inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixes and tests for updateAuthentication

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2770 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2006-05-05 10:10:25 +00:00
parent ed72f5c7c2
commit 84e464eab4
3 changed files with 221 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/alfresco/public-services-security-context.xml
View File

@@ -586,6 +586,7 @@
<!-- Authentication is excluded as it sets or cleas authentication --> <!-- Authentication is excluded as it sets or cleas authentication -->
<!-- The same for validate ticaket --> <!-- The same for validate ticaket -->
<!-- Update authentication checks internally -->
<bean id="AuthenticationService_security" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <bean id="AuthenticationService_security" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property> <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>

9
source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
View File

@@ -65,6 +65,15 @@ public class AuthenticationServiceImpl implements AuthenticationService
public void updateAuthentication(String userName, char[] oldPassword, char[] newPassword) public void updateAuthentication(String userName, char[] oldPassword, char[] newPassword)
throws AuthenticationException throws AuthenticationException
{ {
String currentUser = AuthenticationUtil.getCurrentUserName();
try
{
authenticate(userName, oldPassword);
}
finally
{
AuthenticationUtil.setCurrentUser(currentUser);
}
authenticationDao.updateUser(userName, newPassword); authenticationDao.updateUser(userName, newPassword);
} }

179
source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -119,7 +119,6 @@ public class AuthenticationTest extends TestCase
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponentImpl"); authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponentImpl");
permissionServiceSPI = (PermissionServiceSPI) ctx.getBean("permissionService"); permissionServiceSPI = (PermissionServiceSPI) ctx.getBean("permissionService");
dao = (MutableAuthenticationDao) ctx.getBean("alfDaoImpl"); dao = (MutableAuthenticationDao) ctx.getBean("alfDaoImpl");
authenticationManager = (AuthenticationManager) ctx.getBean("authenticationManager"); authenticationManager = (AuthenticationManager) ctx.getBean("authenticationManager");
saltSource = (SaltSource) ctx.getBean("saltSource"); saltSource = (SaltSource) ctx.getBean("saltSource");
@@ -158,7 +157,7 @@ public class AuthenticationTest extends TestCase
dao.setNamespaceService(getNamespacePrefixReolsver("")); dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder); dao.setPasswordEncoder(passwordEncoder);
if(dao.getUserOrNull("andy") != null) if (dao.getUserOrNull("andy") != null)
{ {
dao.deleteUser("andy"); dao.deleteUser("andy");
} }
@@ -179,7 +178,6 @@ public class AuthenticationTest extends TestCase
return properties; return properties;
} }
public void xtestScalability() public void xtestScalability()
{ {
long create = 0; long create = 0;
@@ -188,22 +186,22 @@ public class AuthenticationTest extends TestCase
long start; long start;
long end; long end;
authenticationComponent.authenticate("admin", "admin".toCharArray()); authenticationComponent.authenticate("admin", "admin".toCharArray());
for(int i = 0; i < 10000; i++) for (int i = 0; i < 10000; i++)
{ {
String id = "TestUser-"+i; String id = "TestUser-" + i;
start = System.nanoTime(); start = System.nanoTime();
authenticationService.createAuthentication(id, id.toCharArray()); authenticationService.createAuthentication(id, id.toCharArray());
end = System.nanoTime(); end = System.nanoTime();
create += (end - start); create += (end - start);
if((i > 0) && (i % 100 == 0)) if ((i > 0) && (i % 100 == 0))
{ {
System.out.println("Count = "+i); System.out.println("Count = " + i);
System.out.println("Average create : "+(create/i/1000000.0f)); System.out.println("Average create : " + (create / i / 1000000.0f));
start = System.nanoTime(); start = System.nanoTime();
dao.userExists(id); dao.userExists(id);
end = System.nanoTime(); end = System.nanoTime();
System.out.println("Exists : "+((end-start)/1000000.0f)); System.out.println("Exists : " + ((end - start) / 1000000.0f));
} }
} }
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
@@ -548,7 +546,6 @@ public class AuthenticationTest extends TestCase
} }
synchronized (this) synchronized (this)
{ {
try try
@@ -687,8 +684,6 @@ public class AuthenticationTest extends TestCase
} }
} }
public void testAuthenticationService3() public void testAuthenticationService3()
{ {
authenticationService.createAuthentication("GUEST", "".toCharArray()); authenticationService.createAuthentication("GUEST", "".toCharArray());
@@ -773,7 +768,7 @@ public class AuthenticationTest extends TestCase
