[ELY-2559] Update CredentialStoreSaslAuthenticationTest

wildfly-security · May 25, 2023 · 6892d1b · 6892d1b
1 parent e6b17ea
commit 6892d1b
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/...src/test/java/org/wildfly/security/auth/client/CredentialStoreSaslAuthenticationTest.java b/...src/test/java/org/wildfly/security/auth/client/CredentialStoreSaslAuthenticationTest.java
@@ -20,6 +20,7 @@
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
 import java.io.File;
 import java.net.URI;
@@ -29,6 +30,7 @@
 import java.security.Security;
 import java.util.Arrays;
 import javax.security.sasl.SaslClient;
+import javax.security.sasl.SaslException;
 import javax.security.sasl.SaslServer;
 import org.junit.AfterClass;
 import org.junit.BeforeClass;
@@ -111,4 +113,31 @@ public void testSuccessfulSaslAuthenticationWithCredentialStore() throws Excepti
 
     }
 
+    @Test
+    public void testUnsuccessfulSaslAuthenticationWithCredentialStore() throws Exception {
+        SaslServer server = new SaslServerBuilder(PlainSaslServerFactory.class, PLAIN)
+                .setProviderSupplier(() -> providers)
+                .setUserName(USERNAME)
+                .setPassword((USERNAME + PASSWORD).toCharArray())
+                .build();
+
+        // Create SASL client from XML configuration file
+        // XML configuration file specifies PASSWORD instead of USERNAME + PASSWORD
+        // Server configuration is specified as USERNAME + PASSWORD to create a mismatch
+        AuthenticationContext context = AuthenticationContext.getContextManager().get();
+
+        AuthenticationContextConfigurationClient contextConfigurationClient = AccessController.doPrivileged(AuthenticationContextConfigurationClient.ACTION);
+        SaslClient client = contextConfigurationClient.createSaslClient(new URI(CREDENTIAL_CONFIG_FILE), context.authRules.getConfiguration(), Arrays.asList(new String[]{PLAIN}));
+
+        assertTrue(client.hasInitialResponse());
+        byte[] message = client.evaluateChallenge(new byte[0]);
+        assertEquals("\0"+USERNAME+"\0" + PASSWORD,new String(message, StandardCharsets.UTF_8));
+
+        try {
+            server.evaluateResponse(message);
+            fail("Expected exception but no exception thrown");
+        } catch (SaslException e) {
+            // ignored because an authentication exception is expected
+        }
+    }
 }