View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.management.support;
8   
9   import org.mule.module.management.support.SimplePasswordJmxAuthenticator;
10  import org.mule.tck.junit4.AbstractMuleTestCase;
11  
12  import java.security.Principal;
13  import java.util.Collections;
14  import java.util.HashMap;
15  import java.util.Map;
16  import java.util.Set;
17  
18  import javax.management.remote.JMXPrincipal;
19  import javax.security.auth.Subject;
20  
21  import org.junit.Before;
22  import org.junit.Test;
23  
24  import static org.junit.Assert.assertEquals;
25  import static org.junit.Assert.assertNotNull;
26  import static org.junit.Assert.assertTrue;
27  import static org.junit.Assert.fail;
28  
29  public class SimplePasswordJmxAuthenticatorTestCase extends AbstractMuleTestCase
30  {
31      private static final String[] VALID_AUTH_TOKEN = {"mule", "mulepassword"};
32      private SimplePasswordJmxAuthenticator authenticator;
33  
34      @Before
35      public void setUpAuthenticator () throws Exception
36      {
37          authenticator = new SimplePasswordJmxAuthenticator();
38      }
39  
40      @Test
41      public void testSuccessfulAuthentication()
42      {
43          Map<String, String> credentials = getValidCredentials();
44  
45          authenticator.setCredentials(credentials);
46  
47          Subject subject = authenticator.authenticate(VALID_AUTH_TOKEN);
48          assertNotNull(subject);
49          assertTrue(subject.isReadOnly());
50  
51          Set<Object> publicCredentials = subject.getPublicCredentials();
52          assertNotNull(publicCredentials);
53          assertEquals(0, publicCredentials.size());
54  
55          Set<Object> privateCredentials = subject.getPrivateCredentials();
56          assertNotNull(privateCredentials);
57          assertEquals(0, privateCredentials.size());
58  
59          Set<Principal> principals = subject.getPrincipals();
60          assertNotNull(principals);
61          assertEquals(1, principals.size());
62  
63          Object ref = principals.iterator().next();
64          assertTrue(ref instanceof JMXPrincipal);
65  
66          JMXPrincipal jmxPrincipal = (JMXPrincipal) ref;
67          String name = jmxPrincipal.getName();
68          assertNotNull(name);
69          assertEquals(VALID_AUTH_TOKEN[0], name);
70      }
71  
72      @Test
73      public void testNullOrEmptyCredentialsConfigured()
74      {
75          Map<String, String> credentials = Collections.emptyMap();
76  
77          // shouldn't fail
78          authenticator.setCredentials(credentials);
79  
80          try
81          {
82              authenticator.authenticate(VALID_AUTH_TOKEN);
83              fail("Should've thrown an exception");
84          }
85          catch (SecurityException e)
86          {
87              // expected
88          }
89  
90          // shouldn't fail
91          authenticator.setCredentials(null);
92  
93          try
94          {
95              authenticator.authenticate(VALID_AUTH_TOKEN);
96              fail("Should've thrown an exception");
97          }
98          catch (SecurityException e)
99          {
100             // expected
101         }
102 
103     }
104 
105     @Test
106     public void testNullAuthToken()
107     {
108         try
109         {
110             authenticator.authenticate(null);
111             fail("Should've thrown an exception");
112         }
113         catch (SecurityException e)
114         {
115             // expected
116         }
117     }
118 
119     @Test
120     public void testInvalidAuthToken ()
121     {
122         try
123         {
124             final String token = "not a String array";
125             authenticator.authenticate(token);
126             fail("Should've thrown an exception");
127         }
128         catch (SecurityException e)
129         {
130             // expected
131         }
132     }
133 
134     @Test
135     public void testAuthTokenTooLong()
136     {
137         try
138         {
139             final String[] token = {"token", "too", "long"};
140             authenticator.authenticate(token);
141             fail("Should've thrown an exception");
142         }
143         catch (SecurityException e)
144         {
145             // expected
146         }
147     }
148 
149     @Test
150     public void testAuthTokenTooShort()
151     {
152         try
153         {
154             final String[] token = {"token_too_short"};
155             authenticator.authenticate(token);
156             fail("Should've thrown an exception");
157         }
158         catch (SecurityException e)
159         {
160             // expected
161         }
162     }
163 
164     @Test
165     public void testNoSuchUser()
166     {
167         try
168         {
169             final String[] token = {"nosuchuser", "thepassword"};
170             authenticator.authenticate(token);
171             fail("Should've thrown an exception");
172         }
173         catch (SecurityException e)
174         {
175             // expected
176         }
177     }
178 
179     @Test
180     public void testInvalidPassword()
181     {
182         authenticator.setCredentials(getValidCredentials());
183         
184         try
185         {
186             final String[] token = {"mule", "wrongpassword"};
187             authenticator.authenticate(token);
188             fail("Should've thrown an exception");
189         }
190         catch (SecurityException e)
191         {
192             // expected
193         }
194     }
195 
196     protected Map<String, String> getValidCredentials ()
197     {
198         Map<String, String> credentials = new HashMap<String, String>(1);
199         credentials.put(VALID_AUTH_TOKEN[0], VALID_AUTH_TOKEN[1]);
200 
201         return credentials;
202     }
203 
204 }