Return-Path: X-Original-To: apmail-jackrabbit-commits-archive@www.apache.org Delivered-To: apmail-jackrabbit-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4E7E89819 for ; Wed, 21 Sep 2011 12:41:30 +0000 (UTC) Received: (qmail 43730 invoked by uid 500); 21 Sep 2011 12:41:30 -0000 Delivered-To: apmail-jackrabbit-commits-archive@jackrabbit.apache.org Received: (qmail 43695 invoked by uid 500); 21 Sep 2011 12:41:30 -0000 Mailing-List: contact commits-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@jackrabbit.apache.org Delivered-To: mailing list commits@jackrabbit.apache.org Received: (qmail 43688 invoked by uid 99); 21 Sep 2011 12:41:30 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Sep 2011 12:41:30 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Sep 2011 12:41:27 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 9631D23888EA; Wed, 21 Sep 2011 12:41:05 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1173602 - in /jackrabbit/trunk: jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/ jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/ jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/... Date: Wed, 21 Sep 2011 12:41:05 -0000 To: commits@jackrabbit.apache.org From: angela@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20110921124105.9631D23888EA@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: angela Date: Wed Sep 21 12:41:04 2011 New Revision: 1173602 URL: http://svn.apache.org/viewvc?rev=1173602&view=rev Log: JCR-3080 : Add User#changePassword(String newPw, String oldPw) Modified: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java Modified: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java?rev=1173602&r1=1173601&r2=1173602&view=diff ============================================================================== --- jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java (original) +++ jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/User.java Wed Sep 21 12:41:04 2011 @@ -59,6 +59,16 @@ public interface User extends Authorizab void changePassword(String password) throws RepositoryException; /** + * Change the password of this user. + * + * @param password The new password. + * @param oldPassword The old password. + * @throws RepositoryException If the old password doesn't match or if + * an error occurs. + */ + void changePassword(String password, String oldPassword) throws RepositoryException; + + /** * Disable this user thus preventing future login if the reason * is a non-null String.
* Note however, that this user will still be accessible by Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java?rev=1173602&r1=1173601&r2=1173602&view=diff ============================================================================== --- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java (original) +++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserImpl.java Wed Sep 21 12:41:04 2011 @@ -26,6 +26,7 @@ import org.apache.jackrabbit.core.securi import javax.jcr.Credentials; import javax.jcr.RepositoryException; +import javax.jcr.SimpleCredentials; import javax.jcr.Value; import java.io.UnsupportedEncodingException; import java.security.NoSuchAlgorithmException; @@ -130,6 +131,26 @@ public class UserImpl extends Authorizab } /** + * @see User#changePassword(String, String) + */ + public void changePassword(String password, String oldPassword) throws RepositoryException { + // make sure the old password matches. + try { + CryptedSimpleCredentials csc = (CryptedSimpleCredentials) getCredentials(); + SimpleCredentials creds = new SimpleCredentials(getID(), oldPassword.toCharArray()); + if (!csc.matches(creds)) { + throw new RepositoryException("Failed to change password: Old password does not match."); + } + } catch (NoSuchAlgorithmException e) { + throw new RepositoryException("Cannot change password: failed to validate old password."); + } catch (UnsupportedEncodingException e) { + throw new RepositoryException("Cannot change password: failed to validate old password."); + } + + changePassword(password); + } + + /** * @see User#disable(String) */ public void disable(String reason) throws RepositoryException { Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java?rev=1173602&r1=1173601&r2=1173602&view=diff ============================================================================== --- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java (original) +++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/user/UserTest.java Wed Sep 21 12:41:04 2011 @@ -104,6 +104,58 @@ public class UserTest extends AbstractUs } } + public void testChangePasswordWithOldPassword() throws RepositoryException, NotExecutableException { + String oldPw = getHelper().getProperty("javax.jcr.tck.superuser.pwd"); + if (oldPw == null) { + // missing property + throw new NotExecutableException(); + } + + User user = getTestUser(superuser); + try { + try { + user.changePassword("pw", "wrongOldPw"); + save(superuser); + fail("old password didn't match -> changePassword(String,String) should fail."); + } catch (RepositoryException e) { + // success. + } + + user.changePassword("pw", oldPw); + save(superuser); + + // make sure the user can login with the new pw + Session s = getHelper().getRepository().login(new SimpleCredentials(user.getID(), "pw".toCharArray())); + s.logout(); + } finally { + user.changePassword(oldPw); + save(superuser); + } + } + + public void testChangePasswordWithOldPassword2() throws RepositoryException, NotExecutableException { + String oldPw = getHelper().getProperty("javax.jcr.tck.superuser.pwd"); + if (oldPw == null) { + // missing property + throw new NotExecutableException(); + } + + User user = getTestUser(superuser); + try { + user.changePassword("pw", oldPw); + save(superuser); + + Session s = getHelper().getRepository().login(new SimpleCredentials(user.getID(), oldPw.toCharArray())); + s.logout(); + fail("superuser pw has changed. login must fail."); + } catch (LoginException e) { + // success + } finally { + user.changePassword(oldPw); + save(superuser); + } + } + public void testDisable() throws Exception { boolean remove = false; Session s = getHelper().getReadOnlySession(); Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java?rev=1173602&r1=1173601&r2=1173602&view=diff ============================================================================== --- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java (original) +++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/SimpleCredentialsAuthenticationTest.java Wed Sep 21 12:41:04 2011 @@ -134,6 +134,9 @@ public class SimpleCredentialsAuthentica public void changePassword(String password) throws RepositoryException { } + public void changePassword(String password, String oldPassword) throws RepositoryException { + } + public void disable(String reason) throws RepositoryException { }