Java > Open Source Codes > org > opencms > security > TestLoginAndPasswordHandler


1 /*
2  * File : $Source: /usr/local/cvs/opencms/test/org/opencms/security/TestLoginAndPasswordHandler.java,v $
3  * Date : $Date: 2006/03/27 14:53:03 $
4  * Version: $Revision: 1.7 $
5  *
6  * This library is part of OpenCms -
7  * the Open Source Content Mananagement System
8  *
9  * Copyright (c) 2005 Alkacon Software GmbH (http://www.alkacon.com)
10  *
11  * This library is free software; you can redistribute it and/or
12  * modify it under the terms of the GNU Lesser General Public
13  * License as published by the Free Software Foundation; either
14  * version 2.1 of the License, or (at your option) any later version.
15  *
16  * This library is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19  * Lesser General Public License for more details.
20  *
21  * For further information about Alkacon Software GmbH, please see the
22  * company website: http://www.alkacon.com
23  *
24  * For further information about OpenCms, please see the
25  * project website: http://www.opencms.org
26  *
27  * You should have received a copy of the GNU Lesser General Public
28  * License along with this library; if not, write to the Free Software
29  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30  */
31  
32 package org.opencms.security;
33
34 import org.opencms.db.CmsLoginMessage;
35 import org.opencms.file.CmsObject;
36 import org.opencms.file.CmsUser;
37 import org.opencms.main.CmsException;
38 import org.opencms.main.OpenCms;
39 import org.opencms.test.OpenCmsTestCase;
40 import org.opencms.test.OpenCmsTestProperties;
41
42 import junit.extensions.TestSetup;
43 import junit.framework.Test;
44 import junit.framework.TestSuite;
45
46 /**
47  * Tests login and password related functions.<p>
48  *
49  * @author Alexander Kandzior
50  * @version $Revision: 1.7 $
51  *
52  * @since 6.0
53  */
54 public class TestLoginAndPasswordHandler extends OpenCmsTestCase {
55
56     /**
57      * Default JUnit constructor.<p>
58      *
59      * @param arg0 JUnit parameters
60      */
61     public TestLoginAndPasswordHandler(String arg0) {
62         super(arg0);
63     }
64     
65     /**
66      * Test suite for this test class.<p>
67      *
68      * @return the test suite
69      */
70     public static Test suite() {
71         OpenCmsTestProperties.initialize(org.opencms.test.AllTests.TEST_PROPERTIES_PATH);
72         
73         TestSuite suite = new TestSuite();
74         suite.setName(TestLoginAndPasswordHandler.class.getName());
75
76         suite.addTest(new TestLoginAndPasswordHandler("testLoginUser"));
77         suite.addTest(new TestLoginAndPasswordHandler("testLoginMessage"));
78         suite.addTest(new TestLoginAndPasswordHandler("testPasswordValidation"));
79         suite.addTest(new TestLoginAndPasswordHandler("testSetResetPassword"));
80         
81         TestSetup wrapper = new TestSetup(suite) {
82             
83             protected void setUp() {
84                 setupOpenCms("simpletest", "/sites/default/");
85             }
86             
87             protected void tearDown() {
88                 removeOpenCms();
89             }
90         };
91         
92         return wrapper;
93     }
94     
95     /**
96      * Tests the login message functions.<p>
97      *
98      * @throws Exception if the test fails
99      */
100     public void testLoginMessage() throws Exception {
101         
102         echo("Testing login messages");
103         
104         // this will be initialized as "Admin"
105 CmsObject cms = getCmsObject();
106         
107         String adminUser = OpenCms.getDefaultUsers().getUserAdmin();
108         String test1User = "test1";
109         
110         // initial the login message must be null
111 assertNull(OpenCms.getLoginManager().getLoginMessage());
112         
113         String message = "This is the test login message";
114         
115         // check a "blocking" login message
116 CmsLoginMessage loginMessage = new CmsLoginMessage(message, true);
117         OpenCms.getLoginManager().setLoginMessage(cms, loginMessage);
118         
119         CmsException error = null;
120         try {
121             cms.loginUser(test1User, "test1");
122         } catch (CmsAuthentificationException e) {
123             error = e;
124         }
125         assertNotNull(error);
126         assertSame(Messages.ERR_LOGIN_FAILED_WITH_MESSAGE_1, error.getMessageContainer().getKey());
127         assertTrue(error.getMessage().indexOf(message) > 0);
128         
129         cms.loginUser(adminUser, "admin");
130         
131         // remove message and try again
132 OpenCms.getLoginManager().removeLoginMessage(cms);
133         cms.loginUser(test1User, "test1");
134
135         cms.loginUser(adminUser, "admin");
136         
137         // check a "non blocking" login message
138 loginMessage = new CmsLoginMessage(message, false);
139         OpenCms.getLoginManager().setLoginMessage(cms, loginMessage);
140         cms.loginUser(test1User, "test1");
141         
142         cms.loginUser(adminUser, "admin");
143
144         // check an expired login message
145 loginMessage = new CmsLoginMessage(0, System.currentTimeMillis(), message, true);
146         OpenCms.getLoginManager().setLoginMessage(cms, loginMessage);
147         cms.loginUser(test1User, "test1");
148         
149         cms.loginUser(adminUser, "admin");
150         
151         // check a login message in the far future
152 loginMessage = new CmsLoginMessage(System.currentTimeMillis() + 100000, Long.MAX_VALUE, message, true);
153         OpenCms.getLoginManager().setLoginMessage(cms, loginMessage);
154         cms.loginUser(test1User, "test1");
155         
156         cms.loginUser(adminUser, "admin");
157         loginMessage = new CmsLoginMessage(message, true);
158         OpenCms.getLoginManager().setLoginMessage(cms, loginMessage);
159         error = null;
