View Javadoc

1   /*
2    * <cvs:source>$Source: /devel/astrogrid/community/common/src/java/org/astrogrid/community/common/security/service/SecurityServiceTest.java,v $</cvs:source>
3    * <cvs:author>$Author: dave $</cvs:author>
4    * <cvs:date>$Date: 2004/09/16 23:18:08 $</cvs:date>
5    * <cvs:version>$Revision: 1.8 $</cvs:version>
6    *
7    * <cvs:log>
8    *   $Log: SecurityServiceTest.java,v $
9    *   Revision 1.8  2004/09/16 23:18:08  dave
10   *   Replaced debug logging in Community.
11   *   Added stream close() to FileStore.
12   *
13   *   Revision 1.7.82.1  2004/09/16 09:58:48  dave
14   *   Replaced debug with commons logging ....
15   *
16   *   Revision 1.7  2004/06/18 13:45:20  dave
17   *   Merged development branch, dave-dev-200406081614, into HEAD
18   *
19   *   Revision 1.6.32.2  2004/06/17 14:50:03  dave
20   *   Removed unused imports (PMD report).
21   *
22   *   Revision 1.6.32.1  2004/06/17 13:38:59  dave
23   *   Tidied up old CVS log entries
24   *
25   * </cvs:log>
26   *
27   */
28  package org.astrogrid.community.common.security.service ;
29  
30  import org.apache.commons.logging.Log ;
31  import org.apache.commons.logging.LogFactory ;
32  
33  import java.rmi.RemoteException ;
34  
35  import org.astrogrid.community.common.policy.data.AccountData ;
36  import org.astrogrid.community.common.policy.manager.AccountManager ;
37  
38  import org.astrogrid.community.common.security.data.SecurityToken ;
39  import org.astrogrid.community.common.security.manager.SecurityManager ;
40  
41  import org.astrogrid.community.common.service.CommunityServiceTest ;
42  
43  import org.astrogrid.community.common.exception.CommunitySecurityException ;
44  
45  /***
46   * A JUnit test case for our SecurityService interface.
47   * This is designed to be extended by each set of tests, mock, client and server.
48   * @todo Chech the Exception type wrapped in the RemoteException.
49   *
50   */
51  public class SecurityServiceTest
52      extends CommunityServiceTest
53      {
54      /***
55       * Our debug logger.
56       *
57       */
58      private static Log log = LogFactory.getLog(SecurityServiceTest.class);
59  
60      /***
61       * Our test Account ident.
62       *
63       */
64      public static String TEST_ACCOUNT = "test-account" ;
65  
66      /***
67       * Our test password.
68       *
69       */
70      public static String TEST_PASSWORD = "test-password" ;
71  
72      /***
73       * Public constructor.
74       *
75       */
76      public SecurityServiceTest()
77          {
78          }
79  
80      /***
81       * Our target AccountManager.
82       *
83       */
84      private AccountManager accountManager ;
85  
86      /***
87       * Get our target AccountManager.
88       *
89       */
90      public AccountManager getAccountManager()
91          {
92          return this.accountManager ;
93          }
94  
95      /***
96       * Set our target AccountManager.
97       *
98       */
99      public void setAccountManager(AccountManager manager)
100         {
101         log.debug("") ;
102         log.debug("----\"----") ;
103         log.debug("SecurityServiceTest.setAccountManager()") ;
104         log.debug("  Manager : " + manager.getClass()) ;
105         this.accountManager = manager ;
106         }
107 
108     /***
109      * Our target SecurityManager.
110      *
111      */
112     private SecurityManager securityManager ;
113 
114     /***
115      * Get our target SecurityManager.
116      *
117      */
118     public SecurityManager getSecurityManager()
119         {
120         return this.securityManager ;
121         }
122 
123     /***
124      * Set our target SecurityManager.
125      *
126      */
127     public void setSecurityManager(SecurityManager manager)
128         {
129         log.debug("") ;
130         log.debug("----\"----") ;
131         log.debug("SecurityServiceTest.setSecurityManager()") ;
132         log.debug("  Manager : " + manager.getClass()) ;
133         this.securityManager = manager ;
134         }
135 
136     /***
137      * Our target SecurityService.
138      *
139      */
140     private SecurityService securityService ;
141 
142     /***
143      * Get our target SecurityService.
