AcegiPlainTextPasswordValidationCallbackHandlerTest xref


1   /*
2    * Copyright 2006 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.ws.soap.security.xwss.callback.acegi;
18  
19  import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
20  import junit.framework.TestCase;
21  import org.acegisecurity.Authentication;
22  import org.acegisecurity.AuthenticationManager;
23  import org.acegisecurity.BadCredentialsException;
24  import org.acegisecurity.GrantedAuthority;
25  import org.acegisecurity.context.SecurityContextHolder;
26  import org.acegisecurity.providers.TestingAuthenticationToken;
27  import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
28  import org.easymock.MockControl;
29  
30  import org.springframework.ws.soap.security.callback.CleanupCallback;
31  
32  public class AcegiPlainTextPasswordValidationCallbackHandlerTest extends TestCase {
33  
34      private AcegiPlainTextPasswordValidationCallbackHandler callbackHandler;
35  
36      private MockControl control;
37  
38      private AuthenticationManager mock;
39  
40      private PasswordValidationCallback callback;
41  
42      private String username;
43  
44      private String password;
45  
46      protected void setUp() throws Exception {
47          callbackHandler = new AcegiPlainTextPasswordValidationCallbackHandler();
48          control = MockControl.createControl(AuthenticationManager.class);
49          mock = (AuthenticationManager) control.getMock();
50          callbackHandler.setAuthenticationManager(mock);
51          username = "Bert";
52          password = "Ernie";
53          PasswordValidationCallback.PlainTextPasswordRequest request =
54                  new PasswordValidationCallback.PlainTextPasswordRequest(username, password);
55          callback = new PasswordValidationCallback(request);
56      }
57  
58      protected void tearDown() throws Exception {
59          SecurityContextHolder.clearContext();
60      }
61  
62      public void testAuthenticateUserPlainTextValid() throws Exception {
63          Authentication authResult = new TestingAuthenticationToken(username, password, new GrantedAuthority[0]);
64          control.expectAndReturn(mock.authenticate(new UsernamePasswordAuthenticationToken(username, password)),
65                  authResult);
66          control.replay();
67          callbackHandler.handleInternal(callback);
68          boolean authenticated = callback.getResult();
69          assertTrue("Not authenticated", authenticated);
70          assertNotNull("No Authentication created", SecurityContextHolder.getContext().getAuthentication());
71          control.verify();
72      }
73  
74      public void testAuthenticateUserPlainTextInvalid() throws Exception {
75          control.expectAndThrow(mock.authenticate(new UsernamePasswordAuthenticationToken(username, password)),
76                  new BadCredentialsException(""));
77          control.replay();
78          callbackHandler.handleInternal(callback);
79          boolean authenticated = callback.getResult();
80          assertFalse("Authenticated", authenticated);
81          assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
82          control.verify();
83      }
84  
85      public void testCleanUp() throws Exception {
86          TestingAuthenticationToken authentication =
87                  new TestingAuthenticationToken(new Object(), new Object(), new GrantedAuthority[0]);
88          SecurityContextHolder.getContext().setAuthentication(authentication);
89  
90          CleanupCallback cleanupCallback = new CleanupCallback();
91          callbackHandler.handleInternal(cleanupCallback);
92          assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
93      }
94  
95  }