Java tutorial
/* * Copyright 2001-2009 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.juddi.auth; import java.io.File; import java.io.IOException; import java.io.StringWriter; import java.security.InvalidKeyException; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; import org.apache.commons.configuration.Configuration; import org.apache.commons.configuration.ConfigurationException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.juddi.api.impl.API_010_PublisherTest; import org.apache.juddi.config.AppConfig; import org.apache.juddi.config.Property; import org.apache.juddi.v3.client.cryptor.AES128Cryptor; import org.apache.juddi.v3.client.cryptor.AES256Cryptor; import org.apache.juddi.v3.client.cryptor.Cryptor; import org.apache.juddi.cryptor.CryptorFactory; import org.apache.juddi.v3.client.cryptor.DefaultCryptor; import org.apache.juddi.v3.client.cryptor.TripleDESCrytor; import org.apache.juddi.v3.auth.Authenticator; import org.apache.juddi.v3.auth.CryptedXMLDocAuthenticator; import org.apache.juddi.v3.auth.JUDDIAuthenticator; import org.apache.juddi.v3.auth.JuddiUsers; import org.apache.juddi.v3.auth.MD5XMLDocAuthenticator; import org.apache.juddi.v3.auth.User; import org.apache.juddi.v3.auth.XMLDocAuthenticator; import org.apache.juddi.v3.error.AuthenticationException; import org.apache.juddi.v3.error.FatalErrorException; import org.apache.juddi.v3.error.UnknownUserException; import org.junit.Assert; import org.junit.Test; /** * @author <a href="mailto:kstam@apache.org">Kurt T Stam</a> */ public class AuthenticatorTest { private Log logger = LogFactory.getLog(this.getClass()); /** * The DefaultAuthenticator is basically a pass-through. * @throws ConfigurationException */ @Test public void testDefaultAuthenticator() { System.out.println("testDefaultAuthenticator"); Authenticator auth = new JUDDIAuthenticator(); try { API_010_PublisherTest api010 = new API_010_PublisherTest(); api010.saveJoePublisher(); api010.saveSamSyndicator(); auth.authenticate("joepublisher", "password"); auth.authenticate("ssyndicator", "badpass"); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testCreateJuddiUsers() throws Exception { System.out.println("testCreateJuddiUsers"); try { JuddiUsers juddiUsers = new JuddiUsers(); juddiUsers.getUser().add(new User("anou_mana", "password")); juddiUsers.getUser().add(new User("bozo", "clown")); juddiUsers.getUser().add(new User("sviens", "password")); StringWriter writer = new StringWriter(); JAXBContext context = JAXBContext.newInstance(juddiUsers.getClass()); Marshaller marshaller = context.createMarshaller(); marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); marshaller.marshal(juddiUsers, writer); logger.info("\n" + writer.toString()); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } /** * The credentials will be read from the juddi-users.xml in the test/resources directory * of this module. We're expecting the following authentication requests to succeed. */ @Test public void testXMLDocAuthenticator() { System.out.println("testXMLDocAuthenticator"); try { Authenticator auth = new XMLDocAuthenticator(); auth.authenticate("anou_mana", "password"); auth.authenticate("bozo", "clown"); auth.authenticate("sviens", "password"); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } /** * The credentials will be read from the juddi-users.xml in the test/resources directory * of this module. We're expecting the following authentication request to fail due * to a bad password. * * @throws AuthenticationException * @throws FatalErrorException * @throws IOException * @throws JAXBException */ @Test(expected = UnknownUserException.class) public void testBadXMLDocAuthenticator() throws Exception { System.out.println("testBadXMLDocAuthenticator"); Authenticator auth = new XMLDocAuthenticator(); auth.authenticate("anou_mana", "badpass"); } @Test public void testCreateJuddiUsersEncrypted() throws Exception { System.out.println("testCreateJuddiUsersEncrypted"); try { Cryptor cryptor = CryptorFactory.getCryptor(); JuddiUsers juddiUsers = new JuddiUsers(); juddiUsers.getUser().add(new