Dave Ward 37e8680261 Merged V4.1-BUG-FIX to HEAD
43386: ALF-13091: Prevent bean post processor propagation to child application contexts. Remove Jsr250BeanPostPorcessor from the CXF configuration, to prevent strange interaction with component scanning. 
   43402: Merged DEV to V4.1-BUG-FIX
      43330: ALF-16073: Share forms renders is slow when using sets.
      Optimize performance for fieldsVisibleInAnyMode populating in getFields and FormField obtaining in getVisibleFieldNamesFor.
   43412: ALF-16680 ImageMagick exit code 255 is not seen as an error 
   43420: ALF-16627 SOLR indexing does not provide TransformationOption when converting content to plain text for indexing
   43452: Fix for ALF-16296 - On site customization page, when a page containing apostrophe (') is renamed, a backslash (\) is added to the name
   43453: Fix for ALF-16105 - Disabled 'Follow' feature does not disable it for existing users
   43462: ALF-16715 : Merged V3.4-BUG-FIX (3.4.12) to V4.1-BUG-FIX (4.1.3)
      43461: ALF-16713 Cannot disable metadata extractors
   43464: ALF-16715 : Merged V3.4-BUG-FIX (3.4.12) to V4.1-BUG-FIX (4.1.3)
      43463: ALF-16713 Cannot disable metadata extractors
         - fix test failures - none set mimetypeService
   43471: Fix for ALF-16542 - Web application context for the onlineEditUrl variable is hard-coded to alfresco:
   Merged BRANCHES/DEV/CLOUD1_SP to BRANCHES/DEV/V4.1-BUG-FIX
      40565: CLOUD-23: core changes to allow overriding of "edit online" button's URL generation.
   43475: Fix for ALF-15859 - UploadContentServlet servlet /alfresco/upload can update the content, mime type and encoding but not the locale
   43476: Merged DEV to V4.1-BUG-FIX
       43401 : ALF-16587 GreenMail IMAP server does not clean up session handlers - memory leak
   43478: MNT-181: Now WebDAV will ALWAYS preserve the original metadata and versions of ANY node that is temporarily 'moved out' in ANY kind of 'shuffle' operation
   - To make the source node temporarily invisible to WebDAV the client specific HIDDEN aspect features are used
   - WebDAVHelper.isRenameShuffle() method introduced, to parallel ALF-3856 CIFS fix and using similar system.webdav.renameShufflePattern global property to detect the start of a shuffle
   - WebDAVHelper converted to use proper dependency injection
   - CopyMethod has become a simple subclass of MoveMethod as all the hidden aspect munging is done by it
   - DeleteMethod now preserves hidden nodes
   - PropFindMethod now ignores hidden nodes
   - Listing methods will hide hidden nodes from WebDAV
   43483: MNT-181: Corrected typo
   43498: Fix for ALF-16648 - Alfresco Enterprise artifacts in artifacts.alfresco.com do not provide POM files / dependencies declarations:
   Merged HEAD to V4.1-BUG-FIX (4.1.2)
      43380: -- added site content for alfresco-platform-distribution POM
      43379: -- added site documentation for alfresco-platform-distribution POM
      43378: -- added site documentation for alfresco-platform-distribution POM
         -- deployed site for 4.2.b Community at https://artifacts.alfresco.com/nexus/content/repositories/alfresco-docs/alfresco-platform-distribution/latest/index.html
         -- created repository for Enterprise docs and added url in the appropriate edition properties
      43273: Use property to define POI version
      42966: ALF-14353 - Added platform distribution POM to standard maven-deploy procedure
      42965: ALF-14353 - added alfresco-platform-distribution to provide a Maven release descriptor (dependencyManagement) per each Community / Enterprise release
         -- moved maven-ant-tasks not to be in the runtime lib
         -- added platform distribution pom in the SDK folder
         -- updated maven.xml to deploy filter and deploy the appropriate platform-distribution POM per each releae
         -- in maven.xml moved configure-release and configure-snapshot goals to maven-env-prerequisites
         -- updated sdk readme to explain the presence of alfresco-platform-distribution POM
      42912: -- updated README header on the POM specifying it's NOT usable to build Alfresco
         -- make a clear reference to the POMs that get deployed by pom-experimental.xml being usable for development
      42842: ALF-14353: Fix artifactId alfresco-jlan -> alfresco-jlan-embed
      41883: ALF-14353 - fixed multiple Maven build issues. Now mvn clean install -f pom-experimental.xml works fine. Also deployed Spring Surf 1.2.0-SNAPSHOT so proper Surf version is retrieved
      41882: added pre-requisites to build POMs successfully with mvn clean install -f pom-experimental.xml
   43499: Upgrade version in POM files to 4.1.3-SNAPSHOT
   43520: ALF-16694 POI becoming responsiveness and causing jvm to freeze for a while with certain XLS (fraction formats)
      - Patched POI to:
        - limit the length of fractions to four digits (more than that takes too long to process) e.g. "# #/#####" is too long and will be reduced to "# #/####" which still takes about a second!
        - handle the -ve fraction format part (i.e. n in p;n;z), so its length is not interpret as part of the fraction format of the +ve fraction part.
        - handle custom formats a bit better (strip them) rather than interpret the text length as part of the fraction format
        - handle -ve fractions (just did not work)
        - limitations:
          - custom text gets stripped (still better than before)
          - formats that have p (+ve) and n (-ve) parts must include a fraction format in each part. Otherwise +ve and -ve values are not formatted as a fraction (still better than before)
   43523: MNT-181: Corrections
   - WebDAVLockService.unlock() made 'harmless' to call on already-unlocked nodes
   - Delete method hides rather than deletes versioned nodes and working copes in case it is called by OSX Finder during a 'replace' operation
   43524: MNT-181: Correction
   - PutMethod now 'unhides' hidden nodes and behaves as though it created them
   43541: Merged DEV to V4.1-BUG-FIX
      43536: ALF-16200: WQS delete fails to publish to live projects onDeleteNode behavior
      The condition of "if" operator was modified. Now "if" operator evaluate to true if least one of the nodesToTransfer or nodesToRemoveOnTransfer sets is not empty. beforeDeleteNode() methods were updated for check for the ASPECT_PENDING_DELETE aspect on the node. enqueueRemovedNodes() call was moved from onDeleteNode() into beforeDeleteNode(). These fixes allow to automatically update the sites published to (i.e. live projects) to include the removal of the file and removal of file from any collection (asset list) when a content was deleted from an editorial project.
   43542: Fix for ALF-16618 - ScriptableHashMap does not have hasOwnProperty method
   43555: Fix for ALF-16494 - site collaborator has rights to modify comments made by another user.
   43556: ALF-15859: Prevent NPE on upload without NodeRef
   43558: ALF-16694 POI becoming irresponsive and causing jvm to freeze with XLS that includes fraction formats
      - Original jar did not get removed in previous commit
      << NO NEED TO MERGE TO CLOUD1-BUG-FIX as there was a tree conflict and the original jar was removed. >>
   43570: MNT-181: More corrections researched by Valery
   - Don't treat all moves to temporary locations as copies - just those from non-temporary locations. Avoids initial upload leaving lots of hidden files around.
   - Only copy the content, not the whole node including aspects to avoid versioning temporary files!
   - Don't version on changes to sys:clientVisibilityMask - avoids 'double versioning'
   - Recognize Mac .TemporaryItems folder and ._ files as temporary
   43575: Fix for ALF-9317 - Links: Delete Link button in Selected Items menu is available for Consumer, Contributor and Collaborator
   43577: Upgrade POM files after following changes:
      43401: ALF-16587 patch greenmail
      43520: ALF-16694 Uprade POI and patch it
   43584: Merged V4.1 to V4.1-BUG-FIX <<Record Only>>
      43582: Merged V4.1-BUG-FIX to V4.1 (4.1.2)
         43402: Merged DEV to V4.1-BUG-FIX
            43330: ALF-16073: Share forms renders is slow when using sets.
            Optimize performance for fieldsVisibleInAnyMode populating in getFields and FormField obtaining in getVisibleFieldNamesFor.
      43557: Merged V4.1-BUG-FIX to V4.1
         43555: Fix for ALF-16494 - site collaborator has rights to modify comments made by another user.
   43586: MNT-181: Final correction researched by Valery
   - Corrected system.webdav.renameShufflePattern so that it matches .TemporaryItems folder and ._ files as a full match
   43591: ALF-16772: If the WebDAV path of a document exceeds 255 characters, documents opened in MSOffice cannot be saved back
       - Interpret null nodeLockToken as not locked.
