jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1401756 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/spi/security/user/action/ test/java/org/apache/jackrabbit/oak/security/ test/java/org/apache/jackrabbit/oak/security/authentication/ test/java/org/apache/...
Date Wed, 24 Oct 2012 16:14:04 GMT
Author: angela
Date: Wed Oct 24 16:14:03 2012
New Revision: 1401756

URL: http://svn.apache.org/viewvc?rev=1401756&view=rev
Log:
OAK-50 : Implement User Management (WIP)

Added:
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java
      - copied, changed from r1401665, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java
Removed:
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java
Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
Wed Oct 24 16:14:03 2012
@@ -57,22 +57,22 @@ public class PasswordValidationAction ex
     //-------------------------------------------------< AuthorizableAction >---
     @Override
     public void onCreate(User user, String password, Session session) throws RepositoryException
{
-        validatePassword(password);
+        validatePassword(password, false);
     }
 
     @Override
     public void onCreate(User user, String password, Root root) throws RepositoryException
{
-        validatePassword(password);
+        validatePassword(password, false);
     }
 
     @Override
     public void onPasswordChange(User user, String newPassword, Session session) throws RepositoryException
{
-        validatePassword(newPassword);
+        validatePassword(newPassword, true);
     }
 
     @Override
     public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException
{
-        validatePassword(newPassword);
+        validatePassword(newPassword, true);
     }
 
     //------------------------------------------------------< Configuration >---
@@ -94,18 +94,16 @@ public class PasswordValidationAction ex
      * Validate the specified password.
      *
      * @param password The password to be validated
+     * @param forceMatch If true the specified password is always validated;
+     * otherwise only if it is a plain text password.
      * @throws RepositoryException If the specified password is too short or
      * doesn't match the specified password pattern.
      */
-    private void validatePassword(String password) throws RepositoryException {
-        if (password != null && isPlainText(password)) {
+    private void validatePassword(String password, boolean forceMatch) throws RepositoryException
{
+        if (password != null && (forceMatch || PasswordUtility.isPlainTextPassword(password)))
{
             if (pattern != null && !pattern.matcher(password).matches()) {
                 throw new ConstraintViolationException("Password violates password constraint
(" + pattern.pattern() + ").");
             }
         }
     }
-
-    private static boolean isPlainText(String password) {
-        return !PasswordUtility.isPlainTextPassword(password);
-    }
 }
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/AbstractSecurityTest.java
Wed Oct 24 16:14:03 2012
@@ -36,14 +36,15 @@ import org.junit.Before;
 public abstract class AbstractSecurityTest {
 
     private ContentRepository contentRepository;
+
+    protected SecurityProvider securityProvider;
     protected ContentSession admin;
-    protected final SecurityProvider securityProvider = new SecurityProviderImpl();
 
     @Before
     public void before() throws Exception {
         contentRepository = new Oak()
                 .with(new InitialContent())
-                .with(securityProvider)
+                .with(getSecurityProvider())
                 .createContentRepository();
 
         // TODO: OAK-17. workaround for missing test configuration
@@ -59,6 +60,12 @@ public abstract class AbstractSecurityTe
         Configuration.setConfiguration(null);
     }
 
+    protected SecurityProvider getSecurityProvider() {
+        if (securityProvider == null) {
+            securityProvider = new SecurityProviderImpl();
+        }
+        return securityProvider;
+    }
     protected Configuration getConfiguration() {
         return new OakConfiguration();
     }

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/DefaultLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -32,8 +32,10 @@ import org.apache.jackrabbit.oak.api.Roo
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
 import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
 import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.spi.security.user.util.UserUtility;
+import org.junit.Before;
 import org.junit.Test;
 
 import static org.junit.Assert.assertEquals;
@@ -46,6 +48,15 @@ import static org.junit.Assert.fail;
  */
 public class DefaultLoginModuleTest extends AbstractSecurityTest {
 