User("anou_mana", cryptor.encrypt("password"))); juddiUsers.getUser().add(new User("bozo", cryptor.encrypt("clown"))); juddiUsers.getUser().add(new User("sviens", cryptor.encrypt("password"))); StringWriter writer = new StringWriter(); JAXBContext context = JAXBContext.newInstance(juddiUsers.getClass()); Marshaller marshaller = context.createMarshaller(); marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); marshaller.marshal(juddiUsers, writer); logger.info("\n" + writer.toString()); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } /** * The credentials will be read from the juddi-users.xml in the test/resources directory * of this module. We're expecting the following authentication requests to succeed. */ @Test public void testCryptedXMLDocAuthenticator() { System.out.println("testCryptedXMLDocAuthenticator"); try { Authenticator auth = new CryptedXMLDocAuthenticator(); auth.authenticate("anou_mana", "password"); auth.authenticate("bozo", "clown"); auth.authenticate("sviens", "password"); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } /** * The credentials will be read from the juddi-users-encrypted.xml in the test/resources directory * of this module. We're expecting the following authentication request to fail due * to a bad password. * * @throws AuthenticationException * @throws FatalErrorException * @throws IOException * @throws JAXBException */ @Test(expected = UnknownUserException.class) public void testBadCryptedXMLDocAuthenticator() throws Exception { System.out.println("testBadCryptedXMLDocAuthenticator"); Authenticator auth = new CryptedXMLDocAuthenticator(); auth.authenticate("anou_mana", "badpass"); } @Test public void testMD5XMLDocAuthenticator() { System.out.println("testMD5XMLDocAuthenticator"); try { Authenticator auth = new MD5XMLDocAuthenticator(); auth.authenticate("anou_mana", "password"); auth.authenticate("bozo", "clown"); auth.authenticate("sviens", "password"); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test(expected = UnknownUserException.class) public void testBadMD5XMLDocAuthenticator() throws Exception { Authenticator auth = new MD5XMLDocAuthenticator(); auth.authenticate("anou_mana", "badpass"); } @Test public void testAES128Cryptor() { System.out.println("testAES128Cryptor"); try { Cryptor auth = new AES128Cryptor(); String encrypt = auth.encrypt("test"); Assert.assertNotNull(encrypt); Assert.assertNotSame(encrypt, "test"); String test = auth.decrypt(encrypt); Assert.assertEquals(test, "test"); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testTripleDESCryptor() { System.out.println("testTripleDESCryptor"); try { Cryptor auth = new TripleDESCrytor(); String encrypt = auth.encrypt("test"); Assert.assertNotNull(encrypt); Assert.assertNotSame(encrypt, "test"); String test = auth.decrypt(encrypt); Assert.assertEquals(test, "test"); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testDefaultCryptor() { System.out.println("testDefaultCryptor"); try { Cryptor auth = new DefaultCryptor(); String encrypt = auth.encrypt("test"); Assert.assertNotNull(encrypt); Assert.assertNotSame(encrypt, "test"); String test = auth.decrypt(encrypt); Assert.assertEquals(test, "test"); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testAES256Cryptor() { System.out.println("testAES256Cryptor"); try { Cryptor auth = new AES256Cryptor(); String encrypt = auth.encrypt("test"); Assert.assertNotNull(encrypt); Assert.assertNotSame(encrypt, "test"); String test = auth.decrypt(encrypt); Assert.assertEquals(test, "test"); } catch (InvalidKeyException e) { logger.error( "Hey, you're probably using the Oracle JRE without the Unlimited Strength Java Crypto Extensions installed. AES256 won't work until you download and install it", e); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testDecryptFromConfigXML_InMemory() { System.out.println("testDecryptFromConfigXML_InMemory"); try { Configuration config = AppConfig.getConfiguration(); Cryptor auth = new AES128Cryptor(); String encrypt = auth.encrypt("test"); Assert.assertNotNull(encrypt); Assert.assertNotSame(encrypt, "test"); //add