TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor xref


1   /* 
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *     http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.security.spi;
18  
19  import java.sql.Date;
20  import java.util.ArrayList;
21  import java.util.Arrays;
22  import java.util.List;
23  
24  import junit.framework.Test;
25  import junit.framework.TestSuite;
26  
27  import org.apache.jetspeed.security.om.InternalCredential;
28  import org.apache.jetspeed.security.om.InternalUserPrincipal;
29  import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
30  
31  /***
32  * <p>
33   * TestInternalPasswordCredentialStateHandlingInterceptor
34   * </p>
35   * 
36   * @author <a href="mailto:ate@apache.org">Ate Douma</a>
37   * @version $Id: TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.java 516448 2007-03-09 16:25:47Z ate $
38   */
39  public class TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor extends AbstractSecurityTestcase
40  {
41      private InternalUserPrincipal internalUser;
42      private InternalCredential credential;
43      
44      protected void setUp() throws Exception
45      {
46          super.setUp(); 
47          // cleanup for previously failed test
48          destroyUser();
49          initUser();
50      }
51  
52      public void tearDown() throws Exception
53      {
54          destroyUser();
55          super.tearDown();
56      }
57  
58      public static Test suite()
59      {
60          return new TestSuite(TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.class);
61      }
62  
63      public void testExpirationAndMaxAuthenticationFailures() throws Exception
64      {
65          assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password"));
66          credential.setExpirationDate(new Date(new java.util.Date().getTime()));
67          updateCredential();
68          assertFalse("should be expired",ums.authenticate("testcred","password"));
69          ums.setPassword("testcred","password","password2");
70          assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password2"));
71          assertFalse("should not be allowed to authenticate (wrong password1)",ums.authenticate("testcred","password"));
72          assertFalse("should not be allowed to authenticate (wrong password2)",ums.authenticate("testcred","password"));
73          assertFalse("should not be allowed to authenticate (wrong password3)",ums.authenticate("testcred","password"));
74          assertFalse("should not be allowed to authenticate (disabled)",ums.authenticate("testcred","password2"));
75          ums.setPassword("testcred",null,"password3");
76          assertFalse("should still not be allowed to authenticate (disabled)",ums.authenticate("testcred","password3"));
77          ums.setPasswordEnabled("testcred", true);
78          assertTrue("should be allowed to authenticate again",ums.authenticate("testcred","password3"));
79      }
80  
81      protected void initUser() throws Exception
82      {
83          ums.addUser("testcred", "password");
84          loadUser();
85      }
86      
87      protected void loadUser() throws Exception
88      {
89          internalUser = securityAccess.getInternalUserPrincipal("testcred");
90          credential = (InternalCredential)internalUser.getCredentials().iterator().next();
91      }
92      
93      protected void updateCredential() throws Exception
94      {
95          securityAccess.setInternalUserPrincipal(internalUser,false);
96      }
97  
98      protected void destroyUser() throws Exception
99      {
100         ums.removeUser("testcred");
101     }
102     
103     protected String[] getConfigurations()
104     {
105         String[] confs = super.getConfigurations();
106         List confList = new ArrayList(Arrays.asList(confs));
107         confList.add("JETSPEED-INF/spring/TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.xml");
108         return (String[])confList.toArray(new String[1]);
109     }    
110 }