Bug 6220 - create unit test for JKS credential
: create unit test for JKS credential
Status: RESOLVED FIXED
: GridShib
SAML/Binding Tools
: 0.5
: All All
: P3 normal
: beta
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2008-07-15 10:52 by
Modified: 2008-07-15 13:33 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2008-07-15 10:52:32
Create a unit test for the following method:

GSIUtil.createCredential(File, char[], String, char[])

Rachana has provided a patch for Bug 4933 and Bug 6029 (which are mostly
duplicate bugs).  The unit test should test the above method and simultaneously
validate the patch.
------- Comment #1 From 2008-07-15 12:07:04 -------
Resurrected target "create-keystore" in the GS-ST build file (see Bug 5263). 
Added method testCreateCredential() to GSIUtilTest.  This new test loads an
issuing credential from a Java KeyStore and then attempts to issue an
X.509-bound SAML token using method

GSIUtil.createCredential(GlobusCredential, X509ExtensionSet, int)

This method fails due to an implemented workaround to Bug 5261.  I commented
out this workaround, and also commented out the workaround to Bug 4933 in the
above method, and the original bug returned:

java.lang.ClassCastException: sun.security.x509.X500Name
at
org.globus.gsi.bc.BouncyCastleCertProcessingFactory.createProxyCertificate(BouncyCastleCertProcessingFactory.java:602)
at
org.globus.gsi.bc.BouncyCastleCertProcessingFactory.createCredential(BouncyCastleCertProcessingFactory.java:278)
at org.globus.gridshib.security.util.GSIUtil.createCredential(GSIUtil.java:410)
at org.globus.gridshib.security.util.GSIUtil.bindAssertion(GSIUtil.java:206)
at org.globus.gridshib.security.util.GSIUtil.bindAssertion(GSIUtil.java:170)
at
org.globus.gridshib.security.saml.SelfIssuedAssertion.bindToX509Proxy(SelfIssuedAssertion.java:308)
at
org.globus.gridshib.security.x509.GlobusSAMLCredential.issue(GlobusSAMLCredential.java:1022)
at
org.globus.gridshib.security.x509.GlobusSAMLCredential.issue(GlobusSAMLCredential.java:971)
at
org.globus.gridshib.security.util.GSIUtilTest.testCreateCredential(GSIUtilTest.java:109)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

I then replaced the old jglobus JAR in GS-ST with the patched JAR obtained from
Rachana and the exception went away.  This confirms that Rachana's patch is
working.
------- Comment #2 From 2008-07-15 12:11:18 -------
I committed the new test and the updated build file to CVS HEAD, so the test
will be distributed with GS-ST v0.5.0.  However, I will leave this bug open
until the test is sufficiently generalized.  In particular, specific details
regarding the KeyStore are hardcoded in the source, which needs to be fixed.
------- Comment #3 From 2008-07-15 13:33:49 -------
Add the KeyStore properties to the build.properties file and the bootstrap
properties file.  Load the KeyStore properties in the BootstrapConfigLoader. 
Expose the KeyStore properties in public methods.  Invoke these methods in
GSIUtilTest.

Committed all resources to CVS HEAD.  This new feature will appear in GS-ST
v0.5.0.