   43594: Merged DEV to V4.1-BUG-FIX
      43540: ALF-12425: Can't launch activiti workflow console from Share when external / ntlm / kerberos authentication is used.
      New webscript that redirects to activiti admin console with URL holding current ticket. The webscript resides below wcs and allows to use alfresco connector in Share.
      43562: ALF-12425: Can't launch activiti workflow console from Share when external / ntlm / kerberos authentication is used.
      Activiti admin console webscript that allows admin console to be invoked behind wcs authentication.
   43595: Merged V4.1 to V4.1-BUG-FIX
      43376: Merged DEV to V4.1
         43339: ALF-16590 : java.lang.IllegalArgumentException while initiating In-Place import
                FilesystemContentDataFactory#contentIsInStore method was modified. Now files' absolute paths are compared.
      43390: ALF-15856: Test org.alfresco.repo.node.NodeServiceTest does not finish on DB2
      - Now inner-nested retrying transaction in testConcurrentArchive passes its exception straight through to the outer transaction, which unwraps and retries it if necessary
      43397: ALF-16021: RuleServiceImplTest never ends on DB2
      - Added endTransaction() call so that testDeleteSpaceWithExecuteScriptRule() doesn't hang indefinitely waiting for the outer transaction to complete
      43398: ALF-15856: Test org.alfresco.repo.node.NodeServiceTest does not finish on DB2
      - Now inner-nested retrying transaction runs in its own thread and we don't wait forever for it
      43404: ALF-16666: IMAP subsystem startup causes Tomcat crash
      - Stopped IMAP subsystem from depending on itself by using private rather than public IMapService!
      43408: Fixed latest DB2 hangs for Samuel (concurrent nested transactions)
      43424: Fixed latest DB2 hang for Samuel (concurrent nested transactions)
      43426: ALF-16692: Merged HEAD to V4.1 (with corrections)
         43425: Fixes issue with YUI SWF files (see: IT-9441)
      43450: Possible fix for workflow tests on DB2 - retrying txns where necessary
      43484: ALF-16702: Restored missing index in DB2 schema reference
   43596: Merged V4.1 to V4.1-BUG-FIX (RECORD ONLY)
      43589: Merged V4.1-BUG-FIX to V4.1
         43575: Fix for ALF-9317 - Links: Delete Link button in Selected Items menu is available for Consumer, Contributor and Collaborator


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@43601 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2012-11-14 11:56:36 +00:00

1661 lines
64 KiB
Java

/*
* Copyright (C) 2005-2011 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.repo.security.authentication;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.transaction.Status;
import javax.transaction.UserTransaction;
import junit.framework.TestCase;
import net.sf.acegisecurity.AccountExpiredException;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationManager;
import net.sf.acegisecurity.BadCredentialsException;
import net.sf.acegisecurity.CredentialsExpiredException;
import net.sf.acegisecurity.DisabledException;
import net.sf.acegisecurity.LockedException;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.management.subsystems.ChildApplicationContextManager;
import org.alfresco.repo.policy.PolicyComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.ExpiryMode;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket;
import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.namespace.DynamicNamespacePrefixResolver;
import org.alfresco.service.namespace.NamespacePrefixResolver;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.ApplicationContextHelper;
import org.hibernate.dialect.Dialect;
import org.hibernate.dialect.PostgreSQLDialect;
import org.springframework.context.ApplicationContext;
@SuppressWarnings("unchecked")
public class AuthenticationTest extends TestCase
{
private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
private NodeService nodeService;
private AuthorityService authorityService;
private TenantService tenantService;
private MD4PasswordEncoder passwordEncoder;
private MutableAuthenticationDao dao;
private AuthenticationManager authenticationManager;
private TicketComponent ticketComponent;
private SimpleCache<String, Ticket> ticketsCache;
private MutableAuthenticationService authenticationService;
private MutableAuthenticationService pubAuthenticationService;
private AuthenticationComponent authenticationComponent;
private AuthenticationComponent authenticationComponentImpl;
private TransactionService transactionService;
private PersonService pubPersonService;
private PersonService personService;
private UserTransaction userTransaction;
private NodeRef rootNodeRef;
private NodeRef systemNodeRef;
private NodeRef typesNodeRef;
private NodeRef personAndyNodeRef;
// TODO: pending replacement
private Dialect dialect;
private PolicyComponent policyComponent;
private SimpleCache<String, CacheEntry> authenticationCache;
private SimpleCache<String, NodeRef> immutableSingletonCache;
