1/* 2 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24import java.io.*; 25import java.net.*; 26import java.util.*; 27 28/** 29 * @test 30 * @bug 4513440 31 * @summary BasicAuthentication is zeroing out the given password 32 */ 33 34public class BasicTest3 { 35 36 static class BasicServer3 extends Thread { 37 38 ServerSocket server; 39 40 Socket s; 41 InputStream is; 42 OutputStream os; 43 44 static final String realm = "wallyworld"; 45 46 String reply1 = "HTTP/1.1 401 Unauthorized\r\n"+ 47 "WWW-Authenticate: Basic realm=\""+realm+"\"\r\n\r\n"; 48 49 String reply2 = "HTTP/1.1 200 OK\r\n"+ 50 "Date: Mon, 15 Jan 2001 12:18:21 GMT\r\n" + 51 "Server: Apache/1.3.14 (Unix)\r\n" + 52 "Connection: close\r\n" + 53 "Content-Type: text/html; charset=iso-8859-1\r\n" + 54 "Content-Length: 10\r\n\r\n"; 55 56 BasicServer3 (ServerSocket s) { 57 server = s; 58 } 59 60 void readAll (Socket s) throws IOException { 61 byte[] buf = new byte [128]; 62 InputStream is = s.getInputStream (); 63 s.setSoTimeout(1000); 64 try { 65 while (is.read(buf) > 0) ; 66 } catch (SocketTimeoutException x) { } 67 } 68 69 public void run () { 70 try { 71 System.out.println ("Server 1: accept"); 72 s = server.accept (); 73 System.out.println ("accepted"); 74 os = s.getOutputStream(); 75 os.write (reply1.getBytes()); 76 readAll (s); 77 s.close (); 78 79 System.out.println ("Server 2: accept"); 80 s = server.accept (); 81 System.out.println ("accepted"); 82 os = s.getOutputStream(); 83 readAll (s); 84 os.write ((reply2+"HelloWorld").getBytes()); 85 86 } 87 catch (Exception e) { 88 System.out.println (e); 89 } 90 finished (); 91 } 92 93 public synchronized void finished () { 94 notifyAll(); 95 } 96 97 } 98 99 static class MyAuthenticator3 extends Authenticator { 100 PasswordAuthentication pw; 101 MyAuthenticator3 () { 102 super (); 103 pw = new PasswordAuthentication ("user", "passwordNotCheckedAnyway".toCharArray()); 104 } 105 106 public PasswordAuthentication getPasswordAuthentication () 107 { 108 System.out.println ("Auth called"); 109 return pw; 110 } 111 112 public void checkPW () { 113 if (!new String (pw.getPassword()).equals ("passwordNotCheckedAnyway")) { 114 throw new RuntimeException ("Password was \"" + new String (pw.getPassword()) + "\""); 115 } 116 } 117 } 118 119 120 static void read (InputStream is) throws IOException { 121 int c; 122 System.out.println ("reading"); 123 while ((c=is.read()) != -1) { 124 System.out.write (c); 125 } 126 System.out.println (""); 127 System.out.println ("finished reading"); 128 } 129 130 public static void main (String args[]) throws Exception { 131 MyAuthenticator3 auth = new MyAuthenticator3 (); 132 Authenticator.setDefault (auth); 133 ServerSocket ss = new ServerSocket (0); 134 int port = ss.getLocalPort (); 135 BasicServer3 server = new BasicServer3 (ss); 136 synchronized (server) { 137 server.start(); 138 System.out.println ("client 1"); 139 URL url = new URL ("http://localhost:"+port+"/d1/d2/d3/foo.html"); 140 URLConnection urlc = url.openConnection (); 141 InputStream is = urlc.getInputStream (); 142 read (is); 143 is.close (); 144 auth.checkPW (); 145 } 146 } 147} 148