/// <exception cref="System.Exception"/>
public static void ProvisionPasswordsToCredentialProvider()
{
FilePath testDir = new FilePath(Runtime.GetProperty("test.build.data", "target/test-dir"
));
Configuration conf = new Configuration();
Path jksPath = new Path(testDir.ToString(), "test.jks");
string ourUrl = JavaKeyStoreProvider.SchemeName + "://file" + jksPath.ToUri();
FilePath file = new FilePath(testDir, "test.jks");
file.Delete();
conf.Set(CredentialProviderFactory.CredentialProviderPath, ourUrl);
CredentialProvider provider = CredentialProviderFactory.GetProviders(conf)[0];
char[] keypass = new char[] { 'k', 'e', 'y', 'p', 'a', 's', 's' };
char[] storepass = new char[] { 's', 't', 'o', 'r', 'e', 'p', 'a', 's', 's' };
// create new aliases
try
{
provider.CreateCredentialEntry(FileBasedKeyStoresFactory.ResolvePropertyName(SSLFactory.Mode
.Server, FileBasedKeyStoresFactory.SslKeystorePasswordTplKey), storepass);
provider.CreateCredentialEntry(FileBasedKeyStoresFactory.ResolvePropertyName(SSLFactory.Mode
.Server, FileBasedKeyStoresFactory.SslKeystoreKeypasswordTplKey), keypass);
// write out so that it can be found in checks
provider.Flush();
}
catch (Exception e)
{
Runtime.PrintStackTrace(e);
throw;
}
}
public virtual void TestGetPassword()
{
FilePath testDir = new FilePath(Runtime.GetProperty("test.build.data", "target/test-dir"
));
Configuration conf = new Configuration();
Path jksPath = new Path(testDir.ToString(), "test.jks");
string ourUrl = JavaKeyStoreProvider.SchemeName + "://file" + jksPath.ToUri();
FilePath file = new FilePath(testDir, "test.jks");
file.Delete();
conf.Set(CredentialProviderFactory.CredentialProviderPath, ourUrl);
CredentialProvider provider = CredentialProviderFactory.GetProviders(conf)[0];
char[] keypass = new char[] { 'k', 'e', 'y', 'p', 'a', 's', 's' };
char[] storepass = new char[] { 's', 't', 'o', 'r', 'e', 'p', 'a', 's', 's' };
char[] trustpass = new char[] { 't', 'r', 'u', 's', 't', 'p', 'a', 's', 's' };
// ensure that we get nulls when the key isn't there
NUnit.Framework.Assert.AreEqual(null, provider.GetCredentialEntry(DFSConfigKeys.DfsServerHttpsKeypasswordKey
));
NUnit.Framework.Assert.AreEqual(null, provider.GetCredentialEntry(DFSConfigKeys.DfsServerHttpsKeystorePasswordKey
));
NUnit.Framework.Assert.AreEqual(null, provider.GetCredentialEntry(DFSConfigKeys.DfsServerHttpsTruststorePasswordKey
));
// create new aliases
try
{
provider.CreateCredentialEntry(DFSConfigKeys.DfsServerHttpsKeypasswordKey, keypass
);
provider.CreateCredentialEntry(DFSConfigKeys.DfsServerHttpsKeystorePasswordKey, storepass
);
provider.CreateCredentialEntry(DFSConfigKeys.DfsServerHttpsTruststorePasswordKey,
trustpass);
// write out so that it can be found in checks
provider.Flush();
}
catch (Exception e)
{
Sharpen.Runtime.PrintStackTrace(e);
throw;
}
// make sure we get back the right key directly from api
Assert.AssertArrayEquals(keypass, provider.GetCredentialEntry(DFSConfigKeys.DfsServerHttpsKeypasswordKey
).GetCredential());
Assert.AssertArrayEquals(storepass, provider.GetCredentialEntry(DFSConfigKeys.DfsServerHttpsKeystorePasswordKey
).GetCredential());
Assert.AssertArrayEquals(trustpass, provider.GetCredentialEntry(DFSConfigKeys.DfsServerHttpsTruststorePasswordKey
).GetCredential());
// use WebAppUtils as would be used by loadSslConfiguration
NUnit.Framework.Assert.AreEqual("keypass", DFSUtil.GetPassword(conf, DFSConfigKeys
.DfsServerHttpsKeypasswordKey));
NUnit.Framework.Assert.AreEqual("storepass", DFSUtil.GetPassword(conf, DFSConfigKeys
.DfsServerHttpsKeystorePasswordKey));
NUnit.Framework.Assert.AreEqual("trustpass", DFSUtil.GetPassword(conf, DFSConfigKeys
.DfsServerHttpsTruststorePasswordKey));
// let's make sure that a password that doesn't exist returns null
NUnit.Framework.Assert.AreEqual(null, DFSUtil.GetPassword(conf, "invalid-alias"));
}
public virtual void TestConfGetPassword()
{
FilePath testDir = new FilePath(Runtime.GetProperty("test.build.data", "target/test-dir"
