Add test for basic auth with two different users over the same connection

[mod_auth_gssapi.git] / tests / magtests.py

diff --git a/tests/magtests.py b/tests/magtests.py
index 4d4cb49..e144e83 100755 (executable)
--- a/tests/magtests.py
+++ b/tests/magtests.py
@@ -73,8 +73,8 @@ KRB5_CONF_TEMPLATE = '''
   }
 
 [domain_realm]
-  .mag.dev = MAG.DEV
-  mag.dev = MAG.DEV
+  .mag.dev = ${TESTREALM}
+  mag.dev = ${TESTREALM}
 
 [dbmodules]
   ${TESTREALM} = {
@@ -135,7 +135,8 @@ def setup_kdc(testdir, wrapenv):
 
     kdcenv = {'PATH': '/sbin:/bin:/usr/sbin:/usr/bin',
               'KRB5_CONFIG': krb5conf,
-              'KRB5_KDC_PROFILE': kdcconf}
+              'KRB5_KDC_PROFILE': kdcconf,
+              'KRB5_TRACE': os.path.join(testdir, 'krbtrace.log')}
     kdcenv.update(wrapenv)
 
     with (open(testlog, 'a')) as logfile:
@@ -166,6 +167,8 @@ def kadmin_local(cmd, env, logfile):
 
 USR_NAME = "maguser"
 USR_PWD = "magpwd"
+USR_NAME_2 = "maguser2"
+USR_PWD_2 = "magpwd2"
 SVC_KTNAME = "httpd/http.keytab"
 KEY_TYPE = "aes256-cts-hmac-sha1-96:normal"
 
@@ -187,6 +190,10 @@ def setup_keys(tesdir, env):
     with (open(testlog, 'a')) as logfile:
         kadmin_local(cmd, env, logfile)
 
+    cmd = "addprinc -pw %s -e %s %s" % (USR_PWD_2, KEY_TYPE, USR_NAME_2)
+    with (open(testlog, 'a')) as logfile:
+        kadmin_local(cmd, env, logfile)
+
     keys_env = { "KRB5_KTNAME": svc_keytab }
     keys_env.update(env)
 
@@ -263,6 +270,33 @@ def test_spnego_auth(testdir, testenv, testlog):
             sys.stderr.write('SPNEGO: SUCCESS\n')
 
 
+def test_basic_auth_krb5(testdir, testenv, testlog):
+
+    basicdir = os.path.join(testdir, 'httpd', 'html', 'basic_auth_krb5')
+    os.mkdir(basicdir)
+    shutil.copy('tests/index.html', basicdir)
+
+    with (open(testlog, 'a')) as logfile:
+        basick5 = subprocess.Popen(["tests/t_basic_k5.py"],
+                                   stdout=logfile, stderr=logfile,
+                                   env=testenv, preexec_fn=os.setsid)
+        basick5.wait()
+        if basick5.returncode != 0:
+            sys.stderr.write('BASIC-AUTH: FAILED\n')
+        else:
+            sys.stderr.write('BASIC-AUTH: SUCCESS\n')
+
+    with (open(testlog, 'a')) as logfile:
+        basick5 = subprocess.Popen(["tests/t_basic_k5_two_users.py"],
+                                   stdout=logfile, stderr=logfile,
+                                   env=testenv, preexec_fn=os.setsid)
+        basick5.wait()
+        if basick5.returncode != 0:
+            sys.stderr.write('BASIC-AUTH Two Users: FAILED\n')
+        else:
+            sys.stderr.write('BASIC-AUTH Two Users: SUCCESS\n')
+
+
 if __name__ == '__main__':
 
     args = parse_args()
@@ -282,7 +316,7 @@ if __name__ == '__main__':
         kdcproc, kdcenv = setup_kdc(testdir, wrapenv)
         processes['KDC(%d)' % kdcproc.pid] = kdcproc
 
-        httpproc = setup_http(testdir, wrapenv)
+        httpproc = setup_http(testdir, kdcenv)
         processes['HTTPD(%d)' % httpproc.pid] = httpproc
 
         keysenv = setup_keys(testdir, kdcenv)
@@ -290,6 +324,14 @@ if __name__ == '__main__':
 
         test_spnego_auth(testdir, testenv, testlog)
 
+
+        testenv = {'MAG_USER_NAME': USR_NAME,
+                   'MAG_USER_PASSWORD': USR_PWD,
+                   'MAG_USER_NAME_2': USR_NAME_2,
+                   'MAG_USER_PASSWORD_2': USR_PWD_2}
+        testenv.update(kdcenv)
+        test_basic_auth_krb5(testdir, testenv, testlog)
+
     finally:
         with (open(testlog, 'a')) as logfile:
             for name in processes: