public static void provisionPasswordsToCredentialProvider() throws Exception { File testDir = new File(System.getProperty("test.build.data", "target/test-dir")); Configuration conf = new Configuration(); final Path jksPath = new Path(testDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(testDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] keypass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; char[] storepass = {'s', 't', 'o', 'r', 'e', 'p', 'a', 's', 's'}; // create new aliases try { provider.createCredentialEntry( FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_KEYSTORE_PASSWORD_TPL_KEY), storepass); provider.createCredentialEntry( FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_KEYSTORE_KEYPASSWORD_TPL_KEY), keypass); // write out so that it can be found in checks provider.flush(); } catch (Exception e) { e.printStackTrace(); throw e; } }
@BeforeClass public void setUp() throws Exception { jksPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + jksPath.toUri(); setupCredentials(); final PropertiesConfiguration configuration = getSSLConfiguration(providerUrl); String persistDir = writeConfiguration(configuration); persistSSLClientConfiguration(configuration); originalConf = System.getProperty("atlas.conf"); System.setProperty("atlas.conf", persistDir); originalHomeDir = System.getProperty("atlas.home"); System.setProperty("atlas.home", TestUtils.getTargetDirectory()); atlasClient = new AtlasClient(configuration, new String[]{DGI_URL},new String[]{"admin","admin"}); secureEmbeddedServer = new TestSecureEmbeddedServer(21443, getWarPath()) { @Override public org.apache.commons.configuration.Configuration getConfiguration() { return configuration; } }; secureEmbeddedServer.getServer().start(); }
/** * Mangle given local java keystore file URI to allow use as a * LocalJavaKeyStoreProvider. * @param localFile absolute URI with file scheme and no authority component. * i.e. return of File.toURI, * e.g. file:///home/larry/creds.jceks * @return URI of the form localjceks://file/home/larry/creds.jceks * @throws IllegalArgumentException if localFile isn't not a file uri or if it * has an authority component. * @throws URISyntaxException if the wrapping process violates RFC 2396 */ public static URI nestURIForLocalJavaKeyStoreProvider(final URI localFile) throws URISyntaxException { if (!("file".equals(localFile.getScheme()))) { throw new IllegalArgumentException("passed URI had a scheme other than " + "file."); } if (localFile.getAuthority() != null) { throw new IllegalArgumentException("passed URI must not have an " + "authority component. For non-local keystores, please use " + JavaKeyStoreProvider.class.getName()); } return new URI(LocalJavaKeyStoreProvider.SCHEME_NAME, "//file" + localFile.getSchemeSpecificPart(), localFile.getFragment()); }
@Test public void testConfGetPassword() throws Exception { File testDir = new File(System.getProperty("test.build.data", "target/test-dir")); Configuration conf = new Configuration(); final Path jksPath = new Path(testDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(testDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] bindpass = {'b', 'i', 'n', 'd', 'p', 'a', 's', 's'}; char[] storepass = {'s', 't', 'o', 'r', 'e', 'p', 'a', 's', 's'}; // ensure that we get nulls when the key isn't there assertEquals(null, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry (LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY)); // create new aliases try { provider.createCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY, bindpass); provider.createCredentialEntry( LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY, storepass); provider.flush(); } catch (Exception e) { e.printStackTrace(); throw e; } // make sure we get back the right key assertArrayEquals(bindpass, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY).getCredential()); LdapGroupsMapping mapping = new LdapGroupsMapping(); Assert.assertEquals("bindpass", mapping.getPassword(conf, LdapGroupsMapping.BIND_PASSWORD_KEY, "")); Assert.assertEquals("storepass", mapping.getPassword(conf, LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY, "")); // let's make sure that a password that doesn't exist returns an // empty string as currently expected and used to trigger a call to // extract password Assert.assertEquals("", mapping.getPassword(conf,"invalid-alias", "")); }
protected Configuration provisionCredentialsForSSL() throws IOException, Exception { File testDir = new File(System.getProperty("test.build.data", "target/test-dir")); Configuration conf = new Configuration(); final Path jksPath = new Path(testDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(testDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] keypass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; char[] storepass = {'s', 't', 'o', 'r', 'e', 'p', 'a', 's', 's'}; char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'}; // ensure that we get nulls when the key isn't there assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY)); // create new aliases try { provider.createCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY, keypass); provider.createCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY, storepass); provider.createCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY, trustpass); // write out so that it can be found in checks provider.flush(); } catch (Exception e) { e.printStackTrace(); throw e; } // make sure we get back the right key directly from api assertArrayEquals(keypass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY).getCredential()); assertArrayEquals(trustpass, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY).getCredential()); return conf; }
@Test public void testGetPassword() throws Exception { File testDir = new File(System.getProperty("test.build.data", "target/test-dir")); Configuration conf = new Configuration(); final Path jksPath = new Path(testDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(testDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] keypass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; char[] storepass = {'s', 't', 'o', 'r', 'e', 'p', 'a', 's', 's'}; char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'}; // ensure that we get nulls when the key isn't there assertEquals(null, provider.getCredentialEntry( DFS_SERVER_HTTPS_KEYPASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( DFS_SERVER_HTTPS_KEYSTORE_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( DFS_SERVER_HTTPS_TRUSTSTORE_PASSWORD_KEY)); // create new aliases try { provider.createCredentialEntry( DFS_SERVER_HTTPS_KEYPASSWORD_KEY, keypass); provider.createCredentialEntry( DFS_SERVER_HTTPS_KEYSTORE_PASSWORD_KEY, storepass); provider.createCredentialEntry( DFS_SERVER_HTTPS_TRUSTSTORE_PASSWORD_KEY, trustpass); // write out so that it can be found in checks provider.flush(); } catch (Exception e) { e.printStackTrace(); throw e; } // make sure we get back the right key directly from api assertArrayEquals(keypass, provider.getCredentialEntry( DFS_SERVER_HTTPS_KEYPASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( DFS_SERVER_HTTPS_KEYSTORE_PASSWORD_KEY).getCredential()); assertArrayEquals(trustpass, provider.getCredentialEntry( DFS_SERVER_HTTPS_TRUSTSTORE_PASSWORD_KEY).getCredential()); // use WebAppUtils as would be used by loadSslConfiguration Assert.assertEquals("keypass", DFSUtil.getPassword(conf, DFS_SERVER_HTTPS_KEYPASSWORD_KEY)); Assert.assertEquals("storepass", DFSUtil.getPassword(conf, DFS_SERVER_HTTPS_KEYSTORE_PASSWORD_KEY)); Assert.assertEquals("trustpass", DFSUtil.getPassword(conf, DFS_SERVER_HTTPS_TRUSTSTORE_PASSWORD_KEY)); // let's make sure that a password that doesn't exist returns null Assert.assertEquals(null, DFSUtil.getPassword(conf,"invalid-alias")); }
@BeforeMethod public void setup() throws Exception { jksPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + jksPath.toUri(); String baseUrl = String.format("https://localhost:%d/", securePort); DefaultClientConfig config = new DefaultClientConfig(); Client client = Client.create(config); client.resource(UriBuilder.fromUri(baseUrl).build()); service = client.resource(UriBuilder.fromUri(baseUrl).build()); }
public static void provisionPasswordsToCredentialProvider() throws Exception { File testDir = GenericTestUtils.getTestDir(); Configuration conf = new Configuration(); final Path jksPath = new Path(testDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(testDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] keypass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; char[] storepass = {'s', 't', 'o', 'r', 'e', 'p', 'a', 's', 's'}; // create new aliases try { provider.createCredentialEntry( FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_KEYSTORE_PASSWORD_TPL_KEY), storepass); provider.createCredentialEntry( FileBasedKeyStoresFactory.resolvePropertyName(SSLFactory.Mode.SERVER, FileBasedKeyStoresFactory.SSL_KEYSTORE_KEYPASSWORD_TPL_KEY), keypass); // write out so that it can be found in checks provider.flush(); } catch (Exception e) { e.printStackTrace(); throw e; } }
@Test public void testEnterValidValues() throws Exception { Path testPath = null; try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return JavaKeyStoreProvider.SCHEME_NAME + "://file/" + finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { return defaultPass; } }; CredentialProviderUtility.main(new String[]{}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); CredentialProvider.CredentialEntry entry = provider.getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry); }
@Test public void testEnterEmptyValues() throws Exception { Path testPath = null; try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { private Random random = new Random(); @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return JavaKeyStoreProvider.SCHEME_NAME + "://file/" + finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { List<char[]> responses = new ArrayList<>(); responses.add(new char[0]); responses.add(defaultPass); int size = responses.size(); int item = random.nextInt(size); return responses.get(item); } }; CredentialProviderUtility.main(new String[]{}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); CredentialProvider.CredentialEntry entry = provider.getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry); }
@Test public void testEnterMismatchedValues() throws Exception { Path testPath = null; try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { int i = 0; @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return JavaKeyStoreProvider.SCHEME_NAME + "://file/" + finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { List<char[]> responses = new ArrayList<>(); responses.add(defaultPass); responses.add(new char[]{'b', 'a', 'd', 'p', 'a', 's', 's'}); responses.add(defaultPass); int item = i % 3; i++; return responses.get(item); } }; CredentialProviderUtility.main(new String[]{}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); CredentialProvider.CredentialEntry entry = provider.getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry); }