public AuthenticationTest()
{
super();
}
public AuthenticationTest(String arg0)
{
super(arg0);
}
public void setUp() throws Exception
{
if (AlfrescoTransactionSupport.getTransactionReadState() != TxnReadState.TXN_NONE)
{
throw new AlfrescoRuntimeException(
"A previous tests did not clean up transaction: " +
AlfrescoTransactionSupport.getTransactionId());
}
dialect = (Dialect) ctx.getBean("dialect");
nodeService = (NodeService) ctx.getBean("nodeService");
authorityService = (AuthorityService) ctx.getBean("authorityService");
tenantService = (TenantService) ctx.getBean("tenantService");
passwordEncoder = (MD4PasswordEncoder) ctx.getBean("passwordEncoder");
ticketComponent = (TicketComponent) ctx.getBean("ticketComponent");
authenticationService = (MutableAuthenticationService) ctx.getBean("authenticationService");
pubAuthenticationService = (MutableAuthenticationService) ctx.getBean("AuthenticationService");
authenticationComponent = (AuthenticationComponent) ctx.getBean("authenticationComponent");
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponent");
pubPersonService = (PersonService) ctx.getBean("PersonService");
personService = (PersonService) ctx.getBean("personService");
policyComponent = (PolicyComponent) ctx.getBean("policyComponent");
authenticationCache = (SimpleCache<String, CacheEntry>) ctx.getBean("authenticationCache");
immutableSingletonCache = (SimpleCache<String, NodeRef>) ctx.getBean("immutableSingletonCache");
// permissionServiceSPI = (PermissionServiceSPI)
// ctx.getBean("permissionService");
ticketsCache = (SimpleCache<String, Ticket>) ctx.getBean("ticketsCache");
dao = (MutableAuthenticationDao) ctx.getBean("authenticationDao");
// Let's look inside the alfresco authentication subsystem to get the DAO-wired authentication manager
ChildApplicationContextManager authenticationChain = (ChildApplicationContextManager) ctx.getBean("Authentication");
ApplicationContext subsystem = authenticationChain.getApplicationContext(authenticationChain.getInstanceIds().iterator().next());
authenticationManager = (AuthenticationManager) subsystem.getBean("authenticationManager");
transactionService = (TransactionService) ctx.getBean(ServiceRegistry.TRANSACTION_SERVICE.getLocalName());
userTransaction = transactionService.getUserTransaction();
userTransaction.begin();
StoreRef storeRef = nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.currentTimeMillis());
rootNodeRef = nodeService.getRootNode(storeRef);
QName children = ContentModel.ASSOC_CHILDREN;
QName system = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "system");
QName container = ContentModel.TYPE_CONTAINER;
QName types = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "people");
systemNodeRef = nodeService.createNode(rootNodeRef, children, system, container).getChildRef();
typesNodeRef = nodeService.createNode(systemNodeRef, children, types, container).getChildRef();
Map<QName, Serializable> props = createPersonProperties("Andy");
personAndyNodeRef = nodeService.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props).getChildRef();
assertNotNull(personAndyNodeRef);
AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
deleteAndy();
authenticationComponent.clearCurrentSecurityContext();
}
private void deleteAndy()
{
RepositoryAuthenticationDao dao = new RepositoryAuthenticationDao();
dao.setAuthorityService(authorityService);
dao.setTenantService(tenantService);
dao.setNodeService(nodeService);
dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder);
dao.setPolicyComponent(policyComponent);
dao.setAuthenticationCache(authenticationCache);
dao.setSingletonCache(immutableSingletonCache);
if (dao.getUserOrNull("andy") != null)
{
dao.deleteUser("andy");
}
if(personService.personExists("andy"))
{
personService.deletePerson("andy");
}
}
@Override
protected void tearDown() throws Exception
{
if ((userTransaction.getStatus() == Status.STATUS_ACTIVE) || (userTransaction.getStatus() == Status.STATUS_MARKED_ROLLBACK))
{
userTransaction.rollback();
}
AuthenticationUtil.clearCurrentSecurityContext();
super.tearDown();
}
private Map<QName, Serializable> createPersonProperties(String userName)
{
HashMap<QName, Serializable> properties = new HashMap<QName, Serializable>();
properties.put(ContentModel.PROP_USERNAME, "Andy");
return properties;
}
public void testSystemTicket() throws Exception
{
assertNull(AuthenticationUtil.getFullAuthentication());
assertNull(AuthenticationUtil.getRunAsAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("andy", "andy".toCharArray());
pubAuthenticationService.clearCurrentSecurityContext();
assertNull(AuthenticationUtil.getFullAuthentication());
assertNull(AuthenticationUtil.getRunAsAuthentication());
// Authenticate
pubAuthenticationService.authenticate("andy", "andy".toCharArray());
// Get current user name
String userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
// Get ticket
String ticket = pubAuthenticationService.getCurrentTicket();
assertEquals("andy", ticketComponent.getAuthorityForTicket(ticket));
// Get logged in user ...
