1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback;
18
19 import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
20 import junit.framework.TestCase;
21 import org.easymock.MockControl;
22
23 import org.springframework.security.Authentication;
24 import org.springframework.security.AuthenticationManager;
25 import org.springframework.security.BadCredentialsException;
26 import org.springframework.security.GrantedAuthority;
27 import org.springframework.security.context.SecurityContextHolder;
28 import org.springframework.security.providers.TestingAuthenticationToken;
29 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
30 import org.springframework.ws.soap.security.callback.CleanupCallback;
31
32 public class SpringPlainTextPasswordValidationCallbackHandlerTest extends TestCase {
33
34 private SpringPlainTextPasswordValidationCallbackHandler callbackHandler;
35
36 private MockControl control;
37
38 private AuthenticationManager mock;
39
40 private PasswordValidationCallback callback;
41
42 private String username;
43
44 private String password;
45
46 protected void setUp() throws Exception {
47 callbackHandler = new SpringPlainTextPasswordValidationCallbackHandler();
48 control = MockControl.createControl(AuthenticationManager.class);
49 mock = (AuthenticationManager) control.getMock();
50 callbackHandler.setAuthenticationManager(mock);
51 username = "Bert";
52 password = "Ernie";
53 PasswordValidationCallback.PlainTextPasswordRequest request =
54 new PasswordValidationCallback.PlainTextPasswordRequest(username, password);
55 callback = new PasswordValidationCallback(request);
56 }
57
58 protected void tearDown() throws Exception {
59 SecurityContextHolder.clearContext();
60 }
61
62 public void testAuthenticateUserPlainTextValid() throws Exception {
63 Authentication authResult = new TestingAuthenticationToken(username, password, new GrantedAuthority[0]);
64 control.expectAndReturn(mock.authenticate(new UsernamePasswordAuthenticationToken(username, password)),
65 authResult);
66 control.replay();
67 callbackHandler.handleInternal(callback);
68 boolean authenticated = callback.getResult();
69 assertTrue("Not authenticated", authenticated);
70 assertNotNull("No Authentication created", SecurityContextHolder.getContext().getAuthentication());
71 control.verify();
72 }
73
74 public void testAuthenticateUserPlainTextInvalid() throws Exception {
75 control.expectAndThrow(mock.authenticate(new UsernamePasswordAuthenticationToken(username, password)),
76 new BadCredentialsException(""));
77 control.replay();
78 callbackHandler.handleInternal(callback);
79 boolean authenticated = callback.getResult();
80 assertFalse("Authenticated", authenticated);
81 assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
82 control.verify();
83 }
84
85 public void testCleanUp() throws Exception {
86 TestingAuthenticationToken authentication =
87 new TestingAuthenticationToken(new Object(), new Object(), new GrantedAuthority[0]);
88 SecurityContextHolder.getContext().setAuthentication(authentication);
89
90 CleanupCallback cleanupCallback = new CleanupCallback();
91 callbackHandler.handleInternal(cleanupCallback);
92 assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
93 }
94
95 }