+    private UserConfiguration uc;
+
+    @Before
+    public void before() throws Exception {
+        super.before();
+
+        uc = getSecurityProvider().getUserConfiguration();
+    }
+
     @Override
     protected Configuration getConfiguration() {
         return new Configuration() {
@@ -81,7 +92,7 @@ public class DefaultLoginModuleTest exte
         ContentSession cs = login(new GuestCredentials());
         try {
             AuthInfo authInfo = cs.getAuthInfo();
-            String anonymousID = UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+            String anonymousID = UserUtility.getAnonymousId(uc.getConfigurationParameters());
             assertEquals(anonymousID, authInfo.getUserID());
         } finally {
             cs.close();
@@ -90,10 +101,10 @@ public class DefaultLoginModuleTest exte
 
     @Test
     public void testAnonymousLogin() throws Exception {
-        String anonymousID = UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+        String anonymousID = UserUtility.getAnonymousId(uc.getConfigurationParameters());
 
         Root root = admin.getLatestRoot();
-        UserManager userMgr = securityProvider.getUserConfiguration().getUserManager(root,
NamePathMapper.DEFAULT);
+        UserManager userMgr = uc.getUserManager(root, NamePathMapper.DEFAULT);
 
         // verify initial user-content looks like expected
         Authorizable anonymous = userMgr.getAuthorizable(anonymousID);
@@ -116,7 +127,7 @@ public class DefaultLoginModuleTest exte
     @Test
     public void testUserLogin() throws Exception {
         Root root = admin.getLatestRoot();
-        UserManager userManager = securityProvider.getUserConfiguration().getUserManager(root,
NamePathMapper.DEFAULT);
+        UserManager userManager = uc.getUserManager(root, NamePathMapper.DEFAULT);
 
         ContentSession cs = null;
         User user = null;

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -61,7 +61,7 @@ public class GuestDefaultLoginModuleTest
         ContentSession cs = login(null);
         try {
             AuthInfo authInfo = cs.getAuthInfo();
-            String anonymousID = UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+            String anonymousID = UserUtility.getAnonymousId(getSecurityProvider().getUserConfiguration().getConfigurationParameters());
             assertEquals(anonymousID, authInfo.getUserID());
         } finally {
             cs.close();
@@ -73,7 +73,7 @@ public class GuestDefaultLoginModuleTest
         ContentSession cs = login(new GuestCredentials());
         try {
             AuthInfo authInfo = cs.getAuthInfo();
-            String anonymousID = UserUtility.getAnonymousId(securityProvider.getUserConfiguration().getConfigurationParameters());
+            String anonymousID = UserUtility.getAnonymousId(getSecurityProvider().getUserConfiguration().getConfigurationParameters());
             assertEquals(anonymousID, authInfo.getUserID());
         } finally {
             cs.close();

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -187,7 +187,7 @@ public class TokenDefaultLoginModuleTest
     @Test
     public void testValidTokenCredentials() throws Exception {
         Root root = admin.getLatestRoot();
-        TokenProvider tp = securityProvider.getTokenProvider(root);
+        TokenProvider tp = getSecurityProvider().getTokenProvider(root);
 
         SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
         TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String, Object>emptyMap());

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
Wed Oct 24 16:14:03 2012
@@ -137,7 +137,7 @@ public class TokenLoginModuleTest extend
     @Test
     public void testValidTokenCredentials() throws Exception {
         Root root = admin.getLatestRoot();
-        TokenProvider tp = securityProvider.getTokenProvider(root);
+        TokenProvider tp = getSecurityProvider().getTokenProvider(root);
 
         SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
         TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String, Object>emptyMap());

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Wed Oct 24 16:14:03 2012
@@ -41,7 +41,7 @@ public class TokenProviderImplTest exten
 
         tokenProvider = new TokenProviderImpl(admin.getLatestRoot(),
                 ConfigurationParameters.EMPTY,
-                securityProvider.getUserConfiguration());
+                getSecurityProvider().getUserConfiguration());
     }
 
