Author: angela
Date: Wed Oct 24 16:14:03 2012
New Revision: 1401756
URL: http://svn.apache.org/viewvc?rev=1401756&view=rev
Log:
OAK-50 : Implement User Management (WIP)
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java
- copied, changed from r1401665,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java
Removed:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
Wed Oct 24 16:14:03 2012
@@ -57,22 +57,22 @@ public class PasswordValidationAction ex
//-------------------------------------------------< AuthorizableAction
>---
@Override
public void onCreate(User user, String password, Session session) throws
RepositoryException {
- validatePassword(password);
+ validatePassword(password, false);
}
@Override
public void onCreate(User user, String password, Root root) throws
RepositoryException {
- validatePassword(password);
+ validatePassword(password, false);
}
@Override
public void onPasswordChange(User user, String newPassword, Session
session) throws RepositoryException {
- validatePassword(newPassword);
+ validatePassword(newPassword, true);
}
@Override
public void onPasswordChange(User user, String newPassword, Root root)
throws RepositoryException {
- validatePassword(newPassword);
+ validatePassword(newPassword, true);
}
//------------------------------------------------------< Configuration
>---
@@ -94,18 +94,16 @@ public class PasswordValidationAction ex
* Validate the specified password.
*
* @param password The password to be validated
+ * @param forceMatch If true the specified password is always validated;
+ * otherwise only if it is a plain text password.
* @throws RepositoryException If the specified password is too short or
* doesn't match the specified password pattern.
*/
- private void validatePassword(String password) throws RepositoryException {
- if (password != null && isPlainText(password)) {
+ private void validatePassword(String password, boolean forceMatch) throws
RepositoryException {
+ if (password != null && (forceMatch ||
PasswordUtility.isPlainTextPassword(password))) {
if (pattern != null && !pattern.matcher(password).matches()) {
throw new ConstraintViolationException("Password violates
password constraint (" + pattern.pattern() + ").");
}
}
}
-
- private static boolean isPlainText(String password) {
- return !PasswordUtility.isPlainTextPassword(password);
- }
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
Wed Oct 24 16:14:03 2012
@@ -36,14 +36,15 @@ import org.junit.Before;
public abstract class AbstractSecurityTest {
private ContentRepository contentRepository;
+
+ protected SecurityProvider securityProvider;
protected ContentSession admin;
- protected final SecurityProvider securityProvider = new
SecurityProviderImpl();
@Before
public void before() throws Exception {
contentRepository = new Oak()
.with(new InitialContent())
- .with(securityProvider)
+ .with(getSecurityProvider())
.createContentRepository();
// TODO: OAK-17. workaround for missing test configuration
@@ -59,6 +60,12 @@ public abstract class AbstractSecurityTe
Configuration.setConfiguration(null);
}
+ protected SecurityProvider getSecurityProvider() {
+ if (securityProvider == null) {
+ securityProvider = new SecurityProviderImpl();
+ }
+ return securityProvider;
+ }
protected Configuration getConfiguration() {
return new OakConfiguration();
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -32,8 +32,10 @@ import org.apache.jackrabbit.oak.api.Roo
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.spi.security.user.util.UserUtility;
+import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
@@ -46,6 +48,15 @@ import static org.junit.Assert.fail;
*/
public class DefaultLoginModuleTest extends AbstractSecurityTest {
+ private UserConfiguration uc;
+
+ @Before
+ public void before() throws Exception {
+ super.before();
+
+ uc = getSecurityProvider().getUserConfiguration();
+ }
+
@Override
protected Configuration getConfiguration() {
return new Configuration() {
@@ -81,7 +92,7 @@ public class DefaultLoginModuleTest exte
ContentSession cs = login(new GuestCredentials());
try {
AuthInfo authInfo = cs.getAuthInfo();
- String anonymousID =
UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+ String anonymousID =
UserUtility.getAnonymousId(uc.getConfigurationParameters());
assertEquals(anonymousID, authInfo.getUserID());
} finally {
cs.close();
@@ -90,10 +101,10 @@ public class DefaultLoginModuleTest exte
@Test
public void testAnonymousLogin() throws Exception {
- String anonymousID =
UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+ String anonymousID =
UserUtility.getAnonymousId(uc.getConfigurationParameters());
Root root = admin.getLatestRoot();
- UserManager userMgr =
securityProvider.getUserConfiguration().getUserManager(root,
NamePathMapper.DEFAULT);
+ UserManager userMgr = uc.getUserManager(root, NamePathMapper.DEFAULT);
