1 31 32 package org.opencms.security; 33 34 import org.opencms.db.CmsLoginMessage; 35 import org.opencms.file.CmsObject; 36 import org.opencms.file.CmsUser; 37 import org.opencms.main.CmsException; 38 import org.opencms.main.OpenCms; 39 import org.opencms.test.OpenCmsTestCase; 40 import org.opencms.test.OpenCmsTestProperties; 41 42 import junit.extensions.TestSetup; 43 import junit.framework.Test; 44 import junit.framework.TestSuite; 45 46 54 public class TestLoginAndPasswordHandler extends OpenCmsTestCase { 55 56 61 public TestLoginAndPasswordHandler(String arg0) { 62 super(arg0); 63 } 64 65 70 public static Test suite() { 71 OpenCmsTestProperties.initialize(org.opencms.test.AllTests.TEST_PROPERTIES_PATH); 72 73 TestSuite suite = new TestSuite(); 74 suite.setName(TestLoginAndPasswordHandler.class.getName()); 75 76 suite.addTest(new TestLoginAndPasswordHandler("testLoginUser")); 77 suite.addTest(new TestLoginAndPasswordHandler("testLoginMessage")); 78 suite.addTest(new TestLoginAndPasswordHandler("testPasswordValidation")); 79 suite.addTest(new TestLoginAndPasswordHandler("testSetResetPassword")); 80 81 TestSetup wrapper = new TestSetup(suite) { 82 83 protected void setUp() { 84 setupOpenCms("simpletest", "/sites/default/"); 85 } 86 87 protected void tearDown() { 88 removeOpenCms(); 89 } 90 }; 91 92 return wrapper; 93 } 94 95 100 public void testLoginMessage() throws Exception { 101 102 echo("Testing login messages"); 103 104 CmsObject cms = getCmsObject(); 106 107 String adminUser = OpenCms.getDefaultUsers().getUserAdmin(); 108 String test1User = "test1"; 109 110 assertNull(OpenCms.getLoginManager().getLoginMessage()); 112 113 String message = "This is the test login message"; 114 115 CmsLoginMessage loginMessage = new CmsLoginMessage(message, true); 117 OpenCms.getLoginManager().setLoginMessage(cms, loginMessage); 118 119 CmsException error = null; 120 try { 121 cms.loginUser(test1User, "test1"); 122 } catch (CmsAuthentificationException e) { 123 error = e; 124 } 125 assertNotNull(error); 126 assertSame(Messages.ERR_LOGIN_FAILED_WITH_MESSAGE_1, error.getMessageContainer().getKey()); 127 assertTrue(error.getMessage().indexOf(message) > 0); 128 129 cms.loginUser(adminUser, "admin"); 130 131 OpenCms.getLoginManager().removeLoginMessage(cms); 133 cms.loginUser(test1User, "test1"); 134 135 cms.loginUser(adminUser, "admin"); 136 137 loginMessage = new CmsLoginMessage(message, false); 139 OpenCms.getLoginManager().setLoginMessage(cms, loginMessage); 140 cms.loginUser(test1User, "test1"); 141 142 cms.loginUser(adminUser, "admin"); 143 144 loginMessage = new CmsLoginMessage(0, System.currentTimeMillis(), message, true); 146 OpenCms.getLoginManager().setLoginMessage(cms, loginMessage); 147 cms.loginUser(test1User, "test1"); 148 149 cms.loginUser(adminUser, "admin"); 150 151 loginMessage = new CmsLoginMessage(System.currentTimeMillis() + 100000, Long.MAX_VALUE, message, true); 153 OpenCms.getLoginManager().setLoginMessage(cms, loginMessage); 154 cms.loginUser(test1User, "test1"); 155 156 cms.loginUser(adminUser, "admin"); 157 loginMessage = new CmsLoginMessage(message, true); 158 OpenCms.getLoginManager().setLoginMessage(cms, loginMessage); 159 error = null; 160 try { 161 cms.loginUser(test1User, "test1"); 162 } catch (CmsAuthentificationException e) { 163 error = e; 164 } 165 assertNotNull(error); 166 assertSame(Messages.ERR_LOGIN_FAILED_WITH_MESSAGE_1, error.getMessageContainer().getKey()); 