From 47de8ee6c742264ff03e9e3786cca3dabbedff4c Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sat, 4 Jul 2015 11:11:16 -0400 Subject: [PATCH 1/1] Add basic auth test Signed-off-by: Simo Sorce --- tests/httpd.conf | 12 ++++++++++++ tests/magtests.py | 28 ++++++++++++++++++++++++++-- tests/t_basic_k5.py | 14 ++++++++++++++ 3 files changed, 52 insertions(+), 2 deletions(-) create mode 100755 tests/t_basic_k5.py diff --git a/tests/httpd.conf b/tests/httpd.conf index 517203f..77701f9 100644 --- a/tests/httpd.conf +++ b/tests/httpd.conf @@ -132,3 +132,15 @@ CoreDumpDirectory /tmp Require valid-user + + AuthType GSSAPI + AuthName "Password Login" + GssapiSSLonly Off + GssapiCredStore ccache:${HTTPROOT}/tmp/httpd_krb5_ccache + GssapiCredStore client_keytab:${HTTPROOT}/http.keytab + GssapiCredStore keytab:${HTTPROOT}/http.keytab + GssapiBasicAuth On + GssapiBasicAuthMech krb5 + Require valid-user + + diff --git a/tests/magtests.py b/tests/magtests.py index 4d4cb49..27f55f2 100755 --- a/tests/magtests.py +++ b/tests/magtests.py @@ -135,7 +135,8 @@ def setup_kdc(testdir, wrapenv): kdcenv = {'PATH': '/sbin:/bin:/usr/sbin:/usr/bin', 'KRB5_CONFIG': krb5conf, - 'KRB5_KDC_PROFILE': kdcconf} + 'KRB5_KDC_PROFILE': kdcconf, + 'KRB5_TRACE': os.path.join(testdir, 'krbtrace.log')} kdcenv.update(wrapenv) with (open(testlog, 'a')) as logfile: @@ -263,6 +264,23 @@ def test_spnego_auth(testdir, testenv, testlog): sys.stderr.write('SPNEGO: SUCCESS\n') +def test_basic_auth_krb5(testdir, testenv, testlog): + + basicdir = os.path.join(testdir, 'httpd', 'html', 'basic_auth_krb5') + os.mkdir(basicdir) + shutil.copy('tests/index.html', basicdir) + + with (open(testlog, 'a')) as logfile: + basick5 = subprocess.Popen(["tests/t_basic_k5.py"], + stdout=logfile, stderr=logfile, + env=testenv, preexec_fn=os.setsid) + basick5.wait() + if basick5.returncode != 0: + sys.stderr.write('BASIC-AUTH: FAILED\n') + else: + sys.stderr.write('BASIC-AUTH: SUCCESS\n') + + if __name__ == '__main__': args = parse_args() @@ -282,7 +300,7 @@ if __name__ == '__main__': kdcproc, kdcenv = setup_kdc(testdir, wrapenv) processes['KDC(%d)' % kdcproc.pid] = kdcproc - httpproc = setup_http(testdir, wrapenv) + httpproc = setup_http(testdir, kdcenv) processes['HTTPD(%d)' % httpproc.pid] = httpproc keysenv = setup_keys(testdir, kdcenv) @@ -290,6 +308,12 @@ if __name__ == '__main__': test_spnego_auth(testdir, testenv, testlog) + + testenv = {'MAG_USER_NAME': USR_NAME, + 'MAG_USER_PASSWORD': USR_PWD} + testenv.update(kdcenv) + test_basic_auth_krb5(testdir, testenv, testlog) + finally: with (open(testlog, 'a')) as logfile: for name in processes: diff --git a/tests/t_basic_k5.py b/tests/t_basic_k5.py new file mode 100755 index 0000000..8e4646d --- /dev/null +++ b/tests/t_basic_k5.py @@ -0,0 +1,14 @@ +#!/usr/bin/python +# Copyright (C) 2015 - mod_auth_gssapi contributors, see COPYING for license. + +import os +import requests +from requests.auth import HTTPBasicAuth + + +if __name__ == '__main__': + url = 'http://%s/basic_auth_krb5/' % os.environ['NSS_WRAPPER_HOSTNAME'] + r = requests.get(url, auth=HTTPBasicAuth(os.environ['MAG_USER_NAME'], + os.environ['MAG_USER_PASSWORD'])) + if r.status_code != 200: + raise ValueError('Basic Auth Failed') -- 2.1.4