// verify initial user-content looks like expected
Authorizable anonymous = userMgr.getAuthorizable(anonymousID);
@@ -116,7 +127,7 @@ public class DefaultLoginModuleTest exte
@Test
public void testUserLogin() throws Exception {
Root root = admin.getLatestRoot();
- UserManager userManager =
securityProvider.getUserConfiguration().getUserManager(root,
NamePathMapper.DEFAULT);
+ UserManager userManager = uc.getUserManager(root,
NamePathMapper.DEFAULT);
ContentSession cs = null;
User user = null;
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -61,7 +61,7 @@ public class GuestDefaultLoginModuleTest
ContentSession cs = login(null);
try {
AuthInfo authInfo = cs.getAuthInfo();
- String anonymousID =
UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+ String anonymousID =
UserUtility.getAnonymousId(getSecurityProvider().getUserConfiguration().getConfigurationParameters());
assertEquals(anonymousID, authInfo.getUserID());
} finally {
cs.close();
@@ -73,7 +73,7 @@ public class GuestDefaultLoginModuleTest
ContentSession cs = login(new GuestCredentials());
try {
AuthInfo authInfo = cs.getAuthInfo();
- String anonymousID =
UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+ String anonymousID =
UserUtility.getAnonymousId(getSecurityProvider().getUserConfiguration().getConfigurationParameters());
assertEquals(anonymousID, authInfo.getUserID());
} finally {
cs.close();
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -187,7 +187,7 @@ public class TokenDefaultLoginModuleTest
@Test
public void testValidTokenCredentials() throws Exception {
Root root = admin.getLatestRoot();
- TokenProvider tp = securityProvider.getTokenProvider(root);
+ TokenProvider tp = getSecurityProvider().getTokenProvider(root);
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String,
Object>emptyMap());
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -137,7 +137,7 @@ public class TokenLoginModuleTest extend
@Test
public void testValidTokenCredentials() throws Exception {
Root root = admin.getLatestRoot();
- TokenProvider tp = securityProvider.getTokenProvider(root);
+ TokenProvider tp = getSecurityProvider().getTokenProvider(root);
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String,
Object>emptyMap());
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Wed Oct 24 16:14:03 2012
@@ -41,7 +41,7 @@ public class TokenProviderImplTest exten
tokenProvider = new TokenProviderImpl(admin.getLatestRoot(),
ConfigurationParameters.EMPTY,
- securityProvider.getUserConfiguration());
+ getSecurityProvider().getUserConfiguration());
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
Wed Oct 24 16:14:03 2012
@@ -41,7 +41,7 @@ public class PrincipalProviderImplTest e
public void testGetPrincipals() throws Exception {
Root root = admin.getLatestRoot();
PrincipalProviderImpl principalProvider =
- new PrincipalProviderImpl(root,
securityProvider.getUserConfiguration(), NamePathMapper.DEFAULT);
+ new PrincipalProviderImpl(root,
getSecurityProvider().getUserConfiguration(), NamePathMapper.DEFAULT);
String adminId = admin.getAuthInfo().getUserID();
Set<? extends Principal> principals =
principalProvider.getPrincipals(adminId);
@@ -63,7 +63,7 @@ public class PrincipalProviderImplTest e
@Test
public void testEveryone() throws Exception {
Root root = admin.getLatestRoot();
- UserConfiguration config = securityProvider.getUserConfiguration();
+ UserConfiguration config =
getSecurityProvider().getUserConfiguration();
PrincipalProviderImpl principalProvider = new
PrincipalProviderImpl(root, config, NamePathMapper.DEFAULT);
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
Wed Oct 24 16:14:03 2012
@@ -25,10 +25,11 @@ import org.apache.jackrabbit.oak.api.Roo
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
+import org.junit.Before;
import org.junit.Test;
import static junit.framework.Assert.assertEquals;
@@ -43,8 +44,14 @@ import static org.junit.Assert.fail;
*/
public class UserManagerImplTest extends AbstractSecurityTest {
- private final UserConfigurationImpl uc = new UserConfigurationImpl(
- ConfigurationParameters.EMPTY, securityProvider);
+ private UserConfiguration uc;
+
+ @Before
+ public void before() throws Exception {
+ super.before();
+
+ uc = getSecurityProvider().getUserConfiguration();
+ }
@Test
public void testSetPassword() throws Exception {
Added:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1401756&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Wed Oct 24 16:14:03 2012
@@ -0,0 +1,200 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.user.action;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import javax.annotation.Nonnull;
+import javax.jcr.RepositoryException;
+import javax.jcr.nodetype.ConstraintViolationException;
+
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
