1 /* 2 * Copyright (c) 2008, 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 6706974 8194486 27 * @summary Add krb5 test infrastructure 28 * @library /test/lib 29 * @compile -XDignore.symbol.file CrossRealm.java 30 * @run main jdk.test.lib.FileInstaller TestHosts TestHosts 31 * @run main/othervm -Djdk.net.hosts.file=TestHosts CrossRealm 32 */ 33 import java.io.File; 34 import java.io.FileOutputStream; 35 import java.io.IOException; 36 import java.security.Security; 37 import javax.security.auth.callback.Callback; 38 import javax.security.auth.callback.CallbackHandler; 39 import javax.security.auth.callback.NameCallback; 40 import javax.security.auth.callback.PasswordCallback; 41 import javax.security.auth.callback.UnsupportedCallbackException; 42 import org.ietf.jgss.GSSContext; 43 import org.ietf.jgss.GSSManager; 44 import org.ietf.jgss.GSSName; 45 import sun.security.jgss.GSSUtil; 46 47 public class CrossRealm implements CallbackHandler { main(String[] args)48 public static void main(String[] args) throws Exception { 49 startKDCs(); 50 xRealmAuth(); 51 } 52 startKDCs()53 static void startKDCs() throws Exception { 54 // Create and start the KDC 55 KDC kdc1 = KDC.create("RABBIT.HOLE"); 56 kdc1.addPrincipal("dummy", "bogus".toCharArray()); 57 kdc1.addPrincipalRandKey("krbtgt/RABBIT.HOLE"); 58 kdc1.addPrincipal("krbtgt/SNAKE.HOLE@RABBIT.HOLE", 59 "rabbit->snake".toCharArray()); 60 61 KDC kdc2 = KDC.create("SNAKE.HOLE"); 62 kdc2.addPrincipalRandKey("krbtgt/SNAKE.HOLE"); 63 kdc2.addPrincipal("krbtgt/SNAKE.HOLE@RABBIT.HOLE", 64 "rabbit->snake".toCharArray()); 65 kdc2.addPrincipalRandKey("host/www.snake.hole"); 66 67 KDC.saveConfig("krb5-localkdc.conf", kdc1, kdc2, 68 "forwardable=true", 69 "[domain_realm]", 70 ".snake.hole=SNAKE.HOLE"); 71 System.setProperty("java.security.krb5.conf", "krb5-localkdc.conf"); 72 } 73 xRealmAuth()74 static void xRealmAuth() throws Exception { 75 Security.setProperty("auth.login.defaultCallbackHandler", "CrossRealm"); 76 System.setProperty("java.security.auth.login.config", "jaas-localkdc.conf"); 77 System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); 78 FileOutputStream fos = new FileOutputStream("jaas-localkdc.conf"); 79 fos.write(("com.sun.security.jgss.krb5.initiate {\n" + 80 " com.sun.security.auth.module.Krb5LoginModule\n" + 81 " required\n" + 82 " principal=dummy\n" + 83 " doNotPrompt=false\n" + 84 " useTicketCache=false\n" + 85 " ;\n" + 86 "};").getBytes()); 87 fos.close(); 88 89 GSSManager m = GSSManager.getInstance(); 90 m.createContext( 91 m.createName("host@www.snake.hole", GSSName.NT_HOSTBASED_SERVICE), 92 GSSUtil.GSS_KRB5_MECH_OID, 93 null, 94 GSSContext.DEFAULT_LIFETIME).initSecContext(new byte[0], 0, 0); 95 } 96 97 @Override handle(Callback[] callbacks)98 public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { 99 for (Callback callback : callbacks) { 100 if (callback instanceof NameCallback) { 101 ((NameCallback) callback).setName("dummy"); 102 } 103 if (callback instanceof PasswordCallback) { 104 ((PasswordCallback) callback).setPassword("bogus".toCharArray()); 105 } 106 } 107 } 108 } 109