inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-06-30 18:15:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
alfresco-community-repo/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
Dave Ward 0465e9b101 Merged V3.3-BUG-FIX to HEAD 
20954: Calendar Dashlet updates. Fixes: ALF-2907 (meeting workspace issue)
   20968: Minor VersionableAspect fix to onDeleteNode policy firing (follow-on for r19507)
   20981: Removed Install Jammer installers from V3.3.3
   20982: AVMTestSuite - run PurgeTestP after AVMServiceTest (investigating ALF-3611)
   20997: Fix for ALF-2605 - updated share-config-custom.xml.sample and removed obsolete extension files
   21030: Pulled XAMConnector AMP into main 3.3SP3 codeline.  Apart from build changes (incl. EOL), there are no repo changes.
   21032: StoreSelector passes through NodeContentContext allowing stores access to node information
   21036: Fix ALF-245: Can't delete space that contains "translation without content"
      - Delete triggers 'unmakeTranslation'
      - Empty translations are marked with sys:temporary before being deleted
   21051: More on fix ALF-245.  Reduced complexity by not deleting empty translations twice
   21064: Merged V3.3 to V3.3-BUG_FIX
      20898: Merged HEAD to V3.3
         20724: AVMTestSuite - temporarily comment out PurgeTestP
            - TODO: investigate intermittent test failure
      20903: Incremented version revision
      20921: AVM - fix purge store so that vr nodes are actually orphaned (ALF-3627)
      20952: Fix for ALF-3704: Module conflict - Alfresco web client config property page missing metadata. 
         This is application of a fix made to the config service in a hotfix. The change provides a deterministic load order for config files loaded via the ConfigBootstrap spring bean. More importantly it means that config files loaded by modules on different machines in a cluster load in the same order.

         The forms client and AWE config files have been updated to take advantage of the new loading order.
      21061: Merged PATCHES/V3.1.2 to V3.3 (RECORD ONLY)
         20890: ALF-3687: Apply LUCENE-1383 patch to Lucene 2.1.0 to reduce memory leaks from ThreadLocals
         20891: ALF-3687: Build classpath fix
         20892: Incremented version label
      21062: Merged PATCHES/V3.2.1 to V3.3
         20897: (RECORD ONLY) Incremented version label
         20901: (RECORD ONLY) ALF-3740: Merged V3.3 to PATCHES/V3.2.1
            20524: VersionMigrator - option to run as scheduled job (ALF-1000)
         20904: (RECORD ONLY) ALF-3732: Merged PATCHES/V3.2.r to PATCHES/V3.2.1
            19803: ALF-558: File servers (CIFS / FTP / NFS) can now handle concurrent write operations on Alfresco repository
               - ContentDiskDriver / AVMDiskDriver now use retrying transactions for write operations
               - Disable EagerContentStoreCleaner on ContentDiskDriver / AVMDiskDriver closeFile() operations so that they may be retried after rollback (Sony zero byte problem)
               - Allow manual association of AVM ContentData with nodes so that closeFile() may be retried
               - Propagation of new argument through AVM interfaces
         20905: (RECORD ONLY) ALF-3732: Rolled back the now unnecessary reference()/dereference() stuff from ALF-558
         20906: (RECORD ONLY) ALF-3732: Merged DEV/V3.3-BUG-FIX to PATCHES/V3.2.1
            20623: Fix for ALF-3188 : Access Denied when updating doc via CIFS
         20907: (RECORD ONLY) ALF-3732: Merged V3.3 to PATCHES/V3.2.1
            20173: Propagate IOExceptions from retryable write transactions in AlfrescoDiskDriver
         20950: ALF-3779: Upgrades on large repositories from v2.1 and v2.2 were failing on MySQL due to "The total number of locks exceeds the lock table size" errors
            - Solution was to add support for new --BEGIN TXN and --END TXN comments and execute LOCK TABLES statements in the same transaction as large INSERT - SELECT statements.
