You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2015/06/11 12:18:45 UTC
svn commit: r1684848 -
/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
Author: angela
Date: Thu Jun 11 10:18:45 2015
New Revision: 1684848
URL: http://svn.apache.org/r1684848
Log:
minor improvement
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1684848&r1=1684847&r2=1684848&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java Thu Jun 11 10:18:45 2015
@@ -27,6 +27,7 @@ import javax.security.auth.login.LoginEx
import com.google.common.collect.ImmutableSet;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
+import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.AuthInfo;
import org.apache.jackrabbit.oak.api.ContentSession;
@@ -298,6 +299,34 @@ public class TokenDefaultLoginModuleTest
} finally {
if (cs != null) {
cs.close();
+ }
+ }
+ }
+
+ @Test
+ public void testTokenLoginForDisabledUser() throws Exception {
+ ContentSession cs = null;
+ try {
+ User user = getTestUser();
+ SimpleCredentials sc = new SimpleCredentials(user.getID(), user.getID().toCharArray());
+ sc.setAttribute(".token", "");
+ cs = login(sc);
+
+ user.disable("disabled");
+ root.commit();
+
+ Object token = sc.getAttribute(".token").toString();
+ assertNotNull(token);
+ TokenCredentials tc = new TokenCredentials(token.toString());
+
+ cs.close();
+ cs = login(tc);
+ fail("token login for a disabled user must fail.");
+ } catch (LoginException e) {
+ // success
+ } finally {
+ if (cs != null) {
+ cs.close();
}
}
}