gdamour 2005/03/31 05:29:29
Modified: modules/core/src/test/org/openejb/server
ServiceAccessControllerTest.java
Log:
GERONIMO-620
o Support IPv6.
o Replace my own lame IP masking with a more IP centric implementation
using some of the xinetd syntax to qualify IP addresses.
Revision Changes Path
1.2 +74 -24
openejb/modules/core/src/test/org/openejb/server/ServiceAccessControllerTest.java
Index: ServiceAccessControllerTest.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/test/org/openejb/server/ServiceAccessControllerTest.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ServiceAccessControllerTest.java 26 Mar 2005 06:32:06 -0000 1.1
+++ ServiceAccessControllerTest.java 31 Mar 2005 10:29:28 -0000 1.2
@@ -54,38 +54,89 @@
public class ServiceAccessControllerTest extends TestCase {
- public void testWrongIPAddressMask1() throws Exception {
+ public void testWrongExactIPAddressPermission1() throws Exception {
try {
- new ServiceAccessController.IPAddressMask("127.0.0.a");
+
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.123.a");
fail();
} catch (IllegalArgumentException e) {
}
}
- public void testWrongIPAddressMask2() throws Exception {
+ public void testWrongExactIPAddressPermission2() throws Exception {
try {
- new ServiceAccessController.IPAddressMask("127.0.0.333");
+
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.123.256");
fail();
} catch (IllegalArgumentException e) {
}
}
- public void testIPAddressMaskOK() throws Exception {
- ServiceAccessController.IPAddressMask mask = new
ServiceAccessController.IPAddressMask("123.*.56.*");
- boolean match = mask.implies(InetAddress.getByAddress(new byte[]
{123, 123, 56, 123}));
- assertTrue(match);
+ public void testExactIPAddressPermission() throws Exception {
+ ServiceAccessController.IPAddressPermission permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.123.124");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, 124})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, 125})));
+ }
+
+ public void testWrongStartWithIPAddressPermission1() throws Exception {
+ try {
+
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.0.123.0");
+ fail();
+ } catch (IllegalArgumentException e) {
+ }
+ }
+
+ public void testStartWithIPAddressPermission() throws Exception {
+ ServiceAccessController.IPAddressPermission permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.0.0");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, 124})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{121, 123, 123, 124})));
+ }
+
+ public void testFactorizedIPAddressPermission() throws Exception {
+ ServiceAccessController.IPAddressPermission permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.123.{1,2,3}");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, 1})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, 2})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, 3})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, 4})));
+
+ permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.{1,2,3}");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 1, 1})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 2, 2})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 3, 3})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 4, 3})));
}
- public void testIPAddressMaskNOK() throws Exception {
- ServiceAccessController.IPAddressMask mask = new
ServiceAccessController.IPAddressMask("123.*.56.*");
- boolean match = mask.implies(InetAddress.getByAddress(new byte[]
{123, 123, 57, 123}));
- assertFalse(match);
+ public void testNetmaskIPAddressPermission() throws Exception {
+ ServiceAccessController.IPAddressPermission permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.123.254/31");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, (byte) 254})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, (byte) 255})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, (byte) 253})));
+
+ permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.123.254/255.255.255.254");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, (byte) 254})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, (byte) 255})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{121, 122, 123, (byte) 253})));
}
+ public void testExactIPv6AddressPermission() throws Exception {
+ ServiceAccessController.IPAddressPermission permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("101:102:103:104:105:106:107:108");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, 1, 8})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, 1, 9})));
+ }
+
+ public void testNetmaskIPv6AddressPermission() throws Exception {
+ ServiceAccessController.IPAddressPermission permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("101:102:103:104:105:106:107:FFFE/127");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, (byte) 255, (byte) 254})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, (byte) 255, (byte) 255})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, (byte) 255, (byte) 253})));
+
+ permission =
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("101:102:103:104:105:106:107:FFFE/FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFE");
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, (byte) 255, (byte) 254})));
+ assertTrue(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, (byte) 255, (byte) 255})));
+ assertFalse(permission.implies(InetAddress.getByAddress(new byte[]
{1, 1, 1, 2, 1, 3, 1, 4, 1, 5, 1, 6, 1, 7, (byte) 255, (byte) 253})));
+ }
+
public void testServiceOKWithConstructor() throws Exception {
- ServiceAccessController.IPAddressMask[] masks = new
ServiceAccessController.IPAddressMask[] {
- new ServiceAccessController.IPAddressMask("123.*.56.*"),
- new ServiceAccessController.IPAddressMask("123.*.57.*")
+ ServiceAccessController.IPAddressPermission[] masks = new
ServiceAccessController.IPAddressPermission[] {
+
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.{56,57}")
};
MockServerService mockServerService = new MockServerService();
@@ -95,9 +146,8 @@
}
public void testServiceNOK() throws Exception {
- ServiceAccessController.IPAddressMask[] masks = new
ServiceAccessController.IPAddressMask[] {
- new ServiceAccessController.IPAddressMask("123.*.56.*"),
- new ServiceAccessController.IPAddressMask("123.*.57.*")
+ ServiceAccessController.IPAddressPermission[] masks = new
ServiceAccessController.IPAddressPermission[] {
+
ServiceAccessController.IPAddressPermissionFactory.getIPAddressMask("121.122.{56,57}")
};
MockServerService mockServerService = new MockServerService();
@@ -108,7 +158,7 @@
public void testServiceOKWithInit() throws Exception {
Properties properties = new Properties();
- properties.put("only_from", "123.*.56.*,123.*.57.*");
+ properties.put("only_from", "121.122.{56,57}");
MockServerService mockServerService = new MockServerService();
ServiceAccessController controller = new
ServiceAccessController(mockServerService);
@@ -119,7 +169,7 @@
public void testServiceNOKWithInit() throws Exception {
Properties properties = new Properties();
- properties.put("only_from", "123.*.56.*,123.*.57.*");
+ properties.put("only_from", "121.122.{56,57}");
MockServerService mockServerService = new MockServerService();
ServiceAccessController controller = new
ServiceAccessController(mockServerService);
@@ -129,17 +179,17 @@
}
private void executeTestServiceOK(MockServerService mockServerService,
ServiceAccessController controller) throws UnknownHostException,
ServiceException, IOException {
- MockSocket mockSocket = new MockSocket(InetAddress.getByAddress(new
byte[] {123, 123, 56, 123}));
+ MockSocket mockSocket = new MockSocket(InetAddress.getByAddress(new
byte[] {121, 122, 56, 123}));
controller.service(mockSocket);
assertSame(mockSocket, mockServerService.socket);
- mockSocket = new MockSocket(InetAddress.getByAddress(new byte[]
{123, 123, 57, 123}));
+ mockSocket = new MockSocket(InetAddress.getByAddress(new byte[]
{121, 122, 57, 123}));
controller.service(mockSocket);
assertSame(mockSocket, mockServerService.socket);
}
private void executeTestServiceNOK(ServiceAccessController controller)
throws UnknownHostException, ServiceException, IOException {
- MockSocket mockSocket = new MockSocket(InetAddress.getByAddress(new
byte[] {123, 123, 58, 123}));
+ MockSocket mockSocket = new MockSocket(InetAddress.getByAddress(new
byte[] {121, 122, 58, 123}));
try {
controller.service(mockSocket);
fail();
