package org.infinispan.test.integration.security.embedded;

import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.infinispan.security.AuthorizationPermission;
import org.infinispan.security.PrincipalRoleMapper;
import org.infinispan.test.integration.security.utils.ApacheDsKrbLdap;
import org.infinispan.test.integration.security.utils.Deployments;
import org.infinispan.test.integration.security.utils.SimplePrincipalGroupRoleMapper;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.TargetsContainer;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.runner.RunWith;

@RunWith(Arquillian.class)
/* loaded from: input_file:org/infinispan/test/integration/security/embedded/KrbLdapAuthenticationIT.class */
public class KrbLdapAuthenticationIT extends AbstractAuthentication {
    public static final String ADMIN_ROLE = "AdminIspnRole";
    public static final String WRITER_ROLE = "WriterIspnRole";
    public static final String READER_ROLE = "ReaderIspnRole";
    public static final String UNPRIVILEGED_ROLE = "UnprivilegedIspnRole";
    private static ApacheDsKrbLdap krbLdapServer;

    @BeforeClass
    public static void ldapSetup() throws Exception {
        System.setProperty("java.security.krb5.conf", KrbLdapAuthenticationIT.class.getResource("/krb5.conf").getPath());
        krbLdapServer = new ApacheDsKrbLdap("127.0.0.1");
        krbLdapServer.start();
    }

    @AfterClass
    public static void ldapTearDown() throws Exception {
        krbLdapServer.stop();
    }

    @Deployment
    @TargetsContainer(AbstractAuthentication.DEFAULT_DEPLOY_CONTAINER)
    public static WebArchive getDeployment() {
        return Deployments.createKrbLdapTestDeployment();
    }

    @Override // org.infinispan.test.integration.security.embedded.AbstractAuthentication
    public Map<String, AuthorizationPermission[]> getRolePermissionMap() {
        HashMap hashMap = new HashMap();
        hashMap.put(ADMIN_ROLE, new AuthorizationPermission[]{AuthorizationPermission.ALL});
        hashMap.put(WRITER_ROLE, new AuthorizationPermission[]{AuthorizationPermission.WRITE});
        hashMap.put(READER_ROLE, new AuthorizationPermission[]{AuthorizationPermission.READ});
        hashMap.put(UNPRIVILEGED_ROLE, new AuthorizationPermission[]{AuthorizationPermission.NONE});
        return hashMap;
    }

    @Override // org.infinispan.test.integration.security.embedded.AbstractAuthentication
    public PrincipalRoleMapper getPrincipalRoleMapper() {
        return new SimplePrincipalGroupRoleMapper();
    }

    @Override // org.infinispan.test.integration.security.embedded.AbstractAuthentication
    public String getSecurityDomainName() {
        return null;
    }

    @Override // org.infinispan.test.integration.security.embedded.AbstractAuthentication
    public Subject getAdminSubject() throws LoginException {
        return authenticateWithKrb("ispn-admin");
    }

    @Override // org.infinispan.test.integration.security.embedded.AbstractAuthentication
    public Subject getWriterSubject() throws LoginException {
        return authenticateWithKrb("ispn-writer");
    }

    @Override // org.infinispan.test.integration.security.embedded.AbstractAuthentication
    public Subject getReaderSubject() throws LoginException {
        return authenticateWithKrb("ispn-reader");
    }

    @Override // org.infinispan.test.integration.security.embedded.AbstractAuthentication
    public Subject getUnprivilegedSubject() throws LoginException {
        return authenticateWithKrb("ispn-unprivileged");
    }
}
