inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixes and tests for updateAuthentication

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2770 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2006-05-05 10:10:25 +00:00
parent ed72f5c7c2
commit 84e464eab4
3 changed files with 221 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/alfresco/public-services-security-context.xml
View File

@@ -586,6 +586,7 @@
<!-- Authentication is excluded as it sets or cleas authentication --> <!-- Authentication is excluded as it sets or cleas authentication -->
<!-- The same for validate ticaket --> <!-- The same for validate ticaket -->
<!-- Update authentication checks internally -->
<bean id="AuthenticationService_security" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <bean id="AuthenticationService_security" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property> <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>

9
source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java
View File

@@ -65,6 +65,15 @@ public class AuthenticationServiceImpl implements AuthenticationService
public void updateAuthentication(String userName, char[] oldPassword, char[] newPassword) public void updateAuthentication(String userName, char[] oldPassword, char[] newPassword)
throws AuthenticationException throws AuthenticationException
{ {
String currentUser = AuthenticationUtil.getCurrentUserName();
try
{
authenticate(userName, oldPassword);
}
finally
{
AuthenticationUtil.setCurrentUser(currentUser);
}
authenticationDao.updateUser(userName, newPassword); authenticationDao.updateUser(userName, newPassword);
} }

297
source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -58,7 +58,7 @@ import org.springframework.context.ApplicationContext;
public class AuthenticationTest extends TestCase public class AuthenticationTest extends TestCase
{ {
private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext(); private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
private NodeService nodeService; private NodeService nodeService;
private SearchService searchService; private SearchService searchService;
@@ -84,11 +84,11 @@ public class AuthenticationTest extends TestCase
private TicketComponent ticketComponent; private TicketComponent ticketComponent;
private AuthenticationService authenticationService; private AuthenticationService authenticationService;
private AuthenticationService pubAuthenticationService; private AuthenticationService pubAuthenticationService;
private AuthenticationComponent authenticationComponent; private AuthenticationComponent authenticationComponent;
private PermissionServiceSPI permissionServiceSPI; private PermissionServiceSPI permissionServiceSPI;
private UserTransaction userTransaction; private UserTransaction userTransaction;
@@ -118,7 +118,6 @@ public class AuthenticationTest extends TestCase
authenticationComponent = (AuthenticationComponent) ctx.getBean("authenticationComponent"); authenticationComponent = (AuthenticationComponent) ctx.getBean("authenticationComponent");
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponentImpl"); authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponentImpl");
permissionServiceSPI = (PermissionServiceSPI) ctx.getBean("permissionService"); permissionServiceSPI = (PermissionServiceSPI) ctx.getBean("permissionService");
dao = (MutableAuthenticationDao) ctx.getBean("alfDaoImpl"); dao = (MutableAuthenticationDao) ctx.getBean("alfDaoImpl");
authenticationManager = (AuthenticationManager) ctx.getBean("authenticationManager"); authenticationManager = (AuthenticationManager) ctx.getBean("authenticationManager");
@@ -157,8 +156,8 @@ public class AuthenticationTest extends TestCase
dao.setDictionaryService(dictionaryService); dao.setDictionaryService(dictionaryService);
dao.setNamespaceService(getNamespacePrefixReolsver("")); dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder); dao.setPasswordEncoder(passwordEncoder);
if(dao.getUserOrNull("andy") != null) if (dao.getUserOrNull("andy") != null)
{ {
dao.deleteUser("andy"); dao.deleteUser("andy");
} }
@@ -179,36 +178,35 @@ public class AuthenticationTest extends TestCase
return properties; return properties;
} }
public void xtestScalability()
public void xtestScalability()
{ {
long create = 0; long create = 0;
long count = 0; long count = 0;
long start; long start;
long end; long end;
authenticationComponent.authenticate("admin", "admin".toCharArray()); authenticationComponent.authenticate("admin", "admin".toCharArray());
for(int i = 0; i < 10000; i++) for (int i = 0; i < 10000; i++)
{ {
String id = "TestUser-"+i; String id = "TestUser-" + i;
start = System.nanoTime(); start = System.nanoTime();
authenticationService.createAuthentication(id, id.toCharArray()); authenticationService.createAuthentication(id, id.toCharArray());
end = System.nanoTime(); end = System.nanoTime();
create += (end - start); create += (end - start);
if((i > 0) && (i % 100 == 0)) if ((i > 0) && (i % 100 == 0))
{ {
System.out.println("Count = "+i); System.out.println("Count = " + i);
System.out.println("Average create : "+(create/i/1000000.0f)); System.out.println("Average create : " + (create / i / 1000000.0f));
start = System.nanoTime(); start = System.nanoTime();
dao.userExists(id); dao.userExists(id);
end = System.nanoTime(); end = System.nanoTime();
System.out.println("Exists : "+((end-start)/1000000.0f)); System.out.println("Exists : " + ((end - start) / 1000000.0f));
} }
} }
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
} }
public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException
{ {
RepositoryAuthenticationDao dao = new RepositoryAuthenticationDao(); RepositoryAuthenticationDao dao = new RepositoryAuthenticationDao();
@@ -505,7 +503,7 @@ public class AuthenticationTest extends TestCase
tc.validateTicket(ticket); tc.validateTicket(ticket);
tc.validateTicket(ticket); tc.validateTicket(ticket);
tc.validateTicket(ticket); tc.validateTicket(ticket);
synchronized (this) synchronized (this)
{ {
try try
@@ -527,7 +525,7 @@ public class AuthenticationTest extends TestCase
{ {
} }
try try
{ {
tc.validateTicket(ticket); tc.validateTicket(ticket);
@@ -537,7 +535,7 @@ public class AuthenticationTest extends TestCase
{ {
} }
try try
{ {
tc.validateTicket(ticket); tc.validateTicket(ticket);
@@ -547,8 +545,7 @@ public class AuthenticationTest extends TestCase
{ {
} }
synchronized (this) synchronized (this)
{ {
try try
@@ -561,7 +558,7 @@ public class AuthenticationTest extends TestCase
e.printStackTrace(); e.printStackTrace();
} }
} }
try try
{ {
tc.validateTicket(ticket); tc.validateTicket(ticket);
@@ -614,7 +611,7 @@ public class AuthenticationTest extends TestCase
// assertNull(dao.getUserOrNull("Andy")); // assertNull(dao.getUserOrNull("Andy"));
} }
public void testAuthenticationService1() public void testAuthenticationService1()
{ {
authenticationService.createAuthentication("GUEST", "".toCharArray()); authenticationService.createAuthentication("GUEST", "".toCharArray());
@@ -650,7 +647,7 @@ public class AuthenticationTest extends TestCase
} }
} }
public void testAuthenticationService2() public void testAuthenticationService2()
{ {
authenticationService.createAuthentication("GUEST", "".toCharArray()); authenticationService.createAuthentication("GUEST", "".toCharArray());
@@ -686,9 +683,7 @@ public class AuthenticationTest extends TestCase
} }
} }
public void testAuthenticationService3() public void testAuthenticationService3()
{ {
authenticationService.createAuthentication("GUEST", "".toCharArray()); authenticationService.createAuthentication("GUEST", "".toCharArray());
@@ -732,9 +727,9 @@ public class AuthenticationTest extends TestCase
{ {
} }
} }
public void testAuthenticationService4() public void testAuthenticationService4()
{ {
authenticationService.createAuthentication("GUEST", "".toCharArray()); authenticationService.createAuthentication("GUEST", "".toCharArray());
@@ -765,15 +760,15 @@ public class AuthenticationTest extends TestCase
// instance // instance
String ticket = authenticationService.getCurrentTicket(); String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid // validate our ticket is still valid
authenticationService.clearCurrentSecurityContext(); authenticationService.clearCurrentSecurityContext();
authenticationService.validate(ticket); authenticationService.validate(ticket);
// destroy the ticket instance // destroy the ticket instance
authenticationService.invalidateTicket(ticket); authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication(); Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null) if (current != null)
{ {
// Still authentication // Still authentication
assertTrue(current.isAuthenticated()); assertTrue(current.isAuthenticated());
@@ -790,7 +785,7 @@ public class AuthenticationTest extends TestCase
} }
} }
public void testAuthenticationService() public void testAuthenticationService()
{ {
authenticationService.createAuthentication("GUEST", "".toCharArray()); authenticationService.createAuthentication("GUEST", "".toCharArray());
@@ -816,8 +811,11 @@ public class AuthenticationTest extends TestCase
// authenticate again to assert password changed // authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray()); authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.authenticate("Andy", "auth3".toCharArray()); authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication // get the ticket that represents the current user authentication
// instance // instance
String ticket = authenticationService.getCurrentTicket(); String ticket = authenticationService.getCurrentTicket();
@@ -826,15 +824,74 @@ public class AuthenticationTest extends TestCase
// destroy the ticket instance // destroy the ticket instance
authenticationService.invalidateTicket(ticket); authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication(); Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null) if (current != null)
{ {
assertTrue(current.isAuthenticated()); assertTrue(current.isAuthenticated());
} }
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.updateAuthentication("Andy", "auth4".toCharArray(), "auth5".toCharArray());
authenticationService.authenticate("Andy", "auth5".toCharArray());
// clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName());
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAuthenticationService0()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
assertTrue(current.isAuthenticated());
}
authenticationService.authenticate("Andy", "auth4".toCharArray());
// clear any context and check we are no longer authenticated // clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext(); authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName()); assertNull(authenticationService.getCurrentUserName());
@@ -845,15 +902,15 @@ public class AuthenticationTest extends TestCase
public void testPubAuthenticationService1() public void testPubAuthenticationService1()
{ {
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray()); pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray()); pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user // create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
@@ -865,13 +922,13 @@ public class AuthenticationTest extends TestCase
// delete the user authentication object // delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext(); pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy"); pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object // create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password // change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray()); pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
@@ -888,20 +945,20 @@ public class AuthenticationTest extends TestCase
{ {
} }
} }
public void testPubAuthenticationService2() public void testPubAuthenticationService2()