         20990: ALF-3789: Concurrency issues with InMemoryTicketComponentImpl
            - Previous ETHREEOH-1842 method of caching web session 'ref counts' against tickets could cause tickets to unpredictably fall out of the transactional cache
            - Rolled back original ETHREEOH-1842 fix. Would be too much overhead to keep these ref counts consistent across a cluster.
            - Instead, avoid invalidating tickets on web session timeout and only do it on explicit log out.
            - Now tickets maintained in non-transactional shared cache so they can't drop out unpredictably
            - Logic for ticket inactivity timeout caching improved so that it should work across a cluster
         20991: (RECORD ONLY) Incremented version label
         20993: ALF-3789: Fixed Spring configuration backward compatibily issue with previous fix
            - Ticket cache bean name restored to ticketsCache. This is actually now a non-transactional cache.
            - Also externalized parameters so that they can now be controlled by alfresco-global.properties without any bean overrides
               authentication.ticket.ticketsExpire=false
               authentication.ticket.expiryMode=AFTER_FIXED_TIME
               authentication.ticket.validDuration=PT1H
         20994: Eclipse classpath fixes for unit testing after ant build
         21057: ALF-3592: PassthruCifsAuthenticator now auto-creates / imports users who do not already exist in Alfresco
            - At least one of the following properties must be true for this to happen
               synchronization.autoCreatePeopleOnLogin
               synchronization.syncWhenMissingPeopleLogIn
            - Also improved debug logging of unknown passthru domains
      21063: Merged PATCHES/V3.2.r to V3.3
         21037: ALF-3793: Final attempt at realigning saved XForm data with a modified Schema
            - removeRemovedNodes / insertUpdatedNodes / insertPrototypeNodes replaced by a one stop recursive process that builds a new instance tree from scratch
            - Nodes copied over in correct order
            - Missing nodes added in and extra nodes discarded
            - Prototype nodes appended at appropriate points
         21038: (RECORD ONLY) Incremented version label


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21065 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2010-07-11 14:22:26 +00:00

1663 lines
63 KiB
Java
Raw Blame History

/*
* Copyright (C) 2005-2010 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.repo.security.authentication;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.transaction.Status;
import javax.transaction.UserTransaction;
import junit.framework.TestCase;
import net.sf.acegisecurity.AccountExpiredException;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationManager;
import net.sf.acegisecurity.BadCredentialsException;
import net.sf.acegisecurity.CredentialsExpiredException;
import net.sf.acegisecurity.DisabledException;
import net.sf.acegisecurity.LockedException;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.management.subsystems.ChildApplicationContextManager;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.ExpiryMode;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket;
import org.alfresco.repo.security.person.UserNameMatcher;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.search.SearchService;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.namespace.DynamicNamespacePrefixResolver;
import org.alfresco.service.namespace.NamespacePrefixResolver;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.ApplicationContextHelper;
import org.hibernate.dialect.Dialect;
import org.hibernate.dialect.PostgreSQLDialect;
import org.springframework.context.ApplicationContext;
@SuppressWarnings("unchecked")
public class AuthenticationTest extends TestCase
{
private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
private NodeService nodeService;
private TenantService tenantService;
private SearchService searchService;
private NodeRef rootNodeRef;
private NodeRef systemNodeRef;
private NodeRef typesNodeRef;
private NodeRef personAndyNodeRef;
private DictionaryService dictionaryService;
private MD4PasswordEncoder passwordEncoder;
private MutableAuthenticationDao dao;
private AuthenticationManager authenticationManager;
private TicketComponent ticketComponent;
private SimpleCache<String, Ticket> ticketsCache;
private MutableAuthenticationService authenticationService;
private MutableAuthenticationService pubAuthenticationService;
private AuthenticationComponent authenticationComponent;
private UserTransaction userTransaction;
private AuthenticationComponent authenticationComponentImpl;
private TransactionService transactionService;
private PersonService pubPersonService;
