1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.security.spi.ldap;
18  
19  import org.apache.jetspeed.security.PasswordCredential;
20  import org.apache.jetspeed.security.SecurityException;
21  import org.apache.jetspeed.security.spi.impl.LdapCredentialHandler;
22  
23  import java.util.Set;
24  
25  /***
26   * <p>
27   * Test {@link LdapCredentialHandler}implementation of the SPI
28   * <code>CredentialHandler</code>.
29   * </p>
30   * 
31   * @author <a href="mailto:mike.long@dataline.com">Mike Long </a>
32   */
33  public class TestLdapCredentialHandler extends AbstractLdapTest
34  {
35  
36      /***
37       * @see org.apache.jetspeed.security.spi.ldap.AbstractLdapTest#setUp()
38       */
39      protected void setUp() throws Exception
40      {
41          super.setUp();
42          LdapDataHelper.seedUserData(uid1, password);
43      }
44      
45      /***
46       * @see org.apache.jetspeed.security.spi.ldap.AbstractLdapTest#tearDown()
47       */
48      protected void tearDown() throws Exception
49      {
50          super.tearDown();
51          LdapDataHelper.removeUserData(uid1);
52      }
53  
54      /***
55       * <p>
56       * Test <code>getPrivateCredentials</code>
57       * </p>
58       * 
59       * @throws Exception An {@link Exception}.
60       */
61      public void testGetPrivateCredentials() throws Exception
62      {
63          Set credentials = crHandler.getPrivateCredentials(uid1);
64  
65          assertTrue("getPrivateCredentials found no credentials for user:" + uid1, credentials.size() > 0);
66  
67          PasswordCredential cred = (PasswordCredential) credentials.iterator().next();
68  
69          assertEquals(password, String.valueOf(cred.getPassword()));
70      }
71  
72      /***
73       * <p>
74       * Test <code>getPrivateCredentials</code> for a user that does not exist.
75       * </p>
76       * 
77       * @throws Exception An {@link Exception}.
78       */
79      public void testGetPrivateCredentialsForNonExistantUser() throws Exception
80      {
81          String nonExistantUser = Integer.toString(rand.nextInt());
82          Set credentials = crHandler.getPrivateCredentials(nonExistantUser);
83  
84          assertTrue("getPrivateCredentials should not have found credentials for user:" + nonExistantUser, credentials
85                  .isEmpty());
86      }
87  
88      /***
89       * <p>
90       * Test <code>setPassword</code>.
91       * </p>
92       * 
93       * @throws Exception An {@link Exception}.
94       */
95      public void testSetPassword() throws Exception
96      {
97          crHandler.setPassword(uid1, password, "freddie");
98          assertTrue("Failed to change the password.", crHandler.authenticate(uid1, "freddie"));
99          crHandler.setPassword(uid1, "freddie", password);
100     }
101 
102     /***
103      * <p>
104      * Test <code>setPassword</code> with null password.
105      * </p>
106      * 
107      * @throws Exception An {@link Exception}.
108      */
109     public void testVerifyNullSetPassword() throws Exception
110     {
111         crHandler.setPassword(uid1, null, password);
112     }
113 
114     /***
115      * <p>
116      * Test <code>authenticate</code> with correct login.
117      * </p>
118      * 
119      * @throws Exception An {@link Exception}.
120      */
121     public void testGoodLogin() throws Exception
122     {
123         assertTrue("The login failed for user.", crHandler.authenticate(uid1, password));
124     }
125 
126     /***
127      * <p>
128      * Test <code>authenticate</code> with no password.
129      * </p>
130      * 
131      * @throws Exception An {@link Exception}.
132      */
133     public void testCannotAuthenticateWithNoPassword() throws Exception
134     {
135         try
136         {
137             crHandler.authenticate(uid1, "");
138             fail("Should have thrown a SecurityException.");
139         }
140         catch (Exception e)
141         {
142             assertTrue("Should have thrown an SecurityException but threw:" + e, e instanceof SecurityException);
143         }
144     }
145 
146     /***
147      * <p>
148      * Test <code>authenticate</code> with bad uid.
149      * </p>
150      * 
151      * @throws Exception An {@link Exception}.
152      */
153     public void testBadUID() throws Exception
154     {
155         String nonExistantUser = Integer.toString(rand.nextInt());
156 
157         try
158         {
159             crHandler.authenticate(nonExistantUser, password);
160             fail("Should have thrown an exception for a non-existant user.");
161         }
162         catch (Exception e)
163         {
164             assertTrue("Should have thrown a SecurityException for a non-existant user.",
165                     e instanceof SecurityException);
166         }
167     }
168 
169     /***
170      * <p>
171      * Test <code>authenticate</code> with bad password.
172      * </p>
173      * 
174      * @throws Exception An {@link Exception}.
175      */
176     public void testBadPassword() throws Exception
177     {
178         assertFalse("Should not have authenticated with a bad password.", crHandler
179                 .authenticate(uid1, password + "123"));
180     }
181 }