Mailing-List: contact commits-help@directory.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@directory.apache.org
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r558098 - in /directory/apacheds/branches/1.0:
 core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
 core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java
Date: Fri, 20 Jul 2007 19:17:55 -0000
To: commits@directory.apache.org
From: ersiner@apache.org
Message-Id: <20070720191756.BCDB41A981A@eris.apache.org>

Author: ersiner
Date: Fri Jul 20 12:17:52 2007
New Revision: 558098

URL: http://svn.apache.org/viewvc?view=rev&rev=558098
Log:
Fixed DIRSERVER-1001.

Modified:
    directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
    directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java

Modified: directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java?view=diff&rev=558098&r1=558097&r2=558098
==============================================================================
--- directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java (original)
+++ directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java Fri Jul 20 12:17:52 2007
@@ -30,6 +30,7 @@
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.InitialDirContext;
 import javax.naming.ldap.InitialLdapContext;
@@ -438,5 +439,48 @@
         user = ic.getAttributes( "" );
         assertNotNull( user );
         assertEquals( "newPassword", StringTools.utf8ToString( ( byte[] ) user.get( "userPassword" ).get() ) );
+    }
+    
+    /**
+     * @see https://issues.apache.org/jira/browse/DIRSERVER-1001
+     */
+    public void testInvalidateCredentialCacheForUpdatingAnotherUsersPassword() throws NamingException
+    {
+        // bind as akarasulu
+        Hashtable envUser = new Hashtable( configuration.toJndiEnvironment() );
+        envUser.put( Context.PROVIDER_URL, "ou=system" );
+        envUser.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
+        envUser.put( Context.SECURITY_CREDENTIALS, "test" );
+        envUser.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        envUser.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+        InitialDirContext idcUser = new InitialDirContext( envUser );
+        idcUser.close();
+        
+        // bind as admin
+        Hashtable envAdmin = new Hashtable( configuration.toJndiEnvironment() );
+        envAdmin.put( Context.PROVIDER_URL, "ou=system" );
+        envAdmin.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
+        envAdmin.put( Context.SECURITY_CREDENTIALS, "secret" );
+        envAdmin.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        envAdmin.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+        InitialDirContext idcAdmin = new InitialDirContext( envAdmin );
+        
+        // now modify the password for akarasulu (while we're admin)
+        Attribute userPasswordAttribute = new BasicAttribute( "userPassword", "newpwd", true );
+        idcAdmin.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+            new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
+        idcAdmin.close();
+        
+        // try to bind as akarasulu with old password
+        envUser.put( Context.SECURITY_CREDENTIALS, "test" );
+        try
+        {
+            idcUser = new InitialDirContext( envUser );
+            fail( "Authentication with old password should fail" );
+        }
+        catch ( NamingException e )
+        {
+            // we should fail
+        }
     }
 }

Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java?view=diff&rev=558098&r1=558097&r2=558098
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java Fri Jul 20 12:17:52 2007
@@ -331,7 +331,7 @@
             for ( Iterator ii = authenticators.iterator(); ii.hasNext(); /**/ )
             {
                 Authenticator authenticator = ( Authenticator ) ii.next();
-                authenticator.invalidateCache( getPrincipal().getJndiName() );
+                authenticator.invalidateCache( principalDn );
             }
         }
     }