// dynamic configuration of HTTP principals
/// <exception cref="System.Exception"/>
public virtual void TestDynamicPrincipalDiscoveryMissingPrincipals()
{
string[] keytabUsers = new string[] { "hdfs/localhost" };
string keytab = KerberosTestUtils.GetKeytabFile();
GetKdc().CreatePrincipal(new FilePath(keytab), keytabUsers);
// destroy handler created in setUp()
handler.Destroy();
Properties props = new Properties();
props.SetProperty(KerberosAuthenticationHandler.Keytab, keytab);
props.SetProperty(KerberosAuthenticationHandler.Principal, "*");
handler = GetNewAuthenticationHandler();
try
{
handler.Init(props);
NUnit.Framework.Assert.Fail("init should have failed");
}
catch (ServletException ex)
{
Assert.Equal("Principals do not exist in the keytab", ex.InnerException
.Message);
}
catch (Exception t)
{
NUnit.Framework.Assert.Fail("wrong exception: " + t);
}
}
public virtual void Setup()
{
// create keytab
FilePath keytabFile = new FilePath(KerberosTestUtils.GetKeytabFile());
string clientPrincipal = KerberosTestUtils.GetClientPrincipal();
string serverPrincipal = KerberosTestUtils.GetServerPrincipal();
clientPrincipal = Runtime.Substring(clientPrincipal, 0, clientPrincipal.LastIndexOf
("@"));
serverPrincipal = Runtime.Substring(serverPrincipal, 0, serverPrincipal.LastIndexOf
("@"));
GetKdc().CreatePrincipal(keytabFile, clientPrincipal, serverPrincipal);
// handler
handler = GetNewAuthenticationHandler();
Properties props = GetDefaultProperties();
try
{
handler.Init(props);
}
catch (Exception ex)
{
handler = null;
throw;
}
}
// dynamic configuration of HTTP principals
/// <exception cref="System.Exception"/>
public virtual void TestDynamicPrincipalDiscovery()
{
string[] keytabUsers = new string[] { "HTTP/host1", "HTTP/host2", "HTTP2/host1",
"XHTTP/host" };
string keytab = KerberosTestUtils.GetKeytabFile();
GetKdc().CreatePrincipal(new FilePath(keytab), keytabUsers);
// destroy handler created in setUp()
handler.Destroy();
Properties props = new Properties();
props.SetProperty(KerberosAuthenticationHandler.Keytab, keytab);
props.SetProperty(KerberosAuthenticationHandler.Principal, "*");
handler = GetNewAuthenticationHandler();
handler.Init(props);
Assert.Equal(KerberosTestUtils.GetKeytabFile(), handler.GetKeytab
());
ICollection <KerberosPrincipal> loginPrincipals = handler.GetPrincipals();
foreach (string user in keytabUsers)
{
Principal principal = new KerberosPrincipal(user + "@" + KerberosTestUtils.GetRealm
());
bool expected = user.StartsWith("HTTP/");
Assert.Equal("checking for " + user, expected, loginPrincipals
.Contains(principal));
}
}
/// <exception cref="System.Exception"/>
public virtual void TestInit()
{
Assert.Equal(KerberosTestUtils.GetKeytabFile(), handler.GetKeytab
());
ICollection <KerberosPrincipal> principals = handler.GetPrincipals();
Principal expectedPrincipal = new KerberosPrincipal(KerberosTestUtils.GetServerPrincipal
());
Assert.True(principals.Contains(expectedPrincipal));
Assert.Equal(1, principals.Count);
}
protected internal virtual Properties GetDefaultProperties()
{
Properties props = new Properties();
props.SetProperty(KerberosAuthenticationHandler.Principal, KerberosTestUtils.GetServerPrincipal
());
props.SetProperty(KerberosAuthenticationHandler.Keytab, KerberosTestUtils.GetKeytabFile
());
props.SetProperty(KerberosAuthenticationHandler.NameRules, "RULE:[1:$1@$0](.*@" +
KerberosTestUtils.GetRealm() + ")s/@.*//\n");
return(props);
}
private Properties GetAuthenticationHandlerConfiguration()
{
Properties props = new Properties();
props.SetProperty(AuthenticationFilter.AuthType, "kerberos");
props.SetProperty(KerberosAuthenticationHandler.Principal, KerberosTestUtils.GetServerPrincipal
());
props.SetProperty(KerberosAuthenticationHandler.Keytab, KerberosTestUtils.GetKeytabFile
());
props.SetProperty(KerberosAuthenticationHandler.NameRules, "RULE:[1:$1@$0](.*@" +
KerberosTestUtils.GetRealm() + ")s/@.*//\n");
return(props);
}
public virtual void Setup()
{
// create keytab
FilePath keytabFile = new FilePath(KerberosTestUtils.GetKeytabFile());
string clientPrincipal = KerberosTestUtils.GetClientPrincipal();
string serverPrincipal = KerberosTestUtils.GetServerPrincipal();
clientPrincipal = Runtime.Substring(clientPrincipal, 0, clientPrincipal.LastIndexOf
("@"));
serverPrincipal = Runtime.Substring(serverPrincipal, 0, serverPrincipal.LastIndexOf
("@"));
GetKdc().CreatePrincipal(keytabFile, clientPrincipal, serverPrincipal);
}
