Package com.adito.security

Examples of com.adito.security.User

135
136
137
138
139
140
141
142
143
144
145
146
     */
    @Test
    public void loginFailed() throws Exception {
        String username = "jb";
        String password = "qwqwqw";
        User user = createAccount(username, password, "james@localhost", "James Robinson");
        User adminUser = getDefaultUserDatabase().getAccount(USERNAME);
        getDefaultUserDatabase().setPassword(user.getPrincipalName(), password, false, adminUser, PASSWORD);

        try {
            getDefaultUserDatabase().logon("wrong", password);
            // should never be reached
View Full Code Here
158
159
160
161
162
163
164
165
166
167
168
     */
    @Test
    public void checkBadPassword() throws Exception {
        String username = "jb";
        String password = "qwqwqw";
        User user = createAccount(username, password, "james@localhost", "James Robinson");
        User adminUser = getDefaultUserDatabase().getAccount(USERNAME);
        getDefaultUserDatabase().setPassword(user.getPrincipalName(), password, false, adminUser, PASSWORD);
        assertFalse("There password should be wrong.", getDefaultUserDatabase().checkPassword(username, "pileof"));
        deleteAccount(user);
    }
View Full Code Here
174
175
176
177
178
179
180
181
182
183
184
185
186
     */
    @Test
    public void updateUserChangeEmail() throws Exception {
        String email = "james@localhost";
        String username = "jb";
        User user = createAccount(username, "qwqwqw", email, "James Robinson");
        assertTrue("The email should be set.", user.getEmail().equals(email));
        String newEmail = "jb@localhost";
        updateAccount(user, newEmail, user.getFullname(), user.getRoles());
        user = getAccount(username);
        assertTrue("The email should be set.", user.getEmail().equals(newEmail));
        deleteAccount(user);
    }
View Full Code Here
191
192
193
194
195
196
197
198
199
200
201
202
203
204
     * @throws Exception
     */
    @Test
    public void cantChangeUsername() throws Exception {
        String username = "jb";
        User user = createAccount(username, "qwqwqw", "ja,es@localhost", "James Robninson");
        assertTrue("The user name should be set.", user.getPrincipalName().equals(username));
        String newUsername = "jimbob";
        updateAccount(user, user.getFullname(), user.getEmail(), user.getRoles());
        user = getAccount(username);
        assertTrue("The user name should be set.", !user.getPrincipalName().equals(newUsername));
        assertTrue("The user name should be set.", user.getPrincipalName().equals(username));
        deleteAccount(user);
    }
View Full Code Here
210
211
212
213
214
215
216
217
218
219
220
221
222
     */
    @Test
    public void updateUserChangeFullName() throws Exception {
        String fullName = "James Robninson";
        String username = "jb";
        User user = createAccount(username, "qwqwqw", "ja,es@localhost", fullName);
        assertTrue("The full name should be set.", user.getFullname().equals(fullName));
        String newFullName = "James Douglas Robinson";
        updateAccount(user, user.getFullname(), newFullName, user.getRoles());
        user = getAccount(username);
        assertTrue("The full name should be set.", user.getFullname().equals(newFullName));
        deleteAccount(user);
    }
View Full Code Here
228
229
230
231
232
233
234
235
236
237
     */
    @Test(expected = UserNotFoundException.class)
    public void deleteUnknownUser() throws Exception {
        String fullName = "James Robninson";
        String username = "jb";
        User user = createAccount(username, "qwqwqw", "ja,es@localhost", fullName);
        user = getAccount(username);
        deleteAccount(user, user);
        fail("Delete user should have thrown an exception");
    }
View Full Code Here
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
     */
    @Test
    public void assignRolesToUser() throws Exception {
        String userName = "jb";
        Role role = createRole("Group1");
        User user = createAccount(userName, "qwqwqw", "james@localhost", "James Robninson");
        user = updateAccountRoles(user, Collections.singleton(role));
        assertEquals("The roles should be the same.", role.getPrincipalName(), user.getRoles()[0].getPrincipalName());
        user = updateAccountRoles(user, Collections.<Role> emptyList());
        User[] usersInRole = getUserService().getDefaultUserDatabase().getUsersInRole(role);
        assertEquals("There should be the user in the list.", usersInRole.length, 0);
        User retrievedUser2 = getUserService().getDefaultUserDatabase().getAccount(user.getPrincipalName());
        List<Role> usersRoles2 = Arrays.asList(retrievedUser2.getRoles());
        assertTrue("The role should not have any users.", usersRoles2.isEmpty());
        deleteAccount(user);
        deleteRole(role);
    }
View Full Code Here
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
        User[] currentUsers = getDefaultUserDatabase().listAllUsers(UserDatabase.WILDCARD_SEARCH, Integer.MAX_VALUE);
        int currentNumberOfUsers = currentUsers.length;
        assertEquals("There should only be the one user and he is the super user.", getDefaultUserDatabase().listAllUsers(
            UserDatabase.WILDCARD_SEARCH, Integer.MAX_VALUE).length, 1);
        // create 6 users
        User user1 = createAccount("aaaa", "aaaa", "aaaa@localhost", "AAAA");
        User user2 = createAccount("abbb", "abbb", "abbb@localhost", "ABBB");
        User user3 = createAccount("aabb", "aabb", "aabb@localhost", "AABB");
        User user4 = createAccount("aaab", "aaab", "aaab@localhost", "AAAB");
        User user5 = createAccount("bbbb", "bbbb", "bbbb@localhost", "BBBB");
        User user6 = createAccount("xaax", "xaax", "xaax@localhost", "XAAX");
        assertEquals("There should be the seven users.", getDefaultUserDatabase().listAllUsers(UserDatabase.WILDCARD_SEARCH,
            Integer.MAX_VALUE).length, currentNumberOfUsers + 6);
        assertEquals("There should be the four users.", getDefaultUserDatabase().listAllUsers("a*", Integer.MAX_VALUE).length, 4);
        assertEquals("There should be the three users.", getDefaultUserDatabase().listAllUsers("aa*", Integer.MAX_VALUE).length, 3);
        assertEquals("There should be the two users.", getDefaultUserDatabase().listAllUsers("aaa*", Integer.MAX_VALUE).length, 2);
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
   *      javax.servlet.http.HttpServletRequest,
   *      javax.servlet.http.HttpServletResponse)
   */
  public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest request,
                    HttpServletResponse response) throws Exception {
    User user = (User) request.getSession().getAttribute("setPassword.user");
    ((SetPasswordForm) form).initialize(user);
    if (((SetPasswordForm) form).getReferer() == null) {
      ((SetPasswordForm) form).setReferer(getReferer(request));
    }
    request.getSession().removeAttribute("setPassword.user");
    ActionMessages messages = new ActionMessages();
    messages.add(Globals.MESSAGE_KEY,
      new ActionMessage("setPassword.message.passwordPolicy",
              Property.getProperty(new RealmKey("security.password.pattern.description", user.getRealm()
                      .getResourceId()))));
    saveMessages(request, messages);
    CoreUtil.addRequiredFieldMessage(this, request);
    return mapping.findForward("display");
  }
View Full Code Here
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
   * @throws Exception
   */
  public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
          throws Exception {
    SetPasswordForm setPasswordForm = (SetPasswordForm) form;
        User user = setPasswordForm.getUser();
    UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(getSessionInfo(request).getUser().getRealm());

