krb5/auto/CrossRealm.java

678N/A/*
3579N/A * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
678N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
678N/A *
678N/A * This code is free software; you can redistribute it and/or modify it
678N/A * under the terms of the GNU General Public License version 2 only, as
678N/A * published by the Free Software Foundation.
678N/A *
678N/A * This code is distributed in the hope that it will be useful, but WITHOUT
678N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
678N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
678N/A * version 2 for more details (a copy is included in the LICENSE file that
678N/A * accompanied this code).
678N/A *
678N/A * You should have received a copy of the GNU General Public License version
678N/A * 2 along with this work; if not, write to the Free Software Foundation,
678N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
678N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
678N/A */
678N/A
678N/A/*
678N/A * @test
678N/A * @bug 6706974
3579N/A * @run main/othervm CrossRealm
678N/A * @summary Add krb5 test infrastructure
678N/A */
1300N/Aimport java.io.File;
678N/Aimport java.io.FileOutputStream;
678N/Aimport java.io.IOException;
678N/Aimport java.security.Security;
678N/Aimport javax.security.auth.callback.Callback;
678N/Aimport javax.security.auth.callback.CallbackHandler;
678N/Aimport javax.security.auth.callback.NameCallback;
678N/Aimport javax.security.auth.callback.PasswordCallback;
678N/Aimport javax.security.auth.callback.UnsupportedCallbackException;
678N/Aimport org.ietf.jgss.GSSContext;
678N/Aimport org.ietf.jgss.GSSManager;
678N/Aimport org.ietf.jgss.GSSName;
678N/Aimport sun.security.jgss.GSSUtil;
678N/A
678N/Apublic class CrossRealm implements CallbackHandler {
678N/A    public static void main(String[] args) throws Exception {
678N/A        startKDCs();
678N/A        xRealmAuth();
678N/A    }
678N/A
678N/A    static void startKDCs() throws Exception {
678N/A        // Create and start the KDC
678N/A        KDC kdc1 = KDC.create("RABBIT.HOLE");
678N/A        kdc1.addPrincipal("dummy", "bogus".toCharArray());
678N/A        kdc1.addPrincipalRandKey("krbtgt/RABBIT.HOLE");
1300N/A        kdc1.addPrincipal("krbtgt/SNAKE.HOLE@RABBIT.HOLE",
1300N/A                "rabbit->snake".toCharArray());
678N/A
678N/A        KDC kdc2 = KDC.create("SNAKE.HOLE");
678N/A        kdc2.addPrincipalRandKey("krbtgt/SNAKE.HOLE");
1300N/A        kdc2.addPrincipal("krbtgt/SNAKE.HOLE@RABBIT.HOLE",
1300N/A                "rabbit->snake".toCharArray());
678N/A        kdc2.addPrincipalRandKey("host/www.snake.hole");
678N/A
678N/A        KDC.saveConfig("krb5-localkdc.conf", kdc1, kdc2,
678N/A                "forwardable=true",
678N/A                "[domain_realm]",
678N/A                ".snake.hole=SNAKE.HOLE");
1300N/A        new File("krb5-localkdc.conf").deleteOnExit();
678N/A        System.setProperty("java.security.krb5.conf", "krb5-localkdc.conf");
678N/A    }
678N/A
678N/A    static void xRealmAuth() throws Exception {
678N/A        Security.setProperty("auth.login.defaultCallbackHandler", "CrossRealm");
678N/A        System.setProperty("java.security.auth.login.config", "jaas-localkdc.conf");
678N/A        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
1300N/A        new File("jaas-localkdc.conf").deleteOnExit();
678N/A        FileOutputStream fos = new FileOutputStream("jaas-localkdc.conf");
678N/A        fos.write(("com.sun.security.jgss.krb5.initiate {\n" +
678N/A                "    com.sun.security.auth.module.Krb5LoginModule\n" +
678N/A                "    required\n" +
678N/A                "    principal=dummy\n" +
678N/A                "    doNotPrompt=false\n" +
678N/A                "    useTicketCache=false\n" +
678N/A                "    ;\n" +
678N/A                "};").getBytes());
678N/A        fos.close();
678N/A
678N/A        GSSManager m = GSSManager.getInstance();
678N/A        m.createContext(
678N/A                m.createName("host@www.snake.hole", GSSName.NT_HOSTBASED_SERVICE),
678N/A                GSSUtil.GSS_KRB5_MECH_OID,
678N/A                null,
678N/A                GSSContext.DEFAULT_LIFETIME).initSecContext(new byte[0], 0, 0);
678N/A    }
678N/A
678N/A    @Override
678N/A    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
678N/A        for (Callback callback : callbacks) {
678N/A            if (callback instanceof NameCallback) {
678N/A                ((NameCallback) callback).setName("dummy");
678N/A            }
678N/A            if (callback instanceof PasswordCallback) {
678N/A                ((PasswordCallback) callback).setPassword("bogus".toCharArray());
678N/A            }
678N/A        }
678N/A    }
678N/A}