private PersonService personService;
private UserNameMatcher userNameMatcher;
// TODO: pending replacement
private Dialect dialect;
public AuthenticationTest()
{
super();
}
public AuthenticationTest(String arg0)
{
super(arg0);
}
public void setUp() throws Exception
{
dialect = (Dialect) ctx.getBean("dialect");
nodeService = (NodeService) ctx.getBean("nodeService");
tenantService = (TenantService) ctx.getBean("tenantService");
searchService = (SearchService) ctx.getBean("searchService");
dictionaryService = (DictionaryService) ctx.getBean("dictionaryService");
passwordEncoder = (MD4PasswordEncoder) ctx.getBean("passwordEncoder");
ticketComponent = (TicketComponent) ctx.getBean("ticketComponent");
authenticationService = (MutableAuthenticationService) ctx.getBean("authenticationService");
pubAuthenticationService = (MutableAuthenticationService) ctx.getBean("AuthenticationService");
authenticationComponent = (AuthenticationComponent) ctx.getBean("authenticationComponent");
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponent");
pubPersonService = (PersonService) ctx.getBean("PersonService");
personService = (PersonService) ctx.getBean("personService");
userNameMatcher = (UserNameMatcher) ctx.getBean("userNameMatcher");
// permissionServiceSPI = (PermissionServiceSPI)
// ctx.getBean("permissionService");
ticketsCache = (SimpleCache<String, Ticket>) ctx.getBean("ticketsCache");
dao = (MutableAuthenticationDao) ctx.getBean("authenticationDao");
// Let's look inside the alfresco authentication subsystem to get the DAO-wired authentication manager
ChildApplicationContextManager authenticationChain = (ChildApplicationContextManager) ctx.getBean("Authentication");
ApplicationContext subsystem = authenticationChain.getApplicationContext(authenticationChain.getInstanceIds().iterator().next());
authenticationManager = (AuthenticationManager) subsystem.getBean("authenticationManager");
transactionService = (TransactionService) ctx.getBean(ServiceRegistry.TRANSACTION_SERVICE.getLocalName());
userTransaction = transactionService.getUserTransaction();
userTransaction.begin();
StoreRef storeRef = nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.currentTimeMillis());
rootNodeRef = nodeService.getRootNode(storeRef);
QName children = ContentModel.ASSOC_CHILDREN;
QName system = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "system");
QName container = ContentModel.TYPE_CONTAINER;
QName types = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "people");
systemNodeRef = nodeService.createNode(rootNodeRef, children, system, container).getChildRef();
typesNodeRef = nodeService.createNode(systemNodeRef, children, types, container).getChildRef();
Map<QName, Serializable> props = createPersonProperties("Andy");
personAndyNodeRef = nodeService.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props).getChildRef();
assertNotNull(personAndyNodeRef);
deleteAndy();
authenticationComponent.clearCurrentSecurityContext();
}
private void deleteAndy()
{
RepositoryAuthenticationDao dao = new RepositoryAuthenticationDao();
dao.setTenantService(tenantService);
dao.setNodeService(nodeService);
dao.setSearchService(searchService);
dao.setDictionaryService(dictionaryService);
dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder);
dao.setUserNameMatcher(userNameMatcher);
dao.setRetryingTransactionHelper(transactionService.getRetryingTransactionHelper());
if (dao.getUserOrNull("andy") != null)
{
dao.deleteUser("andy");
}
if(personService.personExists("andy"))
{
personService.deletePerson("andy");
}
}
@Override
protected void tearDown() throws Exception
{
if ((userTransaction.getStatus() == Status.STATUS_ACTIVE) || (userTransaction.getStatus() == Status.STATUS_MARKED_ROLLBACK))
{
userTransaction.rollback();
}
AuthenticationUtil.clearCurrentSecurityContext();
super.tearDown();
}
private Map<QName, Serializable> createPersonProperties(String userName)
{
HashMap<QName, Serializable> properties = new HashMap<QName, Serializable>();
properties.put(ContentModel.PROP_USERNAME, "Andy");
return properties;
}
public void testSystemTicket() throws Exception
{
assertNull(AuthenticationUtil.getFullAuthentication());
assertNull(AuthenticationUtil.getRunAsAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("andy", "andy".toCharArray());
pubAuthenticationService.clearCurrentSecurityContext();
assertNull(AuthenticationUtil.getFullAuthentication());
assertNull(AuthenticationUtil.getRunAsAuthentication());
// Authenticate
pubAuthenticationService.authenticate("andy", "andy".toCharArray());
// Get current user name
String userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
// Get ticket
String ticket = pubAuthenticationService.getCurrentTicket();
assertEquals("andy", ticketComponent.getAuthorityForTicket(ticket));
// Get logged in user ...
