You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jspwiki.apache.org by aj...@apache.org on 2008/04/01 05:48:33 UTC
svn commit: r643263 - in
/incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth:
AuthenticationManagerTest.java UserManagerTest.java
Author: ajaquith
Date: Mon Mar 31 20:48:32 2008
New Revision: 643263
URL: http://svn.apache.org/viewvc?rev=643263&view=rev
Log:
Re-factored the authentication subsystem to remove the need for JAAS configuration files. WEB-INF/jspwiki.jaas goes away, as does the need for PolicyLoader. Also, responsibilities for web authentication move to WikiServletFilter. Authentication is now configured via jspwiki.properties -- see that file for details. WikiSession API change: getLoginContext() vanishes.
Modified:
incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthenticationManagerTest.java
incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/UserManagerTest.java
Modified: incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthenticationManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthenticationManagerTest.java?rev=643263&r1=643262&r2=643263&view=diff
==============================================================================
--- incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthenticationManagerTest.java (original)
+++ incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthenticationManagerTest.java Mon Mar 31 20:48:32 2008
@@ -1,6 +1,27 @@
+/*
+ JSPWiki - a JSP-based WikiWiki clone.
+
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+ */
package com.ecyrd.jspwiki.auth;
import java.security.Principal;
+import java.util.Map;
import java.util.Properties;
import junit.framework.Test;
@@ -8,11 +29,13 @@
import junit.framework.TestSuite;
import com.ecyrd.jspwiki.TestEngine;
+import com.ecyrd.jspwiki.WikiEngine;
import com.ecyrd.jspwiki.WikiSession;
import com.ecyrd.jspwiki.WikiSessionTest;
import com.ecyrd.jspwiki.auth.authorize.Group;
import com.ecyrd.jspwiki.auth.authorize.GroupManager;
import com.ecyrd.jspwiki.auth.authorize.Role;
+import com.ecyrd.jspwiki.auth.login.CookieAssertionLoginModule;
/**
* Tests the AuthorizationManager class.
@@ -51,6 +74,43 @@
assertFalse( AuthenticationManager.isUserPrincipal( Role.ANONYMOUS ) );
}
+ public void testCustomJAASLoginModule() throws Exception
+ {
+ Properties props = new Properties();
+ props.load( TestEngine.findTestProperties() );
+
+ // Supply a custom LoginModule class
+ props.put( "jspwiki.loginModule.class", "com.ecyrd.jspwiki.auth.login.CookieAssertionLoginModule" );
+
+ // Init the engine and verify that we initialized with a custom auth login module
+ WikiEngine engine = new TestEngine( props );
+ AuthenticationManager authMgr= engine.getAuthenticationManager();
+ assertEquals( CookieAssertionLoginModule.class, authMgr.m_loginModuleClass );
+ }
+
+ public void testCustomJAASLoginModuleOptions() throws Exception
+ {
+ Properties props = new Properties();
+ props.load( TestEngine.findTestProperties() );
+
+ // Supply a custom LoginModule options
+ props.put( "jspwiki.loginModule.options.key1", "value1" );
+ props.put( "jspwiki.loginModule.options.key2", "value2" );
+ props.put( "jspwiki.loginModule.options.key3", "value3" );
+
+ // Init the engine and verify that we initialized with the correct options
+ WikiEngine engine = new TestEngine( props );
+ AuthenticationManager authMgr= engine.getAuthenticationManager();
+ Map<String,String> options = authMgr.m_loginModuleOptions;
+ assertEquals( 3, options.size() );
+ assertTrue( options.containsKey( "key1" ) );
+ assertTrue( options.containsKey( "key2" ) );
+ assertTrue( options.containsKey( "key3" ) );
+ assertEquals( "value1", options.get( "key1") );
+ assertEquals( "value2", options.get( "key2") );
+ assertEquals( "value3", options.get( "key3") );
+ }
+
public void testLoginCustom() throws Exception
{
WikiSession session = WikiSessionTest.authenticatedSession( m_engine, Users.JANNE, Users.JANNE_PASS );
Modified: incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/UserManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/UserManagerTest.java?rev=643263&r1=643262&r2=643263&view=diff
==============================================================================
--- incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/UserManagerTest.java (original)
+++ incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/UserManagerTest.java Mon Mar 31 20:48:32 2008
@@ -1,3 +1,23 @@
+/*
+ JSPWiki - a JSP-based WikiWiki clone.
+
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+ */
package com.ecyrd.jspwiki.auth;
import java.security.Principal;
import java.util.Collection;
@@ -26,6 +46,7 @@
private TestEngine m_engine;
private UserManager m_mgr;
private UserDatabase m_db;
+ private String m_groupName;
/**
* @see junit.framework.TestCase#setUp()
@@ -44,8 +65,18 @@
m_engine = new TestEngine( props );
m_mgr = m_engine.getUserManager();
m_db = m_mgr.getUserDatabase();
+ m_groupName = "Group" + System.currentTimeMillis();
}
+ protected void tearDown() throws Exception
+ {
+ GroupManager groupManager = m_engine.getGroupManager();
+ if ( groupManager.findRole( m_groupName ) != null )
+ {
+ groupManager.removeGroup( m_groupName );
+ }
+ }
+
/** Call this setup program to use the save-profile workflow. */
protected void setUpWithWorkflow() throws Exception
{
@@ -86,15 +117,15 @@
profile.setPassword ( "password" );
m_mgr.setUserProfile( session, profile );
- // 1a. Make sure the profile saved successfully
+ // 1a. Make sure the profile saved successfully and that we're logged in
profile = m_mgr.getUserProfile( session );
assertEquals( oldLogin, profile.getLoginName() );
assertEquals( oldName, profile.getFullname() );
assertEquals( oldUserCount+1, m_db.getWikiNames().length );
+ assertTrue( session.isAuthenticated() );
// Setup Step 2: create a new group with our test user in it
- String groupName = "Group"+now;
- Group group = groupManager.parseGroup( groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true );
+ Group group = groupManager.parseGroup( m_groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true );
groupManager.setGroup( session, group );
// 2a. Make sure the group is created with the user in it, and the role is added to the Subject
@@ -137,7 +168,7 @@
// Test 2: our group should not contain the old name OR login name any more
// (the full name is always used)
- group = groupManager.getGroup( groupName );
+ group = groupManager.getGroup( m_groupName );
assertFalse( group.isMember( new WikiPrincipal( oldLogin ) ) );
assertFalse( group.isMember( new WikiPrincipal( oldName ) ) );
assertFalse( group.isMember( new WikiPrincipal( newLogin ) ) );
@@ -163,7 +194,7 @@
m_engine.deletePage( pageName );
// Setup Step 6: re-create the group with our old test user names in it
- group = groupManager.parseGroup( groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true );
+ group = groupManager.parseGroup( m_groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true );
groupManager.setGroup( session, group );
// Setup Step 7: Save a new page with the old login/wiki names in the ACL again
@@ -196,7 +227,7 @@
// Test 6: our group should not contain the old name OR login name any more
// (the full name is always used)
- group = groupManager.getGroup( groupName );
+ group = groupManager.getGroup( m_groupName );
assertFalse( group.isMember( new WikiPrincipal( oldLogin ) ) );
assertTrue ( group.isMember( new WikiPrincipal( oldName ) ) );
assertFalse( group.isMember( new WikiPrincipal( newLogin ) ) );