// Get userName
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
// get Person
assertTrue(pubPersonService.personExists(userName));
AuthenticationUtil.runAs(new RunAsWork<Void>() {
public Void doWork() throws Exception
{
// TODO Auto-generated method stub
assertEquals("andy", ticketComponent.getAuthorityForTicket(pubAuthenticationService.getCurrentTicket()));
return null;
}}, AuthenticationUtil.getSystemUserName());
pubPersonService.getPerson(userName);
assertTrue(pubPersonService.personExists(userName));
// re-getTicket
String newticket = pubAuthenticationService.getCurrentTicket();
assertEquals(ticket, newticket);
assertEquals("andy", ticketComponent.getAuthorityForTicket(newticket));
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
// new TX
//userTransaction.commit();
//userTransaction = transactionService.getUserTransaction();
//userTransaction.begin();
pubAuthenticationService.validate(ticket);
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
pubAuthenticationService.validate(newticket);
userName = pubAuthenticationService.getCurrentUserName();
assertEquals("andy", userName);
}
public void xtestScalability()
{
long create = 0;
long start;
long end;
authenticationComponent.authenticate(AuthenticationUtil.getAdminUserName(), "admin".toCharArray());
for (int i = 0; i < 10000; i++)
{
String id = "TestUser-" + i;
start = System.nanoTime();
authenticationService.createAuthentication(id, id.toCharArray());
end = System.nanoTime();
create += (end - start);
if ((i > 0) && (i % 100 == 0))
{
System.out.println("Count = " + i);
System.out.println("Average create : " + (create / i / 1000000.0f));
start = System.nanoTime();
dao.userExists(id);
end = System.nanoTime();
System.out.println("Exists : " + ((end - start) / 1000000.0f));
}
}
authenticationComponent.clearCurrentSecurityContext();
}
public void c()
{
try
{
authenticationService.authenticate("", "".toCharArray());
}
catch (AuthenticationException e)
{
// Expected
}
}
public void testNewTicketOnLogin()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
String ticket1 = pubAuthenticationService.getCurrentTicket();
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
assertFalse(ticket1.equals(pubAuthenticationService.getCurrentTicket()));
}
public void testGuest()
{
authenticationService.authenticate(AuthenticationUtil.getGuestUserName(), "".toCharArray());
}
public void testCreateUsers()
{
authenticationService.createAuthentication(AuthenticationUtil.getGuestUserName(), "".toCharArray());
authenticationService.authenticate(AuthenticationUtil.getGuestUserName(), "".toCharArray());
// Guest is treated like any other user
assertEquals(AuthenticationUtil.getGuestUserName(), authenticationService.getCurrentUserName());
authenticationService.createAuthentication("Andy", "".toCharArray());
authenticationService.authenticate("Andy", "".toCharArray());
assertEquals("Andy", authenticationService.getCurrentUserName());
if (! tenantService.isEnabled())
{
authenticationService.createAuthentication("Mr.Woof.Banana@chocolate.chip.cookie.com", "".toCharArray());
authenticationService.authenticate("Mr.Woof.Banana@chocolate.chip.cookie.com", "".toCharArray());
assertEquals("Mr.Woof.Banana@chocolate.chip.cookie.com", authenticationService.getCurrentUserName());
}
else
{
// TODO - could create tenant domain 'chocolate.chip.cookie.com'
}
authenticationService.createAuthentication("Andy_Woof/Domain", "".toCharArray());
authenticationService.authenticate("Andy_Woof/Domain", "".toCharArray());
assertEquals("Andy_Woof/Domain", authenticationService.getCurrentUserName());
authenticationService.createAuthentication("Andy_ Woof/Domain", "".toCharArray());
authenticationService.authenticate("Andy_ Woof/Domain", "".toCharArray());
assertEquals("Andy_ Woof/Domain", authenticationService.getCurrentUserName());
if (! tenantService.isEnabled())
{
String un = "Andy `\u00ac\u00a6!\u00a3$%^&*()-_=+\t\n\u0000[]{};'#:@~,./<>?|";
if (dialect instanceof PostgreSQLDialect)
{
// Note: PostgreSQL does not support \u0000 char embedded in a string
// http://archives.postgresql.org/pgsql-jdbc/2007-02/msg00115.php
un = "Andy `\u00ac\u00a6!\u00a3$%^&*()-_=+\t\n[]{};'#:@~,./<>?|";
}
authenticationService.createAuthentication(un, "".toCharArray());
authenticationService.authenticate(un, "".toCharArray());
assertEquals(un, authenticationService.getCurrentUserName());
}
else
{
// tenant domain ~,./<>?\\| is not valid format"
}
}
public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException
{
RepositoryAuthenticationDao dao = new RepositoryAuthenticationDao();
dao.setTenantService(tenantService);
dao.setNodeService(nodeService);
dao.setAuthorityService(authorityService);
dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder);
dao.setPolicyComponent(policyComponent);
dao.setAuthenticationCache(authenticationCache);
dao.setSingletonCache(immutableSingletonCache);
dao.createUser("Andy", "cabbage".toCharArray());
assertNotNull(dao.getUserOrNull("Andy"));
byte[] decodedHash = passwordEncoder.decodeHash(dao.getMD4HashedPassword("Andy"));
byte[] testHash = MessageDigest.getInstance("MD4").digest("cabbage".getBytes("UnicodeLittleUnmarked"));
assertEquals(new String(decodedHash), new String(testHash));
UserDetails AndyDetails = (UserDetails) dao.loadUserByUsername("Andy");
assertNotNull(AndyDetails);
assertEquals("Andy", AndyDetails.getUsername());
// assertNotNull(dao.getSalt(AndyDetails));
assertTrue(AndyDetails.isAccountNonExpired());
assertTrue(AndyDetails.isAccountNonLocked());
assertTrue(AndyDetails.isCredentialsNonExpired());
assertTrue(AndyDetails.isEnabled());
assertNotSame("cabbage", AndyDetails.getPassword());
assertEquals(AndyDetails.getPassword(), passwordEncoder.encodePassword("cabbage", dao.getSalt(AndyDetails)));
assertEquals(1, AndyDetails.getAuthorities().length);
// Object oldSalt = dao.getSalt(AndyDetails);
dao.updateUser("Andy", "carrot".toCharArray());
UserDetails newDetails = (UserDetails) dao.loadUserByUsername("Andy");
assertNotNull(newDetails);
assertEquals("Andy", newDetails.getUsername());
// assertNotNull(dao.getSalt(newDetails));
assertTrue(newDetails.isAccountNonExpired());
assertTrue(newDetails.isAccountNonLocked());
assertTrue(newDetails.isCredentialsNonExpired());
assertTrue(newDetails.isEnabled());
assertNotSame("carrot", newDetails.getPassword());
assertEquals(1, newDetails.getAuthorities().length);
assertNotSame(AndyDetails.getPassword(), newDetails.getPassword());
// assertNotSame(oldSalt, dao.getSalt(newDetails));
dao.deleteUser("Andy");
assertNull(dao.getUserOrNull("Andy"));
MessageDigest digester;
try
{
digester = MessageDigest.getInstance("MD4");
System.out.println("Digester from " + digester.getProvider());
}
catch (NoSuchAlgorithmException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
System.out.println("No digester");
}
}
public void testAuthentication()
{
dao.createUser("GUEST", "".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("GUEST", "");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.createUser("Andy", "squash".toCharArray());
token = new UsernamePasswordAuthenticationToken("Andy", "squash");
token.setAuthenticated(false);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setEnabled("Andy", false);
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (DisabledException e)
{
// Expected
}
dao.setEnabled("Andy", true);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setLocked("Andy", true);
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (LockedException e)
{
// Expected
}
dao.setLocked("Andy", false);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpires("Andy", true);
dao.setCredentialsExpire("Andy", true);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpiryDate("Andy", null);
dao.setCredentialsExpiryDate("Andy", null);
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpiryDate("Andy", new Date(new Date().getTime() + 10000));
dao.setCredentialsExpiryDate("Andy", new Date(new Date().getTime() + 10000));
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setAccountExpiryDate("Andy", new Date(new Date().getTime() - 10000));
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (AccountExpiredException e)
{
// Expected
}
dao.setAccountExpiryDate("Andy", new Date(new Date().getTime() + 10000));
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.setCredentialsExpiryDate("Andy", new Date(new Date().getTime() - 10000));
try
{
result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (CredentialsExpiredException e)
{
// Expected
}
dao.setCredentialsExpiryDate("Andy", new Date(new Date().getTime() + 10000));
result = authenticationManager.authenticate(token);
assertNotNull(result);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testCreateAuthenticationWhileRunningAsSystem() throws Exception
{
userTransaction.rollback();
RunAsWork<Object> authWorkAsMuppet = new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
RunAsWork<Object> authWorkAsSystem = new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
