WRAP_HOSTNAME = "kdc.mag.dev"
WRAP_IPADDR = '127.0.0.9'
+WRAP_HTTP_PORT = '80'
+WRAP_PROXY_PORT = '8080'
def setup_wrappers(base):
wenv = {'LD_PRELOAD': 'libsocket_wrapper.so libnss_wrapper.so',
'SOCKET_WRAPPER_DIR': wrapdir,
'SOCKET_WRAPPER_DEFAULT_IFACE': '9',
+ 'WRAP_PROXY_PORT': WRAP_PROXY_PORT,
'NSS_WRAPPER_HOSTNAME': WRAP_HOSTNAME,
'NSS_WRAPPER_HOSTS': hosts_file}
}
[domain_realm]
- .mag.dev = MAG.DEV
- mag.dev = MAG.DEV
+ .mag.dev = ${TESTREALM}
+ mag.dev = ${TESTREALM}
[dbmodules]
${TESTREALM} = {
kdcenv = {'PATH': '/sbin:/bin:/usr/sbin:/usr/bin',
'KRB5_CONFIG': krb5conf,
- 'KRB5_KDC_PROFILE': kdcconf}
+ 'KRB5_KDC_PROFILE': kdcconf,
+ 'KRB5_TRACE': os.path.join(testdir, 'krbtrace.log')}
kdcenv.update(wrapenv)
with (open(testlog, 'a')) as logfile:
USR_NAME = "maguser"
USR_PWD = "magpwd"
+USR_NAME_2 = "maguser2"
+USR_PWD_2 = "magpwd2"
SVC_KTNAME = "httpd/http.keytab"
KEY_TYPE = "aes256-cts-hmac-sha1-96:normal"
with (open(testlog, 'a')) as logfile:
kadmin_local(cmd, env, logfile)
+ cmd = "addprinc -pw %s -e %s %s" % (USR_PWD_2, KEY_TYPE, USR_NAME_2)
+ with (open(testlog, 'a')) as logfile:
+ kadmin_local(cmd, env, logfile)
+
keys_env = { "KRB5_KTNAME": svc_keytab }
keys_env.update(env)
text = t.substitute({'HTTPROOT': httpdir,
'HTTPNAME': WRAP_HOSTNAME,
'HTTPADDR': WRAP_IPADDR,
- 'HTTPPORT': '80'})
+ 'PROXYPORT': WRAP_PROXY_PORT,
+ 'HTTPPORT': WRAP_HTTP_PORT})
config = os.path.join(httpdir, 'httpd.conf')
with open(config, 'w+') as f:
f.write(text)
else:
sys.stderr.write('SPNEGO: SUCCESS\n')
+ with (open(testlog, 'a')) as logfile:
+ spnego = subprocess.Popen(["tests/t_spnego_proxy.py"],
+ stdout=logfile, stderr=logfile,
+ env=testenv, preexec_fn=os.setsid)
+ spnego.wait()
+ if spnego.returncode != 0:
+ sys.stderr.write('SPNEGO Proxy Auth: FAILED\n')
+ else:
+ sys.stderr.write('SPNEGO Proxy Auth: SUCCESS\n')
+
+
+def test_basic_auth_krb5(testdir, testenv, testlog):
+
+ basicdir = os.path.join(testdir, 'httpd', 'html', 'basic_auth_krb5')
+ os.mkdir(basicdir)
+ shutil.copy('tests/index.html', basicdir)
+
+ with (open(testlog, 'a')) as logfile:
+ basick5 = subprocess.Popen(["tests/t_basic_k5.py"],
+ stdout=logfile, stderr=logfile,
+ env=testenv, preexec_fn=os.setsid)
+ basick5.wait()
+ if basick5.returncode != 0:
+ sys.stderr.write('BASIC-AUTH: FAILED\n')
+ else:
+ sys.stderr.write('BASIC-AUTH: SUCCESS\n')
+
+ with (open(testlog, 'a')) as logfile:
+ basick5 = subprocess.Popen(["tests/t_basic_k5_two_users.py"],
+ stdout=logfile, stderr=logfile,
+ env=testenv, preexec_fn=os.setsid)
+ basick5.wait()
+ if basick5.returncode != 0:
+ sys.stderr.write('BASIC-AUTH Two Users: FAILED\n')
+ else:
+ sys.stderr.write('BASIC-AUTH Two Users: SUCCESS\n')
+
+ with (open(testlog, 'a')) as logfile:
+ basick5 = subprocess.Popen(["tests/t_basic_k5_fail_second.py"],
+ stdout=logfile, stderr=logfile,
+ env=testenv, preexec_fn=os.setsid)
+ basick5.wait()
+ if basick5.returncode != 0:
+ sys.stderr.write('BASIC Fail Second User: FAILED\n')
+ else:
+ sys.stderr.write('BASIC Fail Second User: SUCCESS\n')
+
+ with (open(testlog, 'a')) as logfile:
+ basick5 = subprocess.Popen(["tests/t_basic_proxy.py"],
+ stdout=logfile, stderr=logfile,
+ env=testenv, preexec_fn=os.setsid)
+ basick5.wait()
+ if basick5.returncode != 0:
+ sys.stderr.write('BASIC Proxy Auth: FAILED\n')
+ else:
+ sys.stderr.write('BASIC Proxy Auth: SUCCESS\n')
+
if __name__ == '__main__':
kdcproc, kdcenv = setup_kdc(testdir, wrapenv)
processes['KDC(%d)' % kdcproc.pid] = kdcproc
- httpproc = setup_http(testdir, wrapenv)
+ httpproc = setup_http(testdir, kdcenv)
processes['HTTPD(%d)' % httpproc.pid] = httpproc
keysenv = setup_keys(testdir, kdcenv)
test_spnego_auth(testdir, testenv, testlog)
+
+ testenv = {'MAG_USER_NAME': USR_NAME,
+ 'MAG_USER_PASSWORD': USR_PWD,
+ 'MAG_USER_NAME_2': USR_NAME_2,
+ 'MAG_USER_PASSWORD_2': USR_PWD_2}
+ testenv.update(kdcenv)
+ test_basic_auth_krb5(testdir, testenv, testlog)
+
finally:
with (open(testlog, 'a')) as logfile:
for name in processes:
projects / mod_auth_gssapi.git / blobdiff