1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.security.spi;
18
19 import java.util.ArrayList;
20 import java.util.Arrays;
21 import java.util.List;
22
23 import junit.framework.Test;
24 import junit.framework.TestSuite;
25
26 import org.apache.jetspeed.security.SecurityException;
27 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
28
29 /***
30 * <p>
31 * TestInternalPasswordCredentialHistoryHandlingInterceptor
32 * </p>
33 *
34 * @author <a href="mailto:ate@apache.org">Ate Douma</a>
35 * @version $Id: TestPasswordHistoryInterceptor.java 516448 2007-03-09 16:25:47Z ate $
36 */
37 public class TestPasswordHistoryInterceptor extends AbstractSecurityTestcase
38 {
39 protected void setUp() throws Exception
40 {
41 super.setUp();
42
43 destroyUser();
44 initUser();
45 }
46
47 public void tearDown() throws Exception
48 {
49 destroyUser();
50 super.tearDown();
51 }
52
53 public static Test suite()
54 {
55 return new TestSuite(TestPasswordHistoryInterceptor.class);
56 }
57
58 public void testPasswordHistory() throws Exception
59 {
60
61
62
63 assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password"));
64 Thread.sleep(1000);
65 ums.setPassword("testcred","password","password1");
66 Thread.sleep(1000);
67 ums.setPassword("testcred","password1","password2");
68 assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password2"));
69 try
70 {
71 Thread.sleep(1000);
72 ums.setPassword("testcred","password2","password");
73 fail("Should not be allowed to reuse a password from password history");
74 }
75 catch (SecurityException sex)
76 {
77 assertTrue(SecurityException.PASSWORD_ALREADY_USED.equals(sex.getKeyedMessage()));
78 }
79 Thread.sleep(1000);
80 ums.setPassword("testcred","password2","password3");
81 Thread.sleep(1000);
82 ums.setPassword("testcred","password3","password4");
83 Thread.sleep(1000);
84 ums.setPassword("testcred","password4","password");
85
86 assertTrue("should be allowed to authenticate",ums.authenticate("testcred","password"));
87 }
88
89 protected void initUser() throws Exception
90 {
91 ums.addUser("testcred", "password");
92 }
93
94 protected void destroyUser() throws Exception
95 {
96 ums.removeUser("testcred");
97 }
98
99 protected String[] getConfigurations()
100 {
101 String[] confs = super.getConfigurations();
102 List confList = new ArrayList(Arrays.asList(confs));
103 confList.add("JETSPEED-INF/spring/TestPasswordHistoryInterceptor.xml");
104 return (String[])confList.toArray(new String[1]);
105 }
106 }