RetryingTransactionCallback<Object> txnWork = new RetryingTransactionCallback<Object>()
{
public Object execute() throws Throwable
{
pubAuthenticationService.createAuthentication("blah", "pwd".toCharArray());
pubAuthenticationService.deleteAuthentication("blah");
return null;
}
};
return transactionService.getRetryingTransactionHelper().doInTransaction(txnWork, false, true);
}
};
return AuthenticationUtil.runAs(authWorkAsSystem, AuthenticationUtil.getSystemUserName());
}
};
AuthenticationUtil.runAs(authWorkAsMuppet, "muppet");
}
public void testPushAndPopAuthentication() throws Exception
{
AuthenticationUtil.setFullyAuthenticatedUser("user1");
assertEquals("user1", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user1", AuthenticationUtil.getRunAsUser());
AuthenticationUtil.setRunAsUser("user2");
assertEquals("user1", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user2", AuthenticationUtil.getRunAsUser());
AuthenticationUtil.pushAuthentication();
AuthenticationUtil.setFullyAuthenticatedUser("user3");
AuthenticationUtil.setRunAsUser("user4");
assertEquals("user3", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user4", AuthenticationUtil.getRunAsUser());
AuthenticationUtil.popAuthentication();
assertEquals("user1", AuthenticationUtil.getFullyAuthenticatedUser());
assertEquals("user2", AuthenticationUtil.getRunAsUser());
}
public void testAuthenticationFailure()
{
dao.createUser("Andy", "squash".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "turnip");
token.setAuthenticated(false);
try
{
Authentication result = authenticationManager.authenticate(token);
assertNotNull(result);
assertNotNull(null);
}
catch (BadCredentialsException e)
{
// Expected
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicket()
{
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = ticketComponent.getNewTicket(getUserName(result));
String user = ticketComponent.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
user = null;
try
{
user = ticketComponent.validateTicket("INVALID");
assertNotNull(null);
}
catch (AuthenticationException e)
{
assertNull(user);
}
ticketComponent.invalidateTicketById(ticket);
try
{
user = ticketComponent.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketRepeat()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(false);
tc.setValidDuration("P0D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketOneOff()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(true);
tc.setTicketsExpire(false);
tc.setValidDuration("P0D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertTrue(!ticketComponent.getCurrentTicket("Andy", true).equals(ticket));
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketExpiryMode()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P5S");
tc.setTicketsCache(ticketsCache);
tc.setExpiryMode(ExpiryMode.AFTER_FIXED_TIME.toString());
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
tc.setExpiryMode(ExpiryMode.AFTER_INACTIVITY.toString());
ticket = tc.getNewTicket(getUserName(result));
for (int i = 0; i < 50; i++)
{
synchronized (this)
{
try
{
wait(100);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
tc.validateTicket(ticket);
}
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketExpires()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P5S");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try
{
tc.validateTicket(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketDoesNotExpire()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P1D");
tc.setTicketsCache(ticketsCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this)
{
try
{
wait(10000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAuthenticationServiceGetNewTicket()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
String ticket1 = authenticationService.getCurrentTicket();
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
String ticket2 = authenticationService.getCurrentTicket();
assertFalse(ticket1.equals(ticket2));
}
public void testAuthenticationService1()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
authenticationService.authenticate("Andy", "auth1".toCharArray());
fail("Authentication should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService2()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
authenticationService.authenticate("Andy", "auth2".toCharArray());
fail("Authentication should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService3()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