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
Wed Oct 24 16:14:03 2012
@@ -41,7 +41,7 @@ public class PrincipalProviderImplTest e
     public void testGetPrincipals() throws Exception {
         Root root = admin.getLatestRoot();
         PrincipalProviderImpl principalProvider =
-                new PrincipalProviderImpl(root, securityProvider.getUserConfiguration(),
NamePathMapper.DEFAULT);
+                new PrincipalProviderImpl(root, getSecurityProvider().getUserConfiguration(),
NamePathMapper.DEFAULT);
 
         String adminId = admin.getAuthInfo().getUserID();
         Set<? extends Principal> principals = principalProvider.getPrincipals(adminId);
@@ -63,7 +63,7 @@ public class PrincipalProviderImplTest e
     @Test
     public void testEveryone() throws Exception {
         Root root = admin.getLatestRoot();
-        UserConfiguration config = securityProvider.getUserConfiguration();
+        UserConfiguration config = getSecurityProvider().getUserConfiguration();
 
         PrincipalProviderImpl principalProvider = new PrincipalProviderImpl(root, config,
NamePathMapper.DEFAULT);
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java?rev=1401756&r1=1401755&r2=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserManagerImplTest.java
Wed Oct 24 16:14:03 2012
@@ -25,10 +25,11 @@ import org.apache.jackrabbit.oak.api.Roo
 import org.apache.jackrabbit.oak.api.Tree;
 import org.apache.jackrabbit.oak.api.Type;
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
+import org.junit.Before;
 import org.junit.Test;
 
 import static junit.framework.Assert.assertEquals;
@@ -43,8 +44,14 @@ import static org.junit.Assert.fail;
  */
 public class UserManagerImplTest extends AbstractSecurityTest {
 
-    private final UserConfigurationImpl uc = new UserConfigurationImpl(
-            ConfigurationParameters.EMPTY, securityProvider);
+    private UserConfiguration uc;
+
+    @Before
+    public void before() throws Exception {
+        super.before();
+
+        uc = getSecurityProvider().getUserConfiguration();
+    }
 