160         try {
161             cms.loginUser(test1User, "test1");
162         } catch (CmsAuthentificationException e) {
163             error = e;
164         }
165         assertNotNull(error);
166         assertSame(Messages.ERR_LOGIN_FAILED_WITH_MESSAGE_1, error.getMessageContainer().getKey());
167         assertTrue(error.getMessage().indexOf(message) > 0);
168         
169         cms.loginUser(adminUser, "admin");
170         OpenCms.getLoginManager().removeLoginMessage(cms);
171     }
172     
173     /**
174      * Tests logging in as a user (checking for different kind of exceptions).<p>
175      *
176      * @throws Exception if the test fails
177      */
178     public void testLoginUser() throws Exception {
179         
180         echo("Testing Exception behaviour during login");
181         
182         // this will be initialized as "Admin"
183 CmsObject cms = getCmsObject();
184         
185         String adminUser = OpenCms.getDefaultUsers().getUserAdmin();
186         
187         // stupid test to just make sure everything is set up correctly
188 cms.loginUser(adminUser, "admin");
189         assertEquals(adminUser, cms.getRequestContext().currentUser().getName());
190         
191         CmsException error = null;
192         try {
193             // try to login with a valid username but a wrong password
194 cms.loginUser(adminUser, "imamwrong");
195         } catch (CmsAuthentificationException e) {
196             error = e;
197         }
198         assertNotNull(error);
199         assertSame(Messages.ERR_LOGIN_FAILED_3, error.getMessageContainer().getKey());
200         
201         error = null;
202         try {
203             // try to login with an invlaid username
204 cms.loginUser("idontexist", "imnotimportant");
205         } catch (CmsAuthentificationException e) {
206             error = e;
207         }
208         assertNotNull(error);
209         assertSame(Messages.ERR_LOGIN_FAILED_NO_USER_3, error.getMessageContainer().getKey());
210         
211         String test1User = "test1";
212         // now try a different user
213 cms.loginUser(test1User, "test1");
214         assertEquals(test1User, cms.getRequestContext().currentUser().getName());
215         
216         // back to admin (to change the test1 user)
217 cms.loginUser(adminUser, "admin");
218         assertEquals(adminUser, cms.getRequestContext().currentUser().getName());
219         
220         // disable the test1 user
221 CmsUser test1 = cms.readUser(test1User);
222         test1.setEnabled(false);
223         cms.writeUser(test1);
224         
225         error = null;
226         try {
227             // try to login with an invalid username
228 cms.loginUser(test1User, "test1");
229         } catch (CmsAuthentificationException e) {
230             error = e;
231         }
232         assertNotNull(error);
233         assertSame(Messages.ERR_LOGIN_FAILED_DISABLED_3, error.getMessageContainer().getKey());
234         
235         // enable the test1 user again
236 test1.setEnabled(true);
237         cms.writeUser(test1);
238         
239         // try again to login
240 cms.loginUser(test1User, "test1");
241         assertEquals(test1User, cms.getRequestContext().currentUser().getName());
242     }
243     
244     /**
245      * Tests the static "validatePassword" method of the password handler.<p>
246      *
247      * @throws Throwable if something goes wrong
248      */
249     public void testPasswordValidation() throws Throwable {
250         
251         echo("Testing password validation handler");
252         
253         I_CmsPasswordHandler passwordHandler = OpenCms.getPasswordHandler();
254         boolean failure = false;
255         
256         // passwords must have a minimal length of 4 charaters
257 try {
258             passwordHandler.validatePassword("1*3");
259             failure = true;
260         } catch (CmsSecurityException exc) {
261             // noop
262 }
263         
264         if (failure) {
265             fail("Invalid password 1*3 validated.");
266         }
267         
268         // try some valid passwords
269 try {
270             passwordHandler.validatePassword("zyz*nowski");
271         } catch (Exception exc) {
272             echo ("zyznowski invalid:" + exc.getMessage());
273         }
274
275         try {
276             passwordHandler.validatePassword("Alfa99");
277         } catch (Exception exc) {
278             echo ("alfa invalid:" + exc.getMessage());
279         }
280         
281         try {
282             passwordHandler.validatePassword("ca%Dill");
283         } catch (Exception exc) {
284             echo ("ferrar invalid:" + exc.getMessage());
285         }
286         
287         try {
288             passwordHandler.validatePassword("#ulary");
289         } catch (Exception exc) {
290             echo ("ulary invalid:" + exc.getMessage());
291         }
292     }
293     
294     /**
295      * Tests the setPassword and resetPassword methods.<p>
296      *
297      * @throws Throwable if something goes wrong
298      */
299     public void testSetResetPassword() throws Throwable {
300         
301         echo("Testing setting the password as admin");
302         CmsObject cms = getCmsObject();
303         
304         // change password of admin
305 cms.setPassword("Admin", "admin", "password1");
306         
307         // login with the new password
308 cms.loginUser("Admin", "password1");
309         
310         // change password again
311 cms.setPassword("Admin", "password2");
312         
313         // login with the new password
314 cms.loginUser("Admin", "password2");
315         
316         // change password again, this time with the old password
317 cms.setPassword("Admin", "password2", "admin");
318         
319         // check if the password was changed
320 cms.loginUser("Admin", "admin");
321     }
322 }
323

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags