Package com.adito.security

Examples of com.adito.security.User


     */
    @Test
    public void loginFailed() throws Exception {
        String username = "jb";
        String password = "qwqwqw";
        User user = createAccount(username, password, "james@localhost", "James Robinson");
        User adminUser = getDefaultUserDatabase().getAccount(USERNAME);
        getDefaultUserDatabase().setPassword(user.getPrincipalName(), password, false, adminUser, PASSWORD);

        try {
            getDefaultUserDatabase().logon("wrong", password);
            // should never be reached
View Full Code Here


     */
    @Test
    public void checkBadPassword() throws Exception {
        String username = "jb";
        String password = "qwqwqw";
        User user = createAccount(username, password, "james@localhost", "James Robinson");
        User adminUser = getDefaultUserDatabase().getAccount(USERNAME);
        getDefaultUserDatabase().setPassword(user.getPrincipalName(), password, false, adminUser, PASSWORD);
        assertFalse("There password should be wrong.", getDefaultUserDatabase().checkPassword(username, "pileof"));
        deleteAccount(user);
    }
View Full Code Here

     */
    @Test
    public void updateUserChangeEmail() throws Exception {
        String email = "james@localhost";
        String username = "jb";
        User user = createAccount(username, "qwqwqw", email, "James Robinson");
        assertTrue("The email should be set.", user.getEmail().equals(email));
        String newEmail = "jb@localhost";
        updateAccount(user, newEmail, user.getFullname(), user.getRoles());
        user = getAccount(username);
        assertTrue("The email should be set.", user.getEmail().equals(newEmail));
        deleteAccount(user);
    }
View Full Code Here

     * @throws Exception
     */
    @Test
    public void cantChangeUsername() throws Exception {
        String username = "jb";
        User user = createAccount(username, "qwqwqw", "ja,es@localhost", "James Robninson");
        assertTrue("The user name should be set.", user.getPrincipalName().equals(username));
        String newUsername = "jimbob";
        updateAccount(user, user.getFullname(), user.getEmail(), user.getRoles());
        user = getAccount(username);
        assertTrue("The user name should be set.", !user.getPrincipalName().equals(newUsername));
        assertTrue("The user name should be set.", user.getPrincipalName().equals(username));
        deleteAccount(user);
    }
View Full Code Here

     */
    @Test
    public void updateUserChangeFullName() throws Exception {
        String fullName = "James Robninson";
        String username = "jb";
        User user = createAccount(username, "qwqwqw", "ja,es@localhost", fullName);
        assertTrue("The full name should be set.", user.getFullname().equals(fullName));
        String newFullName = "James Douglas Robinson";
        updateAccount(user, user.getFullname(), newFullName, user.getRoles());
        user = getAccount(username);
        assertTrue("The full name should be set.", user.getFullname().equals(newFullName));
        deleteAccount(user);
    }
View Full Code Here

     */
    @Test(expected = UserNotFoundException.class)
    public void deleteUnknownUser() throws Exception {
        String fullName = "James Robninson";
        String username = "jb";
        User user = createAccount(username, "qwqwqw", "ja,es@localhost", fullName);
        user = getAccount(username);
        deleteAccount(user, user);
        fail("Delete user should have thrown an exception");
    }
View Full Code Here

     */
    @Test
    public void assignRolesToUser() throws Exception {
        String userName = "jb";
        Role role = createRole("Group1");
        User user = createAccount(userName, "qwqwqw", "james@localhost", "James Robninson");
        user = updateAccountRoles(user, Collections.singleton(role));
        assertEquals("The roles should be the same.", role.getPrincipalName(), user.getRoles()[0].getPrincipalName());
        user = updateAccountRoles(user, Collections.<Role> emptyList());
        User[] usersInRole = getUserService().getDefaultUserDatabase().getUsersInRole(role);
        assertEquals("There should be the user in the list.", usersInRole.length, 0);
        User retrievedUser2 = getUserService().getDefaultUserDatabase().getAccount(user.getPrincipalName());
        List<Role> usersRoles2 = Arrays.asList(retrievedUser2.getRoles());
        assertTrue("The role should not have any users.", usersRoles2.isEmpty());
        deleteAccount(user);
        deleteRole(role);
    }
View Full Code Here

        User[] currentUsers = getDefaultUserDatabase().listAllUsers(UserDatabase.WILDCARD_SEARCH, Integer.MAX_VALUE);
        int currentNumberOfUsers = currentUsers.length;
        assertEquals("There should only be the one user and he is the super user.", getDefaultUserDatabase().listAllUsers(
            UserDatabase.WILDCARD_SEARCH, Integer.MAX_VALUE).length, 1);
        // create 6 users
        User user1 = createAccount("aaaa", "aaaa", "aaaa@localhost", "AAAA");
        User user2 = createAccount("abbb", "abbb", "abbb@localhost", "ABBB");
        User user3 = createAccount("aabb", "aabb", "aabb@localhost", "AABB");
        User user4 = createAccount("aaab", "aaab", "aaab@localhost", "AAAB");
        User user5 = createAccount("bbbb", "bbbb", "bbbb@localhost", "BBBB");
        User user6 = createAccount("xaax", "xaax", "xaax@localhost", "XAAX");
        assertEquals("There should be the seven users.", getDefaultUserDatabase().listAllUsers(UserDatabase.WILDCARD_SEARCH,
            Integer.MAX_VALUE).length, currentNumberOfUsers + 6);
        assertEquals("There should be the four users.", getDefaultUserDatabase().listAllUsers("a*", Integer.MAX_VALUE).length, 4);
        assertEquals("There should be the three users.", getDefaultUserDatabase().listAllUsers("aa*", Integer.MAX_VALUE).length, 3);
        assertEquals("There should be the two users.", getDefaultUserDatabase().listAllUsers("aaa*", Integer.MAX_VALUE).length, 2);
View Full Code Here