// Get userName
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
// get Person
assertTrue(pubPersonService.personExists(userName));
AuthenticationUtil.runAs(new RunAsWork() {
public Object doWork() throws Exception
{
// TODO Auto-generated method stub
assertEquals("andy", ticketComponent.getAuthorityForTicket(pubAuthenticationService.getCurrentTicket()));
return null;
}}, AuthenticationUtil.getSystemUserName());
pubPersonService.getPerson(userName);
assertTrue(pubPersonService.personExists(userName));
// re-getTicket
String newticket = pubAuthenticationService.getCurrentTicket();
assertEquals(ticket, newticket);
assertEquals("andy", ticketComponent.getAuthorityForTicket(newticket));
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
// new TX
//userTransaction.commit();
//userTransaction = transactionService.getUserTransaction();
//userTransaction.begin();
pubAuthenticationService.validate(ticket);
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
pubAuthenticationService.validate(newticket);
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
}
public void xtestScalability()
{
long create = 0;
long start;
long end;
authenticationComponent.authenticate(AuthenticationUtil.getAdminUserName(), "admin".toCharArray());
for (int i = 0; i < 10000; i++)
{
String id = "TestUser-" + i;
start = System.nanoTime();
authenticationService.createAuthentication(id, id.toCharArray());
end = System.nanoTime();
create += (end - start);
if ((i > 0) && (i % 100 == 0))
{
System.out.println("Count = " + i);
System.out.println("Average create : " + (create / i / 1000000.0f));
start = System.nanoTime();
dao.userExists(id);
end = System.nanoTime();
System.out.println("Exists : " + ((end - start) / 1000000.0f));
}
}
authenticationComponent.clearCurrentSecurityContext();
}
public void c()
{
try
{
authenticationService.authenticate("", "".toCharArray());
}
catch (AuthenticationException e)
{
// Expected
}
}
public void testNewTicketOnLogin()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
String ticket1 = pubAuthenticationService.getCurrentTicket();
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
assertFalse(ticket1.equals(pubAuthenticationService.getCurrentTicket()));
}
public void testGuest()
{
authenticationService.authenticate(AuthenticationUtil.getGuestUserName(), "".toCharArray());
}
public void testCreateUsers()
{
authenticationService.createAuthentication(AuthenticationUtil.getGuestUserName(), "".toCharArray());
authenticationService.authenticate(AuthenticationUtil.getGuestUserName(), "".toCharArray());
// Guest is treated like any other user
assertEquals(AuthenticationUtil.getGuestUserName(), authenticationService.getCurrentUserName());
authenticationService.createAuthentication("Andy", "".toCharArray());
authenticationService.authenticate("Andy", "".toCharArray());
assertEquals("Andy", authenticationService.getCurrentUserName());
if (! tenantService.isEnabled())
{
authenticationService.createAuthentication("Mr.Woof.Banana@chocolate.chip.cookie.com", "".toCharArray());
authenticationService.authenticate("Mr.Woof.Banana@chocolate.chip.cookie.com", "".toCharArray());
assertEquals("Mr.Woof.Banana@chocolate.chip.cookie.com", authenticationService.getCurrentUserName());
}
else
{
// TODO - could create tenant domain 'chocolate.chip.cookie.com'
}
authenticationService.createAuthentication("Andy_Woof/Domain", "".toCharArray());
authenticationService.authenticate("Andy_Woof/Domain", "".toCharArray());
assertEquals("Andy_Woof/Domain", authenticationService.getCurrentUserName());
authenticationService.createAuthentication("Andy_ Woof/Domain", "".toCharArray());
authenticationService.authenticate("Andy_ Woof/Domain", "".toCharArray());
assertEquals("Andy_ Woof/Domain", authenticationService.getCurrentUserName());
if (! tenantService.isEnabled())
{
String un = "Andy `\u00ac\u00a6!\u00a3$%^&*()-_=+\t\n\u0000[]{};'#:@~,./<>?|";
if (dialect instanceof PostgreSQLDialect)
{
// Note: PostgreSQL does not support \u0000 char embedded in a string
// http://archives.postgresql.org/pgsql-jdbc/2007-02/msg00115.php
un = "Andy `\u00ac\u00a6!\u00a3$%^&*()-_=+\t\n[]{};'#:@~,./<>?|";
}
authenticationService.createAuthentication(un, "".toCharArray());