@Test public void testOverwriteValues() throws Exception { Path testPath = null; try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return JavaKeyStoreProvider.SCHEME_NAME + "://file/" + finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { return defaultPass; } }; CredentialProviderUtility.main(new String[]{}); // now attempt to overwrite values CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { int i = 0; @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return i++ == 0 ? JavaKeyStoreProvider.SCHEME_NAME + "://file/" + finalTestPath.toString() : "y"; } @Override public char[] readPassword(String fmt, Object... args) { return new char[]{'n', 'e', 'w', 'p', 'a', 's', 's'}; } }; CredentialProviderUtility.main(new String[]{}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] newpass = "newpass".toCharArray(); CredentialProvider.CredentialEntry entry = provider.getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry, newpass); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry, newpass); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry, newpass); }
/** * Checks that SSLFactory initialization is successful with the given * arguments. This is a helper method for writing test cases that cover * different combinations of settings for the store password and key password. * It takes care of bootstrapping a keystore, a truststore, and SSL client or * server configuration. Then, it initializes an SSLFactory. If no exception * is thrown, then initialization was successful. * * @param mode SSLFactory.Mode mode to test * @param password String store password to set on keystore * @param keyPassword String key password to set on keystore * @param confPassword String store password to set in SSL config file, or null * to avoid setting in SSL config file * @param confKeyPassword String key password to set in SSL config file, or * null to avoid setting in SSL config file * @param useCredProvider boolean to indicate whether passwords should be set * into the config or not. When set to true nulls are set and aliases are * expected to be resolved through credential provider API through the * Configuration.getPassword method * @throws Exception for any error */ private void checkSSLFactoryInitWithPasswords(SSLFactory.Mode mode, String password, String keyPassword, String confPassword, String confKeyPassword, boolean useCredProvider) throws Exception { String keystore = new File(KEYSTORES_DIR, "keystore.jks").getAbsolutePath(); String truststore = new File(KEYSTORES_DIR, "truststore.jks") .getAbsolutePath(); String trustPassword = "trustP"; // Create keys, certs, keystore, and truststore. KeyPair keyPair = KeyStoreTestUtil.generateKeyPair("RSA"); X509Certificate cert = KeyStoreTestUtil.generateCertificate("CN=Test", keyPair, 30, "SHA1withRSA"); KeyStoreTestUtil.createKeyStore(keystore, password, keyPassword, "Test", keyPair.getPrivate(), cert); Map<String, X509Certificate> certs = Collections.singletonMap("server", cert); KeyStoreTestUtil.createTrustStore(truststore, trustPassword, certs); // Create SSL configuration file, for either server or client. final String sslConfFileName; final Configuration sslConf; // if the passwords are provisioned in a cred provider then don't set them // in the configuration properly - expect them to be resolved through the // provider if (useCredProvider) { confPassword = null; confKeyPassword = null; } if (mode == SSLFactory.Mode.SERVER) { sslConfFileName = "ssl-server.xml"; sslConf = KeyStoreTestUtil.createServerSSLConfig(keystore, confPassword, confKeyPassword, truststore); if (useCredProvider) { File testDir = GenericTestUtils.getTestDir(); final Path jksPath = new Path(testDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); sslConf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); } } else { sslConfFileName = "ssl-client.xml"; sslConf = KeyStoreTestUtil.createClientSSLConfig(keystore, confPassword, confKeyPassword, truststore); } KeyStoreTestUtil.saveConfig(new File(sslConfsDir, sslConfFileName), sslConf); // Create the master configuration for use by the SSLFactory, which by // default refers to the ssl-server.xml or ssl-client.xml created above. Configuration conf = new Configuration(); conf.setBoolean(SSLFactory.SSL_REQUIRE_CLIENT_CERT_KEY, true); // Try initializing an SSLFactory. SSLFactory sslFactory = new SSLFactory(mode, conf); try { sslFactory.init(); } finally { sslFactory.destroy(); } }
@Test public void testConfGetPassword() throws Exception { File testDir = GenericTestUtils.getTestDir(); Configuration conf = new Configuration(); final Path jksPath = new Path(testDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(testDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] bindpass = {'b', 'i', 'n', 'd', 'p', 'a', 's', 's'}; char[] storepass = {'s', 't', 'o', 'r', 'e', 'p', 'a', 's', 's'}; // ensure that we get nulls when the key isn't there assertEquals(null, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry (LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY)); // create new aliases try { provider.createCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY, bindpass); provider.createCredentialEntry( LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY, storepass); provider.flush(); } catch (Exception e) { e.printStackTrace(); throw e; } // make sure we get back the right key assertArrayEquals(bindpass, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY).getCredential()); LdapGroupsMapping mapping = new LdapGroupsMapping(); Assert.assertEquals("bindpass", mapping.getPassword(conf, LdapGroupsMapping.BIND_PASSWORD_KEY, "")); Assert.assertEquals("storepass", mapping.getPassword(conf, LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY, "")); // let's make sure that a password that doesn't exist returns an // empty string as currently expected and used to trigger a call to // extract password Assert.assertEquals("", mapping.getPassword(conf,"invalid-alias", "")); }
