1 /*** 2 * Copyright 2003-2007 Greg Luck 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package net.sf.jpam; 18 19 import org.apache.commons.logging.Log; 20 import org.apache.commons.logging.LogFactory; 21 22 /*** 23 * Performs tests on the Pam class using the DigiPass service. Digipass uses the PAM Radius module. 24 * <p/> 25 * Before running you need to do some configuration: 26 * <p/> 27 * 1. Copy the net-sf-jpam-digipass config file to /etc/pam.d. You need to be root to do this. 28 * 2. Create a user called test in the DigiPass server 29 * 3. Have a DigiPass token set up on the DigiPass server. 30 * 5. Verify that the all is working using the Radius test tool radtest. 31 * 6. Verify that the pam_securid.so PAM module is working. Change a service like login to use it and test it. 32 * 7. Make sure the user has permission to all of the files in /opt/pam and /lib/security/ 33 * 34 * @author <a href="mailto:gluck@thoughtworks.com">Greg Luck</a> 35 * @version $Id: DigiPassTest.java 1 2006-12-31 23:27:21Z gregluck $ 36 */ 37 public class DigiPassTest extends AbstractPamTest { 38 39 private static final String RADIUS_SERVICE = "net-sf-jpam-digipass"; 40 41 private static final Log LOG = LogFactory.getLog(DigiPassTest.class.getName()); 42 43 44 45 /*** 46 * A positive test that a known correct username and credentials are authenticated 47 * 48 * You need to replace the key with the number from the token and run the test before it changes 49 * which is a maximum of 1 minute. 50 */ 51 public void xTestUserAuthenticated() { 52 Pam pam = new Pam(RADIUS_SERVICE); 53 assertTrue("Test user authenticated: ", pam.authenticateSuccessful(user1Name, "1234745549")); 54 } 55 56 57 /*** 58 * A negative test that a known correct username and and known incorrect 59 * credentials are not authenticated 60 */ 61 public void testUserWithBadCredentialsNotAuthenticated() { 62 Pam pam = new Pam(RADIUS_SERVICE); 63 assertFalse("Test user authenticated: ", pam.authenticateSuccessful(user1Name, user1BadCredentials)); 64 } 65 66 67 /*** 68 * A negative test that a known correct username and and known incorrect 69 * credentials are not authenticated 70 */ 71 public void testUserWithUnkownUserName() { 72 Pam pam = new Pam(RADIUS_SERVICE); 73 assertFalse("Test user authenticated: ", pam.authenticateSuccessful("zzzunknown", user1Credentials)); 74 } 75 76 /*** 77 * Stress tests jpam with net-sf-jpam-securid 78 * @throws InterruptedException 79 */ 80 public void testJPamConcurrent() throws InterruptedException { 81 concurrentPamStressTest(new Pam("net-sf-jpam-digipass"), 82 new PamReturnValue[] {PamReturnValue.PAM_AUTH_ERR, PamReturnValue.PAM_AUTH_ERR}); 83 } 84 }