1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.security.spi;
18
19 import java.sql.Date;
20 import java.util.ArrayList;
21 import java.util.Arrays;
22 import java.util.List;
23
24 import junit.framework.Test;
25 import junit.framework.TestSuite;
26
27 import org.apache.jetspeed.security.om.InternalCredential;
28 import org.apache.jetspeed.security.om.InternalUserPrincipal;
29 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
30
31 /***
32 * <p>
33 * TestInternalPasswordCredentialStateHandlingInterceptor
34 * </p>
35 *
36 * @author <a href="mailto:ate@apache.org">Ate Douma</a>
37 * @version $Id: TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.java 516448 2007-03-09 16:25:47Z ate $
38 */
39 public class TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor extends AbstractSecurityTestcase
40 {
41 private InternalUserPrincipal internalUser;
42 private InternalCredential credential;
43
44 protected void setUp() throws Exception
45 {
46 super.setUp();
47
48 destroyUser();
49 initUser();
50 }
51
52 public void tearDown() throws Exception
53 {
54 destroyUser();
55 super.tearDown();
56 }
57
58 public static Test suite()
59 {
60 return new TestSuite(TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.class);
61 }
62
63 public void testExpirationAndMaxAuthenticationFailures() throws Exception
64 {
65 assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password"));
66 credential.setExpirationDate(new Date(new java.util.Date().getTime()));
67 updateCredential();
68 assertFalse("should be expired",ums.authenticate("testcred","password"));
69 ums.setPassword("testcred","password","password2");
70 assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password2"));
71 assertFalse("should not be allowed to authenticate (wrong password1)",ums.authenticate("testcred","password"));
72 assertFalse("should not be allowed to authenticate (wrong password2)",ums.authenticate("testcred","password"));
73 assertFalse("should not be allowed to authenticate (wrong password3)",ums.authenticate("testcred","password"));
74 assertFalse("should not be allowed to authenticate (disabled)",ums.authenticate("testcred","password2"));
75 ums.setPassword("testcred",null,"password3");
76 assertFalse("should still not be allowed to authenticate (disabled)",ums.authenticate("testcred","password3"));
77 ums.setPasswordEnabled("testcred", true);
78 assertTrue("should be allowed to authenticate again",ums.authenticate("testcred","password3"));
79 }
80
81 protected void initUser() throws Exception
82 {
83 ums.addUser("testcred", "password");
84 loadUser();
85 }
86
87 protected void loadUser() throws Exception
88 {
89 internalUser = securityAccess.getInternalUserPrincipal("testcred");
90 credential = (InternalCredential)internalUser.getCredentials().iterator().next();
91 }
92
93 protected void updateCredential() throws Exception
94 {
95 securityAccess.setInternalUserPrincipal(internalUser,false);
96 }
97
98 protected void destroyUser() throws Exception
99 {
100 ums.removeUser("testcred");
101 }
102
103 protected String[] getConfigurations()
104 {
105 String[] confs = super.getConfigurations();
106 List confList = new ArrayList(Arrays.asList(confs));
107 confList.add("JETSPEED-INF/spring/TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.xml");
108 return (String[])confList.toArray(new String[1]);
109 }
110 }