You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2015/06/11 12:18:45 UTC

svn commit: r1684848 - /jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java

Author: angela
Date: Thu Jun 11 10:18:45 2015
New Revision: 1684848

URL: http://svn.apache.org/r1684848
Log:
minor improvement

Modified:
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1684848&r1=1684847&r2=1684848&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java Thu Jun 11 10:18:45 2015
@@ -27,6 +27,7 @@ import javax.security.auth.login.LoginEx
 
 import com.google.common.collect.ImmutableSet;
 import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
+import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.oak.AbstractSecurityTest;
 import org.apache.jackrabbit.oak.api.AuthInfo;
 import org.apache.jackrabbit.oak.api.ContentSession;
@@ -298,6 +299,34 @@ public class TokenDefaultLoginModuleTest
         } finally {
             if (cs != null) {
                 cs.close();
+            }
+        }
+    }
+
+    @Test
+    public void testTokenLoginForDisabledUser() throws Exception {
+        ContentSession cs = null;
+        try {
+            User user = getTestUser();
+            SimpleCredentials sc = new SimpleCredentials(user.getID(), user.getID().toCharArray());
+            sc.setAttribute(".token", "");
+            cs = login(sc);
+
+            user.disable("disabled");
+            root.commit();
+
+            Object token = sc.getAttribute(".token").toString();
+            assertNotNull(token);
+            TokenCredentials tc = new TokenCredentials(token.toString());
+
+            cs.close();
+            cs = login(tc);
+            fail("token login for a disabled user must fail.");
+        } catch (LoginException e) {
+            // success
+        } finally {
+            if (cs != null) {
+                cs.close();
             }
         }
     }