001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.security.spi;
018:
019: import java.sql.Date;
020: import java.util.ArrayList;
021: import java.util.Arrays;
022: import java.util.List;
023:
024: import junit.framework.Test;
025: import junit.framework.TestSuite;
026:
027: import org.apache.jetspeed.security.om.InternalCredential;
028: import org.apache.jetspeed.security.om.InternalUserPrincipal;
029: import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
030:
031: /**
032: * <p>
033: * TestInternalPasswordCredentialStateHandlingInterceptor
034: * </p>
035: *
036: * @author <a href="mailto:ate@apache.org">Ate Douma</a>
037: * @version $Id: TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.java 516448 2007-03-09 16:25:47Z ate $
038: */
039: public class TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor
040: extends AbstractSecurityTestcase {
041: private InternalUserPrincipal internalUser;
042: private InternalCredential credential;
043:
044: protected void setUp() throws Exception {
045: super .setUp();
046: // cleanup for previously failed test
047: destroyUser();
048: initUser();
049: }
050:
051: public void tearDown() throws Exception {
052: destroyUser();
053: super .tearDown();
054: }
055:
056: public static Test suite() {
057: return new TestSuite(
058: TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.class);
059: }
060:
061: public void testExpirationAndMaxAuthenticationFailures()
062: throws Exception {
063: assertTrue("should be allowed to authenticate", ums
064: .authenticate("testcred", "password"));
065: credential.setExpirationDate(new Date(new java.util.Date()
066: .getTime()));
067: updateCredential();
068: assertFalse("should be expired", ums.authenticate("testcred",
069: "password"));
070: ums.setPassword("testcred", "password", "password2");
071: assertTrue("should be allowed to authenticate", ums
072: .authenticate("testcred", "password2"));
073: assertFalse(
074: "should not be allowed to authenticate (wrong password1)",
075: ums.authenticate("testcred", "password"));
076: assertFalse(
077: "should not be allowed to authenticate (wrong password2)",
078: ums.authenticate("testcred", "password"));
079: assertFalse(
080: "should not be allowed to authenticate (wrong password3)",
081: ums.authenticate("testcred", "password"));
082: assertFalse("should not be allowed to authenticate (disabled)",
083: ums.authenticate("testcred", "password2"));
084: ums.setPassword("testcred", null, "password3");
085: assertFalse(
086: "should still not be allowed to authenticate (disabled)",
087: ums.authenticate("testcred", "password3"));
088: ums.setPasswordEnabled("testcred", true);
089: assertTrue("should be allowed to authenticate again", ums
090: .authenticate("testcred", "password3"));
091: }
092:
093: protected void initUser() throws Exception {
094: ums.addUser("testcred", "password");
095: loadUser();
096: }
097:
098: protected void loadUser() throws Exception {
099: internalUser = securityAccess
100: .getInternalUserPrincipal("testcred");
101: credential = (InternalCredential) internalUser.getCredentials()
102: .iterator().next();
103: }
104:
105: protected void updateCredential() throws Exception {
106: securityAccess.setInternalUserPrincipal(internalUser, false);
107: }
108:
109: protected void destroyUser() throws Exception {
110: ums.removeUser("testcred");
111: }
112:
113: protected String[] getConfigurations() {
114: String[] confs = super .getConfigurations();
115: List confList = new ArrayList(Arrays.asList(confs));
116: confList
117: .add("JETSPEED-INF/spring/TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.xml");
118: return (String[]) confList.toArray(new String[1]);
119: }
120: }
|