Google Git
Sign in
android / platform / libcore / 71f2c75111e87091616f0f3b86bea6c4d345dad1 / . / test / jdk / sun / net / www / protocol / http / TestTransparentNTLM.java
blob: 0df834765c8eba7f3e08131927fab0fe138685c6 [file] [log] [blame]
/*
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8225425
* @summary Verifies that transparent NTLM (on Windows) is not used by default,
* and is used only when the relevant property is set.
* @requires os.family == "windows"
* @library /test/lib
* @run testng/othervm
* -Dtest.auth.succeed=false
* TestTransparentNTLM
* @run testng/othervm
* -Djdk.http.ntlm.transparentAuth=allHosts
* -Dtest.auth.succeed=true
* TestTransparentNTLM
* @run testng/othervm
* -Djdk.http.ntlm.transparentAuth=blahblah
* -Dtest.auth.succeed=false
* TestTransparentNTLM
* @run testng/othervm
* -Djdk.http.ntlm.transparentAuth=trustedHosts
* -Dtest.auth.succeed=false
* TestTransparentNTLM
*/
// Run with `trustedHosts` to exercise the native code, nothing more.
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.URL;
import jdk.test.lib.net.URIBuilder;
import org.testng.annotations.AfterTest;
import org.testng.annotations.BeforeTest;
import org.testng.annotations.Test;
import org.testng.SkipException;
import static java.lang.System.out;
import static java.net.Proxy.NO_PROXY;
import static java.nio.charset.StandardCharsets.UTF_8;
import static org.testng.Assert.assertEquals;
import static org.testng.Assert.fail;
public class TestTransparentNTLM {
boolean succeed; // true if authentication is expected to succeed
Server server;
URL url;
@Test
public void testNTLM() throws IOException {
out.println("connecting to url: " + url);
HttpURLConnection uc = (HttpURLConnection)url.openConnection(NO_PROXY);
int respCode = uc.getResponseCode();
out.println("received: " + respCode);
if (succeed) {
assertEquals(respCode, HttpURLConnection.HTTP_OK);
String body = new String(uc.getInputStream().readAllBytes(), UTF_8);
out.println("received body: " + body);
} else {
assertEquals(respCode, HttpURLConnection.HTTP_UNAUTHORIZED);
}
}
static class Server extends Thread implements Closeable {
static final InetAddress LOOPBACK = InetAddress.getLoopbackAddress();
final ServerSocket serverSocket;
final boolean expectAuthToSucceed;
Server(boolean expectAuthToSucceed) throws IOException {
super("TestTransparentNTLM-Server");
serverSocket = new ServerSocket();
serverSocket.bind(new InetSocketAddress(LOOPBACK, 0));
this.expectAuthToSucceed = expectAuthToSucceed;
}
int port() {
return serverSocket.getLocalPort();
}
static final String AUTH_REQUIRED =
"HTTP/1.1 401 Unauthorized\r\n" +
"Content-Length: 0\r\n" +
"Connection: close\r\n" +
"WWW-Authenticate: NTLM\r\n\r\n";
static final String AUTH_STAGE_TWO =
"HTTP/1.1 401 Unauthorized\r\n" +
"Content-Length: 0\r\n" +
"WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABggAAU3J2Tm9uY2UAAAAAAAAAAA==\r\n\r\n";
static final String AUTH_SUCCESSFUL =
"HTTP/1.1 200 OK\r\n" +
"Content-Length: 11\r\n\r\n" +
"Hello world";
@Override
public void run() {
try {
try (Socket s = serverSocket.accept()) {
out.println("Server accepted connection - 1");
readRequestHeaders(s.getInputStream());
s.getOutputStream().write(AUTH_REQUIRED.getBytes(UTF_8));
}
if (expectAuthToSucceed) {
// await the second follow up connection
try (Socket s = serverSocket.accept()) {
out.println("Server accepted connection - 2");
readRequestHeaders(s.getInputStream());
s.getOutputStream().write(AUTH_STAGE_TWO.getBytes(UTF_8));
readRequestHeaders(s.getInputStream());
s.getOutputStream().write(AUTH_SUCCESSFUL.getBytes(UTF_8));
}
}
} catch (IOException e) {
fail("Unexpected exception", e);
}
}
@Override
public void close() throws IOException {
serverSocket.close();
}
static final byte[] REQUEST_END = new byte[] {'\r', '\n', '\r', '\n'};
// Read until the end of the HTTP request headers
static void readRequestHeaders(InputStream is) throws IOException {
int requestEndCount = 0, r;
while ((r = is.read()) != -1) {
if (r == REQUEST_END[requestEndCount]) {
requestEndCount++;
if (requestEndCount == 4) {
break;
}
} else {
requestEndCount = 0;
}
}
}
}
@BeforeTest
public void setup() throws Exception {
succeed = System.getProperty("test.auth.succeed").equals("true");
if (succeed)
out.println("Expect client to succeed, with 200 Ok");
else
out.println("Expect client to fail, with 401 Unauthorized");
server = new Server(succeed);
server.start();
url = URIBuilder.newBuilder()
.scheme("http")
.loopback()
.port(server.port())
.path("/xxyyzz")
.toURL();
}
@AfterTest
public void teardown() throws Exception {
server.close();
server.join();
}
}