144      *
145      */
146     public SecurityService getSecurityService()
147         {
148         return this.securityService ;
149         }
150 
151     /***
152      * Set our target SecurityService.
153      *
154      */
155     public void setSecurityService(SecurityService service)
156         {
157         log.debug("") ;
158         log.debug("----\"----") ;
159         log.debug("SecurityServiceTest.setSecurityService()") ;
160         log.debug("  Service : " + service.getClass()) ;
161         //
162         // Set our SecurityService reference.
163         this.securityService = service ;
164         //
165         // Set our CommunityService reference.
166         this.setCommunityService(securityService) ;
167         }
168 
169     /***
170      * Check an Account password.
171      *
172      */
173     public void testCheckPassword()
174         throws Exception
175         {
176         log.debug("") ;
177         log.debug("----\"----") ;
178         log.debug("SecurityServiceTest.testCheckPassword()") ;
179         //
180         // Setup our test account.
181         AccountData account = accountManager.addAccount(
182             createLocal(TEST_ACCOUNT).toString()
183             ) ;
184         assertNotNull(
185             "addAccount returned null",
186             account
187             ) ;
188         //
189         // Setup our test password.
190         assertTrue(
191             "setPassword returned false",
192             securityManager.setPassword(
193                 account.getIdent(),
194                 TEST_PASSWORD
195                 )
196             ) ;
197         //
198         // Check we can validate our password.
199         SecurityToken token = securityService.checkPassword(
200             account.getIdent(),
201             TEST_PASSWORD
202             ) ;
203         //
204         // Check that we got a token.
205         assertNotNull(
206             "checkPassword returned NULL",
207             token
208             ) ;
209         //
210         // Check that the token has the right account.
211         assertEquals(
212             "Token has wrong account",
213             account.getIdent(),
214             token.getAccount()
215             ) ;
216         //
217         // Check that the token is valid.
218         assertTrue(
219             "Token is not valid",
220             token.isValid()
221             ) ;
222         }
223 
224     /***
225      * Check that we can validate a SecurityToken.
226      *
227      */
228     public void testCheckToken()
229         throws Exception
230         {
231         log.debug("") ;
232         log.debug("----\"----") ;
233         log.debug("SecurityServiceTest.testCheckToken()") ;
234         //
235         // Setup our test account.
236         AccountData account = accountManager.addAccount(
237             createLocal(TEST_ACCOUNT).toString()
238             ) ;
239         assertNotNull(
240             "addAccount returned null",
241             account
242             ) ;
243         //
244         // Setup our test password.
245         assertTrue(
246             "setPassword returned false",
247             securityManager.setPassword(
248                 account.getIdent(),
249                 TEST_PASSWORD
250                 )
251             ) ;
252         //
253         // Check we can validate our password.
254         SecurityToken original = securityService.checkPassword(
255             account.getIdent(),
256             TEST_PASSWORD
257             ) ;
258         //
259         // Check that we got a token.
260         assertNotNull(
261             "NULL original token",
262             original
263             ) ;
264         //
265         // Check that the token has the right account.
266         assertEquals(
267             "Token has wrong account",
268             account.getIdent(),
269             original.getAccount()
270             ) ;
271         //
272         // Check that the token is valid.
273         assertTrue(
274             "Token is not valid",
275             original.isValid()
276             ) ;
277         //
278         // Check that we can validate our token
279         SecurityToken response = securityService.checkToken(original) ;
280         //
281         // Check that we got a token.
282         assertNotNull(
283             "NULL response token",
284             response
285             ) ;
286         //
287         // Check that the token has the right account.
288         assertEquals(
289             "Token has wrong account",
290             account.getIdent(),
291             response.getAccount()
292             ) ;
293         //
294         // Check that the token is valid.
295         assertTrue(
296             "Token is not valid",
297             response.isValid()
298             ) ;
299         //
300         // Check that the two tokens have different values.
301         checkNotEqual(
302             "Token has same value",
303             original.getToken(),
304             response.getToken()
305             ) ;
306         //
307         // Check that the two tokens are not equal.
308         checkNotEqual(
309             "Token are equal",
310             original,
311             response
312             ) ;
313         //
314         // Check that the original is no longer valid.