try
{
authenticationService.validate(ticket);
fail("Invalid taicket should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService4()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.clearCurrentSecurityContext();
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
// Still authentication
assertTrue(current.isAuthenticated());
}
try
{
authenticationService.validate(ticket);
fail("Invalid ticket should have been rejected");
}
catch (AuthenticationException e)
{
assertNull(authenticationComponentImpl.getCurrentAuthentication());
}
}
public void testAuthenticationService()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
assertTrue(current.isAuthenticated());
}
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.updateAuthentication("Andy", "auth4".toCharArray(), "auth5".toCharArray());
authenticationService.authenticate("Andy", "auth5".toCharArray());
// clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName());
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAuthenticationService0()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
// update the authentication
authenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
authenticationService.authenticate("Andy", "auth4".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if (current != null)
{
assertTrue(current.isAuthenticated());
}
authenticationService.authenticate("Andy", "auth4".toCharArray());
// clear any context and check we are no longer authenticated
authenticationService.clearCurrentSecurityContext();
assertNull(authenticationService.getCurrentUserName());
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testPubAuthenticationService1()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
fail("Authentication should fail");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService2()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
pubAuthenticationService.authenticate("Andy", "auth2".toCharArray());
fail("Authentication should fail");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService3()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
try
{
pubAuthenticationService.validate(ticket);
fail("Ticket should not validate");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService()
{
// pubAuthenticationService.authenticateAsGuest();
// authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
}
public void testPubAuthenticationService0()
{
// pubAuthenticationService.authenticateAsGuest();
// authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
pubAuthenticationService.authenticateAsGuest();
authenticationComponent.clearCurrentSecurityContext();
assertNull(authenticationComponent.getCurrentAuthentication());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals("Andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
assertEquals(ticket, authenticationService.getCurrentTicket());
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth4".toCharArray());
try
{
pubAuthenticationService.updateAuthentication("Andy", "auth3".toCharArray(), "auth4".toCharArray());
fail("Should not be able to update");
}
catch (AuthenticationException ae)
{
}
}
public void testAbstractAuthenticationComponentGuestUserSupport()
{
authenticationComponent.setGuestUserAsCurrentUser();
assertEquals(authenticationComponent.getCurrentUserName(), authenticationComponent.getGuestUserName());
}
public void testPassThroughLogin()
{
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.setCurrentUser("Andy");
assertEquals("Andy", authenticationService.getCurrentUserName());
// authenticationService.deleteAuthentication("andy");
}
private String getUserName(Authentication authentication)
{
String username = authentication.getPrincipal().toString();
if (authentication.getPrincipal() instanceof UserDetails)
{
username = ((UserDetails) authentication.getPrincipal()).getUsername();
}
return username;
}
private NamespacePrefixResolver getNamespacePrefixReolsver(String defaultURI)
{
DynamicNamespacePrefixResolver nspr = new DynamicNamespacePrefixResolver(null);
nspr.registerNamespace(NamespaceService.SYSTEM_MODEL_PREFIX, NamespaceService.SYSTEM_MODEL_1_0_URI);
nspr.registerNamespace(NamespaceService.CONTENT_MODEL_PREFIX, NamespaceService.CONTENT_MODEL_1_0_URI);
nspr.registerNamespace(ContentModel.USER_MODEL_PREFIX, ContentModel.USER_MODEL_URI);
nspr.registerNamespace("namespace", "namespace");
nspr.registerNamespace(NamespaceService.DEFAULT_PREFIX, defaultURI);
return nspr;
}
}