Return-Path: 
 <commits-return-20711-apmail-qpid-commits-archive=qpid.apache.org@qpid.apache.org>
X-Original-To: apmail-qpid-commits-archive@www.apache.org
Delivered-To: apmail-qpid-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id C9CEBFFF4
	for <apmail-qpid-commits-archive@www.apache.org>;
 Tue,  2 Apr 2013 01:57:23 +0000 (UTC)
Received: (qmail 89697 invoked by uid 500); 2 Apr 2013 01:57:23 -0000
Delivered-To: apmail-qpid-commits-archive@qpid.apache.org
Received: (qmail 89670 invoked by uid 500); 2 Apr 2013 01:57:23 -0000
Mailing-List: contact commits-help@qpid.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@qpid.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@qpid.apache.org>
List-Post: <mailto:commits@qpid.apache.org>
List-Id: <commits.qpid.apache.org>
Reply-To: dev@qpid.apache.org
Delivered-To: mailing list commits@qpid.apache.org
Received: (qmail 89663 invoked by uid 99); 2 Apr 2013 01:57:23 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Apr 2013 01:57:23 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Apr 2013 01:57:22 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id 1B8392388847;
	Tue,  2 Apr 2013 01:57:02 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1463353 -
 /qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
Date: Tue, 02 Apr 2013 01:57:02 -0000
To: commits@qpid.apache.org
From: robbie@apache.org
X-Mailer: svnmailer-1.0.8-patched
Message-Id: <20130402015702.1B8392388847@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: robbie
Date: Tue Apr  2 01:57:01 2013
New Revision: 1463353

URL: http://svn.apache.org/r1463353
Log:
QPID-4676: add system test to check External authentication provider behaviour  regarding username construction, when specifying or not specifying its useFullDN attribute.

Applied patch by Jakub Scholz

Modified:
    qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java

Modified: qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java?rev=1463353&r1=1463352&r2=1463353&view=diff
==============================================================================
--- qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java (original)
+++ qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java Tue Apr  2 01:57:01 2013
@@ -21,13 +21,14 @@
 package org.apache.qpid.server.security.auth.manager;
 
 import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE;
-import static org.apache.qpid.test.utils.TestSSLConstants.UNTRUSTED_KEYSTORE;
 import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
 import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
 import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
+import static org.apache.qpid.test.utils.TestSSLConstants.UNTRUSTED_KEYSTORE;
 
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 import javax.jms.Connection;
@@ -35,11 +36,13 @@ import javax.jms.JMSException;
 
 import org.apache.commons.configuration.ConfigurationException;
 import org.apache.qpid.client.AMQConnectionURL;
+import org.apache.qpid.management.common.mbeans.ManagedConnection;
 import org.apache.qpid.server.model.AuthenticationProvider;
 import org.apache.qpid.server.model.Broker;
 import org.apache.qpid.server.model.Port;
 import org.apache.qpid.server.model.Transport;
 import org.apache.qpid.server.plugin.AuthenticationManagerFactory;
+import org.apache.qpid.test.utils.JMXTestUtils;
 import org.apache.qpid.test.utils.QpidBrokerTestCase;
 import org.apache.qpid.test.utils.TestBrokerConfiguration;
 
@@ -193,6 +196,75 @@ public class ExternalAuthenticationTest 
         }
     }
 
+    /**
+     * Tests the creation of usernames when EXTERNAL authentication is used.
+     * The username should be created as CN@DC1.DC2...DCn by default.
+     */
+    public void testExternalAuthenticationManagerUsernameAsCN() throws Exception
+    {
+        JMXTestUtils jmxUtils = new JMXTestUtils(this);
+        jmxUtils.setUp();
+
+        setCommonBrokerSSLProperties(true);
+        getBrokerConfiguration().setObjectAttribute(TestBrokerConfiguration.ENTRY_NAME_SSL_PORT, Port.AUTHENTICATION_PROVIDER, TestBrokerConfiguration.ENTRY_NAME_EXTERNAL_PROVIDER);
+
+        super.setUp();
+
+        setClientKeystoreProperties();
+        setClientTrustoreProperties();
+
+        try
+        {
+            getExternalSSLConnection(false);
+        }
+        catch (JMSException e)
+        {
+            fail("Should be able to create a connection to the SSL port: " + e.getMessage());
+        }
+
+        // Getting the used username using JMX
+        jmxUtils.open();
+        List<ManagedConnection> connections = jmxUtils.getManagedConnections("test");
+        assertNotNull("Connections are null", connections);
+        assertEquals("Unexpected number of connections", 1, connections.size());
+        assertEquals("Wrong authorized ID", "app2@acme.org", connections.get(0).getAuthorizedId());
+    }
+
+    /**
+     * Tests the creation of usernames when EXTERNAL authentication is used.
+     * The username should be created as full DN when the useFullDN option is used.
+     */
+    public void testExternalAuthenticationManagerUsernameAsDN() throws Exception
+    {
+        JMXTestUtils jmxUtils = new JMXTestUtils(this);
+        jmxUtils.setUp();
+
+        setCommonBrokerSSLProperties(true);
+        getBrokerConfiguration().setObjectAttribute(TestBrokerConfiguration.ENTRY_NAME_SSL_PORT, Port.AUTHENTICATION_PROVIDER, TestBrokerConfiguration.ENTRY_NAME_EXTERNAL_PROVIDER);
+        getBrokerConfiguration().setObjectAttribute(TestBrokerConfiguration.ENTRY_NAME_EXTERNAL_PROVIDER, ExternalAuthenticationManagerFactory.ATTRIBUTE_USE_FULL_DN, "true");
+
+        super.setUp();
+
+        setClientKeystoreProperties();
+        setClientTrustoreProperties();
+
+        try
+        {
+            getExternalSSLConnection(false);
+        }
+        catch (JMSException e)
+        {
+            fail("Should be able to create a connection to the SSL port: " + e.getMessage());
+        }
+
+        // Getting the used username using JMX
+        jmxUtils.open();
+        List<ManagedConnection> connections = jmxUtils.getManagedConnections("test");
+        assertNotNull("Connections are null", connections);
+        assertEquals("Unexpected number of connections", 1, connections.size());
+        assertEquals("Wrong authorized ID", "CN=app2@acme.org,OU=art,O=acme,L=Toronto,ST=ON,C=CA", connections.get(0).getAuthorizedId());
+    }
+
     private Connection getExternalSSLConnection(boolean includeUserNameAndPassword) throws Exception
     {
         String url = "amqp://%s@test/?brokerlist='tcp://localhost:%s?ssl='true'&sasl_mechs='EXTERNAL''";



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org