Author: elecharny Date: Tue Apr 17 12:14:17 2007 New Revision: 529718 URL: http://svn.apache.org/viewvc?view=rev&rev=529718 Log: Added tests for MD5, SHA and Crypt. SSHA is not working, so it's commented Modified: directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java Modified: directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java?view=diff&rev=529718&r1=529717&r2=529718 ============================================================================== --- directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java (original) +++ directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java Tue Apr 17 12:14:17 2007 @@ -389,4 +389,214 @@ assertTrue( attrs.get( "facsimiletelephonenumber" ).contains( "+1 408 555 9751" ) ); assertTrue( attrs.get( "roomnumber" ).contains( "4612" ) ); } + + public void testSHA() throws NamingException + { + Hashtable env = new Hashtable( configuration.toJndiEnvironment() ); + env.put( Context.PROVIDER_URL, "ou=system" ); + env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" ); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + env.put( Context.SECURITY_AUTHENTICATION, "simple" ); + env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" ); + InitialDirContext ic = new InitialDirContext( env ); + + // Check that we can get the attributes + Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // now modify the password for akarasulu : 'secret', encrypted using SHA + AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SHA}5en6G6MezRroT3XKqkdPOmY/BfQ=" ); + ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { + new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } ); + + // close and try with old password (should fail) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + + try + { + ic = new InitialDirContext( env ); + fail( "Authentication with old password should fail" ); + } + catch ( NamingException e ) + { + // we should fail + } + + // close and try again now with new password (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // close and try again now with new password, to check that the + // cache is updated (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + } + + /** + public void testSSHA() throws NamingException + { + Hashtable env = new Hashtable( configuration.toJndiEnvironment() ); + env.put( Context.PROVIDER_URL, "ou=system" ); + env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" ); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + env.put( Context.SECURITY_AUTHENTICATION, "simple" ); + env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" ); + InitialDirContext ic = new InitialDirContext( env ); + + // Check that we can get the attributes + Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // now modify the password for akarasulu : 'secret', encrypted using SHA + AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SSHA}Ksr5noqyunWvBi8FpkU8dygcTtjm9AOSii6Plg==" ); + ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { + new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } ); + + // close and try with old password (should fail) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + + try + { + ic = new InitialDirContext( env ); + fail( "Authentication with old password should fail" ); + } + catch ( NamingException e ) + { + // we should fail + } + + // close and try again now with new password (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // close and try again now with new password, to check that the + // cache is updated (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + } + */ + + public void testMD5() throws NamingException + { + Hashtable env = new Hashtable( configuration.toJndiEnvironment() ); + env.put( Context.PROVIDER_URL, "ou=system" ); + env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" ); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + env.put( Context.SECURITY_AUTHENTICATION, "simple" ); + env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" ); + InitialDirContext ic = new InitialDirContext( env ); + + // Check that we can get the attributes + Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // now modify the password for akarasulu : 'secret', encrypted using MD5 + AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ==" ); + ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { + new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } ); + + // close and try with old password (should fail) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + + try + { + ic = new InitialDirContext( env ); + fail( "Authentication with old password should fail" ); + } + catch ( NamingException e ) + { + // we should fail + } + + // close and try again now with new password (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // close and try again now with new password, to check that the + // cache is updated (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + } + + public void testCRYPT() throws NamingException + { + Hashtable env = new Hashtable( configuration.toJndiEnvironment() ); + env.put( Context.PROVIDER_URL, "ou=system" ); + env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" ); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + env.put( Context.SECURITY_AUTHENTICATION, "simple" ); + env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" ); + InitialDirContext ic = new InitialDirContext( env ); + + // Check that we can get the attributes + Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // now modify the password for akarasulu : 'secret', encrypted using CRYPT + AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{crypt}qFkH8Z1woBlXw" ); + ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { + new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } ); + + // close and try with old password (should fail) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "test" ); + + try + { + ic = new InitialDirContext( env ); + fail( "Authentication with old password should fail" ); + } + catch ( NamingException e ) + { + // we should fail + } + + // close and try again now with new password (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + + // close and try again now with new password, to check that the + // cache is updated (should be successfull) + ic.close(); + env.put( Context.SECURITY_CREDENTIALS, "secret" ); + ic = new InitialDirContext( env ); + attrs = ic.getAttributes( "uid=akarasulu,ou=users" ); + assertNotNull( attrs ); + assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) ); + } }