Package org.ejbca.core.model.ra

Source Code of org.ejbca.core.model.ra.UserDataTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
/*************************************************************************
*                                                                       *
*  EJBCA: The OpenSource Certificate Authority                          *
*                                                                       *
*  This software is free software; you can redistribute it and/or       *
*  modify it under the terms of the GNU Lesser General Public           *
*  License as published by the Free Software Foundation; either         *
*  version 2.1 of the License, or any later version.                    *
*                                                                       *
*  See terms of license at gnu.org.                                     *
*                                                                       *
*************************************************************************/
package org.ejbca.core.model.ra;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;

import org.ejbca.core.ejb.ra.UserData;
import org.junit.Test;


/** Tests JUnit testable things from UserData entity bean.
*
* @version $Id$
*/
public class UserDataTest {

  @Test
    public void test01UserPassword() throws Exception {
      UserData data = new UserData();
      data.setPassword("foo123");
      String hash = data.getPasswordHash();
      // Check that it by default generates a strong bcrypt password hash
      assertTrue(hash.startsWith("$2"));
      assertFalse(data.comparePassword("bar123"));
      assertTrue(data.comparePassword("foo123"));
      // Set the same password again, it should be another hash this time
      data.setPassword("foo123");
      String hash1 = data.getPasswordHash();
      assertTrue(hash1.startsWith("$2"));
      assertFalse(hash1.equals(hash));

      // Now check that we can still use old password hashes transparently usgin the old fixed sha1 hash of foo123
      data.setPasswordHash("3b303d8b0364d9265c06adc8584258376150c9b5");
      assertEquals("3b303d8b0364d9265c06adc8584258376150c9b5", data.getPasswordHash());
      assertFalse(data.comparePassword("bar123"));
      assertTrue(data.comparePassword("foo123"));

      // Check that set clear text password works as well
      data.setOpenPassword("primekey");
      hash = data.getPasswordHash();
      // Check that it by default generates a strong bcrypt password hash
      assertTrue(hash.startsWith("$2"));
      assertFalse(data.comparePassword("foo123123"));
      assertTrue(data.comparePassword("primekey"));
      assertEquals("primekey", data.getClearPassword());

    }

}
TOP

Related Classes of org.ejbca.core.model.ra.UserDataTest

  • org.ejbca.core.ejb.ra.UserData
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.