Commit fafb134e authored by Yadd's avatar Yadd
Browse files

Add Kerberos test (#707)

parent 537d41a2
......@@ -126,6 +126,7 @@ README
REST-API.md
site/coffee/confirm.coffee
site/coffee/info.coffee
site/coffee/kerberos.coffee
site/coffee/oidcchecksession.coffee
site/coffee/portal.coffee
site/coffee/registerbrowser.coffee
......@@ -212,6 +213,8 @@ site/htdocs/static/common/js/confirm.js
site/htdocs/static/common/js/confirm.min.js
site/htdocs/static/common/js/info.js
site/htdocs/static/common/js/info.min.js
site/htdocs/static/common/js/kerberos.js
site/htdocs/static/common/js/kerberos.min.js
site/htdocs/static/common/js/oidcchecksession.js
site/htdocs/static/common/js/oidcchecksession.min.js
site/htdocs/static/common/js/portal.js
......@@ -289,6 +292,7 @@ t/21-Auth-LDAP-utf8.t
t/22-Auth-and-password-AD.t
t/23-Auth-and-password-REST.t
t/24-AuthApache.t
t/24-AuthKerberos.t
t/25-AuthSlave.t
t/26-AuthRemote.t
t/27-AuthProxy.t
......
......@@ -23,7 +23,7 @@ has keytab => ( is => 'rw' );
sub init {
my ($self) = @_;
my $file;
unless ( $file = $self->conf->{krbKeyTab} ) {
unless ( $file = $self->conf->{krbKeytab} ) {
$self->error('Keytab not defined');
return 0;
}
......
use Test::More;
use strict;
BEGIN {
require 't/test-lib.pm';
eval "use GSSAPI";
}
my $maintests = 8;
my $debug = 'error';
SKIP: {
eval "require GSSAPI";
if ($@) {
skip 'GSSAPI not found', $maintests;
}
my $client = LLNG::Manager::Test->new(
{
ini => {
logLevel => $debug,
useSafeJail => 1,
authentication => 'Kerberos',
userDB => 'Null',
krbKeytab => '/etc/keytab',
}
}
);
my $res;
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Simple access' );
ok( $res->[0] == 401, 'Get 401' ) or explain( $res->[0], 401 );
ok( getHeader( $res, 'WWW-Authenticate' ) eq 'Negotiate',
'Get negotiate header' )
or explain( $res->[1], 'WWW-Authenticate => Negotiate' );
$client = LLNG::Manager::Test->new(
{
ini => {
logLevel => $debug,
useSafeJail => 1,
authentication => 'Kerberos',
userDB => 'Null',
krbKeytab => '/etc/keytab',
krbByJs => 1,
krbAuthnLevel => 4,
}
}
);
ok( $res = $client->_get( '/', accept => 'text/html' ),
'First access with JS' );
expectForm( $res, '#', undef, 'kerberos' );
ok( $res->[2]->[0] =~ /kerberos\.(?:min\.)?js/, 'Get Kerberos javascript' );
ok(
$res = $client->_get(
'/',
query => 'kerberos=1',
accept => 'application/json'
),
'Ajax access'
);
ok( $res->[0] == 401, 'Get 401' ) or explain( $res->[0], 401 );
ok(
$res = $client->_get(
'/',
query => 'kerberos=1',
accept => 'application/json',
custom => { HTTP_AUTHORIZATION => 'Negotiate c29tZXRoaW5n' }
),
'Push fake kerberos'
);
expectCookie($res);
#print STDERR Dumper($res);
}
count($maintests);
clean_sessions();
done_testing( count() );
# Redefine GSSAPI method for test
no warnings 'redefine';
sub GSSAPI::Context::accept ($$$$$$$$$$) {
my $a = \@_;
$a->[4] = bless {}, 'LLNG::GSSR';
return 1;
}
package LLNG::GSSR;
sub display {
my $a = \@_;
$a->[1] = 'dwho';
return 1;
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment