1 /*
2 * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 7152176
27 * @summary More krb5 tests
28 * @modules java.base/sun.net.spi.nameservice
29 * java.base/sun.security.util
30 * java.security.jgss/sun.security.jgss
31 * java.security.jgss/sun.security.krb5
32 * java.security.jgss/sun.security.krb5.internal
33 * java.security.jgss/sun.security.krb5.internal.ccache
34 * java.security.jgss/sun.security.krb5.internal.crypto
35 * java.security.jgss/sun.security.krb5.internal.ktab
36 * @compile -XDignore.symbol.file TwoTab.java
37 * @run main/othervm TwoTab
38 */
39
40 import java.io.File;
41 import java.io.FileOutputStream;
42 import java.nio.file.Files;
43 import java.security.Security;
44 import sun.security.jgss.GSSUtil;
45 import sun.security.krb5.PrincipalName;
46 import sun.security.krb5.internal.ktab.KeyTab;
47
48 // Two services using their own keytab.
49 public class TwoTab {
50
51 public static void main(String[] args) throws Exception {
52
53 KDC k = new OneKDC(null);
54
55 // Write JAAS conf, two service using different keytabs
56 System.setProperty("java.security.auth.login.config", OneKDC.JAAS_CONF);
57 File f = new File(OneKDC.JAAS_CONF);
58 try (FileOutputStream fos = new FileOutputStream(f)) {
59 fos.write((
60 "server {\n" +
61 " com.sun.security.auth.module.Krb5LoginModule required\n" +
62 " principal=\"" + OneKDC.SERVER + "\"\n" +
63 " useKeyTab=true\n" +
64 " keyTab=server.keytab\n" +
65 " storeKey=true;\n};\n" +
66 "server2 {\n" +
67 " com.sun.security.auth.module.Krb5LoginModule required\n" +
68 " principal=\"" + OneKDC.BACKEND + "\"\n" +
69 " useKeyTab=true\n" +
70 " keyTab=backend.keytab\n" +
71 " storeKey=true;\n};\n"
72 ).getBytes());
73 }
74 f.deleteOnExit();
75
76 k.writeKtab("server.keytab", false, "server/host.rabbit.hole@RABBIT.HOLE");
77 k.writeKtab("backend.keytab", false, "backend/host.rabbit.hole@RABBIT.HOLE");
78
79 Context c, s, s2;
80 c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
81 s = Context.fromJAAS("server");
82 s2 = Context.fromJAAS("server2");
83
84 c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
85 s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
86
87 Context.handshake(c, s);
88
89 Context.transmit("i say high --", c, s);
90 Context.transmit(" you say low", s, c);
91
92 s.dispose();
93 c.dispose();
94
95 c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
96 c.startAsClient(OneKDC.BACKEND, GSSUtil.GSS_KRB5_MECH_OID);
97 s2.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
98
99 Context.handshake(c, s2);
100
101 Context.transmit("i say high --", c, s2);
102 Context.transmit(" you say low", s2, c);
103
104 s2.dispose();
105 c.dispose();
106 }
107 }