167 assertTrue(error.getMessage().indexOf(message) > 0); 168 169 cms.loginUser(adminUser, "admin"); 170 OpenCms.getLoginManager().removeLoginMessage(cms); 171 } 172 173 178 public void testLoginUser() throws Exception { 179 180 echo("Testing Exception behaviour during login"); 181 182 CmsObject cms = getCmsObject(); 184 185 String adminUser = OpenCms.getDefaultUsers().getUserAdmin(); 186 187 cms.loginUser(adminUser, "admin"); 189 assertEquals(adminUser, cms.getRequestContext().currentUser().getName()); 190 191 CmsException error = null; 192 try { 193 cms.loginUser(adminUser, "imamwrong"); 195 } catch (CmsAuthentificationException e) { 196 error = e; 197 } 198 assertNotNull(error); 199 assertSame(Messages.ERR_LOGIN_FAILED_3, error.getMessageContainer().getKey()); 200 201 error = null; 202 try { 203 cms.loginUser("idontexist", "imnotimportant"); 205 } catch (CmsAuthentificationException e) { 206 error = e; 207 } 208 assertNotNull(error); 209 assertSame(Messages.ERR_LOGIN_FAILED_NO_USER_3, error.getMessageContainer().getKey()); 210 211 String test1User = "test1"; 212 cms.loginUser(test1User, "test1"); 214 assertEquals(test1User, cms.getRequestContext().currentUser().getName()); 215 216 cms.loginUser(adminUser, "admin"); 218 assertEquals(adminUser, cms.getRequestContext().currentUser().getName()); 219 220 CmsUser test1 = cms.readUser(test1User); 222 test1.setEnabled(false); 223 cms.writeUser(test1); 224 225 error = null; 226 try { 227 cms.loginUser(test1User, "test1"); 229 } catch (CmsAuthentificationException e) { 230 error = e; 231 } 232 assertNotNull(error); 233 assertSame(Messages.ERR_LOGIN_FAILED_DISABLED_3, error.getMessageContainer().getKey()); 234 235 test1.setEnabled(true); 237 cms.writeUser(test1); 238 239 cms.loginUser(test1User, "test1"); 241 assertEquals(test1User, cms.getRequestContext().currentUser().getName()); 242 } 243 244 249 public void testPasswordValidation() throws Throwable { 250 251 echo("Testing password validation handler"); 252 253 I_CmsPasswordHandler passwordHandler = OpenCms.getPasswordHandler(); 254 boolean failure = false; 255 256 try { 258 passwordHandler.validatePassword("1*3"); 259 failure = true; 260 } catch (CmsSecurityException exc) { 261 } 263 264 if (failure) { 265 fail("Invalid password 1*3 validated."); 266 } 267 268 try { 270 passwordHandler.validatePassword("zyz*nowski"); 271 } catch (Exception exc) { 272 echo ("zyznowski invalid:" + exc.getMessage()); 273 } 274 275 try { 276 passwordHandler.validatePassword("Alfa99"); 277 } catch (Exception exc) { 278 echo ("alfa invalid:" + exc.getMessage()); 279 } 280 281 try { 282 passwordHandler.validatePassword("ca%Dill"); 283 } catch (Exception exc) { 284 echo ("ferrar invalid:" + exc.getMessage()); 285 } 286 287 try { 288 passwordHandler.validatePassword("#ulary"); 289 } catch (Exception exc) { 290 echo ("ulary invalid:" + exc.getMessage()); 291 } 292 } 293 294 299 public void testSetResetPassword() throws Throwable { 300 301 echo("Testing setting the password as admin"); 302 CmsObject cms = getCmsObject(); 303 304 cms.setPassword("Admin", "admin", "password1"); 306 307 cms.loginUser("Admin", "password1"); 309 310 cms.setPassword("Admin", "password2"); 312 313 cms.loginUser("Admin", "password2"); 315 316 cms.setPassword("Admin", "password2", "admin"); 318 319 cms.loginUser("Admin", "admin"); 321 } 322 } 323 | Popular Tags |