jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1173602 - in /jackrabbit/trunk: jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/ jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/...
Date Wed, 21 Sep 2011 12:41:05 GMT
Author: angela
Date: Wed Sep 21 12:41:04 2011
New Revision: 1173602

URL: http://svn.apache.org/viewvc?rev=1173602&view=rev
Log:
JCR-3080 : Add User#changePassword(String newPw, String oldPw)

Modified:
    jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java

Modified: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java?rev=1173602&r1=1173601&r2=1173602&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java
(original)
+++ jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java
Wed Sep 21 12:41:04 2011
@@ -59,6 +59,16 @@ public interface User extends Authorizab
     void changePassword(String password) throws RepositoryException;
 
     /**
+     * Change the password of this user.
+     *
+     * @param password The new password.
+     * @param oldPassword The old password.
+     * @throws RepositoryException If the old password doesn't match or if
+     * an error occurs.
+     */
+    void changePassword(String password, String oldPassword) throws RepositoryException;
+
+    /**
      * Disable this user thus preventing future login if the <code>reason</code>
      * is a non-null String.<br>
      * Note however, that this user will still be accessible by

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java?rev=1173602&r1=1173601&r2=1173602&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java
Wed Sep 21 12:41:04 2011
@@ -26,6 +26,7 @@ import org.apache.jackrabbit.core.securi
 
 import javax.jcr.Credentials;
 import javax.jcr.RepositoryException;
+import javax.jcr.SimpleCredentials;
 import javax.jcr.Value;
 import java.io.UnsupportedEncodingException;
 import java.security.NoSuchAlgorithmException;
@@ -130,6 +131,26 @@ public class UserImpl extends Authorizab
     }
 
     /**
+     * @see User#changePassword(String, String)
+     */
+    public void changePassword(String password, String oldPassword) throws RepositoryException
{
+        // make sure the old password matches.
+        try {
+            CryptedSimpleCredentials csc = (CryptedSimpleCredentials) getCredentials();
+            SimpleCredentials creds = new SimpleCredentials(getID(), oldPassword.toCharArray());
+            if (!csc.matches(creds)) {
+                throw new RepositoryException("Failed to change password: Old password does
not match.");
+            }
+        } catch (NoSuchAlgorithmException e) {
+            throw new RepositoryException("Cannot change password: failed to validate old
password.");
+        } catch (UnsupportedEncodingException e) {
+            throw new RepositoryException("Cannot change password: failed to validate old
password.");
+        }
+
+        changePassword(password);
+    }
+
+    /**
      * @see User#disable(String)
      */
     public void disable(String reason) throws RepositoryException {

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java?rev=1173602&r1=1173601&r2=1173602&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java
Wed Sep 21 12:41:04 2011
@@ -104,6 +104,58 @@ public class UserTest extends AbstractUs
         }
     }
 
+    public void testChangePasswordWithOldPassword() throws RepositoryException, NotExecutableException
{
+        String oldPw = getHelper().getProperty("javax.jcr.tck.superuser.pwd");
+        if (oldPw == null) {
+            // missing property
+            throw new NotExecutableException();
+        }
+
+        User user = getTestUser(superuser);
+        try {
+            try {
+                user.changePassword("pw", "wrongOldPw");
+                save(superuser);
+                fail("old password didn't match -> changePassword(String,String) should
fail.");
+            } catch (RepositoryException e) {
+                // success.
+            }
+
+            user.changePassword("pw", oldPw);
+            save(superuser);
+
+            // make sure the user can login with the new pw
+            Session s = getHelper().getRepository().login(new SimpleCredentials(user.getID(),
"pw".toCharArray()));
+            s.logout();
+        } finally {
+            user.changePassword(oldPw);
+            save(superuser);
+        }
+    }
+
+    public void testChangePasswordWithOldPassword2() throws RepositoryException, NotExecutableException
{
+        String oldPw = getHelper().getProperty("javax.jcr.tck.superuser.pwd");
+        if (oldPw == null) {
+            // missing property
+            throw new NotExecutableException();
+        }
+
+        User user = getTestUser(superuser);
+        try {
+            user.changePassword("pw", oldPw);
+            save(superuser);
+
+            Session s = getHelper().getRepository().login(new SimpleCredentials(user.getID(),
oldPw.toCharArray()));
+            s.logout();
+            fail("superuser pw has changed. login must fail.");
+        } catch (LoginException e) {
+            // success
+        } finally {
+            user.changePassword(oldPw);
+            save(superuser);
+        }
+    }
+
     public void testDisable() throws Exception {
         boolean remove = false;
         Session s = getHelper().getReadOnlySession();

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java?rev=1173602&r1=1173601&r2=1173602&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java
Wed Sep 21 12:41:04 2011
@@ -134,6 +134,9 @@ public class SimpleCredentialsAuthentica
         public void changePassword(String password) throws RepositoryException {
         }
 
+        public void changePassword(String password, String oldPassword) throws RepositoryException
{
+        }
+
         public void disable(String reason) throws RepositoryException {
         }
 



Mime
View raw message