
Reviewed-by: mullan
174 lines
7.4 KiB
Java
174 lines
7.4 KiB
Java
/*
|
|
* Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License version 2 only, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* version 2 for more details (a copy is included in the LICENSE file that
|
|
* accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU General Public License version
|
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
* or visit www.oracle.com if you need additional information or have any
|
|
* questions.
|
|
*/
|
|
|
|
/*
|
|
* @test
|
|
* @bug 6659990 8147772
|
|
* @summary test the immutability of the Date fields in KerberosTicket class,
|
|
* serialization, and behavior after being destroyed.
|
|
*/
|
|
|
|
/*
|
|
* Must setup KDC and Kerberos configuration file
|
|
*/
|
|
|
|
import java.lang.reflect.InvocationTargetException;
|
|
import java.lang.reflect.Method;
|
|
import java.lang.reflect.Modifier;
|
|
import java.util.Date;
|
|
import java.io.*;
|
|
import javax.security.auth.RefreshFailedException;
|
|
import javax.security.auth.kerberos.KerberosPrincipal;
|
|
import javax.security.auth.kerberos.KerberosTicket;
|
|
import java.util.Base64;
|
|
|
|
public class KerberosTixDateTest {
|
|
|
|
// Serialized KerberosTicket from JDK6 (encoded in BASE64)
|
|
// Note: the KerberosTicket object is created using the same values as
|
|
// the KerberosTicket 't' in main(). Deserialization should succeed
|
|
// and the deserialized object should equal to 't'.
|
|
static String serializedKerberosTix =
|
|
"rO0ABXNyACtqYXZheC5zZWN1cml0eS5hdXRoLmtlcmJlcm9zLktlcmJlcm9zVGlja2V0ZqGBbXB3" +
|
|
"w7sCAApbAAxhc24xRW5jb2Rpbmd0AAJbQkwACGF1dGhUaW1ldAAQTGphdmEvdXRpbC9EYXRlO0wA" +
|
|
"BmNsaWVudHQAMExqYXZheC9zZWN1cml0eS9hdXRoL2tlcmJlcm9zL0tlcmJlcm9zUHJpbmNpcGFs" +
|
|
"O1sAD2NsaWVudEFkZHJlc3Nlc3QAF1tMamF2YS9uZXQvSW5ldEFkZHJlc3M7TAAHZW5kVGltZXEA" +
|
|
"fgACWwAFZmxhZ3N0AAJbWkwACXJlbmV3VGlsbHEAfgACTAAGc2VydmVycQB+AANMAApzZXNzaW9u" +
|
|
"S2V5dAAmTGphdmF4L3NlY3VyaXR5L2F1dGgva2VyYmVyb3MvS2V5SW1wbDtMAAlzdGFydFRpbWVx" +
|
|
"AH4AAnhwdXIAAltCrPMX+AYIVOACAAB4cAAAAARhc24xc3IADmphdmEudXRpbC5EYXRlaGqBAUtZ" +
|
|
"dBkDAAB4cHcIAAAAAAC8YU54c3IALmphdmF4LnNlY3VyaXR5LmF1dGgua2VyYmVyb3MuS2VyYmVy" +
|
|
"b3NQcmluY2lwYWyZp31dDx4zKQMAAHhwdXEAfgAIAAAAEzARoAMCAQGhCjAIGwZjbGllbnR1cQB+" +
|
|
"AAgAAAAVGxNKTEFCUy5TRkJBWS5TVU4uQ09NeHBxAH4AC3VyAAJbWlePIDkUuF3iAgAAeHAAAAAg" +
|
|
"AAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxAH4AC3NxAH4ADHVxAH4ACAAAABMwEaAD" +
|
|
"AgEBoQowCBsGc2VydmVydXEAfgAIAAAAFRsTSkxBQlMuU0ZCQVkuU1VOLkNPTXhzcgAkamF2YXgu" +
|
|
"c2VjdXJpdHkuYXV0aC5rZXJiZXJvcy5LZXlJbXBskoOG6DyvS9cDAAB4cHVxAH4ACAAAABUwE6AD" +
|
|
"AgEBoQwECnNlc3Npb25LZXl4cQB+AAs=";
|
|
|
|
public static void main(String[] args) throws Exception {
|
|
byte[] asn1Bytes = "asn1".getBytes();
|
|
KerberosPrincipal client = new KerberosPrincipal("client@JLABS.SFBAY.SUN.COM");
|
|
KerberosPrincipal server = new KerberosPrincipal("server@JLABS.SFBAY.SUN.COM");
|
|
byte[] keyBytes = "sessionKey".getBytes();
|
|
long originalTime = 12345678L;
|
|
Date inDate = new Date(originalTime);
|
|
boolean[] flags = new boolean[9];
|
|
flags[8] = true; // renewable
|
|
KerberosTicket t = new KerberosTicket(asn1Bytes, client, server,
|
|
keyBytes, 1 /*keyType*/, flags, inDate /*authTime*/,
|
|
inDate /*startTime*/, inDate /*endTime*/,
