Examples with PwPolicyMgr org.apache.directory.fortress.core.PwPolicyMgr used on opensource projects

Example 1 with PwPolicyMgr

use of org.apache.directory.fortress.core.PwPolicyMgr in project directory-fortress-core by apache.

the class AccessMgrImplTest method authenticateResetUsers.

/**
 * @param msg
 * @param uArray
 */
private static void authenticateResetUsers(String msg, String[][] uArray, String[] plcy) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        PwPolicyMgr policyMgr = PswdPolicyMgrImplTest.getManagedPswdMgr();
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            // update this user with pw policy that requires change after reset:
            policyMgr.updateUserPolicy(user.getUserId(), PolicyTestData.getName(plcy));
            // now try negative test case:
            try {
                accessMgr.authenticate(user.getUserId(), user.getPassword());
                // accessMgr.authenticate( user.getUserId(), user.getPassword() );
                fail(CLS_NM + ".authenticateResetUsers failed test");
            } catch (SecurityException se) {
                assertTrue(CLS_NM + "authenticateResetUsers reset excep id check", se.getErrorId() == GlobalErrIds.USER_PW_RESET);
            // pass
            }
        }
        LOG.debug("authenticateResetUsers successful");
    } catch (SecurityException ex) {
        LOG.error("authenticateResetUsers: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 2 with PwPolicyMgr

use of org.apache.directory.fortress.core.PwPolicyMgr in project directory-fortress-core by apache.

the class PswdPolicyMgrImplTest method search.

/**
 * @param msg
 * @param pArray
 */
public void search(String msg, String srchValue, String[][] pArray) {
    LogUtil.logIt(msg);
    try {
        PwPolicyMgr policyMgr = PwPolicyMgrFactory.createInstance(TestUtils.getContext());
        List<PwPolicy> policies = policyMgr.search(srchValue);
        assertNotNull(policies);
        assertTrue(CLS_NM + "search list size check", pArray.length == policies.size());
        for (String[] plcy : pArray) {
            int indx = policies.indexOf(new PwPolicy(PolicyTestData.getName(plcy)));
            if (indx != -1) {
                PwPolicy entity = policies.get(indx);
                assertNotNull(entity);
                PolicyTestData.assertEquals(entity, plcy);
            } else {
                msg = "search srchValue [" + srchValue + "] failed list search";
                LogUtil.logIt(msg);
                fail(msg);
            }
        }
    } catch (SecurityException ex) {
        LOG.error("search srchValue [" + srchValue + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 3 with PwPolicyMgr

use of org.apache.directory.fortress.core.PwPolicyMgr in project directory-fortress-core by apache.

the class PswdPolicyMgrImplTest method update.

/**
 * @param msg
 * @param pArray
 */
public void update(String msg, String[][] pArray) {
    LogUtil.logIt(msg);
    try {
        PwPolicyMgr policyMgr = getManagedPswdMgr();
        for (String[] plcy : pArray) {
            PwPolicy policy = PolicyTestData.getPolicy(plcy);
            policyMgr.update(policy);
            LOG.debug("update name [" + policy.getName() + "] successful");
        }
    } catch (SecurityException ex) {
        LOG.error("update caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 4 with PwPolicyMgr

use of org.apache.directory.fortress.core.PwPolicyMgr in project directory-fortress-core by apache.

the class PswdPolicyMgrImplTest method failureCountInterval.