     @Test
     public void testSetPassword() throws Exception {

Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1401756&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
(added)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Wed Oct 24 16:14:03 2012
@@ -0,0 +1,200 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.user.action;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import javax.annotation.Nonnull;
+import javax.jcr.RepositoryException;
+import javax.jcr.nodetype.ConstraintViolationException;
+
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
+import org.apache.jackrabbit.oak.security.user.UserConfigurationImpl;
+import org.apache.jackrabbit.oak.security.user.UserManagerImpl;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+public class PasswordValidationActionTest extends AbstractSecurityTest {
+
+    private PasswordValidationAction pwAction = new PasswordValidationAction();
+    private TestAction testAction = new TestAction();
+
+    private Root root;
+    private UserManager userManager;
+    private User user;
+
+    private User testUser;
+
+    @Before
+    public void before() throws Exception {
+        super.before();
+
+        root = admin.getLatestRoot();
+
+        userManager = new UserManagerImpl(null, root, NamePathMapper.DEFAULT, getSecurityProvider());
+        user = (User) userManager.getAuthorizable(admin.getAuthInfo().getUserID());
+
+        pwAction.setConstraint("^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*");
+
+    }
+
+    @After
+    public void after() throws Exception {
+        if (testUser != null) {
+            testUser.remove();
+            root.commit();
+        }
+        root = null;
+        super.after();
+    }
+
+    @Override
+    protected SecurityProvider getSecurityProvider() {
+        if (securityProvider == null) {
+            securityProvider = new TestSecurityProvider();
+        }
+        return securityProvider;
+    }
+
+    @Test
+    public void testActionIsCalled() throws Exception {
+        testUser = userManager.createUser("testUser", "testUser12345");
+        root.commit();
+        assertEquals(1, testAction.onCreateCalled);
+
+        testUser.changePassword("pW12345678");
+        assertEquals(1, testAction.onPasswordChangeCalled);
+
+        testUser.changePassword("pW1234567890", "pW12345678");
+        assertEquals(2, testAction.onPasswordChangeCalled);
+    }
+
+    @Test
+    public void testPasswordValidationAction() throws Exception {
+        List<String> invalid = new ArrayList<String>();
+        invalid.add("pw1");
+        invalid.add("only6C");
+        invalid.add("12345678");
+        invalid.add("WITHOUTLOWERCASE");
+        invalid.add("withoutuppercase");
+
+        for (String pw : invalid) {
+            try {
+                pwAction.onPasswordChange(user, pw, root);
+                fail("should throw constraint violation");
+            } catch (ConstraintViolationException e) {
+                // success
+            }
+        }
+
+        List<String> valid = new ArrayList<String>();
+        valid.add("abCDefGH");
+        valid.add("Abbbbbbbbbbbb");
+        valid.add("cDDDDDDDDDDDDDDDDD");
+        valid.add("gH%%%%%%%%%%%%%%%%^^");
+        valid.add("&)(*&^%23qW");
+
+        for (String pw : valid) {
+            pwAction.onPasswordChange(user, pw, root);
+        }
+    }
+
+    @Test
+    public void testPasswordValidationActionOnCreate() throws Exception {
+        String hashed = PasswordUtility.buildPasswordHash("DWkej32H");
+        testUser = userManager.createUser("testuser", hashed);
+        root.commit();
+
+        String pwValue = root.getTree(testUser.getPath()).getProperty(UserConstants.REP_PASSWORD).getValue(Type.STRING);
+        assertFalse(PasswordUtility.isPlainTextPassword(pwValue));
+        assertTrue(PasswordUtility.isSame(pwValue, hashed));
+    }
+
+    @Test
+    public void testPasswordValidationActionOnChange() throws Exception {
+        testUser = userManager.createUser("testuser", "testPw123456");
+        root.commit();
+        try {
+            pwAction.setConstraint("abc");
+
+            String hashed = PasswordUtility.buildPasswordHash("abc");
+            testUser.changePassword(hashed);
+
+            fail("Password change must always enforce password validation.");
+
+        } catch (ConstraintViolationException e) {
+            // success
+        }
+    }
+
+    //--------------------------------------------------------------------------
+    private class TestAction extends AbstractAuthorizableAction {
+
+        private int onCreateCalled = 0;
+        private int onPasswordChangeCalled = 0;
+
+        @Override
+        public void onCreate(User user, String password, Root root) throws RepositoryException
{
+            onCreateCalled++;
+        }
+
+        @Override
+        public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException
{
+            onPasswordChangeCalled++;
+        }
+    }
+
+    private class TestSecurityProvider extends SecurityProviderImpl {
+
+        private final AuthorizableAction[] actions;
+
+        private TestSecurityProvider() {
+            this.actions = new AuthorizableAction[] {pwAction, testAction};
+        }
+
+        @Nonnull
+        @Override
+        public UserConfiguration getUserConfiguration() {
+            return new UserConfigurationImpl(ConfigurationParameters.EMPTY, this) {
+
+                @Nonnull
+                @Override
+                public List<AuthorizableAction> getAuthorizableActions() {
+                    return Arrays.asList(actions);
+                }
+            };
+        }
+    }
+}

Copied: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java
(from r1401665, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java)
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java?p2=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java&p1=jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java&r1=1401665&r2=1401756&rev=1401756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/PasswordUtilityTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilityTest.java
Wed Oct 24 16:14:03 2012
@@ -14,7 +14,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.apache.jackrabbit.oak.spi.security.user;
+package org.apache.jackrabbit.oak.spi.security.user.util;
 
 import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
 import org.junit.Test;



Mime
View raw message