{ {
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray()); pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray()); pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user // create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
@@ -913,13 +970,13 @@ public class AuthenticationTest extends TestCase
// delete the user authentication object // delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext(); pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy"); pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object // create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password // change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray()); pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
@@ -927,7 +984,6 @@ public class AuthenticationTest extends TestCase
// authenticate again to assert password changed // authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try try
{ {
pubAuthenticationService.authenticate("Andy", "auth2".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth2".toCharArray());
@@ -938,20 +994,18 @@ public class AuthenticationTest extends TestCase
} }
} }
public void testPubAuthenticationService3() public void testPubAuthenticationService3()
{ {
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray()); pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray()); pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user // create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
@@ -963,13 +1017,13 @@ public class AuthenticationTest extends TestCase
// delete the user authentication object // delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext(); pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy"); pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object // create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password // change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray()); pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
@@ -978,14 +1032,13 @@ public class AuthenticationTest extends TestCase
// authenticate again to assert password changed // authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray()); pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication // get the ticket that represents the current user authentication
// instance // instance
String ticket = pubAuthenticationService.getCurrentTicket(); String ticket = pubAuthenticationService.getCurrentTicket();
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
// validate our ticket is still valid // validate our ticket is still valid
pubAuthenticationService.validate(ticket); pubAuthenticationService.validate(ticket);
@@ -1001,33 +1054,30 @@ public class AuthenticationTest extends TestCase
} }
} }
public void testPubAuthenticationService() public void testPubAuthenticationService()
{ {
//pubAuthenticationService.authenticateAsGuest(); // pubAuthenticationService.authenticateAsGuest();
//authenticationComponent.clearCurrentSecurityContext(); // authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray()); pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticate("GUEST", "".toCharArray()); pubAuthenticationService.authenticate("GUEST", "".toCharArray());
pubAuthenticationService.authenticate("GUEST", "".toCharArray()); pubAuthenticationService.authenticate("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest(); pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication()); assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user // create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
@@ -1039,13 +1089,13 @@ public class AuthenticationTest extends TestCase
// delete the user authentication object // delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext(); pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy"); pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext(); authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object // create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser(); authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray()); pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password // change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray()); pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
@@ -1064,14 +1114,89 @@ public class AuthenticationTest extends TestCase
pubAuthenticationService.invalidateTicket(ticket); pubAuthenticationService.invalidateTicket(ticket);
} }
public void testPubAuthenticationService0()
{
// pubAuthenticationService.authenticateAsGuest();
// authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth4".toCharArray());
try
{
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
fail("Should not be able to update");
}
catch(AuthenticationException ae)
{
}
}
public void testAbstractAuthenticationComponentGuestUserSupport() public void testAbstractAuthenticationComponentGuestUserSupport()
{ {
authenticationComponent.setGuestUserAsCurrentUser(); authenticationComponent.setGuestUserAsCurrentUser();
assertEquals(authenticationComponent.getCurrentUserName(), authenticationComponent.getGuestUserName()); assertEquals(authenticationComponent.getCurrentUserName(), authenticationComponent.getGuestUserName());
} }
public void testPassThroughLogin() public void testPassThroughLogin()
{ {
authenticationService.createAuthentication("Andy", "auth1".toCharArray()); authenticationService.createAuthentication("Andy", "auth1".toCharArray());
@@ -1079,7 +1204,7 @@ public class AuthenticationTest extends TestCase
authenticationComponent.setCurrentUser("Andy"); authenticationComponent.setCurrentUser("Andy");
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName()); assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
//authenticationService.deleteAuthentication("andy"); // authenticationService.deleteAuthentication("andy");
} }
private String getUserName(Authentication authentication) private String getUserName(Authentication authentication)