   *      javax.servlet.http.HttpServletRequest,
   *      javax.servlet.http.HttpServletResponse)
   */
  public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest request,
                    HttpServletResponse response) throws Exception {
    User user = (User) request.getSession().getAttribute("setPassword.user");
    ((SetPasswordForm) form).initialize(user);
    if (((SetPasswordForm) form).getReferer() == null) {
      ((SetPasswordForm) form).setReferer(getReferer(request));
    }
    request.getSession().removeAttribute("setPassword.user");
    ActionMessages messages = new ActionMessages();
    messages.add(Globals.MESSAGE_KEY,
      new ActionMessage("setPassword.message.passwordPolicy",
              Property.getProperty(new RealmKey("security.password.pattern.description", user.getRealm()
                      .getResourceId()))));
    saveMessages(request, messages);
    CoreUtil.addRequiredFieldMessage(this, request);
    return mapping.findForward("display");
  }
View Full Code Here

   * @throws Exception
   */
  public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
          throws Exception {
    SetPasswordForm setPasswordForm = (SetPasswordForm) form;
        User user = setPasswordForm.getUser();
    UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(getSessionInfo(request).getUser().getRealm());

    if (user == null) {
      user = (User) this.getSessionInfo(request).getHttpSession().getAttribute("newUser");
    }

    if (!udb.supportsPasswordChange()) {
      throw new Exception("Underlying database does not support changing of passwords.");
    }
    SessionInfo info = this.getSessionInfo(request);

    // Read in all of the confidential user attribute values

    /* BPS - Can only do this if the users key is currently loaded */

    Properties confidentialAttributes = new Properties();
    UserAttributes userAttributes = (UserAttributes) PropertyClassManager.getInstance().getPropertyClass(UserAttributes.NAME);
    if ("automatic".equals(Property.getProperty(new SystemConfigKey("security.privateKeyMode")))
            && PublicKeyStore.getInstance().hasLoadedKey(user.getPrincipalName())) {
      for (PropertyDefinition def : userAttributes.getDefinitions()) {
        AttributeDefinition attrDef = (AttributeDefinition) def;
        if (attrDef.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
          String val = attrDef.getPropertyClass()
          .retrieveProperty(new UserAttributeKey(user, def.getName()));
          if(val == null) {
            val = def.getDefaultValue();
          }
          confidentialAttributes.setProperty(def.getName(), val);
        }
      }
    }

    try {

      char[] creds = LogonControllerFactory.getInstance()
              .getPasswordFromCredentials((AuthenticationScheme) request.getSession()
                      .getAttribute(Constants.AUTH_SESSION));

      if (creds == null) {
                HttpSession httpSession = getSessionInfo(request).getHttpSession();
                httpSession.setAttribute("newUser", user);
                // as the form will be reset, we need to store the current values to be used later
                httpSession.setAttribute(SetPasswordForm.SAVED_PASSWORD, setPasswordForm.getConfirmPassword());
                httpSession.setAttribute(SetPasswordForm.SAVED_FORCE_PASSWORD_CHANGE, setPasswordForm.getForceChangePasswordAtLogon());
                String forwardTo = Util.urlEncode(CoreUtil.addParameterToPath(request.getServletPath(), "action", "commit"));
                return new ActionForward("/promptForSessionPassword.do?forwardTo=" + forwardTo, false);
      }

      udb.setPassword(user.getPrincipalName(),
        setPasswordForm.getNewPassword(),
        setPasswordForm.getForceChangePasswordAtLogon(),
        LogonControllerFactory.getInstance().getUser(request),
        new String(creds));

      /* Only attempt to re-encrypt user attributes if users key is loaded */
      if ("automatic".equals(Property.getProperty(new SystemConfigKey("security.privateKeyMode")))) {
        if(PublicKeyStore.getInstance().hasLoadedKey(user.getPrincipalName())) {
          PublicKeyStore.getInstance().removeKeys(user.getPrincipalName());
          PublicKeyStore.getInstance().verifyPrivateKey(user.getPrincipalName(), setPasswordForm.getNewPassword().toCharArray());
          for(Iterator i = confidentialAttributes.keySet().iterator(); i.hasNext(); ) {
            String n = (String)i.next();
            AttributeDefinition attrDef = (AttributeDefinition) userAttributes.getDefinition(n);
            if (attrDef.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
              Property.setProperty(new UserAttributeKey(user, n),
                confidentialAttributes.getProperty(n),
                info);
            }
          }
        }
      }
      else {
                PublicKeyStore.getInstance().removeCachedKeys(user.getPrincipalName());
      }

      CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this,
              CoreEventConstants.CHANGE_PASSWORD,
              null,
              info,
              CoreEvent.STATE_SUCCESSFUL).addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID,
        user.getPrincipalName()));
      return mapping.findForward("success");
    } catch (PasswordPolicyViolationException e) {
      saveError(request, "setPassword.error.doesNotMatchPolicy");
      return mapping.findForward("display");
    } catch (Exception e) {
      CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this,
              CoreEventConstants.CHANGE_PASSWORD,
              null,
              info,
              CoreEvent.STATE_UNSUCCESSFUL).addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID,
        user.getPrincipalName()));
      throw e;
    } finally {
    }
  }
View Full Code Here

TOP

Related Classes of com.adito.security.User

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.