));
Configuration conf = new Configuration();
Path jksPath = new Path(testDir.ToString(), "test.jks");
string ourUrl = JavaKeyStoreProvider.SchemeName + "://file" + jksPath.ToUri();
FilePath file = new FilePath(testDir, "test.jks");
file.Delete();
conf.Set(CredentialProviderFactory.CredentialProviderPath, ourUrl);
CredentialProvider provider = CredentialProviderFactory.GetProviders(conf)[0];
char[] bindpass = new char[] { 'b', 'i', 'n', 'd', 'p', 'a', 's', 's' };
char[] storepass = new char[] { 's', 't', 'o', 'r', 'e', 'p', 'a', 's', 's' };
// ensure that we get nulls when the key isn't there
Assert.Equal(null, provider.GetCredentialEntry(LdapGroupsMapping
.BindPasswordKey));
Assert.Equal(null, provider.GetCredentialEntry(LdapGroupsMapping
.LdapKeystorePasswordKey));
// create new aliases
try
{
provider.CreateCredentialEntry(LdapGroupsMapping.BindPasswordKey, bindpass);
provider.CreateCredentialEntry(LdapGroupsMapping.LdapKeystorePasswordKey, storepass
);
provider.Flush();
}
catch (Exception e)
{
Runtime.PrintStackTrace(e);
throw;
}
// make sure we get back the right key
Assert.AssertArrayEquals(bindpass, provider.GetCredentialEntry(LdapGroupsMapping.
BindPasswordKey).GetCredential());
Assert.AssertArrayEquals(storepass, provider.GetCredentialEntry(LdapGroupsMapping
.LdapKeystorePasswordKey).GetCredential());
LdapGroupsMapping mapping = new LdapGroupsMapping();
Assert.Equal("bindpass", mapping.GetPassword(conf, LdapGroupsMapping
.BindPasswordKey, string.Empty));
Assert.Equal("storepass", mapping.GetPassword(conf, LdapGroupsMapping
.LdapKeystorePasswordKey, string.Empty));
// let's make sure that a password that doesn't exist returns an
// empty string as currently expected and used to trigger a call to
// extract password
Assert.Equal(string.Empty, mapping.GetPassword(conf, "invalid-alias"
, string.Empty));
}
/// <exception cref="System.IO.IOException"/>
/// <exception cref="System.Exception"/>
protected internal virtual Configuration ProvisionCredentialsForSSL()
{
FilePath testDir = new FilePath(Runtime.GetProperty("test.build.data", "target/test-dir"
));
Configuration conf = new Configuration();
Path jksPath = new Path(testDir.ToString(), "test.jks");
string ourUrl = JavaKeyStoreProvider.SchemeName + "://file" + jksPath.ToUri();
FilePath file = new FilePath(testDir, "test.jks");
file.Delete();
conf.Set(CredentialProviderFactory.CredentialProviderPath, ourUrl);
CredentialProvider provider = CredentialProviderFactory.GetProviders(conf)[0];
char[] keypass = new char[] { 'k', 'e', 'y', 'p', 'a', 's', 's' };
char[] storepass = new char[] { 's', 't', 'o', 'r', 'e', 'p', 'a', 's', 's' };
char[] trustpass = new char[] { 't', 'r', 'u', 's', 't', 'p', 'a', 's', 's' };
// ensure that we get nulls when the key isn't there
NUnit.Framework.Assert.AreEqual(null, provider.GetCredentialEntry(WebAppUtils.WebAppKeyPasswordKey
));
NUnit.Framework.Assert.AreEqual(null, provider.GetCredentialEntry(WebAppUtils.WebAppKeystorePasswordKey
));
NUnit.Framework.Assert.AreEqual(null, provider.GetCredentialEntry(WebAppUtils.WebAppTruststorePasswordKey
));
// create new aliases
try
{
provider.CreateCredentialEntry(WebAppUtils.WebAppKeyPasswordKey, keypass);
provider.CreateCredentialEntry(WebAppUtils.WebAppKeystorePasswordKey, storepass);
provider.CreateCredentialEntry(WebAppUtils.WebAppTruststorePasswordKey, trustpass
);
// write out so that it can be found in checks
provider.Flush();
}
catch (Exception e)
{
Sharpen.Runtime.PrintStackTrace(e);
throw;
}
// make sure we get back the right key directly from api
Assert.AssertArrayEquals(keypass, provider.GetCredentialEntry(WebAppUtils.WebAppKeyPasswordKey
).GetCredential());
Assert.AssertArrayEquals(storepass, provider.GetCredentialEntry(WebAppUtils.WebAppKeystorePasswordKey
).GetCredential());
Assert.AssertArrayEquals(trustpass, provider.GetCredentialEntry(WebAppUtils.WebAppTruststorePasswordKey
).GetCredential());
return(conf);
}
