Propchange:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java?rev=1346222&view=auto
==============================================================================
---
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java
(added)
+++
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java
Tue Jun 5 03:11:07 2012
@@ -0,0 +1,124 @@
+/**
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. See accompanying LICENSE file.
+ */
+package org.apache.hadoop.security.authentication.server;
+
+import
org.apache.hadoop.security.authentication.client.AuthenticationException;
+import junit.framework.TestCase;
+
+public class TestAuthenticationToken extends TestCase {
+
+ public void testAnonymous() {
+ assertNotNull(AuthenticationToken.ANONYMOUS);
+ assertEquals(null, AuthenticationToken.ANONYMOUS.getUserName());
+ assertEquals(null, AuthenticationToken.ANONYMOUS.getName());
+ assertEquals(null, AuthenticationToken.ANONYMOUS.getType());
+ assertEquals(-1, AuthenticationToken.ANONYMOUS.getExpires());
+ assertFalse(AuthenticationToken.ANONYMOUS.isExpired());
+ }
+
+ public void testConstructor() throws Exception {
+ try {
+ new AuthenticationToken(null, "p", "t");
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ try {
+ new AuthenticationToken("", "p", "t");
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ try {
+ new AuthenticationToken("u", null, "t");
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ try {
+ new AuthenticationToken("u", "", "t");
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ try {
+ new AuthenticationToken("u", "p", null);
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ try {
+ new AuthenticationToken("u", "p", "");
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ new AuthenticationToken("u", "p", "t");
+ }
+
+ public void testGetters() throws Exception {
+ long expires = System.currentTimeMillis() + 50;
+ AuthenticationToken token = new AuthenticationToken("u", "p", "t");
+ token.setExpires(expires);
+ assertEquals("u", token.getUserName());
+ assertEquals("p", token.getName());
+ assertEquals("t", token.getType());
+ assertEquals(expires, token.getExpires());
+ assertFalse(token.isExpired());
+ Thread.sleep(51);
+ assertTrue(token.isExpired());
+ }
+
+ public void testToStringAndParse() throws Exception {
+ long expires = System.currentTimeMillis() + 50;
+ AuthenticationToken token = new AuthenticationToken("u", "p", "t");
+ token.setExpires(expires);
+ String str = token.toString();
+ token = AuthenticationToken.parse(str);
+ assertEquals("p", token.getName());
+ assertEquals("t", token.getType());
+ assertEquals(expires, token.getExpires());
+ assertFalse(token.isExpired());
+ Thread.sleep(51);
+ assertTrue(token.isExpired());
+ }
+
+ public void testParseInvalid() throws Exception {
+ long expires = System.currentTimeMillis() + 50;
+ AuthenticationToken token = new AuthenticationToken("u", "p", "t");
+ token.setExpires(expires);
+ String str = token.toString();
+ str = str.substring(0, str.indexOf("e="));
+ try {
+ AuthenticationToken.parse(str);
+ fail();
+ } catch (AuthenticationException ex) {
+ // Expected
+ } catch (Exception ex) {
+ fail();
+ }
+ }
+}
Propchange:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java?rev=1346222&view=auto
==============================================================================
---
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
(added)
+++
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
Tue Jun 5 03:11:07 2012
@@ -0,0 +1,178 @@
+/**
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. See accompanying LICENSE file.