+import org.apache.jackrabbit.oak.security.user.UserConfigurationImpl;
+import org.apache.jackrabbit.oak.security.user.UserManagerImpl;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+public class PasswordValidationActionTest extends AbstractSecurityTest {
+
+ private PasswordValidationAction pwAction = new PasswordValidationAction();
+ private TestAction testAction = new TestAction();
+
+ private Root root;
+ private UserManager userManager;
+ private User user;
+
+ private User testUser;
+
+ @Before
+ public void before() throws Exception {
+ super.before();
+
+ root = admin.getLatestRoot();
+
+ userManager = new UserManagerImpl(null, root, NamePathMapper.DEFAULT,
getSecurityProvider());
+ user = (User)
userManager.getAuthorizable(admin.getAuthInfo().getUserID());
+
+ pwAction.setConstraint("^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*");
+
+ }
+
+ @After
+ public void after() throws Exception {
+ if (testUser != null) {
+ testUser.remove();
+ root.commit();
+ }
+ root = null;
+ super.after();
+ }
+
+ @Override
+ protected SecurityProvider getSecurityProvider() {
+ if (securityProvider == null) {
+ securityProvider = new TestSecurityProvider();
+ }
+ return securityProvider;
+ }
+
+ @Test
+ public void testActionIsCalled() throws Exception {
+ testUser = userManager.createUser("testUser", "testUser12345");
+ root.commit();
+ assertEquals(1, testAction.onCreateCalled);
+
+ testUser.changePassword("pW12345678");
+ assertEquals(1, testAction.onPasswordChangeCalled);
+
+ testUser.changePassword("pW1234567890", "pW12345678");
+ assertEquals(2, testAction.onPasswordChangeCalled);
+ }
+
+ @Test
+ public void testPasswordValidationAction() throws Exception {
+ List<String> invalid = new ArrayList<String>();
+ invalid.add("pw1");
+ invalid.add("only6C");
+ invalid.add("12345678");
+ invalid.add("WITHOUTLOWERCASE");
+ invalid.add("withoutuppercase");
+
+ for (String pw : invalid) {
+ try {
+ pwAction.onPasswordChange(user, pw, root);
+ fail("should throw constraint violation");
+ } catch (ConstraintViolationException e) {
+ // success
+ }
+ }
+
+ List<String> valid = new ArrayList<String>();
+ valid.add("abCDefGH");
+ valid.add("Abbbbbbbbbbbb");
+ valid.add("cDDDDDDDDDDDDDDDDD");
+ valid.add("gH%%%%%%%%%%%%%%%%^^");
+ valid.add("&)(*&^%23qW");
+
+ for (String pw : valid) {
+ pwAction.onPasswordChange(user, pw, root);
+ }
+ }
+
+ @Test
+ public void testPasswordValidationActionOnCreate() throws Exception {
+ String hashed = PasswordUtility.buildPasswordHash("DWkej32H");
+ testUser = userManager.createUser("testuser", hashed);
+ root.commit();
+
+ String pwValue =
root.getTree(testUser.getPath()).getProperty(UserConstants.REP_PASSWORD).getValue(Type.STRING);
+ assertFalse(PasswordUtility.isPlainTextPassword(pwValue));
+ assertTrue(PasswordUtility.isSame(pwValue, hashed));
+ }
+
+ @Test
+ public void testPasswordValidationActionOnChange() throws Exception {
+ testUser = userManager.createUser("testuser", "testPw123456");
+ root.commit();
+ try {
+ pwAction.setConstraint("abc");
+
+ String hashed = PasswordUtility.buildPasswordHash("abc");
+ testUser.changePassword(hashed);
+
+ fail("Password change must always enforce password validation.");
+
+ } catch (ConstraintViolationException e) {
+ // success
+ }
+ }
+
+
//--------------------------------------------------------------------------
+ private class TestAction extends AbstractAuthorizableAction {
+
+ private int onCreateCalled = 0;
+ private int onPasswordChangeCalled = 0;
+
+ @Override
+ public void onCreate(User user, String password, Root root) throws
RepositoryException {
+ onCreateCalled++;
+ }
+
+ @Override
+ public void onPasswordChange(User user, String newPassword, Root root)
throws RepositoryException {
+ onPasswordChangeCalled++;
+ }
+ }
+
+ private class TestSecurityProvider extends SecurityProviderImpl {
+
+ private final AuthorizableAction[] actions;
+
+ private TestSecurityProvider() {
+ this.actions = new AuthorizableAction[] {pwAction, testAction};
+ }
+
+ @Nonnull
+ @Override
+ public UserConfiguration getUserConfiguration() {
+ return new UserConfigurationImpl(ConfigurationParameters.EMPTY,
this) {
+
+ @Nonnull
+ @Override
+ public List<AuthorizableAction> getAuthorizableActions() {
+ return Arrays.asList(actions);
+ }
+ };
+ }
+ }
+}
Copied:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java
(from r1401665,
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java)
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java&r1=1401665&r2=1401756&rev=1401756&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java
Wed Oct 24 16:14:03 2012
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.jackrabbit.oak.spi.security.user;
+package org.apache.jackrabbit.oak.spi.security.user.util;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
import org.junit.Test;
