#23507 Security tests fixed + removed old soteria tests and other dea…

…d tests

appserver/tests/appserv-tests/devtests/security/build.xml

@@ -47,7 +47,6 @@
         <ant dir="authConf" target="all"/>
         <ant dir="negativeRealmPerApp" target="all"/>
         <ant dir="realmPerApp" target="all"/>
-        <ant dir="soteria" target="all"/>
 <!--    <ant dir="weblogic-dd" target="all"/>-->                <!-- DISABLED: Failures -->
         <ant dir="sful" target="all"/>
         <ant dir="userWithAtSymbol" target="all"/>
@@ -88,15 +87,6 @@
         <ant dir="realmPerApp" target="all"/>
         <ant dir="sful" target="all"/>
     </target>
-    <target name="soteria">
-      <delete>
-         <fileset dir="${env.APS_HOME}" includes="test_results*, security-gtest-results.xml"/>
-      </delete>
-      <record name="soteria.output" action="start" />
-      <ant dir="soteria" target="all"/>
-      <record name="soteria.output" action="stop" />
-      <antcall target="report"/>
-    </target>
 
    <target name="usage">
         <echo>

appserver/tests/appserv-tests/devtests/security/ciphertest/build.xml

@@ -162,42 +162,7 @@
 
      <property name="https.1.port" value="1${https.port}" />
      <property name="https.2.port" value="2${https.port}" />
-
-<!-- JDK 8 u172 - 3DES cipher suites disabled
      <antcall target="cipher-test">
-        <param name="should-pass-cipher" value="SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
-        <param name="enable-cipher"      value="SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
-        <param name="https.port"         value="${https.2.port}"/>
-      </antcall>
--->
-
-<!-- Disable failing test cases (use of -Dsun.security.ssl.allowUnsafeRenegotiation=true has no impact)
-      <antcall target="cipher-test">
-        <param name="should-pass-cipher" value="SSL_RSA_WITH_DES_CBC_SHA"/>
-        <param name="enable-cipher"      value="SSL_RSA_WITH_DES_CBC_SHA"/>
-        <param name="https.port"         value="${https.2.port}"/>
-      </antcall>
-
-      <antcall target="cipher-test">
-        <param name="should-pass-cipher" value="SSL_RSA_EXPORT_WITH_RC4_40_MD5"/>
-        <param name="enable-cipher"      value="SSL_RSA_EXPORT_WITH_RC4_40_MD5"/>
-        <param name="https.port"         value="${https.2.port}"/>
-      </antcall>
--->
-
-      <antcall target="cipher-test">
-        <param name="should-pass-cipher" value="SSL_RSA_WITH_NULL_MD5"/>
-        <param name="enable-cipher"      value="SSL_RSA_WITH_NULL_MD5"/>
-        <param name="https.port"         value="${https.2.port}"/>
-      </antcall>
-
-      <antcall target="cipher-test">
-        <param name="should-pass-cipher" value="SSL_RSA_WITH_NULL_SHA"/>
-        <param name="enable-cipher"      value="SSL_RSA_WITH_NULL_SHA"/>
-        <param name="https.port"         value="${https.2.port}"/>
-      </antcall>
-
-      <antcall target="cipher-test">
         <param name="should-pass-cipher" value=""/>
         <param name="enable-cipher"      value="SSL_RSA_WITH_RC4_128_MD5"/>
         <param name="https.port"         value="${https.2.port}"/>

appserver/tests/appserv-tests/devtests/security/common.xml

@@ -166,7 +166,10 @@
 
 <target name="generate-jks-key" depends="init-common">
     <exec executable="${java.home}/bin/keytool" failonerror="true">
-        <arg line="-genkey -alias ssltest -dname"/>
+        <arg line="-genkey -alias ssltest"/>
+        <arg value="-keyalg" />
+        <arg value="RSA" />
+        <arg value="-dname" />
         <arg value="CN=SSLTest, OU=Sun Java System Application Server, O=Sun Microsystems, L=Santa Clara, ST=California, C=US"/>
         <arg value="-validity"/>
         <arg value="3650"/>
@@ -387,12 +390,14 @@
 
 <target name="wsgen" depends="init-common,setJAXWSToolsForWin,setJAXWSToolsForUnix">
     <exec executable="${WSGEN}" failonerror="true" >
+        <env key="AS_JAVA" value="${env.JAVA_HOME}" />
         <arg line="${wsgen.args}" />
     </exec>
 </target>
 
 <target name="wsimport" depends="init-common,setJAXWSToolsForWin,setJAXWSToolsForUnix">
     <exec executable="${WSIMPORT}" failonerror="true" >
+        <env key="AS_JAVA" value="${env.JAVA_HOME}" />
         <env key="WSIMPORT_OPTS" value="${wsimport.VMARGS}"/>
         <arg line="${wsimport.args}" />
     </exec>

appserver/tests/appserv-tests/devtests/security/container-auth/build.xml

@@ -58,22 +58,17 @@
    </target>
 
     <target name="runaccxml" depends="init-common">
-<!--TODO uncomment later-->
-            <java classname="AuthConfigTest" fork="yes">
+        <java classname="AuthConfigTest" fork="yes">
         <classpath>
                 <pathelement path="${env.S1AS_HOME}/lib/appserv-rt.jar:${build.classes.dir}"/>
-                <pathelement path="${env.S1AS_HOME}/lib/appserv-admin.jar"/>
-                <pathelement path="${env.S1AS_HOME}/lib/j2ee.jar"/>
-                <pathelement path="${env.S1AS_HOME}/lib/jmac-api.jar"/>
+                <pathelement path="${env.S1AS_HOME}/lib/javaee.jar"/>
                 <pathelement path="${env.S1AS_HOME}/lib/dtds"/>
                 <pathelement path="${env.S1AS_HOME}/lib/schemas"/>
                 <pathelement path="${env.APS_HOME}/lib/reporter.jar"/>
         </classpath>
         <arg value="xml-parse" />
         <sysproperty key="java.security.debug" value="configfile,configxmlparser"/>
-        <sysproperty key="sun-acc.xml.url" value="${env.APS_HOME}/devtests/security/container-auth/testConfig/sun-acc.xml"/>
-        <!--<jvmarg value="-Xdebug" />
-        <jvmarg value="-Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8008"/>-->
+        <sysproperty key="glassfish-acc.xml.url" value="${env.APS_HOME}/devtests/security/container-auth/testConfig/glassfish-acc.xml"/>
         </java>
     </target>
      <target name="usage">

appserver/tests/appserv-tests/devtests/security/container-auth/jauth/AuthConfigTest.java

@@ -34,7 +34,7 @@
  *
  * 2. sun-acc.xml test:
  *
- *    %java -Dsun-acc.xml.url=sun-acc.xml
+ *    %java -Dglassfish-acc.xml.url=sun-acc.xml
  *        -Djava.security.debug=configfile,configxmlparser
  *        -classpath .:classes:config-api.jar:appserv-commons.jar:schema2beans.jar
  *        AuthConfigTest xml-parse

appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/sun-acc.xml → appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/glassfish-acc.xml

@@ -48,24 +48,4 @@
                 <response-policy auth-source="content" auth-recipient="after-content"></response-policy>
           </provider-config>
         </message-security-config>
-
-
-<!-- not supported yet
-
-
-        <message-security-config auth-layer="HTTP" default-provider="app8">
-          </provider-config>
-          <provider-config provider-id="app8" provider-type="server" class-name="ServerModule1">
-          </provider-config>
-          <provider-config provider-id="app9" provider-type="server" class-name="ServerModule1">
-        </message-security-config>
-
-
-        <message-security-config auth-layer="EJB" default-provider="app10">
-          </provider-config>
-          <provider-config provider-id="app10" provider-type="server" class-name="ServerModule1">
-        </message-security-config>
-
--->
-
 </client-container>

appserver/tests/appserv-tests/devtests/security/ejb-mutual-ssl/client/ConverterClient.java

@@ -119,7 +119,7 @@ private void run(String[] args) {
                 // Create Home object
                 obj = context.lookup(jndiName);
             }
-            String mys = "CN=SSLTest, OU=Sun Java System Application Server, O=Sun Microsystems, L=Santa Clara, ST=California, C=US";
+            String mys = "CN=SSLTest,OU=Sun Java System Application Server,O=Sun Microsystems,L=Santa Clara,ST=California,C=US";
             System.out.println("Certname in appclication-client ->"+mys);
             ConverterRemoteHome home =
                (ConverterRemoteHome) PortableRemoteObject.narrow(obj,

appserver/tests/appserv-tests/devtests/security/jaccApi/build.xml

@@ -61,7 +61,7 @@
       <ant dir="prog-auth" target="all"/>
     </target>
     <target name="run-test" depends="init-common">
-        <java classname="javax.security.jacc.Test" fork="yes"
+        <java classname="jakarta.security.jacc.Test" fork="yes"
             classpath="${s1astest.classpath}"/>
     </target>
 
@@ -71,15 +71,15 @@
         <property name="PFL" value="-Djava.security.policy=${basedir}/config/java.policy"/>
         <property name="PFL2" value="-Djava.security.policy=${basedir}/config/java.policy2"/>
 
-        <java classname="javax.security.jacc.TestPCF" fork="yes"
+        <java classname="jakarta.security.jacc.TestPCF" fork="yes"
             classpath="${s1astest.classpath}">
             <jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
             <jvmarg value="${PFL2}"/>
             <arg value="true"/>
             <arg value="java.lang.ClassNotFoundException"/>
         </java>
 
-        <java classname="javax.security.jacc.TestPCF" fork="yes"
+        <java classname="jakarta.security.jacc.TestPCF" fork="yes"
             classpath="${s1astest.classpath}">
             <jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
             <jvmarg value="${NOTPCF}"/>
@@ -88,16 +88,16 @@
             <arg value="java.lang.ClassCastException"/>
         </java>
 
-        <java classname="javax.security.jacc.TestPCF" fork="yes"
+        <java classname="jakarta.security.jacc.TestPCF" fork="yes"
             classpath="${s1astest.classpath}">
             <jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
             <jvmarg value="${ISPCF}"/>
             <jvmarg value="${PFL2}"/>
             <arg value="true"/>
-            <arg value="javax.security.jacc.PolicyContextException"/>
+            <arg value="jakarta.security.jacc.PolicyContextException"/>
         </java>
 
-        <java classname="javax.security.jacc.TestPCF" fork="yes"
+        <java classname="jakarta.security.jacc.TestPCF" fork="yes"
             classpath="${s1astest.classpath}">
             <jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
             <jvmarg value="${NOTPCF}"/>
@@ -106,7 +106,7 @@
             <arg value="java.lang.ClassCastException"/>
         </java>
 
-        <java classname="javax.security.jacc.TestPCF" fork="yes"
+        <java classname="jakarta.security.jacc.TestPCF" fork="yes"
             classpath="${s1astest.classpath}">
             <jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
             <jvmarg value="${ISPCF}"/>
@@ -116,21 +116,21 @@
     </target>
 
     <target name="run-ejbtests" depends="init-common">
-        <java classname="javax.security.jacc.TestEJBPerms" fork="yes"
+        <java classname="jakarta.security.jacc.TestEJBPerms" fork="yes"
             classpath="${s1astest.classpath}">
             <jvmarg value="-Ddebug=${debug}"/>
         </java>
     </target>
 
     <target name="run-urltests" depends="init-common">
-        <java classname="javax.security.jacc.TestURLPattern" fork="yes"
+        <java classname="jakarta.security.jacc.TestURLPattern" fork="yes"
             classpath="${s1astest.classpath}"/>
-        <java classname="javax.security.jacc.TestURLPatternSpec" fork="yes"
+        <java classname="jakarta.security.jacc.TestURLPatternSpec" fork="yes"
             classpath="${s1astest.classpath}"/>
     </target>
 
     <target name="run-webtests" depends="init-common">
-        <java classname="javax.security.jacc.TestWebPerms" fork="yes"
+        <java classname="jakarta.security.jacc.TestWebPerms" fork="yes"
             classpath="${s1astest.classpath}">
             <jvmarg value="-Ddebug=${debug}"/>
         </java>

appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/build.xml

@@ -39,6 +39,7 @@
     <target name="all" depends="runMaven"/>
     <target name="runMaven">
       <artifact:mvn mavenHome="${env.M2_HOME}" fork="true">
+        <jvmarg value="-Dglassfish.version=${env.GF_VERSION}" />
         <jvmarg value="-Dmaven.multiModuleProjectDirectory"/>
         <jvmarg value="-Dmaven.javadoc.skip=true" />
         <arg value="clean"/>

appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/common/src/main/java/org/glassfish/jaccApi/common/ArquillianBase.java

