View Javadoc

1   /***
2    *  Copyright 2003-2007 Greg Luck
3    *
4    *  Licensed under the Apache License, Version 2.0 (the "License");
5    *  you may not use this file except in compliance with the License.
6    *  You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *  Unless required by applicable law or agreed to in writing, software
11   *  distributed under the License is distributed on an "AS IS" BASIS,
12   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *  See the License for the specific language governing permissions and
14   *  limitations under the License.
15   */
16  
17  package net.sf.jpam;
18  
19  import org.apache.commons.logging.Log;
20  import org.apache.commons.logging.LogFactory;
21  
22  /***
23   * Performs tests on the Pam class using the DigiPass service. Digipass uses the PAM Radius module.
24   * <p/>
25   * Before running you need to do some configuration:
26   * <p/>
27   * 1. Copy the net-sf-jpam-digipass config file to /etc/pam.d. You need to be root to do this.
28   * 2. Create a user called test in the DigiPass server
29   * 3. Have a DigiPass token set up on the DigiPass server.
30   * 5. Verify that the all is working using the Radius test tool radtest.
31   * 6. Verify that the pam_securid.so PAM module is working. Change a service like login to use it and test it.
32   * 7. Make sure the user has permission to all of the files in /opt/pam and /lib/security/
33   *
34   * @author <a href="mailto:gluck@thoughtworks.com">Greg Luck</a>
35   * @version $Id: DigiPassTest.java 1 2006-12-31 23:27:21Z gregluck $
36   */
37  public class DigiPassTest extends AbstractPamTest {
38  
39      private static final String RADIUS_SERVICE = "net-sf-jpam-digipass";
40  
41      private static final Log LOG = LogFactory.getLog(DigiPassTest.class.getName());
42  
43  
44  
45      /***
46       * A positive test that a known correct username and credentials are authenticated
47       *
48       * You need to replace the key with the number from the token and run the test before it changes
49       * which is a maximum of 1 minute.
50       */
51      public void xTestUserAuthenticated() {
52          Pam pam = new Pam(RADIUS_SERVICE);
53          assertTrue("Test user authenticated: ", pam.authenticateSuccessful(user1Name, "1234745549"));
54      }
55  
56  
57      /***
58       * A negative test that a known correct username and and known incorrect
59       * credentials are  not authenticated
60       */
61      public void testUserWithBadCredentialsNotAuthenticated() {
62          Pam pam = new Pam(RADIUS_SERVICE);
63          assertFalse("Test user authenticated: ", pam.authenticateSuccessful(user1Name, user1BadCredentials));
64      }
65  
66  
67      /***
68       * A negative test that a known correct username and and known incorrect
69       * credentials are  not authenticated
70       */
71      public void testUserWithUnkownUserName() {
72          Pam pam = new Pam(RADIUS_SERVICE);
73          assertFalse("Test user authenticated: ", pam.authenticateSuccessful("zzzunknown", user1Credentials));
74      }
75  
76      /***
77       * Stress tests jpam with net-sf-jpam-securid
78       * @throws InterruptedException
79       */
80      public void testJPamConcurrent() throws InterruptedException {
81          concurrentPamStressTest(new Pam("net-sf-jpam-digipass"), 
82                  new PamReturnValue[] {PamReturnValue.PAM_AUTH_ERR, PamReturnValue.PAM_AUTH_ERR});
83      }
84  }