315         try {
316             securityService.checkToken(original) ;
317             fail("Expected CommunitySecurityException") ;
318             }
319         catch (CommunitySecurityException ouch)
320             {
321             log.debug("Caught expected Exception") ;
322             log.debug("Exception : " + ouch) ;
323             log.debug("Class     : " + ouch.getClass()) ;
324             }
325         catch (RemoteException ouch)
326             {
327             log.debug("Caught expected Exception") ;
328             log.debug("Exception : " + ouch) ;
329             log.debug("Class     : " + ouch.getClass()) ;
330             }
331         //
332         // Check that the original is no longer valid.
333 //
334 // This won't work on a remote service unless you use the delegate.
335 //
336         assertFalse(
337             "Original token still valid",
338             original.isValid()
339             ) ;
340         }
341 
342     /***
343      * The default number of splits to test.
344      *
345      */
346     private static int SPLIT_COUNT = 3 ;
347 
348     /***
349      * Check that we can split a SecurityToken.
350      *
351      */
352     public void testSplitToken()
353         throws Exception
354         {
355         log.debug("") ;
356         log.debug("----\"----") ;
357         log.debug("SecurityServiceTest.testSplitToken()") ;
358         //
359         // Setup our test account.
360         AccountData account = accountManager.addAccount(
361             createLocal(TEST_ACCOUNT).toString()
362             ) ;
363         assertNotNull(
364             "addAccount returned null",
365             account
366             ) ;
367         //
368         // Setup our test password.
369         assertTrue(
370             "setPassword returned false",
371             securityManager.setPassword(
372                 account.getIdent(),
373                 TEST_PASSWORD
374                 )
375             ) ;
376         //
377         // Check we can validate our password.
378         SecurityToken original = securityService.checkPassword(account.getIdent(), TEST_PASSWORD) ;
379         //
380         // Check that we got a token.
381         assertNotNull(
382             "NULL original token",
383             original
384             ) ;
385         //
386         // Check that the token has the right account.
387         assertEquals(
388             "Token has wrong account",
389             account.getIdent(),
390             original.getAccount()
391             ) ;
392         //
393         // Check that the token is valid.
394         assertTrue(
395             "Token is not valid",
396             original.isValid()
397             ) ;
398         //
399         // Check that we can validate our token
400         Object[] array = securityService.splitToken(original, SPLIT_COUNT) ;
401         //
402         // Check that we got an array.
403         assertNotNull(
404             "NULL token array",
405             array
406             ) ;
407         //
408         // Check that we got the right number of tokens.
409         assertTrue(
410             "Wrong number of tokens",
411             (array.length == SPLIT_COUNT)
412             ) ;
413         //
414         // Check each of the new tokens.
415         for (int i = 0 ; i < array.length ; i++)
416             {
417             SecurityToken token = (SecurityToken) array[i] ;
418             //
419             // Check that the token has the right account.
420             assertEquals(
421                 "Token has wrong account",
422                 account.getIdent(),
423                 token.getAccount()
424                 ) ;
425             //
426             // Check that the token is valid.
427             assertTrue(
428                 "Token is not valid",
429                 token.isValid()
430                 ) ;
431             //
432             // Check that the token has a different value.
433             checkNotEqual(
434                 "Token has same value",
435                 original.getToken(),
436                 token.getToken()
437                 ) ;
438             //
439             // Check that the token is not equal to our original.
440             checkNotEqual(
441                 "Token are equal",
442                 original,
443                 token
444                 ) ;
445             }
446         //
447         // Check that the original is no longer valid.
448         try {
449             securityService.checkToken(original) ;
450             fail("Expected CommunitySecurityException") ;
451             }
452         catch (CommunitySecurityException ouch)
453             {
454             log.debug("Caught expected Exception") ;
455             log.debug("Exception : " + ouch) ;
456             }
457         catch (RemoteException ouch)
458             {
459             log.debug("Caught expected Exception") ;
460             log.debug("Exception : " + ouch) ;
461             log.debug("Class     : " + ouch.getClass()) ;
462             }
463         //
464         // Check that the original is no longer valid.
465 //
466 // This won't work on a remote service unless you use the delegate.
467 //
468         assertFalse(
469             "Original token still valid",
470             original.isValid()
471             ) ;
472         }
473     }
474