to the config config.addProperty("testDecryptFromConfigXML", encrypt); config.addProperty("testDecryptFromConfigXML" + Property.ENCRYPTED_ATTRIBUTE, "true"); //retrieve it String pwd = config.getString("testDecryptFromConfigXML"); Assert.assertNotNull(pwd); //test for encryption if (config.getBoolean("testDecryptFromConfigXML" + Property.ENCRYPTED_ATTRIBUTE, false)) { String test = auth.decrypt(pwd); Assert.assertEquals(test, "test"); } else { Assert.fail("config reports that the setting is not encrypted"); } } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testDecryptFromConfigXML_Disk_Default() { System.out.println("testDecryptFromConfigXML_Disk_Default"); try { File f = new File("."); System.out.println("Current working dir is " + f.getAbsolutePath()); System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-default.xml"); AppConfig.reloadConfig(); Configuration config = AppConfig.getConfiguration(); Cryptor auth = new DefaultCryptor(); //retrieve it String pwd = config.getString("juddi.mail.smtp.password"); Assert.assertNotNull(pwd); //test for encryption if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false)) { String test = auth.decrypt(pwd); Assert.assertEquals(test, "password"); } else { Assert.fail("config reports that the setting is not encrypted"); } } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testDecryptFromConfigXML_Disk_3DES() { System.out.println("testDecryptFromConfigXML_Disk_3DES"); try { File f = new File("."); System.out.println("Current working dir is " + f.getAbsolutePath()); System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-3des.xml"); AppConfig.reloadConfig(); Configuration config = AppConfig.getConfiguration(); Cryptor auth = new TripleDESCrytor(); //retrieve it String pwd = config.getString("juddi.mail.smtp.password"); Assert.assertNotNull(pwd); //test for encryption if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false)) { String test = auth.decrypt(pwd); Assert.assertEquals(test, "password"); } else { Assert.fail("config reports that the setting is not encrypted"); } } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testDecryptFromConfigXML_Disk_AES128() { System.out.println("testDecryptFromConfigXML_Disk_AES128"); try { File f = new File("."); System.out.println("Current working dir is " + f.getAbsolutePath()); System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-aes128.xml"); AppConfig.reloadConfig(); Configuration config = AppConfig.getConfiguration(); Cryptor auth = new AES128Cryptor(); //retrieve it String pwd = config.getString("juddi.mail.smtp.password"); Assert.assertNotNull(pwd); //test for encryption if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false)) { String test = auth.decrypt(pwd); Assert.assertEquals(test, "password"); } else { Assert.fail("config reports that the setting is not encrypted"); } } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } @Test public void testDecryptFromConfigXML_Disk_AES256() { System.out.println("testDecryptFromConfigXML_Disk_AES256"); try { File f = new File("."); System.out.println("Current working dir is " + f.getAbsolutePath()); System.setProperty(AppConfig.JUDDI_CONFIGURATION_FILE_SYSTEM_PROPERTY, f.getAbsolutePath() + "/src/test/resources/juddiv3-enc-aes256.xml"); AppConfig.reloadConfig(); Configuration config = AppConfig.getConfiguration(); Cryptor auth = new AES256Cryptor(); //retrieve it String pwd = config.getString("juddi.mail.smtp.password"); Assert.assertNotNull(pwd); //test for encryption if (config.getBoolean("juddi.mail.smtp.password" + Property.ENCRYPTED_ATTRIBUTE, false)) { String test = auth.decrypt(pwd); Assert.assertEquals(test, "password"); } else { Assert.fail("config reports that the setting is not encrypted"); } } catch (InvalidKeyException e) { logger.error( "Hey, you're probably using the Oracle JRE without the Unlimited Strength Java Crypto Extensions installed. AES256 won't work until you download and install it", e); } catch (Exception e) { logger.error(e.getMessage(), e); Assert.fail("unexpected"); } } }