Search in sources :

Example 61 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit by apache.

the class UserImplTest method testCredentials.

public void testCredentials() throws RepositoryException, NoSuchAlgorithmException, UnsupportedEncodingException {
    User u = (User) userMgr.getAuthorizable(uID);
    Credentials uc = u.getCredentials();
    assertTrue(uc instanceof CryptedSimpleCredentials);
    assertTrue(((CryptedSimpleCredentials) uc).matches((SimpleCredentials) creds));
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) CryptedSimpleCredentials(org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) CryptedSimpleCredentials(org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials) SimpleCredentials(javax.jcr.SimpleCredentials) CryptedSimpleCredentials(org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials) Credentials(javax.jcr.Credentials)

Example 62 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit by apache.

the class UserImplTest method setUp.

@Override
protected void setUp() throws Exception {
    super.setUp();
    Principal p = getTestPrincipal();
    String pw = buildPassword(p);
    creds = new SimpleCredentials(p.getName(), pw.toCharArray());
    User u = userMgr.createUser(p.getName(), pw);
    save(superuser);
    uID = u.getID();
    uSession = getHelper().getRepository().login(creds);
    uMgr = getUserManager(uSession);
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) CryptedSimpleCredentials(org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) Principal(java.security.Principal)

Example 63 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit by apache.

the class UserImplTest method testChangePassword.

public void testChangePassword() throws RepositoryException, NotExecutableException, NoSuchAlgorithmException, UnsupportedEncodingException {
    User u = (User) userMgr.getAuthorizable(uID);
    String sha1Hash = "{" + SecurityConstants.DEFAULT_DIGEST + "}" + Text.digest(SecurityConstants.DEFAULT_DIGEST, "abc".getBytes());
    String md5Hash = "{md5}" + Text.digest("md5", "abc".getBytes());
    // valid passwords and the corresponding match
    Map<String, String> pwds = new HashMap<String, String>();
    // plain text passwords
    pwds.put("abc", "abc");
    pwds.put("{a}password", "{a}password");
    // passwords with hash-like char-sequence -> must still be hashed.
    pwds.put(sha1Hash, sha1Hash);
    pwds.put(md5Hash, md5Hash);
    pwds.put("{" + SecurityConstants.DEFAULT_DIGEST + "}any", "{" + SecurityConstants.DEFAULT_DIGEST + "}any");
    pwds.put("{" + SecurityConstants.DEFAULT_DIGEST + "}", "{" + SecurityConstants.DEFAULT_DIGEST + "}");
    for (String pw : pwds.keySet()) {
        u.changePassword(pw);
        String plain = pwds.get(pw);
        SimpleCredentials sc = new SimpleCredentials(u.getID(), plain.toCharArray());
        CryptedSimpleCredentials cc = (CryptedSimpleCredentials) u.getCredentials();
        assertTrue(cc.matches(sc));
    }
    // valid passwords, non-matching plain text
    Map<String, String> noMatch = new HashMap<String, String>();
    noMatch.put("{" + SecurityConstants.DEFAULT_DIGEST + "}", "");
    noMatch.put("{" + SecurityConstants.DEFAULT_DIGEST + "}any", "any");
    noMatch.put(sha1Hash, "abc");
    noMatch.put(md5Hash, "abc");
    for (String pw : noMatch.keySet()) {
        u.changePassword(pw);
        String plain = noMatch.get(pw);
        SimpleCredentials sc = new SimpleCredentials(u.getID(), plain.toCharArray());
        CryptedSimpleCredentials cc = (CryptedSimpleCredentials) u.getCredentials();
        assertFalse(pw, cc.matches(sc));
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) CryptedSimpleCredentials(org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) HashMap(java.util.HashMap) CryptedSimpleCredentials(org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials)

Example 64 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.

the class ExternalLoginModuleAutoMembershipTest method testLoginAfterSyncSetup5.

@Test
public void testLoginAfterSyncSetup5() throws Exception {
    setup5.sync(USER_ID, false);
    ContentSession cs = null;
    try {
        cs = login(new SimpleCredentials(USER_ID, new char[0]));
        // the login must not set any auto-membership principals to the subject
        // as auto-membership is not configured on this setup.
        Set<Principal> principals = cs.getAuthInfo().getPrincipals();
        Set<Principal> expected = ImmutableSet.of(EveryonePrincipal.getInstance(), userManager.getAuthorizable(USER_ID).getPrincipal());
        assertEquals(expected, principals);
        assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
        assertFalse(principals.contains(setup1.gr.getPrincipal()));
        assertFalse(principals.contains(setup2.gr.getPrincipal()));
        assertFalse(principals.contains(setup3.gr.getPrincipal()));
        assertFalse(principals.contains(setup4.gr.getPrincipal()));
    } finally {
        options.clear();
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Principal(java.security.Principal) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Example 65 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.

the class ExternalLoginModuleAutoMembershipTest method testLoginAfterSyncSetup1.

@Test
public void testLoginAfterSyncSetup1() throws Exception {
    setup1.sync(USER_ID, false);
    ContentSession cs = null;
    try {
        cs = login(new SimpleCredentials(USER_ID, new char[0]));
        // the login must set the configured + existing auto-membership principals
        // to the subject; non-existing auto-membership entries must be ignored.
        Set<Principal> principals = cs.getAuthInfo().getPrincipals();
        assertTrue(principals.contains(setup1.gr.getPrincipal()));
        assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
        assertFalse(principals.contains(setup2.gr.getPrincipal()));
        assertFalse(principals.contains(setup3.gr.getPrincipal()));
        // however, the existing auto-membership group must _not_ have changed
        // and the test user must not be a stored member of this group.
        root.refresh();
        UserManager uMgr = getUserManager(root);
        User user = uMgr.getAuthorizable(USER_ID, User.class);
        Group gr = uMgr.getAuthorizable(setup1.gr.getID(), Group.class);
        assertFalse(gr.isDeclaredMember(user));
        assertFalse(gr.isMember(user));
    } finally {
        options.clear();
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) Group(org.apache.jackrabbit.api.security.user.Group) User(org.apache.jackrabbit.api.security.user.User) UserManager(org.apache.jackrabbit.api.security.user.UserManager) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Principal(java.security.Principal) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Aggregations

SimpleCredentials (javax.jcr.SimpleCredentials)289 Test (org.junit.Test)142 Session (javax.jcr.Session)83 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)60 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)53 User (org.apache.jackrabbit.api.security.user.User)41 Credentials (javax.jcr.Credentials)39 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)35 UserManager (org.apache.jackrabbit.api.security.user.UserManager)34 LoginException (javax.security.auth.login.LoginException)30 Node (javax.jcr.Node)28 RepositoryException (javax.jcr.RepositoryException)25 Principal (java.security.Principal)22 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)21 GuestCredentials (javax.jcr.GuestCredentials)20 LoginException (javax.jcr.LoginException)19 TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)19 AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)18 Before (org.junit.Before)18 ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)17