authenticationService.authenticate(un, "".toCharArray());
assertEquals(un, authenticationService.getCurrentUserName());
}
else
{
// tenant domain ~,./<>?\\| is not valid format"
}
}
public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException
{
RepositoryAuthenticationDao dao = new RepositoryAuthenticationDao();
dao.setTenantService(tenantService);
dao.setNodeService(nodeService);
dao.setSearchService(searchService);
dao.setDictionaryService(dictionaryService);
dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder);
dao.setUserNameMatcher(userNameMatcher);
dao.setRetryingTransactionHelper(transactionService.getRetryingTransactionHelper());
dao.createUser("Andy", "cabbage".toCharArray());
assertNotNull(dao.getUserOrNull("Andy"));
byte[] decodedHash = passwordEncoder.decodeHash(dao.getMD4HashedPassword("Andy"));
byte[] testHash = MessageDigest.getInstance("MD4").digest("cabbage".getBytes("UnicodeLittleUnmarked"));
assertEquals(new String(decodedHash), new String(testHash));
UserDetails AndyDetails = (UserDetails) dao.loadUserByUsername("Andy");
assertNotNull(AndyDetails);
assertEquals("Andy", AndyDetails.getUsername());
// assertNotNull(dao.getSalt(AndyDetails));
assertTrue(AndyDetails.isAccountNonExpired());
assertTrue(AndyDetails.isAccountNonLocked());
assertTrue(AndyDetails.isCredentialsNonExpired());
assertTrue(AndyDetails.isEnabled());
assertNotSame("cabbage", AndyDetails.getPassword());
assertEquals(AndyDetails.getPassword(), passwordEncoder.encodePassword("cabbage", dao.getSalt(AndyDetails)));
assertEquals(1, AndyDetails.getAuthorities().length);
// Object oldSalt = dao.getSalt(AndyDetails);
dao.updateUser("Andy", "carrot".toCharArray());
UserDetails newDetails = (UserDetails) dao.loadUserByUsername("Andy");
assertNotNull(newDetails);
assertEquals("Andy", newDetails.getUsername());
// assertNotNull(dao.getSalt(newDetails));
assertTrue(newDetails.isAccountNonExpired());
assertTrue(newDetails.isAccountNonLocked());
assertTrue(newDetails.isCredentialsNonExpired());
assertTrue(newDetails.isEnabled());
assertNotSame("carrot", newDetails.getPassword());
assertEquals(1, newDetails.getAuthorities().length);
assertNotSame(AndyDetails.getPassword(), newDetails.getPassword());
// assertNotSame(oldSalt, dao.getSalt(newDetails));
dao.deleteUser("Andy");
assertNull(dao.getUserOrNull("Andy"));
MessageDigest digester;
try
{
digester = MessageDigest.getInstance("MD4");
System.out.println("Digester from " + digester.getProvider());
}
catch (NoSuchAlgorithmException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
System.out.println("No digester");
}
}
public void testAuthentication()
{
dao.createUser("GUEST", "".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("GUEST", "");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.createUser("Andy", "squash".toCharArray());
token = new UsernamePasswordAuthenticationToken("Andy", "squash");
token.setAuthenticated(false);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setEnabled("Andy", false);
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (DisabledException e)
{
// Expected
}
dao.setEnabled("Andy", true);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setLocked("Andy", true);
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (LockedException e)
{
// Expected
}
dao.setLocked("Andy", false);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpires("Andy", true);
dao.setCredentialsExpire("Andy", true);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpiryDate("Andy", null);
dao.setCredentialsExpiryDate("Andy", null);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpiryDate("Andy", new Date(new Date().getTime() + 10000));
dao.setCredentialsExpiryDate("Andy", new Date(new Date().getTime() + 10000));
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpiryDate("Andy", new Date(new Date().getTime() - 10000));
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (AccountExpiredException e)
{
// Expected
}
dao.setAccountExpiryDate("Andy", new Date(new Date().getTime() + 10000));
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setCredentialsExpiryDate("Andy", new Date(new Date().getTime() - 10000));
