Examples of org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandlerTests

• org.jasig.cas.adaptors.x509.web.flow.X509CertificateCredentialsNonInteractiveAction
  Unit test for {@link X509CredentialsAuthenticationHandler} class. @author Scott Battaglia @author Marvin S. Addison @version $Revision: 22862 $ @since 3.0.4

    extends AbstractX509CertificateTests {

    X509CertificateCredentialsToIdentifierPrincipalResolver resolver = new X509CertificateCredentialsToIdentifierPrincipalResolver();

    public void testResolvePrincipalInternal() throws Exception {
        final X509CertificateCredentials credentials = new X509CertificateCredentials(
            new X509Certificate[0]);
        credentials.setCertificate(getTestCertificate());

        this.resolver.setIdentifier("$C, $CN");
        assertEquals("The principals should match", this.resolver.resolvePrincipal(
            credentials).getId(), "SE, test testsson");
        assertFalse("The principals should not match", this.resolver

        assertFalse("The principals should not match", this.resolver
            .resolvePrincipal(credentials).getId().equals("SE, Altcom Test"));
    }

    public void testSupport() {
        final X509CertificateCredentials c = new X509CertificateCredentials(new X509Certificate[] {VALID_CERTIFICATE});
        assertTrue(this.resolver.supports(c));
    }

    extends AbstractX509CertificateTests {

    private X509CertificateCredentialsToDistinguishedNamePrincipalResolver resolver = new X509CertificateCredentialsToDistinguishedNamePrincipalResolver();

    public void testResolvePrincipalInternal() {
        final X509CertificateCredentials c = new X509CertificateCredentials(new X509Certificate[] {VALID_CERTIFICATE});
        c.setCertificate(VALID_CERTIFICATE);
        assertEquals(VALID_CERTIFICATE.getSubjectDN().getName(), this.resolver.resolvePrincipal(c).getId());
    }

        final X509CredentialsAuthenticationHandler a = new X509CredentialsAuthenticationHandler();
        a.setTrustedIssuerDnPattern("CN=\\w+,DC=jasig,DC=org");

        authenticationManager.setAuthenticationHandlers(Arrays.asList(new AuthenticationHandler[] {a}));
        authenticationManager.setCredentialsToPrincipalResolvers(Arrays.asList(new CredentialsToPrincipalResolver[] {new X509CertificateCredentialsToSerialNumberPrincipalResolver()}));

        centralAuthenticationService.setTicketGrantingTicketUniqueTicketIdGenerator(new DefaultUniqueTicketIdGenerator());
        centralAuthenticationService.setUniqueTicketIdGeneratorsForService(idGenerators);
        centralAuthenticationService.setServiceTicketExpirationPolicy(new NeverExpiresExpirationPolicy());
        centralAuthenticationService.setTicketGrantingTicketExpirationPolicy(new NeverExpiresExpirationPolicy());

        super(certFiles, expected);

        this.checker = checker;
        this.checker.setExpiredCRLPolicy(expiredCRLPolicy);
        this.webServer = new MockWebServer(8085, new ClassPathResource(crlFile), "text/plain");
    }

      // Expect expired for zero leniency on CRL expiring 1ms ago
      final ThresholdExpiredCRLRevocationPolicy zeroThreshold = new ThresholdExpiredCRLRevocationPolicy();
      zeroThreshold.setThreshold(0);
      params.add(new Object[] {
          zeroThreshold,
          new MockX509CRL(issuer, oneHourAgo, new Date(now.getTime() - 1)),
          new ExpiredCRLException("CN=CAS", new Date()),
      });

      // Test case #2
      // Expect expired for 1h leniency on CRL expired 1 hour 1ms ago
      final ThresholdExpiredCRLRevocationPolicy oneHourThreshold = new ThresholdExpiredCRLRevocationPolicy();
      oneHourThreshold.setThreshold(3600);
      params.add(new Object[] {
          oneHourThreshold,
          new MockX509CRL(issuer, twoHoursAgo, new Date(oneHourAgo.getTime() - 1)),
          new ExpiredCRLException("CN=CAS", new Date()),
      });

      // Test case #3
      // Expect valid for 1h leniency on CRL expired 30m ago
      params.add(new Object[] {
          oneHourThreshold,
          new MockX509CRL(issuer, twoHoursAgo, halfHourAgo),
          null,
      });

      return params;
    }

    AbstractX509CertificateTests {

    private X509CertificateCredentialsNonInteractiveAction action;

    protected void setUp() throws Exception {
        this.action = new X509CertificateCredentialsNonInteractiveAction();
        final CentralAuthenticationServiceImpl centralAuthenticationService = new CentralAuthenticationServiceImpl();
        centralAuthenticationService.setTicketRegistry(new DefaultTicketRegistry());
        final Map<String, UniqueTicketIdGenerator> idGenerators = new HashMap<String, UniqueTicketIdGenerator>();
        idGenerators.put(SimpleWebApplicationServiceImpl.class.getName(), new DefaultUniqueTicketIdGenerator());