+ */
+package org.apache.hadoop.security.authentication.server;
+
+import org.apache.hadoop.security.authentication.KerberosTestUtils;
+import
org.apache.hadoop.security.authentication.client.AuthenticationException;
+import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
+import junit.framework.TestCase;
+import org.apache.commons.codec.binary.Base64;
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSManager;
+import org.ietf.jgss.GSSName;
+import org.mockito.Mockito;
+import sun.security.jgss.GSSUtil;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Properties;
+import java.util.concurrent.Callable;
+
+public class TestKerberosAuthenticationHandler extends TestCase {
+
+ private KerberosAuthenticationHandler handler;
+
+ @Override
+ protected void setUp() throws Exception {
+ super.setUp();
+ handler = new KerberosAuthenticationHandler();
+ Properties props = new Properties();
+ props.setProperty(KerberosAuthenticationHandler.PRINCIPAL,
KerberosTestUtils.getServerPrincipal());
+ props.setProperty(KerberosAuthenticationHandler.KEYTAB,
KerberosTestUtils.getKeytabFile());
+ props.setProperty(KerberosAuthenticationHandler.NAME_RULES,
+ "RULE:[1:$1@$0](.*@" +
KerberosTestUtils.getRealm()+")s/@.*//\n");
+ try {
+ handler.init(props);
+ } catch (Exception ex) {
+ handler = null;
+ throw ex;
+ }
+ }
+
+ @Override
+ protected void tearDown() throws Exception {
+ if (handler != null) {
+ handler.destroy();
+ handler = null;
+ }
+ super.tearDown();
+ }
+
+ public void testInit() throws Exception {
+ assertEquals(KerberosTestUtils.getServerPrincipal(),
handler.getPrincipal());
+ assertEquals(KerberosTestUtils.getKeytabFile(), handler.getKeytab());
+ }
+
+ public void testType() throws Exception {
+ KerberosAuthenticationHandler handler = new
KerberosAuthenticationHandler();
+ assertEquals(KerberosAuthenticationHandler.TYPE, handler.getType());
+ }
+
+ public void testRequestWithoutAuthorization() throws Exception {
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
+ assertNull(handler.authenticate(request, response));
+ Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE,
KerberosAuthenticator.NEGOTIATE);
+ Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+
+ public void testRequestWithInvalidAuthorization() throws Exception {
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
+
Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
+ assertNull(handler.authenticate(request, response));
+ Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE,
KerberosAuthenticator.NEGOTIATE);
+ Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+
+ public void testRequestWithIncompleteAuthorization() throws Exception {
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
+ Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION))
+ .thenReturn(KerberosAuthenticator.NEGOTIATE);
+ try {
+ handler.authenticate(request, response);
+ fail();
+ } catch (AuthenticationException ex) {
+ // Expected
+ } catch (Exception ex) {
+ fail();
+ }
+ }
+
+
+ public void testRequestWithAuthorization() throws Exception {
+ String token = KerberosTestUtils.doAsClient(new Callable<String>() {
+ @Override
+ public String call() throws Exception {
+ GSSManager gssManager = GSSManager.getInstance();
+ GSSContext gssContext = null;
+ try {
+ String servicePrincipal = KerberosTestUtils.getServerPrincipal();
+ GSSName serviceName = gssManager.createName(servicePrincipal,
GSSUtil.NT_GSS_KRB5_PRINCIPAL);
+ gssContext = gssManager.createContext(serviceName,
GSSUtil.GSS_KRB5_MECH_OID, null,
+ GSSContext.DEFAULT_LIFETIME);
+ gssContext.requestCredDeleg(true);
+ gssContext.requestMutualAuth(true);
+
+ byte[] inToken = new byte[0];
+ byte[] outToken = gssContext.initSecContext(inToken, 0,
inToken.length);
+ Base64 base64 = new Base64(0);
+ return base64.encodeToString(outToken);
+
+ } finally {
+ if (gssContext != null) {
+ gssContext.dispose();
+ }
+ }
+ }
+ });
+
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
+ Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION))
+ .thenReturn(KerberosAuthenticator.NEGOTIATE + " " + token);
+
+ AuthenticationToken authToken = handler.authenticate(request, response);
+
+ if (authToken != null) {
+
Mockito.verify(response).setHeader(Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
+
Mockito.matches(KerberosAuthenticator.NEGOTIATE + " .*"));
+ Mockito.verify(response).setStatus(HttpServletResponse.SC_OK);
+
+ assertEquals(KerberosTestUtils.getClientPrincipal(),
authToken.getName());
+
assertTrue(KerberosTestUtils.getClientPrincipal().startsWith(authToken.getUserName()));
+ assertEquals(KerberosAuthenticationHandler.TYPE, authToken.getType());
+ } else {
+
Mockito.verify(response).setHeader(Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
+
Mockito.matches(KerberosAuthenticator.NEGOTIATE + " .*"));
+ Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+ }
+
+ public void testRequestWithInvalidKerberosAuthorization() throws Exception {
+
+ String token = new Base64(0).encodeToString(new byte[]{0, 1, 2});
+
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
+
Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn(
+ KerberosAuthenticator.NEGOTIATE + token);
+
+ try {
+ handler.authenticate(request, response);
+ fail();
+ } catch (AuthenticationException ex) {
+ // Expected
+ } catch (Exception ex) {
+ fail();
+ }
+ }
+
+}
Propchange:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java?rev=1346222&view=auto
==============================================================================
---
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java
(added)
+++
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java
Tue Jun 5 03:11:07 2012
@@ -0,0 +1,113 @@
+/**
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. See accompanying LICENSE file.