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (CredentialsExpiredException e)
{
// Expected
}
dao.setCredentialsExpiryDate("Andy", new Date(new Date().getTime() + 10000));
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testCreateAuthenticationWhileRunningAsSystem() throws Exception
{
RunAsWork<Object> authWorkAsMuppet = new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
RunAsWork<Object> authWorkAsSystem = new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
RetryingTransactionCallback<Object> txnWork = new RetryingTransactionCallback<Object>()
{
public Object execute() throws Throwable
{
pubAuthenticationService.createAuthentication("blah", "pwd".toCharArray());
pubAuthenticationService.deleteAuthentication("blah");
return null;
}
};
return transactionService.getRetryingTransactionHelper().doInTransaction(txnWork, false, true);
}
};
return AuthenticationUtil.runAs(authWorkAsSystem, AuthenticationUtil.getSystemUserName());
}
};
AuthenticationUtil.runAs(authWorkAsMuppet, "muppet");
}
public void testPushAndPopAuthentication() throws Exception
{
AuthenticationUtil.setFullyAuthenticatedUser("user1");
assertEquals("user1", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user1", AuthenticationUtil.getRunAsUser());
AuthenticationUtil.setRunAsUser("user2");
assertEquals("user1", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user2", AuthenticationUtil.getRunAsUser());
AuthenticationUtil.pushAuthentication();
AuthenticationUtil.setFullyAuthenticatedUser("user3");
AuthenticationUtil.setRunAsUser("user4");
assertEquals("user3", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user4", AuthenticationUtil.getRunAsUser());
AuthenticationUtil.popAuthentication();
assertEquals("user1", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user2", AuthenticationUtil.getRunAsUser());
}
public void testAuthenticationFailure()
{
dao.createUser("Andy", "squash".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "turnip");
token.setAuthenticated(false);
try
{
Authentication result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (BadCredentialsException e)
{
// Expected
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicket()
{
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = ticketComponent.getNewTicket(getUserName(result));
String user = ticketComponent.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
user = null;
try
{
user = ticketComponent.validateTicket("INVALID");
assertNotNull(null);
}
catch (AuthenticationException e)
{
assertNull(user);
}
ticketComponent.invalidateTicketById(ticket);
try
{
user = ticketComponent.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketRepeat()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(false);
tc.setValidDuration("P0D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketOneOff()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(true);
tc.setTicketsExpire(false);
tc.setValidDuration("P0D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertTrue(!ticketComponent.getCurrentTicket("Andy", true).equals(ticket));
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketExpiryMode()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P5S");
tc.setTicketsCache(ticketsCache);
tc.setExpiryMode(ExpiryMode.AFTER_FIXED_TIME.toString());
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
tc.setExpiryMode(ExpiryMode.AFTER_INACTIVITY.toString());
ticket = tc.getNewTicket(getUserName(result));
for (int i = 0; i < 50; i++)
{
synchronized (this)
{
try
{
wait(100);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
tc.validateTicket(ticket);
}
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketExpires()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P5S");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketDoesNotExpire()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P1D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAuthenticationServiceGetNewTicket()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
String ticket1 = authenticationService.getCurrentTicket();
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
String ticket2 = authenticationService.getCurrentTicket();
assertFalse(ticket1.equals(ticket2));
}
