001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.security.spi;
018:
019: import java.util.ArrayList;
020: import java.util.Arrays;
021: import java.util.List;
022: import java.util.Set;
023:
024: import org.apache.jetspeed.security.PasswordCredential;
025: import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
026: import org.apache.jetspeed.security.SecurityException;
027:
028: import junit.framework.Test;
029: import junit.framework.TestSuite;
030:
031: /**
032: * <p>
033: * Unit testing for {@link PasswordCredentialProvider}.
034: * </p>
035: *
036: * @author <a href="mailto:ate@apache.org">Ate Douma</a>
037: */
038: public class TestPasswordCredentialProvider extends
039: AbstractSecurityTestcase {
040: /**
041: * @see junit.framework.TestCase#setUp()
042: */
043: protected void setUp() throws Exception {
044: super .setUp();
045: // cleanup for previously failed test
046: destroyUser();
047: }
048:
049: /**
050: * @see junit.framework.TestCase#tearDown()
051: */
052: public void tearDown() throws Exception {
053: super .tearDown();
054: }
055:
056: /**
057: * <p>
058: * Constructs the suite.
059: * </p>
060: *
061: * @return The {@Test}.
062: */
063: public static Test suite() {
064: return new TestSuite(TestPasswordCredentialProvider.class);
065: }
066:
067: /**
068: * <p>
069: * Test <code>getPrivateCredentials</code>..
070: * </p>
071: */
072: public void testGetPrivateCredentials() throws Exception {
073: initUser();
074: Set privateCredentials = ums.getUser("testcred").getSubject()
075: .getPrivateCredentials();
076: assertNotNull(privateCredentials);
077: assertEquals(1, privateCredentials.size());
078: PasswordCredential[] pwdCreds = (PasswordCredential[]) privateCredentials
079: .toArray(new PasswordCredential[0]);
080: assertEquals("testcred", pwdCreds[0].getUserName());
081: assertNotSame("password01", new String(pwdCreds[0]
082: .getPassword()));
083: destroyUser();
084: }
085:
086: /**
087: * <p>
088: * Test <code>setPassword</code>..
089: * </p>
090: */
091: public void testSetPassword() throws Exception {
092: initUser();
093: Set privateCredentials = ums.getUser("testcred").getSubject()
094: .getPrivateCredentials();
095: assertNotNull(privateCredentials);
096: assertEquals(1, privateCredentials.size());
097: PasswordCredential[] pwdCreds = (PasswordCredential[]) privateCredentials
098: .toArray(new PasswordCredential[0]);
099: assertEquals("testcred", pwdCreds[0].getUserName());
100: String encodedPassword = new String(pwdCreds[0].getPassword());
101: assertNotSame("password01", encodedPassword);
102:
103: // Try setting an invalid password: to short (min: 8)
104: try {
105: ums.setPassword("testcred", "password01", "1234567");
106: fail("Should not be able to set an invalid password");
107: } catch (SecurityException e) {
108: }
109: // Try setting an invalid password: no digits
110: try {
111: ums.setPassword("testcred", "password01", "newpassword");
112: fail("Should not be able to set an invalid password");
113: } catch (SecurityException e) {
114: }
115: // Setting a valid password
116: ums.setPassword("testcred", "password01", "passwd01");
117:
118: // Test that the credential was updated.
119: privateCredentials = ums.getUser("testcred").getSubject()
120: .getPrivateCredentials();
121: assertNotNull(privateCredentials);
122: assertEquals(1, privateCredentials.size());
123: pwdCreds = (PasswordCredential[]) privateCredentials
124: .toArray(new PasswordCredential[0]);
125: assertEquals("testcred", pwdCreds[0].getUserName());
126: String newEncodedPassword = new String(pwdCreds[0]
127: .getPassword());
128: assertNotSame(encodedPassword, newEncodedPassword);
129: assertNotSame("passwd01", newEncodedPassword);
130:
131: // Test authentication with the new password
132: assertTrue(ums.authenticate("testcred", "passwd01"));
133: destroyUser();
134: }
135:
136: /**
137: * <p>
138: * Initialize user test object.
139: * </p>
140: */
141: protected void initUser() throws Exception {
142: ums.addUser("testcred", "password01");
143: }
144:
145: /**
146: * <p>
147: * Destroy user test object.
148: * </p>
149: */
150: protected void destroyUser() throws Exception {
151: ums.removeUser("testcred");
152: }
153:
154: protected String[] getConfigurations() {
155: String[] confs = super .getConfigurations();
156: List confList = new ArrayList(Arrays.asList(confs));
157: confList
158: .add("JETSPEED-INF/spring/TestPasswordCredentialProvider.xml");
159: return (String[]) confList.toArray(new String[1]);
160: }
161: }
|