}
public void test_optionsAndSharedStatus() throws LoginException{
options.put("authIdentity","cn=Manager,dc=my-domain,dc=com");
options.put("authzIdentity","testAuthzIdentityOption");
LdapLoginModule module = new LdapLoginModule();
Subject subject = new Subject();
module.initialize(subject, new MockCallbackHandler(), null, options);
try {
module.login();
module.commit();
assertTrue("Should get a principal from authzIdentity option",subject.getPrincipals().contains(new UserPrincipal("testAuthzIdentityOption")));
}
catch(LoginException e){
fail("Login failed");
}
finally{
module.logout();
}
options.put("debug", "true");
options.put("useFirstPass", "true");
HashMap<String, Object> status = new HashMap<String,Object>();
status.put("javax.security.auth.login.name", "leo");
status.put("javax.security.auth.login.password", "faultPass".toCharArray());
subject = new Subject();
module.initialize(subject, new MockCallbackHandler(), status, options);
try {
module.login();
fail("Should be failed for using password from shared state");
}
catch(LoginException e){
//expected LoginException here
}
options.remove("useFirstPass");
options.put("tryFirstPass", "true");
module.initialize(subject, new MockCallbackHandler(), status, options);
try {
module.login();
module.commit();
}
catch(LoginException e){
fail("Login should be failed");
}
finally{
module.logout();
}
options.remove("tryFirstPass");
options.put("clearPass", "true");
status.put("javax.security.auth.login.name", "leo");
status.put("javax.security.auth.login.password", "passw0rd".toCharArray());
module.initialize(subject, new MockCallbackHandler(), status, options);
try {
module.login();
module.commit();
assertNull("javax.security.auth.login.name in shared state should be null when clearPass switch on",status.get("javax.security.auth.login.name"));
assertNull("javax.security.auth.login.password in shared state should be null when clearPass switch on",status.get("javax.security.auth.login.password"));
} catch (LoginException e) {
fail("Login shouldn't fail");
}
finally{
module.logout();
}
status = new HashMap<String,Object>();
options.remove("clearPass");
options.put("storePass", "true");
module.initialize(subject, new FaultCallbackHandler(), status, options);
try {
module.login();
module.commit();
} catch (LoginException e) {
assertNull("javax.security.auth.login.name in shared state should be null when login failed",status.get("javax.security.auth.login.name"));
assertNull("javax.security.auth.login.password in shared state should be null when login failed",status.get("javax.security.auth.login.password"));
}
finally{
module.logout();
}
module.initialize(subject, new MockCallbackHandler(), status, options);
try {
module.login();
module.commit();
} catch (LoginException e) {
fail("Login failed");
}
finally{
module.logout();
}
assertNotNull("javax.security.auth.login.name should be stored in shared state when storePass switch on",status.get("javax.security.auth.login.name"));
assertNotNull("javax.security.auth.login.password should be stored in shared state when storePass switch on",status.get("javax.security.auth.login.password"));
status.put("javax.security.auth.login.name", "tester");
status.put("javax.security.auth.login.password", "testerPass");
module.initialize(subject, new MockCallbackHandler(), status, options);
try {
module.login();
module.commit();
} catch (LoginException e) {
fail("Login failed");
}
finally{
module.logout();
}
assertEquals("Should't override the username value in sharedState",status.get("javax.security.auth.login.name"),"tester");
assertEquals("Should't override the password value in sharedState",status.get("javax.security.auth.login.password"),"testerPass");
}