public void testAuthenticationService1()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
authenticationService.authenticate("Andy", "auth1".toCharArray());
fail("Authentication should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService2()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
authenticationService.authenticate("Andy", "auth2".toCharArray());
fail("Authentication should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService3()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
try
{
authenticationService.validate(ticket);
fail("Invalid taicket should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService4()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.clearCurrentSecurityContext();
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
// Still authentication
assertTrue(current.isAuthenticated());
}
try
{
authenticationService.validate(ticket);
fail("Invalid ticket should have been rejected");
}
catch (AuthenticationException e)
{
assertNull(authenticationComponentImpl.getCurrentAuthentication());
}
}
public void testAuthenticationService()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
assertTrue(current.isAuthenticated());
}
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.updateAuthentication("Andy", "auth4".toCharArray(), "auth5".toCharArray());
authenticationService.authenticate("Andy", "auth5".toCharArray());
// clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName());
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAuthenticationService0()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
assertTrue(current.isAuthenticated());
}
authenticationService.authenticate("Andy", "auth4".toCharArray());
// clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName());
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testPubAuthenticationService1()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
fail("Authentication should fail");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService2()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
pubAuthenticationService.authenticate("Andy", "auth2".toCharArray());
fail("Authentication should fail");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService3()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
try
{
pubAuthenticationService.validate(ticket);
fail("Ticket should not validate");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService()
{
// pubAuthenticationService.authenticateAsGuest();
// authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
}
public void testPubAuthenticationService0()
{
// pubAuthenticationService.authenticateAsGuest();
// authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth4".toCharArray());
try
{
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
fail("Should not be able to update");
}
catch (AuthenticationException ae)
{
}
}
public void testAbstractAuthenticationComponentGuestUserSupport()
{
authenticationComponent.setGuestUserAsCurrentUser();
assertEquals(authenticationComponent.getCurrentUserName(), authenticationComponent.getGuestUserName());
}
public void testPassThroughLogin()
{
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.setCurrentUser("Andy");
assertEquals("Andy", authenticationService.getCurrentUserName());
// authenticationService.deleteAuthentication("andy");
}
private String getUserName(Authentication authentication)
{
String username = authentication.getPrincipal().toString();
if (authentication.getPrincipal() instanceof UserDetails)
{
username = ((UserDetails) authentication.getPrincipal()).getUsername();
}
return username;
}
private NamespacePrefixResolver getNamespacePrefixReolsver(String defaultURI)
{
DynamicNamespacePrefixResolver nspr = new DynamicNamespacePrefixResolver(null);
nspr.registerNamespace(NamespaceService.SYSTEM_MODEL_PREFIX, NamespaceService.SYSTEM_MODEL_1_0_URI);
nspr.registerNamespace(NamespaceService.CONTENT_MODEL_PREFIX, NamespaceService.CONTENT_MODEL_1_0_URI);
nspr.registerNamespace(ContentModel.USER_MODEL_PREFIX, ContentModel.USER_MODEL_URI);
nspr.registerNamespace("namespace", "namespace");
nspr.registerNamespace(NamespaceService.DEFAULT_PREFIX, defaultURI);
return nspr;
}
}
Reference in New Issue View Git Blame Copy Permalink