+ */
+package org.apache.hadoop.security.authentication.server;
+
+import
org.apache.hadoop.security.authentication.client.AuthenticationException;
+import junit.framework.TestCase;
+import org.apache.hadoop.security.authentication.client.PseudoAuthenticator;
+import org.mockito.Mockito;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Properties;
+
+public class TestPseudoAuthenticationHandler extends TestCase {
+
+ public void testInit() throws Exception {
+ PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
+ try {
+ Properties props = new Properties();
+ props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED,
"false");
+ handler.init(props);
+ assertEquals(false, handler.getAcceptAnonymous());
+ } finally {
+ handler.destroy();
+ }
+ }
+
+ public void testType() throws Exception {
+ PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
+ assertEquals(PseudoAuthenticationHandler.TYPE, handler.getType());
+ }
+
+ public void testAnonymousOn() throws Exception {
+ PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
+ try {
+ Properties props = new Properties();
+ props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
+ handler.init(props);
+
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
+ AuthenticationToken token = handler.authenticate(request, response);
+
+ assertEquals(AuthenticationToken.ANONYMOUS, token);
+ } finally {
+ handler.destroy();
+ }
+ }
+
+ public void testAnonymousOff() throws Exception {
+ PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
+ try {
+ Properties props = new Properties();
+ props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED,
"false");
+ handler.init(props);
+
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
+ handler.authenticate(request, response);
+ fail();
+ } catch (AuthenticationException ex) {
+ // Expected
+ } catch (Exception ex) {
+ fail();
+ } finally {
+ handler.destroy();
+ }
+ }
+
+ private void _testUserName(boolean anonymous) throws Exception {
+ PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
+ try {
+ Properties props = new Properties();
+ props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED,
Boolean.toString(anonymous));
+ handler.init(props);
+
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+ HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
+
Mockito.when(request.getParameter(PseudoAuthenticator.USER_NAME)).thenReturn("user");
+
+ AuthenticationToken token = handler.authenticate(request, response);
+
+ assertNotNull(token);
+ assertEquals("user", token.getUserName());
+ assertEquals("user", token.getName());
+ assertEquals(PseudoAuthenticationHandler.TYPE, token.getType());
+ } finally {
+ handler.destroy();
+ }
+ }
+
+ public void testUserNameAnonymousOff() throws Exception {
+ _testUserName(false);
+ }
+
+ public void testUserNameAnonymousOn() throws Exception {
+ _testUserName(true);
+ }
+
+}
Propchange:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestKerberosName.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestKerberosName.java?rev=1346222&view=auto
==============================================================================
---
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestKerberosName.java
(added)
+++
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestKerberosName.java
Tue Jun 5 03:11:07 2012
@@ -0,0 +1,88 @@
+package org.apache.hadoop.security.authentication.util;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.io.IOException;
+
+import org.apache.hadoop.security.authentication.KerberosTestUtils;
+import org.junit.Before;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+public class TestKerberosName {
+
+ @Before
+ public void setUp() throws Exception {
+ String rules =
+ "RULE:[1:$1@$0](.*@YAHOO\\.COM)s/@.*//\n" +
+ "RULE:[2:$1](johndoe)s/^.*$/guest/\n" +
+ "RULE:[2:$1;$2](^.*;admin$)s/;admin$//\n" +
+ "RULE:[2:$2](root)\n" +
+ "DEFAULT";
+ KerberosName.setRules(rules);
+ KerberosName.printRules();
+ }
+
+ private void checkTranslation(String from, String to) throws Exception {
+ System.out.println("Translate " + from);
+ KerberosName nm = new KerberosName(from);
+ String simple = nm.getShortName();
+ System.out.println("to " + simple);
+ assertEquals("short name incorrect", to, simple);
+ }
+
+ @Test
+ public void testRules() throws Exception {
+ checkTranslation("omalley@" + KerberosTestUtils.getRealm(), "omalley");
+ checkTranslation("hdfs/10.0.0.1@" + KerberosTestUtils.getRealm(), "hdfs");
+ checkTranslation("[email protected]", "oom");
+ checkTranslation("johndoe/[email protected]", "guest");
+ checkTranslation("joe/[email protected]", "joe");
+ checkTranslation("joe/[email protected]", "root");
+ }
+
+ private void checkBadName(String name) {
+ System.out.println("Checking " + name + " to ensure it is bad.");
+ try {
+ new KerberosName(name);
+ fail("didn't get exception for " + name);
+ } catch (IllegalArgumentException iae) {
+ // PASS
+ }
+ }
+
+ private void checkBadTranslation(String from) {
+ System.out.println("Checking bad translation for " + from);
+ KerberosName nm = new KerberosName(from);
+ try {
+ nm.getShortName();
+ fail("didn't get exception for " + from);
+ } catch (IOException ie) {
+ // PASS
+ }
+ }
+
+ @Test
+ public void testAntiPatterns() throws Exception {
+ checkBadName("owen/owen/[email protected]");
+ checkBadName("owen@foo/bar.com");
+ checkBadTranslation("[email protected]");
+ checkBadTranslation("root/[email protected]");
+ }
+}
Propchange:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestKerberosName.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestSigner.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestSigner.java?rev=1346222&view=auto
==============================================================================
---
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestSigner.java
(added)
+++
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestSigner.java
Tue Jun 5 03:11:07 2012
@@ -0,0 +1,93 @@
+/**
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. See accompanying LICENSE file.
+ */
+package org.apache.hadoop.security.authentication.util;
+
+import junit.framework.TestCase;
+
+public class TestSigner extends TestCase {
+
+ public void testNoSecret() throws Exception {
+ try {
+ new Signer(null);
+ fail();
+ }
+ catch (IllegalArgumentException ex) {
+ }
+ }
+
+ public void testNullAndEmptyString() throws Exception {
+ Signer signer = new Signer("secret".getBytes());
+ try {
+ signer.sign(null);
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ try {
+ signer.sign("");
+ fail();
+ } catch (IllegalArgumentException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ }
+
+ public void testSignature() throws Exception {
+ Signer signer = new Signer("secret".getBytes());
+ String s1 = signer.sign("ok");
+ String s2 = signer.sign("ok");
+ String s3 = signer.sign("wrong");
+ assertEquals(s1, s2);
+ assertNotSame(s1, s3);
+ }
+
+ public void testVerify() throws Exception {
+ Signer signer = new Signer("secret".getBytes());
+ String t = "test";
+ String s = signer.sign(t);
+ String e = signer.verifyAndExtract(s);
+ assertEquals(t, e);
+ }
+
+ public void testInvalidSignedText() throws Exception {
+ Signer signer = new Signer("secret".getBytes());
+ try {
+ signer.verifyAndExtract("test");
+ fail();
+ } catch (SignerException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ }
+
+ public void testTampering() throws Exception {
+ Signer signer = new Signer("secret".getBytes());
+ String t = "test";
+ String s = signer.sign(t);
+ s += "x";
+ try {
+ signer.verifyAndExtract(s);
+ fail();
+ } catch (SignerException ex) {
+ // Expected
+ } catch (Throwable ex) {
+ fail();
+ }
+ }
+
+}
Propchange:
hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/authentication/util/TestSigner.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
