1
/*
2
 * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
import java.io.*;
25
import java.net.*;
26
import java.util.*;
27
import jdk.test.lib.net.URIBuilder;
28

29
/**
30
 * @test
31
 * @bug 4513440
32
 * @summary BasicAuthentication is zeroing out the given password
33
 * @library /test/lib
34
 * @run main/othervm BasicTest3
35
 * @run main/othervm -Djava.net.preferIPv6Addresses=true BasicTest3
36
 */
37

38
public class BasicTest3 {
39

40
    static class BasicServer3 extends Thread {
41

42
        ServerSocket server;
43

44
        Socket s;
45
        InputStream is;
46
        OutputStream os;
47

48
        static final String realm = "wallyworld";
49

50
        String reply1 = "HTTP/1.1 401 Unauthorized\r\n"+
51
            "WWW-Authenticate: Basic realm=\""+realm+"\"\r\n\r\n";
52

53
        String reply2 = "HTTP/1.1 200 OK\r\n"+
54
            "Date: Mon, 15 Jan 2001 12:18:21 GMT\r\n" +
55
            "Server: Apache/1.3.14 (Unix)\r\n" +
56
            "Connection: close\r\n" +
57
            "Content-Type: text/html; charset=iso-8859-1\r\n" +
58
            "Content-Length: 10\r\n\r\n";
59

60
        BasicServer3 (ServerSocket s) {
61
            server = s;
62
        }
63

64
        void readAll (Socket s) throws IOException {
65
            byte[] buf = new byte [128];
66
            InputStream is = s.getInputStream ();
67
            s.setSoTimeout(1000);
68
            try {
69
                while (is.read(buf) > 0) ;
70
            } catch (SocketTimeoutException x) { }
71
        }
72

73
        public void run () {
74
            try {
75
                System.out.println ("Server 1: accept");
76
                s = server.accept ();
77
                System.out.println ("accepted");
78
                os = s.getOutputStream();
79
                os.write (reply1.getBytes());
80
                readAll (s);
81
                s.close ();
82

83
                System.out.println ("Server 2: accept");
84
                s = server.accept ();
85
                System.out.println ("accepted");
86
                os = s.getOutputStream();
87
                readAll (s);
88
                os.write ((reply2+"HelloWorld").getBytes());
89

90
            }
91
            catch (Exception e) {
92
                System.out.println (e);
93
            }
94
            finished ();
95
        }
96

97
        public synchronized void finished () {
98
            notifyAll();
99
        }
100

101
    }
102

103
    static class MyAuthenticator3 extends Authenticator {
104
        PasswordAuthentication pw;
105
        MyAuthenticator3 () {
106
            super ();
107
            pw = new PasswordAuthentication ("user", "passwordNotCheckedAnyway".toCharArray());
108
        }
109

110
        public PasswordAuthentication getPasswordAuthentication ()
111
            {
112
            System.out.println ("Auth called");
113
            return pw;
114
        }
115

116
        public void checkPW () {
117
            if (!new String (pw.getPassword()).equals ("passwordNotCheckedAnyway")) {
118
                throw new RuntimeException ("Password was \"" + new String (pw.getPassword()) + "\"");
119
            }
120
        }
121
    }
122

123

124
    static void read (InputStream is) throws IOException {
125
        int c;
126
        System.out.println ("reading");
127
        while ((c=is.read()) != -1) {
128
            System.out.write (c);
129
        }
130
        System.out.println ("");
131
        System.out.println ("finished reading");
132
    }
133

134
    public static void main (String args[]) throws Exception {
135
        MyAuthenticator3 auth = new MyAuthenticator3 ();
136
        Authenticator.setDefault (auth);
137
        InetAddress loopback = InetAddress.getLoopbackAddress();
138
        ServerSocket ss = new ServerSocket();
139
        ss.bind(new InetSocketAddress(loopback, 0));
140
        int port = ss.getLocalPort ();
141
        BasicServer3 server = new BasicServer3 (ss);
142
        synchronized (server) {
143
            server.start();
144
            System.out.println ("client 1");
145
            URL url =  URIBuilder.newBuilder()
146
                .scheme("http")
147
                .loopback()
148
                .port(port)
149
                .path("/d1/d2/d3/foo.html")
150
                .toURL();
151
            URLConnection urlc = url.openConnection(Proxy.NO_PROXY);
152
            InputStream is = urlc.getInputStream ();
153
            read (is);
154
            is.close ();
155
            auth.checkPW ();
156
        }
157
    }
158
}
159

160