    if (user == null) {
      user = (User) this.getSessionInfo(request).getHttpSession().getAttribute("newUser");
    }

    if (!udb.supportsPasswordChange()) {
      throw new Exception("Underlying database does not support changing of passwords.");
    }
    SessionInfo info = this.getSessionInfo(request);

    // Read in all of the confidential user attribute values

    /* BPS - Can only do this if the users key is currently loaded */

    Properties confidentialAttributes = new Properties();
    UserAttributes userAttributes = (UserAttributes) PropertyClassManager.getInstance().getPropertyClass(UserAttributes.NAME);
    if ("automatic".equals(Property.getProperty(new SystemConfigKey("security.privateKeyMode")))
            && PublicKeyStore.getInstance().hasLoadedKey(user.getPrincipalName())) {
      for (PropertyDefinition def : userAttributes.getDefinitions()) {
        AttributeDefinition attrDef = (AttributeDefinition) def;
        if (attrDef.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
          String val = attrDef.getPropertyClass()
          .retrieveProperty(new UserAttributeKey(user, def.getName()));
          if(val == null) {
            val = def.getDefaultValue();
          }
          confidentialAttributes.setProperty(def.getName(), val);
        }
      }
    }

    try {

      char[] creds = LogonControllerFactory.getInstance()
              .getPasswordFromCredentials((AuthenticationScheme) request.getSession()
                      .getAttribute(Constants.AUTH_SESSION));

      if (creds == null) {
                HttpSession httpSession = getSessionInfo(request).getHttpSession();
                httpSession.setAttribute("newUser", user);
                // as the form will be reset, we need to store the current values to be used later
                httpSession.setAttribute(SetPasswordForm.SAVED_PASSWORD, setPasswordForm.getConfirmPassword());
                httpSession.setAttribute(SetPasswordForm.SAVED_FORCE_PASSWORD_CHANGE, setPasswordForm.getForceChangePasswordAtLogon());
                String forwardTo = Util.urlEncode(CoreUtil.addParameterToPath(request.getServletPath(), "action", "commit"));
                return new ActionForward("/promptForSessionPassword.do?forwardTo=" + forwardTo, false);
      }

      udb.setPassword(user.getPrincipalName(),
        setPasswordForm.getNewPassword(),
        setPasswordForm.getForceChangePasswordAtLogon(),
        LogonControllerFactory.getInstance().getUser(request),
        new String(creds));

      /* Only attempt to re-encrypt user attributes if users key is loaded */
      if ("automatic".equals(Property.getProperty(new SystemConfigKey("security.privateKeyMode")))) {
        if(PublicKeyStore.getInstance().hasLoadedKey(user.getPrincipalName())) {
          PublicKeyStore.getInstance().removeKeys(user.getPrincipalName());
          PublicKeyStore.getInstance().verifyPrivateKey(user.getPrincipalName(), setPasswordForm.getNewPassword().toCharArray());
          for(Iterator i = confidentialAttributes.keySet().iterator(); i.hasNext(); ) {
            String n = (String)i.next();
            AttributeDefinition attrDef = (AttributeDefinition) userAttributes.getDefinition(n);
            if (attrDef.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
              Property.setProperty(new UserAttributeKey(user, n),
                confidentialAttributes.getProperty(n),
                info);
            }
          }
        }
      }
      else {
                PublicKeyStore.getInstance().removeCachedKeys(user.getPrincipalName());
      }

      CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this,
              CoreEventConstants.CHANGE_PASSWORD,
              null,
              info,
              CoreEvent.STATE_SUCCESSFUL).addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID,
        user.getPrincipalName()));
      return mapping.findForward("success");
    } catch (PasswordPolicyViolationException e) {
      saveError(request, "setPassword.error.doesNotMatchPolicy");
      return mapping.findForward("display");
    } catch (Exception e) {
      CoreServlet.getServlet().fireCoreEvent(new CoreEvent(this,
              CoreEventConstants.CHANGE_PASSWORD,
              null,
              info,
              CoreEvent.STATE_UNSUCCESSFUL).addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID,
        user.getPrincipalName()));
      throw e;
    } finally {
    }
  }
View Full Code Here
TOP

Related Classes of com.adito.security.User

  • com.adito.agent.AbstractAgentCallback
  • com.adito.agent.AgentRequestHandler
  • com.adito.agent.DefaultAgentCallback
  • com.adito.core.actions.AuthenticatedAction
  • com.adito.core.filters.CompressionFilter
  • com.adito.core.GlobalWarningManager
  • com.adito.core.tags.CheckPropertyEqualsTag
  • com.adito.core.tags.CheckPropertyNotEqualsTag
  • com.adito.core.tags.ClientProxyURLTag
  • com.adito.core.tags.GetPropertyTag
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.