On Mon, 5 Aug 2024 10:46:32 GMT, Fernando Guallini <fguall...@openjdk.org> wrote:
> There are 3 manual GSS-API/Kerberos tests that require a manual setup and > were added to the problem list years ago: > > - com/sun/security/sasl/gsskerb/**AuthOnly**-> Verifies that both client and > server have completed the authentication process. > - com/sun/security/sasl/gsskerb/**NoSecurityLayer** -> Attempts to use wrap > and unwrap to demonstrate that these operations should not be allowed without > a negotiated security layer. > - com/sun/security/sasl/gsskerb/**ConfSecurityLayer** -> Demonstrates the use > of the security layer by wrapping and unwrapping messages on both client and > server sides. > > These tests need manual setup of a KDC environment, service/user principals, > keytabs, JAAS configuration, and script adjustments. All that is time > consuming and error prone. These do not fail if configured properly. > > In contrast, the automated test sun/security/krb5/auto/**SaslBasic** already > covers these scenarios and sets up the KDC with the necessary principals > **automatically**, no manual setup is required. This class starts a simple > KDC with one realm, several typical principal names, generates krb5.conf and > keytab files, and setup a JAAS login config file. > > I've enhanced SaslBasic to include additional wrap/unwrap checks with and > without a security layer. As a result, the 3 manual tests and their > associated files are now redundand and can be removed, as they no longer > provide additional value. This pull request has now been integrated. Changeset: f979f727 Author: Fernando Guallini <fguall...@openjdk.org> Committer: Rajan Halade <rhal...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/f979f727b6137be9a3f85baed4fbfdd785970044 Stats: 892 lines in 12 files changed: 58 ins; 817 del; 17 mod 8337723: Remove redundant tests from com/sun/security/sasl/gsskerb Reviewed-by: rhalade ------------- PR: https://git.openjdk.org/jdk/pull/20464
