1 /*
2 * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 /*
24 * @test
25 * @bug 6966259
26 * @summary Make PrincipalName and Realm immutable
27 * @modules java.security.jgss/sun.security.krb5
28 * @run main/othervm Constructors
29 */
30
31 import java.util.Arrays;
32 import sun.security.krb5.*;
33
34 public class Constructors {
35 public static void main(String[] args) throws Exception {
36
37 int type;
38 boolean testNoDefaultDomain;
39
40 // Part 1: on format
41
42 // Good ones
43 type = PrincipalName.KRB_NT_UNKNOWN;
44 checkName("a", type, "R", "R", "a");
45 checkName("a@R2", type, "R", "R", "a");
46 checkName("a/b", type, "R", "R", "a", "b");
47 checkName("a/b@R2", type, "R", "R", "a", "b");
48 checkName("a/b/c", type, "R", "R", "a", "b", "c");
49 checkName("a/b/c@R2", type, "R", "R", "a", "b", "c");
50 // Weird ones
51 checkName("a\\/b", type, "R", "R", "a/b");
52 checkName("a\\/b\\/c", type, "R", "R", "a/b/c");
53 checkName("a\\/b\\@R2", type, "R", "R", "a/b@R2");
54 // Bad ones
55 checkName("a", type, "", null);
56 checkName("a/", type, "R", null);
57 checkName("/a", type, "R", null);
58 checkName("a//b", type, "R", null);
59 checkName("a@", type, null, null);
60 type = PrincipalName.KRB_NT_SRV_HST;
61
62 // Part 2: on realm choices
63
64 // When there is no default realm
65 System.setProperty("java.security.krb5.conf",
66 System.getProperty("test.src", ".") + "/empty.conf");
67 Config.refresh();
68
69 // A Windows client login to AD always has a default realm
70 try {
71 Realm r = Realm.getDefault();
72 System.out.println("testNoDefaultDomain = false. Realm is " + r);
73 testNoDefaultDomain = false;
74 } catch (RealmException re) {
75 // Great. This is what we expected
76 testNoDefaultDomain = true;
77 }
78
79 if (testNoDefaultDomain) {
80 type = PrincipalName.KRB_NT_UNKNOWN;
81 checkName("a", type, "R1", "R1", "a"); // arg
82 checkName("a@R1", type, null, "R1", "a"); // or r in name
83 checkName("a@R2", type, "R1", "R1", "a"); // arg over r
84 checkName("a", type, null, null); // fail if none
85 checkName("a/b@R1", type, null, "R1", "a", "b");
86 type = PrincipalName.KRB_NT_SRV_HST;
87 // Let's pray "b.h" won't be canonicalized
88 checkName("a/b.h", type, "R1", "R1", "a", "b.h"); // arg
89 checkName("a/b.h@R1", type, null, "R1", "a", "b.h"); // or r in name
90 checkName("a/b.h@R1", type, "R2", "R2", "a", "b.h"); // arg over r
91 checkName("a/b.h", type, null, null); // fail if none
92 }
93
94 // When there is default realm
95 System.setProperty("java.security.krb5.conf",
96 System.getProperty("test.src", ".") + "/krb5.conf");
97 Config.refresh();
98
99 type = PrincipalName.KRB_NT_UNKNOWN;
100 checkName("a", type, "R1", "R1", "a"); // arg
101 checkName("a@R1", type, null, "R1", "a"); // or r in name
102 checkName("a@R2", type, "R1", "R1", "a"); // arg over r
103 checkName("a", type, null, "R", "a"); // default
104 checkName("a/b", type, null, "R", "a", "b");
105 type = PrincipalName.KRB_NT_SRV_HST;
106 checkName("a/b.h3", type, "R1", "R1", "a", "b.h3"); // arg
107 checkName("a/b.h@R1", type, null, "R1", "a", "b.h"); // or r in name
108 checkName("a/b.h3@R2", type, "R1", "R1", "a", "b.h3"); // arg over r
109 checkName("a/b.h2", type, "R1", "R1", "a", "b.h2"); // arg over map
110 checkName("a/b.h2@R1", type, null, "R1", "a", "b.h2"); // r over map
111 checkName("a/b.h2", type, null, "R2", "a", "b.h2"); // map
112 checkName("a/b.h", type, null, "R", "a", "b.h"); // default
113 }
114
115 // Check if the creation matches the expected output.
116 // Note: realm == null means creation failure
117 static void checkName(String n, int t, String s,
118 String realm, String... parts)
119 throws Exception {
120 PrincipalName pn = null;
121 try {
122 pn = new PrincipalName(n, t, s);
123 } catch (Exception e) {
124 if (realm == null) {
125 return; // This is expected
126 } else {
127 throw e;
128 }
129 }
130 if (!pn.getRealmAsString().equals(realm)
131 || !Arrays.equals(pn.getNameStrings(), parts)) {
132 throw new Exception(pn.toString() + " vs "
133 + Arrays.toString(parts) + "@" + realm);
134 }
135 }
136 }