Examples of org.apache.jackrabbit.oak.spi.security.authentication.Authentication

Package org.apache.jackrabbit.oak.spi.security.authentication

Examples of org.apache.jackrabbit.oak.spi.security.authentication.Authentication

org.apache.jackrabbit.oak.spi.security.authentication.Authentication
The {@code Authentication} interface defines methods to validate{@link javax.jcr.Credentials Credentials} during the{@link javax.security.auth.spi.LoginModule#login() login step} of theauthentication process. The validation depends on the authentication mechanism in place.
A given implementation may only handle certain types of {@code Credentials}as the authentication process is tightly coupled to the semantics of the {@code Credentials}.
For example a implementation may only be able to validate UserID/password pairs such as passed with {@link javax.jcr.SimpleCredentials}, while another might be responsible for validating login token issued by the repository or an external access token generation mechanism.

        a.authenticate(new SimpleCredentials(userId, userId.toCharArray()));
    }


    @Test
    public void testAuthenticatePasswordExpired() throws Exception {
        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        // set password last modified to beginning of epoch
        root.getTree(getTestUser().getPath()).getChild(UserConstants.REP_PWD).setProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED, 0);
        root.commit();
        try {
            a.authenticate(new SimpleCredentials(userId, userId.toCharArray()));
            fail("Credentials should be expired");
        } catch (CredentialExpiredException e) {
            // success
        }
    }

View Full Code Here

        }
    }


    @Test
    public void testAuthenticateBeforePasswordExpired() throws Exception {
        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        // set password last modified to beginning of epoch
        root.getTree(getTestUser().getPath()).getChild(UserConstants.REP_PWD).setProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED, 0);
        root.commit();
        try {
            a.authenticate(new SimpleCredentials(userId, "wrong".toCharArray()));
        } catch (CredentialExpiredException e) {
            fail("Login should fail before expiry");
        } catch (LoginException e) {
            // success - userId/pw mismatch takes precedence over expiry
        }

View Full Code Here

        }
    }


    @Test
    public void testAuthenticatePasswordExpiredChangePassword() throws Exception {
        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        // set password last modified to beginning of epoch
        root.getTree(getTestUser().getPath()).getChild(UserConstants.REP_PWD).setProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED, 0);
        root.commit();


        // changing the password should reset the pw last mod and the pw no longer be expired
        getTestUser().changePassword(userId);
        root.commit();
        assertTrue(a.authenticate(new SimpleCredentials(userId, userId.toCharArray())));
    }

View Full Code Here


    private void authenticate(String expiredPw, Object newPw) throws LoginException {
        SimpleCredentials creds = new SimpleCredentials(userId, expiredPw.toCharArray());
        creds.setAttribute(UserConstants.CREDENTIALS_ATTRIBUTE_NEWPASSWORD, newPw);


        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        a.authenticate(creds);
    }

View Full Code Here


        // check if we have a pre authenticated login from a previous login module
        PreAuthenticatedLogin preAuthLogin = getSharedPreAuthLogin();
        if (preAuthLogin != null) {
            userId = preAuthLogin.getUserId();
            Authentication authentication = getUserAuthentication(userId);
            success = authentication != null && authentication.authenticate(PreAuthenticatedLogin.PRE_AUTHENTICATED);
        } else {
            userId = getUserId();
            Authentication authentication = getUserAuthentication(userId);
            success = authentication != null && authentication.authenticate(credentials);
        }


        if (success) {
            principals = getPrincipals(userId);

View Full Code Here

        }
    }


    @Test
    public void testAuthenticateMustChangePassword() throws Exception {
        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        try {
            a.authenticate(new SimpleCredentials(userId, userId.toCharArray()));
            fail("Credentials should be expired");
        } catch (CredentialExpiredException e) {
            // success
        }
    }

View Full Code Here

        PropertyState p2 = root.getTree(user.getPath()).getChild(UserConstants.REP_PWD).getProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED);
        assertNotNull(p2);
        assertTrue(p2.getValue(Type.LONG) > 0);


        // after password change, authentication must succeed
        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        a.authenticate(new SimpleCredentials(userId, userId.toCharArray()));
    }

View Full Code Here

        userId = getTestUser().getID();
    }


    @Test
    public void testGetAuthentication() throws Exception {
        Authentication authentication = factory.getAuthentication(getUserConfiguration(), root, userId);
        assertNotNull(authentication);
        assertTrue(authentication instanceof UserAuthentication);
    }

View Full Code Here

        }
    }


    @Test
    public void testAuthenticateMustChangePassword() throws Exception {
        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        try {
            // the user should need to change the password on first login
            a.authenticate(new SimpleCredentials(userId, userId.toCharArray()));
            fail("Credentials should be expired");
        } catch (CredentialExpiredException e) {
            // success
        }
    }

View Full Code Here

        root.commit();
        PropertyState p = root.getTree(user.getPath()).getChild(UserConstants.REP_PWD).getProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED);
        long newModTime = p.getValue(Type.LONG);
        assertTrue(newModTime > 0);


        Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
        // during user creation pw last modified is set, thus it shouldn't expire
        a.authenticate(new SimpleCredentials(userId, userId.toCharArray()));
    }

View Full Code Here

0 1 2

TOP

Related Classes of org.apache.jackrabbit.oak.spi.security.authentication.Authentication

org.apache.jackrabbit.oak.security.authentication.LoginModuleImpl

org.apache.jackrabbit.oak.security.authentication.token.TokenAuthenticationTest

org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl

org.apache.jackrabbit.oak.security.authentication.user.UserAuthenticationTest

org.apache.jackrabbit.oak.security.user.PasswordExpiryAndForceInitialChangeTest

org.apache.jackrabbit.oak.security.user.PasswordExpiryTest

org.apache.jackrabbit.oak.security.user.PasswordForceInitialPasswordChangeTest

org.apache.jackrabbit.oak.security.user.ResetExpiredPasswordTest

org.apache.jackrabbit.oak.security.user.UserAuthenticationFactoryImplTest

org.apache.jackrabbit.oak.security.user.UserAuthenticationTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.