/**
 * PT10
 * <p>
 * This attribute holds the number of seconds after which the password
 * failures are purged from the failure counter, even though no
 * successful authentication occurred.
 * <p>
 * If this attribute is not present, or if its value is 0, the failure
 * counter is only reset by a successful authentication.
 *
 * @param msg
 * @param usr
 * @param plcy
 */
public void failureCountInterval(String msg, String[] usr, String[] plcy) {
    LogUtil.logIt(msg);
    try {
        PwPolicyMgr policyMgr = getManagedPswdMgr();
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        User user = UserTestData.getUser(usr);
        policyMgr.updateUserPolicy(user.getUserId(), PolicyTestData.getName(plcy));
        int maxFailures = PolicyTestData.getMaxFailure(plcy);
        int failureInterval = PolicyTestData.getFailureCountInterval(plcy);
        for (int i = 0; i < maxFailures - 1; i++) {
            try {
                User badUser = new User(user.getUserId(), "wrongpw");
                accessMgr.createSession(badUser, false);
                fail(CLS_NM + ".failureCountInterval name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed failure count interval test, maxfailures=" + maxFailures + " iteration=" + i);
            } catch (SecurityException ex) {
                assertTrue(CLS_NM + ".failureCountInterval invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_INVLD);
                // still good
                TestUtils.sleep(1);
            }
        }
        // now sleep for failure count interval - password failure count should reset automatically:
        TestUtils.sleep(failureInterval);
        // sleep one more second for good measure.
        TestUtils.sleep(1);
        // now loop thru another set of bad pw tries:
        for (int i = 0; i < maxFailures - 1; i++) {
            try {
                User badUser = new User(user.getUserId(), "wrongpw");
                accessMgr.createSession(badUser, false);
                fail(CLS_NM + ".failureCountInterval name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed failure count interval test 2, maxfailures=" + maxFailures + " iteration=" + i);
            } catch (SecurityException ex) {
                assertTrue(CLS_NM + ".failureCountInterval invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_INVLD);
                // still good
                TestUtils.sleep(1);
            }
        }
        // now sleep for failure count interval - password failure count should reset automatically:
        TestUtils.sleep(failureInterval);
        // sleep one more second for good measure.
        TestUtils.sleep(1);
        // now try with valid password - it should work...
        accessMgr.createSession(user, false);
    } catch (SecurityException ex) {
        LOG.error("failureCountInterval caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 5 with PwPolicyMgr

use of org.apache.directory.fortress.core.PwPolicyMgr in project directory-fortress-core by apache.

the class PswdPolicyMgrImplTest method mustChange.

/**
 * PT11
 * This attribute specifies with a value of "TRUE" that users must
 * change their passwords when they first bind to the directory after a
 * password is set or reset by a password administrator.  If this
 * attribute is not present, or if the value is "FALSE", users are not
 * required to change their password upon binding after the password
 * administrator sets or resets the password.  This attribute is not set
 * due to any actions specified by this document, it is typically set by
 * a password administrator after resetting a user's password.
 *
 * @param msg
 * @param usr
 * @param plcy
 */
public void mustChange(String msg, String[] usr, String[] plcy) {
    LogUtil.logIt(msg);
    try {
        PwPolicyMgr policyMgr = getManagedPswdMgr();
        AdminMgr adminMgr = AdminMgrImplTest.getManagedAdminMgr();
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        User user = UserTestData.getUser(usr);
        policyMgr.updateUserPolicy(user.getUserId(), PolicyTestData.getName(plcy));
        boolean mustChange = PolicyTestData.getMustChange(plcy);
        adminMgr.resetPassword(user, "newpassword");
        if (mustChange) {
            try {
                // because mustchange flag is set, this better fail:
                User badUser = new User(user.getUserId(), "newpassword");
                accessMgr.createSession(badUser, false);
                fail(CLS_NM + ".mustChange name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed must change test flag=" + mustChange);
            } catch (SecurityException ex) {
                assertTrue(CLS_NM + ".mustChange invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_RESET);
                // still good
                TestUtils.sleep(1);
            }
        } else {
            // this better work:
            User goodUser = new User(user.getUserId(), "newpassword");
            accessMgr.createSession(goodUser, false);
        }
    } catch (SecurityException ex) {
        LOG.error(CLS_NM + ".mustChange policy [" + PolicyTestData.getName(plcy) + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}