|
|
inDate /*renewTill*/, null /*clientAddresses*/);
|
|
inDate.setTime(0); // for testing the constructor
|
|
|
|
testDateImmutability(t, originalTime);
|
|
testS11nCompatibility(t); // S11n: Serialization
|
|
testDestroy(t);
|
|
}
|
|
|
|
private static void checkTime(KerberosTicket kt, long timeValue) {
|
|
if (kt.getAuthTime().getTime() != timeValue) {
|
|
throw new RuntimeException("authTime check fails!");
|
|
}
|
|
if (kt.getStartTime().getTime() != timeValue) {
|
|
throw new RuntimeException("startTime check fails!");
|
|
}
|
|
if (kt.getEndTime().getTime() != timeValue) {
|
|
throw new RuntimeException("endTime check fails!");
|
|
}
|
|
if (kt.getRenewTill().getTime() != timeValue) {
|
|
throw new RuntimeException("renewTill check fails!");
|
|
}
|
|
}
|
|
|
|
private static void testDateImmutability(KerberosTicket t, long origTime)
|
|
throws Exception {
|
|
// test the constructor
|
|
System.out.println("Testing constructor...");
|
|
checkTime(t, origTime);
|
|
|
|
// test the getAuth/Start/EndTime() & getRenewTill() methods
|
|
System.out.println("Testing getAuth/Start/EndTime() & getRenewTill()...");
|
|
t.getAuthTime().setTime(0);
|
|
t.getStartTime().setTime(0);
|
|
t.getEndTime().setTime(0);
|
|
t.getRenewTill().setTime(0);
|
|
checkTime(t, origTime);
|
|
|
|
System.out.println("DateImmutability Test Passed");
|
|
}
|
|
|
|
private static void checkEqualsAndHashCode(byte[] bytes, KerberosTicket t)
|
|
throws IOException, ClassNotFoundException {
|
|
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
|
|
KerberosTicket deserializedTicket = (KerberosTicket)
|
|
(new ObjectInputStream(bais).readObject());
|
|
if (!deserializedTicket.equals(t)) {
|
|
throw new RuntimeException("equals() check fails!");
|
|
}
|
|
if (deserializedTicket.hashCode() != t.hashCode()) {
|
|
throw new RuntimeException("hashCode() check fails!");
|
|
}
|
|
}
|
|
|
|
private static void testS11nCompatibility(KerberosTicket t)
|
|
throws Exception {
|
|
|
|
System.out.println("Testing against KerberosTicket from JDK6...");
|
|
byte[] serializedBytes =
|
|
Base64.getMimeDecoder().decode(serializedKerberosTix);
|
|
checkEqualsAndHashCode(serializedBytes, t);
|
|
|
|
System.out.println("Testing against KerberosTicket from current rel...");
|
|
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
|
new ObjectOutputStream(baos).writeObject(t);
|
|
checkEqualsAndHashCode(baos.toByteArray(), t);
|
|
|
|
System.out.println("S11nCompatibility Test Passed");
|
|
}
|
|
|
|
private static void testDestroy(KerberosTicket t) throws Exception {
|
|
t.destroy();
|
|
if (!t.isDestroyed()) {
|
|
throw new RuntimeException("ticket should have been destroyed");
|
|
}
|
|
// Although these methods are meaningless, they can be called
|
|
for (Method m: KerberosTicket.class.getDeclaredMethods()) {
|
|
if (Modifier.isPublic(m.getModifiers())
|
|
&& m.getParameterCount() == 0) {
|
|
System.out.println("Testing " + m.getName() + "...");
|
|
try {
|
|
m.invoke(t);
|
|
} catch (InvocationTargetException e) {
|
|
Throwable cause = e.getCause();
|
|
if (cause instanceof RefreshFailedException ||
|
|
cause instanceof IllegalStateException) {
|
|
// this is OK
|
|
} else {
|
|
throw e;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
System.out.println("Destroy Test Passed");
|
|
}
|
|
}
|