authenticationService.invalidateTicket(ticket); authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication(); Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null) if (current != null)
{ {
// Still authentication // Still authentication
assertTrue(current.isAuthenticated()); assertTrue(current.isAuthenticated());
@@ -816,8 +811,11 @@ public class AuthenticationTest extends TestCase
// authenticate again to assert password changed // authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray()); authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray()); authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication // get the ticket that represents the current user authentication
// instance // instance
String ticket = authenticationService.getCurrentTicket(); String ticket = authenticationService.getCurrentTicket();
@@ -827,13 +825,72 @@ public class AuthenticationTest extends TestCase
// destroy the ticket instance // destroy the ticket instance
authenticationService.invalidateTicket(ticket); authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication(); Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null) if (current != null)
{ {
assertTrue(current.isAuthenticated()); assertTrue(current.isAuthenticated());
} }
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.updateAuthentication("Andy", "auth4".toCharArray(), "auth5".toCharArray());
authenticationService.authenticate("Andy", "auth5".toCharArray());
// clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName());
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAuthenticationService0()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
assertTrue(current.isAuthenticated());
}
authenticationService.authenticate("Andy", "auth4".toCharArray());
// clear any context and check we are no longer authenticated // clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext(); authenticationService.clearCurrentSecurityContext();
@@ -927,7 +984,6 @@ public class AuthenticationTest extends TestCase
// authenticate again to assert password changed // authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try try
{ {
pubAuthenticationService.authenticate("Andy", "auth2".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth2".toCharArray());
@@ -939,8 +995,6 @@ public class AuthenticationTest extends TestCase
} }
} }
public void testPubAuthenticationService3() public void testPubAuthenticationService3()
{ {
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
@@ -978,7 +1032,6 @@ public class AuthenticationTest extends TestCase
// authenticate again to assert password changed // authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication // get the ticket that represents the current user authentication
// instance // instance
@@ -1004,8 +1057,8 @@ public class AuthenticationTest extends TestCase
public void testPubAuthenticationService() public void testPubAuthenticationService()
{ {
//pubAuthenticationService.authenticateAsGuest(); // pubAuthenticationService.authenticateAsGuest();
//authenticationComponent.clearCurrentSecurityContext(); // authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
@@ -1018,13 +1071,10 @@ public class AuthenticationTest extends TestCase
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest(); pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user // create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
@@ -1065,13 +1115,88 @@ public class AuthenticationTest extends TestCase
} }
public void testPubAuthenticationService0()
{
// pubAuthenticationService.authenticateAsGuest();
// authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth4".toCharArray());
try
{
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
fail("Should not be able to update");
}
catch(AuthenticationException ae)
{
}
}
public void testAbstractAuthenticationComponentGuestUserSupport() public void testAbstractAuthenticationComponentGuestUserSupport()
{ {
authenticationComponent.setGuestUserAsCurrentUser(); authenticationComponent.setGuestUserAsCurrentUser();
assertEquals(authenticationComponent.getCurrentUserName(), authenticationComponent.getGuestUserName()); assertEquals(authenticationComponent.getCurrentUserName(), authenticationComponent.getGuestUserName());
} }
public void testPassThroughLogin() public void testPassThroughLogin()
{ {
authenticationService.createAuthentication("Andy", "auth1".toCharArray()); authenticationService.createAuthentication("Andy", "auth1".toCharArray());
@@ -1079,7 +1204,7 @@ public class AuthenticationTest extends TestCase
authenticationComponent.setCurrentUser("Andy"); authenticationComponent.setCurrentUser("Andy");
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName()); assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
//authenticationService.deleteAuthentication("andy"); // authenticationService.deleteAuthentication("andy");
} }
private String getUserName(Authentication authentication) private String getUserName(Authentication authentication)