Examples of org.ejbca.core.ejb.ra.UserData

• org.ejbca.core.ejb.ra.UserData
  Representation of a User. Passwords should me manipulated through helper functions setPassword() and setOpenPassword(). The setPassword() function sets the hashed password, while the setOpenPassword() method sets both the hashed password and the clear text password. The method comparePassword() is used to verify a password against the hashed password. @version $Id: UserData.java 11593 2011-03-23 12:03:06Z jeklund $

*/
public class UserDataTest {

  @Test
    public void test01UserPassword() throws Exception {
      UserData data = new UserData();
      data.setPassword("foo123");
      String hash = data.getPasswordHash();
      // Check that it by default generates a strong bcrypt password hash
      assertTrue(hash.startsWith("$2"));
      assertFalse(data.comparePassword("bar123"));
      assertTrue(data.comparePassword("foo123"));
      // Set the same password again, it should be another hash this time
      data.setPassword("foo123");
      String hash1 = data.getPasswordHash();
      assertTrue(hash1.startsWith("$2"));
      assertFalse(hash1.equals(hash));

      // Now check that we can still use old password hashes transparently usgin the old fixed sha1 hash of foo123
      data.setPasswordHash("3b303d8b0364d9265c06adc8584258376150c9b5");
      assertEquals("3b303d8b0364d9265c06adc8584258376150c9b5", data.getPasswordHash());
      assertFalse(data.comparePassword("bar123"));
      assertTrue(data.comparePassword("foo123"));

      // Check that set clear text password works as well
      data.setOpenPassword("primekey");
      hash = data.getPasswordHash();
      // Check that it by default generates a strong bcrypt password hash
      assertTrue(hash.startsWith("$2"));
      assertFalse(data.comparePassword("foo123123"));
      assertTrue(data.comparePassword("primekey"));
      assertEquals("primekey", data.getClearPassword());

    }

  }

  public void testUserData() {
    LOG.trace(">testUserData");
    logMemStats();
    UserData entity = new UserData();
    entity.setCaId(0);
    entity.setCardNumber(VARCHAR_250B);
    entity.setCertificateProfileId(0);
    entity.setClearPassword(VARCHAR_250B);
    entity.setEndEntityProfileId(0);
    entity.setExtendedInformationData(CLOB_1MiB);
    entity.setHardTokenIssuerId(0);
    entity.setKeyStorePassword(VARCHAR_250B);
    entity.setPasswordHash(VARCHAR_250B);
    entity.setRowProtection(CLOB_10KiB);
    entity.setRowVersion(0);
    entity.setStatus(0);
    entity.setSubjectAltName(VARCHAR_250B);
    entity.setSubjectDN(VARCHAR_250B);
    entity.setSubjectEmail(VARCHAR_250B);
    entity.setTimeCreated(0L);
    entity.setTimeModified(0L);
    entity.setTokenType(0);
    entity.setType(0);
    entity.setUsername(VARCHAR_250B);
    storeAndRemoveEntity(entity);
    LOG.trace("<testUserData");
  }

      if (log.isTraceEnabled()) {
            log.trace(">authenticateUser(" + username + ", hiddenpwd)");
      }
        try {
            // Find the user with username username, or throw FinderException
            final UserData data = UserData.findByUsername(entityManager, username);
            if (data == null) {
              throw new ObjectNotFoundException("Could not find username " + username);
            }
            // Decrease the remaining login attempts. When zero, the status is set to STATUS_GENERATED
             userAdminSession.decRemainingLoginAttempts(admin, username);
             final int status = data.getStatus();
            if ( (status == UserDataConstants.STATUS_NEW) || (status == UserDataConstants.STATUS_FAILED) || (status == UserDataConstants.STATUS_INPROCESS) || (status == UserDataConstants.STATUS_KEYRECOVERY)) {
              if (log.isDebugEnabled()) {
                log.debug("Trying to authenticate user: username="+username+", dn="+data.getSubjectDN()+", email="+data.getSubjectEmail()+", status="+status+", type="+data.getType());
              }
                if (!data.comparePassword(password)) {
                  final String msg = intres.getLocalizedMessage("authentication.invalidpwd", username);
                  logSession.log(admin, data.getCaId(), LogConstants.MODULE_CA, new Date(),username, null, LogConstants.EVENT_ERROR_USERAUTHENTICATION,msg);
                  throw new AuthLoginException(msg);
                }
                // Resets the remaining login attempts as this was a successful login
                userAdminSession.resetRemainingLoginAttempts(admin, username);
              // Log formal message that authentication was successful
                final String msg = intres.getLocalizedMessage("authentication.authok", username);
                logSession.log(admin, data.getCaId(), LogConstants.MODULE_CA, new Date(),username, null, LogConstants.EVENT_INFO_USERAUTHENTICATION, msg);
              if (log.isTraceEnabled()) {
                    log.trace("<authenticateUser("+username+", hiddenpwd)");
              }
                return data.toUserDataVO();
            }
          final String msg = intres.getLocalizedMessage("authentication.wrongstatus", UserDataConstants.getStatusText(status), Integer.valueOf(status), username);
          logSession.log(admin, data.getCaId(), LogConstants.MODULE_CA, new Date(),username, null, LogConstants.EVENT_INFO_USERAUTHENTICATION, msg);
            throw new AuthStatusException(msg);
        } catch (ObjectNotFoundException oe) {
          final String msg = intres.getLocalizedMessage("authentication.usernotfound", username);
          logSession.log(admin, admin.getCaId(), LogConstants.MODULE_CA, new Date(),username, null, LogConstants.EVENT_INFO_USERAUTHENTICATION, msg);
            throw oe;