kerberos test

functional-tests/http/pom.xml

@@ -22,7 +22,7 @@
         <javax.servlet.api.version>3.1.0</javax.servlet.api.version>
 
         <grizzly.version>2.3.36-MULE-026</grizzly.version>
-        <grizzly.ahc.version>1.14-MULE-024</grizzly.ahc.version>
+        <grizzly.ahc.version>1.14-MULE-025-SNAPSHOT</grizzly.ahc.version>
         <apacheAsyncClientVersion>4.1.5</apacheAsyncClientVersion>
         <jettyVersion>9.4.53.v20231009</jettyVersion>
         <httpMimeVersion>4.5.14</httpMimeVersion>
@@ -101,6 +101,15 @@
             <version>${jettyVersion}</version>
             <scope>test</scope>
         </dependency>
+
+        <!-- https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-minikdc -->
+        <dependency>
+            <groupId>org.apache.hadoop</groupId>
+            <artifactId>hadoop-minikdc</artifactId>
+            <version>3.4.0</version>
+            <scope>test</scope>
+        </dependency>
+
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>

functional-tests/http/src/test/java/org/mule/test/http/functional/requester/proxy/KerberosHttpProxyTestCase.java

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2023 Salesforce, Inc. All rights reserved.
+ * The software in this package is published under the terms of the CPAL v1.0
+ * license, a copy of which has been included with this distribution in the
+ * LICENSE.txt file.
+ */
+package org.mule.test.http.functional.requester.proxy;
+
+import org.mule.tck.junit4.rule.DynamicPort;
+import org.mule.tck.junit4.rule.SystemProperty;
+import org.mule.test.http.functional.requester.AbstractHttpRequestTestCase;
+
+import java.io.File;
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.eclipse.jetty.server.Request;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+
+public class KerberosHttpProxyTestCase extends AbstractHttpRequestTestCase {
+
+  private static final String CLIENT_PRINCIPAL = "[email protected]";
+  private static final String SERVER_PRINCIPAL = "HTTP/[email protected]";
+
+  @ClassRule
+  public static DynamicPort kdcPort = new DynamicPort("kdcPort");
+  @ClassRule
+  public static MiniKdcRule miniKdcRule = new MiniKdcRule(kdcPort.getNumber());
+
+  public static final File workingDir = new File("target");
+  @ClassRule
+  public static SystemProperty keytabPath;
+
+  static {
+    try {
+      keytabPath = new SystemProperty("keytabPath", new File(workingDir, "keytab").getCanonicalPath());
+    } catch (IOException e) {
+      throw new RuntimeException(e);
+    }
+  }
+
+  @BeforeClass
+  public static void setUpKeytab() throws Exception {
+    File keytabFile = new File(workingDir, "keytab");
+    miniKdcRule.createPrincipal(keytabFile, CLIENT_PRINCIPAL, SERVER_PRINCIPAL);
+  }
+
+  @Test
+  public void frankensTest() throws Exception {
+    String response = runFlow("ntlmAuthRequestWithDomain").getMessage().getPayload().getValue().toString();
+  }
+
+  @Override
+  protected void handleRequest(Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException {
+    super.handleRequest(baseRequest, request, response);
+  }
+
+  @Override
+  protected String getConfigFile() {
+    return "http-request-ntlm-proxy-config.xml";
+  }
+}

functional-tests/http/src/test/java/org/mule/test/http/functional/requester/proxy/MiniKdcRule.java

@@ -0,0 +1,54 @@
+/*
+ * Copyright 2023 Salesforce, Inc. All rights reserved.
+ * The software in this package is published under the terms of the CPAL v1.0
+ * license, a copy of which has been included with this distribution in the
+ * LICENSE.txt file.
+ */
+package org.mule.test.http.functional.requester.proxy;
+
+import static java.lang.String.valueOf;
+
+import java.io.File;
+import java.util.Properties;
+
+import org.apache.hadoop.minikdc.MiniKdc;
+import org.junit.rules.ExternalResource;
+
+public class MiniKdcRule extends ExternalResource {
+
+  private final int kdcPort;
+  private MiniKdc kdc;
+
+  public MiniKdcRule(int kdcPort) {
+    this.kdcPort = kdcPort;
+  }
+
+  @Override
+  protected void before() throws Throwable {
+    super.before();
+    File workDir = new File("target");
+    Properties kdcConfig = createMiniKdcConf(valueOf(kdcPort));
+
+    kdc = new MiniKdc(kdcConfig, workDir);
+    kdc.start();
+  }
+
+  public synchronized void createPrincipal(File keytabFile, String... principals) throws Exception {
+    kdc.createPrincipal(keytabFile, principals);
+  }
+
+  @Override
+  protected void after() {
+    if (kdc != null) {
+      kdc.stop();
+    }
+    super.after();
+  }
+
+  private static Properties createMiniKdcConf(String kdcPort) {
+    Properties conf = MiniKdc.createConf();
+    conf.setProperty(MiniKdc.DEBUG, "true");
+    conf.setProperty(MiniKdc.KDC_PORT, kdcPort);
+    return conf;
+  }
+}

functional-tests/http/src/test/resources/http-request-ntlm-proxy-config.xml

@@ -9,7 +9,7 @@
     <http:request-config name="ntlmProxy" basePath="basePath">
         <http:request-connection host="localhost" port="9999">
             <http:proxy-config>
-                <http:ntlm-proxy host="localhost" port="${httpPort}" username="Zaphod" password="Beeblebrox" ntlmDomain="Ursa-Minor" />
+                <http:ntlm-proxy host="localhost" port="${httpPort}" username="[email protected]" password="${keytabPath}" ntlmDomain="Ursa-Minor" />
             </http:proxy-config>
         </http:request-connection>
     </http:request-config>
@@ -18,4 +18,19 @@
         <set-payload value="#[%dw 2.0 output application/java --- payload.^raw as String]"/>
     </flow>
 
+
+
+    <http:request-config name="ntlmConfigWithDomain">
+        <http:request-connection host="localhost" port="${httpPort}">
+            <http:authentication>
+                <http:ntlm-authentication username="[email protected]" password="${keytabPath}" domain="Ursa-Minor"/>
+            </http:authentication>
+        </http:request-connection>
+    </http:request-config>
+
+    <flow name="ntlmAuthRequestWithDomain">
+        <http:request config-ref="ntlmConfigWithDomain" path="/" method="GET"/>
+        <set-payload value="#[%dw 2.0 output application/java --- payload.^raw as String]"/>
+    </flow>
+
 </mule>

functional-tests/pom.xml

@@ -21,8 +21,6 @@
             -XX:+TieredCompilation
             -XX:+IgnoreUnrecognizedVMOptions
             -Dfile.encoding=UTF-8
-            -javaagent:${settings.localRepository}/org/aspectj/aspectjweaver/${aspectjVersion}/aspectjweaver-${aspectjVersion}.jar
-            -javaagent:${settings.localRepository}/org/jacoco/org.jacoco.agent/${jacoco.version}/org.jacoco.agent-${jacoco.version}-runtime.jar=destfile='${session.executionRootDirectory}/target/jacoco.exec'
             --module-path=${org.slf4j:slf4j-api:jar}
             --add-modules=org.slf4j
             --add-opens=java.base/java.lang=ALL-UNNAMED