All Packages  This Package  Class Hierarchy  Class Search  Index

java.lang.Object
   |
   +----app.authkit.test.AuthTest
           |
           +----app.authkit.test.TestAttach

Summary

public class  TestAttach
     extends app.authkit.test.AuthTest
{
          // Constructors 1
     public TestAttach();

          // Methods 4
     public static void main(String[]);

     protected void spewTo(PrintStream, String, Authorization, String[]);
     protected void spewTo(String, String, Authorization, String[]);
     public void testAuth(Authorization, String, String[]);
}

TestAttach is a command-line test of the three ways an Authorization can be attached to a session. It can call attach() for a secret identifier provided in a file or via stdin. It can call attachPrivileged() when run as a chiled of execPrivilged(). It can implicitly attach to a new session.

Since this program is often launched as a privileged process, it always displays the system properties "java.version" and "java.home", as a diagnostic aid.

Because of the possible coupling between a privileged Process's stdin and stdout, this program displays all diagnostics on stderr, never on stdout. Normally, nothing will be written to stdout.

All the args are taken to be Privilege names, which are authorize()'d with interaction disallowed, and failures ignored. The Privileges then are displayed on stderr, and optionally appended to files, which are named in "out.N" properties.

The property "authkit.imp" is the fully qualified class name of an Authorization to instantiate and use.

The optional properties "out.N", where N is a number starting with 1, are filenames (pathnames) which will have a list of authorized Privileges appended to them. If the TestAttach process is running with elevated privileges, the owner of any created files will be root, and any files normally restricted to root will be writable by this program. Be very careful what you overwrite.

The optional property "attach" controls how this program attaches to a session:

• If the property is missing or empty, then no existing session is attached, and a new session is created and used. This tests none of the attaching methods. It's simply the safest path of action.
• If the property is ".", then attachPrivileged() is used to attach to the session.
• If the property is "@", then stdin is read for the secret identifier, and the data read is passed to attach(). This is a relatively secure approach, though due to stdin/stdout coupling, it may or may not be workable in production.
• If the property is any other value, then it's treated as a filename whose contents is a secret identifier to be used by attach(). This is an insecure approach, and is only suitable for testing.

Unlike most other classes in this package, diagnostics are emitted on stderr, not stdout.

Constructors

· TestAttach

Summary  |  Top

   public TestAttach() 

Default constructor

   public static void main(String[] args) 

Static entry point; can only be used as an application.

   public void testAuth(Authorization auth, 
                        String preauthProp, 
                        String[] args) 

Does nothing. This prevents misuse in AllTests.

Overrides:

testAuth in class AuthTest

   protected void spewTo(String filename, 
                         String header, 
                         Authorization auth, 
                         String[] privNames) 

Append information in human-readable form to file.

   protected void spewTo(PrintStream out, 
                         String header, 
                         Authorization auth, 
                         String[] privNames) 

Print information in human-readable form to PrintStream. The auth's public identifier is displayed, along with the current availability of every privName, and its latest-granted date (if any).

All Packages  This Package  Class Hierarchy  Class Search  Index