@@ -31,25 +31,16 @@
 import org.jboss.shrinkwrap.api.Archive;
 import org.jboss.shrinkwrap.api.spec.EnterpriseArchive;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.jboss.shrinkwrap.api.importer.ZipImporter;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.rules.TestWatcher;
 import org.junit.runner.Description;
-import static org.jboss.shrinkwrap.api.ShrinkWrap.create;
-
-import java.io.File;
-
-import org.jboss.shrinkwrap.api.importer.ZipImporter;
-import org.jboss.shrinkwrap.api.spec.WebArchive;
 
 import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
 import com.gargoylesoftware.htmlunit.WebClient;
 
-/**
- *
- *
- */
 public class ArquillianBase {
 
     private static final String WEBAPP_SRC = "src/main/webapp";

appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/pom.xml

@@ -21,15 +21,16 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.glassfish.jaccApi.test</groupId>
     <artifactId>prog-auth</artifactId>
-    <version>6.2.6-SNAPSHOT</version>
     <packaging>pom</packaging>
 
+    <parent>
+        <groupId>org.glassfish.main.tests</groupId>
+        <artifactId>ant-tests</artifactId>
+        <version>6.2.6-SNAPSHOT</version>
+        <relativePath>../../../..</relativePath>
+    </parent>
+
     <name>Programmatic authentication with Jakarta Authorization api</name>
-    <properties>
-        <glassfish.version>5.0</glassfish.version>
-        <maven.compiler.source>11</maven.compiler.source>
-        <maven.compiler.target>11</maven.compiler.target>
-    </properties>
 
     <modules>
         <module>common</module>
@@ -40,7 +41,7 @@
             <dependency>
                 <groupId>org.jboss.arquillian</groupId>
                 <artifactId>arquillian-bom</artifactId>
-                <version>1.3.0.Final</version>
+                <version>1.6.0.Final</version>
                 <scope>import</scope>
                 <type>pom</type>
             </dependency>
@@ -64,13 +65,13 @@
         <dependency>
             <groupId>net.sourceforge.htmlunit</groupId>
             <artifactId>htmlunit</artifactId>
-            <version>2.29</version>
+            <version>2.58.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>javax</groupId>
-            <artifactId>javaee-api</artifactId>
-            <version>7.0</version>
+            <groupId>jakarta.platform</groupId>
+            <artifactId>jakarta.jakartaee-api</artifactId>
+            <version>9.1.0</version>
             <scope>provided</scope>
         </dependency>
         <dependency>
@@ -92,7 +93,6 @@
         <plugins>
            <plugin>
               <artifactId>maven-failsafe-plugin</artifactId>
-              <version>2.20</version>
               <executions>
                 <execution>
                   <goals>

appserver/tests/appserv-tests/devtests/security/jaccmr8/client/Client.java

@@ -18,6 +18,7 @@
 
 import java.net.*;
 import java.io.*;
+import java.util.Base64;
 import java.util.Enumeration;
 import java.util.Hashtable;
 
@@ -442,15 +443,14 @@ private int invokeServlet(String url, Hashtable contentHash, String user, String
                 if ((user != null) && (user.length() > 0)) {
                         // Add BASIC header for authentication
                         String auth =  user + ":" + password;
-                        String authEncoded = new sun.misc.BASE64Encoder().encode(auth.getBytes());
+                        String authEncoded = Base64.getEncoder().encodeToString(auth.getBytes());
                         c1.setRequestProperty("Authorization", "Basic " + authEncoded);
                 }
                 c1.setDoOutput(true);
                 c1.setUseCaches(false);
 
                 // get the output stream to POST to.
-                DataOutputStream out;
-                out = new DataOutputStream(c1.getOutputStream());
+                DataOutputStream out = new DataOutputStream(c1.getOutputStream());
                 String content = "";
 
                 // Create a single String value to be POSTED from the parameters passed