mirrors
/
gitblit
peilaus alkaen https://github.com/gitblit/gitblit.git
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Julkaisut 43 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3174 Commitit
11 Branchit
Puu: a93cd37bc6
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from 'a93cd37bc6'
${ noResults }
gitblit/src/test/java/com/gitblit/tests/AuthenticationManagerTest.java

AuthenticationManagerTest.java 17KB
Raaka Blame Historia

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812 
  1. /*

  2.  * Copyright 2013 gitblit.com.

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *     http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. package com.gitblit.tests;

  17. 

  18. import java.io.BufferedReader;

  19. import java.io.IOException;

  20. import java.io.UnsupportedEncodingException;

  21. import java.security.Principal;

  22. import java.util.*;

  23. 

  24. import javax.servlet.AsyncContext;

  25. import javax.servlet.DispatcherType;

  26. import javax.servlet.RequestDispatcher;

  27. import javax.servlet.ServletContext;

  28. import javax.servlet.ServletException;

  29. import javax.servlet.ServletInputStream;

  30. import javax.servlet.ServletRequest;

  31. import javax.servlet.ServletResponse;

  32. import javax.servlet.http.Cookie;

  33. import javax.servlet.http.HttpServletRequest;

  34. import javax.servlet.http.HttpServletResponse;

  35. import javax.servlet.http.HttpSession;

  36. import javax.servlet.http.HttpSessionContext;

  37. import javax.servlet.http.HttpUpgradeHandler;

  38. import javax.servlet.http.Part;

  39. 

  40. import com.gitblit.utils.PasswordHash;

  41. import org.junit.Test;

  42. 

  43. import com.gitblit.IUserService;

  44. import com.gitblit.Keys;

  45. import com.gitblit.manager.AuthenticationManager;

  46. import com.gitblit.manager.IAuthenticationManager;

  47. import com.gitblit.manager.IRuntimeManager;

  48. import com.gitblit.manager.RuntimeManager;

  49. import com.gitblit.manager.UserManager;

  50. import com.gitblit.models.TeamModel;

  51. import com.gitblit.models.UserModel;

  52. import com.gitblit.tests.mock.MemorySettings;

  53. import com.gitblit.utils.XssFilter;

  54. import com.gitblit.utils.XssFilter.AllowXssFilter;

  55. 

  56. /**

  57.  * Class for testing local authentication.

  58.  *

  59.  * @author James Moger

  60.  *

  61.  */

  62. @SuppressWarnings("deprecation")

  63. public class AuthenticationManagerTest extends GitblitUnitTest {

  64. 

  65. 	UserManager users;

  66. 

  67. 	private static final class DummyHttpServletRequest implements HttpServletRequest {

  68. 

  69. 		@Override

  70. 		public Object getAttribute(String name) {

  71. 			return null;

  72. 		}

  73. 

  74. 		@Override

  75. 		public Enumeration<String> getAttributeNames() {

  76. 			return null;

  77. 		}

  78. 

  79. 		@Override

  80. 		public String getCharacterEncoding() {

  81. 			return null;

  82. 		}

  83. 

  84. 		@Override

  85. 		public void setCharacterEncoding(String env)

  86. 				throws UnsupportedEncodingException {

  87. 		}

  88. 

  89. 		@Override

  90. 		public int getContentLength() {

  91. 			return 0;

  92. 		}

  93. 

  94. 		@Override

  95. 		public long getContentLengthLong() {

  96. 			return 0;

  97. 		}

  98. 

  99. 		@Override

  100. 		public String getContentType() {

  101. 			return null;

  102. 		}

  103. 

  104. 		@Override

  105. 		public ServletInputStream getInputStream() throws IOException {

  106. 			return null;

  107. 		}

  108. 

  109. 		@Override

  110. 		public String getParameter(String name) {

  111. 			return null;

  112. 		}

  113. 

  114. 		@Override

  115. 		public Enumeration<String> getParameterNames() {

  116. 			return null;

  117. 		}

  118. 

  119. 		@Override

  120. 		public String[] getParameterValues(String name) {

  121. 			return null;

  122. 		}

  123. 

  124. 		@Override

  125. 		public Map<String, String[]> getParameterMap() {

  126. 			return null;

  127. 		}

  128. 

  129. 		@Override

  130. 		public String getProtocol() {

  131. 			return null;

  132. 		}

  133. 

  134. 		@Override

  135. 		public String getScheme() {

  136. 			return null;

  137. 		}

  138. 

  139. 		@Override

  140. 		public String getServerName() {

  141. 			return null;

  142. 		}

  143. 

  144. 		@Override

  145. 		public int getServerPort() {

  146. 			return 0;

  147. 		}

  148. 

  149. 		@Override

  150. 		public BufferedReader getReader() throws IOException {

  151. 			return null;

  152. 		}

  153. 

  154. 		@Override

  155. 		public String getRemoteAddr() {

  156. 			return null;

  157. 		}

  158. 

  159. 		@Override

  160. 		public String getRemoteHost() {

  161. 			return null;

  162. 		}

  163. 

  164. 		@Override

  165. 		public void setAttribute(String name, Object o) {

  166. 		}

  167. 

  168. 		@Override

  169. 		public void removeAttribute(String name) {

  170. 		}

  171. 

  172. 		@Override

  173. 		public Locale getLocale() {

  174. 			return null;

  175. 		}

  176. 

  177. 		@Override

  178. 		public Enumeration<Locale> getLocales() {

  179. 			return null;

  180. 		}

  181. 

  182. 		@Override

  183. 		public boolean isSecure() {

  184. 			return false;

  185. 		}

  186. 

  187. 		@Override

  188. 		public RequestDispatcher getRequestDispatcher(String path) {

  189. 			return null;

  190. 		}

  191. 

  192. 		@Override

  193. 		public String getRealPath(String path) {

  194. 			return null;

  195. 		}

  196. 

  197. 		@Override

  198. 		public int getRemotePort() {

  199. 			return 0;

  200. 		}

  201. 

  202. 		@Override

  203. 		public String getLocalName() {

  204. 			return null;

  205. 		}

  206. 

  207. 		@Override

  208. 		public String getLocalAddr() {

  209. 			return null;

  210. 		}

  211. 

  212. 		@Override

  213. 		public int getLocalPort() {

  214. 			return 0;

  215. 		}

  216. 

  217. 		@Override

  218. 		public ServletContext getServletContext() {

  219. 			return null;

  220. 		}

  221. 

  222. 		@Override

  223. 		public AsyncContext startAsync() throws IllegalStateException {

  224. 			return null;

  225. 		}

  226. 

  227. 		@Override

  228. 		public AsyncContext startAsync(ServletRequest servletRequest,

  229. 				ServletResponse servletResponse)

  230. 						throws IllegalStateException {

  231. 			return null;

  232. 		}

  233. 

  234. 		@Override

  235. 		public boolean isAsyncStarted() {

  236. 			return false;

  237. 		}

  238. 

  239. 		@Override

  240. 		public boolean isAsyncSupported() {

  241. 			return false;

  242. 		}

  243. 

  244. 		@Override

  245. 		public AsyncContext getAsyncContext() {

  246. 			return null;

  247. 		}

  248. 

  249. 		@Override

  250. 		public DispatcherType getDispatcherType() {

  251. 			return null;

  252. 		}

  253. 

  254. 		@Override

  255. 		public String getAuthType() {

  256. 			return null;

  257. 		}

  258. 

  259. 		@Override

  260. 		public Cookie[] getCookies() {

  261. 			return null;

  262. 		}

  263. 

  264. 		@Override

  265. 		public long getDateHeader(String name) {

  266. 			return 0;

  267. 		}

  268. 

  269. 		@Override

  270. 		public String getHeader(String name) {

  271. 			return null;

  272. 		}

  273. 

  274. 		@Override

  275. 		public Enumeration<String> getHeaders(String name) {

  276. 			return null;

  277. 		}

  278. 

  279. 		@Override

  280. 		public Enumeration<String> getHeaderNames() {

  281. 			return null;

  282. 		}

  283. 

  284. 		@Override

  285. 		public int getIntHeader(String name) {

  286. 			return 0;

  287. 		}

  288. 

  289. 		@Override

  290. 		public String getMethod() {

  291. 			return null;

  292. 		}

  293. 

  294. 		@Override

  295. 		public String getPathInfo() {

  296. 			return null;

  297. 		}

  298. 

  299. 		@Override

  300. 		public String getPathTranslated() {

  301. 			return null;

  302. 		}

  303. 

  304. 		@Override

  305. 		public String getContextPath() {

  306. 			return null;

  307. 		}

  308. 

  309. 		@Override

  310. 		public String getQueryString() {

  311. 			return null;

  312. 		}

  313. 

  314. 		@Override

  315. 		public String getRemoteUser() {

  316. 			return null;

  317. 		}

  318. 

  319. 		@Override

  320. 		public boolean isUserInRole(String role) {

  321. 			if(role != null && "admin".equals(role)) {

  322. 				return true;

  323. 			}

  324. 			return false;

  325. 		}

  326. 

  327. 		@Override

  328. 		public Principal getUserPrincipal() {

  329. 			return new Principal(){

  330. 				@Override

  331. 				public String getName() {

  332. 					return "sunnyjim";

  333. 				}

  334. 

  335. 			};

  336. 		}

  337. 

  338. 		@Override

  339. 		public String getRequestedSessionId() {

  340. 			return null;

  341. 		}

  342. 

  343. 		@Override

  344. 		public String getRequestURI() {

  345. 			return null;

  346. 		}

  347. 

  348. 		@Override

  349. 		public StringBuffer getRequestURL() {

  350. 			return null;

  351. 		}

  352. 

  353. 		@Override

  354. 		public String getServletPath() {

  355. 			return null;

  356. 		}

  357. 

  358. 		@Override

  359. 		public HttpSession getSession(boolean create) {

  360. 			return null;

  361. 		}

  362. 

  363. 		final Map<String, Object> sessionAttributes = new HashMap<String, Object>();

  364. 		@Override

  365. 		public HttpSession getSession() {

  366. 			return new HttpSession() {

  367. 

  368. 				@Override

  369. 				public long getCreationTime() {

  370. 					return 0;

  371. 				}

  372. 

  373. 				@Override

  374. 				public String getId() {

  375. 					return null;

  376. 				}

  377. 

  378. 				@Override

  379. 				public long getLastAccessedTime() {

  380. 					return 0;

  381. 				}

  382. 

  383. 				@Override

  384. 				public ServletContext getServletContext() {

  385. 					return null;

  386. 				}

  387. 

  388. 				@Override

  389. 				public void setMaxInactiveInterval(int interval) {

  390. 				}

  391. 

  392. 				@Override

  393. 				public int getMaxInactiveInterval() {

  394. 					return 0;

  395. 				}

  396. 

  397. 				@Override

  398. 				public HttpSessionContext getSessionContext() {

  399. 					return null;

  400. 				}

  401. 

  402. 				@Override

  403. 				public Object getAttribute(String name) {

  404. 					return sessionAttributes.get(name);

  405. 				}

  406. 

  407. 				@Override

  408. 				public Object getValue(String name) {

  409. 					return null;

  410. 				}

  411. 

  412. 				@Override

  413. 				public Enumeration<String> getAttributeNames() {

  414. 					return Collections.enumeration(sessionAttributes.keySet());

  415. 				}

  416. 

  417. 				@Override

  418. 				public String[] getValueNames() {

  419. 					return null;

  420. 				}

  421. 

  422. 				@Override

  423. 				public void setAttribute(String name,

  424. 						Object value) {

  425. 				}

  426. 

  427. 				@Override

  428. 				public void putValue(String name, Object value) {

  429. 				}

  430. 

  431. 				@Override

  432. 				public void removeAttribute(String name) {

  433. 				}

  434. 

  435. 				@Override

  436. 				public void removeValue(String name) {

  437. 				}

  438. 

  439. 				@Override

  440. 				public void invalidate() {

  441. 				}

  442. 

  443. 				@Override

  444. 				public boolean isNew() {

  445. 					return false;

  446. 				}

  447. 

  448. 			};

  449. 		}

  450. 

  451. 		@Override

  452. 		public String changeSessionId() {

  453. 			return null;

  454. 		}

  455. 

  456. 		@Override

  457. 		public boolean isRequestedSessionIdValid() {

  458. 			return false;

  459. 		}

  460. 

  461. 		@Override

  462. 		public boolean isRequestedSessionIdFromCookie() {

  463. 			return false;

  464. 		}

  465. 

  466. 		@Override

  467. 		public boolean isRequestedSessionIdFromURL() {

  468. 			return false;

  469. 		}

  470. 

  471. 		@Override

  472. 		public boolean isRequestedSessionIdFromUrl() {

  473. 			return false;

  474. 		}

  475. 

  476. 		@Override

  477. 		public boolean authenticate(HttpServletResponse response)

  478. 				throws IOException, ServletException {

  479. 			return false;

  480. 		}

  481. 

  482. 		@Override

  483. 		public void login(String username, String password)

  484. 				throws ServletException {

  485. 		}

  486. 

  487. 		@Override

  488. 		public void logout() throws ServletException {

  489. 		}

  490. 

  491. 		@Override

  492. 		public Collection<Part> getParts() throws IOException,

  493. 		ServletException {

  494. 			return null;

  495. 		}

  496. 

  497. 		@Override

  498. 		public Part getPart(String name) throws IOException,

  499. 		ServletException {

  500. 			return null;

  501. 		}

  502. 

  503. 		@Override

  504. 		public <T extends HttpUpgradeHandler> T upgrade(

  505. 				Class<T> handlerClass) throws IOException,

  506. 				ServletException {

  507. 			return null;

  508. 		}

  509. 

  510. 	}

  511. 

  512. 	HashMap<String, Object> settings = new HashMap<String, Object>();

  513. 

  514. 	MemorySettings getSettings() {

  515. 		return new MemorySettings(settings);

  516. 	}

  517. 

  518. 	IAuthenticationManager newAuthenticationManager() {

  519. 		XssFilter xssFilter = new AllowXssFilter();

  520. 		RuntimeManager runtime = new RuntimeManager(getSettings(), xssFilter, GitBlitSuite.BASEFOLDER).start();

  521. 		users = new UserManager(runtime, null).start();

  522. 		final Map<String, UserModel> virtualUsers = new HashMap<String, UserModel>();

  523. 		users.setUserService(new IUserService() {

  524. 

  525. 			@Override

  526. 			public void setup(IRuntimeManager runtimeManager) {

  527. 			}

  528. 

  529. 			@Override

  530. 			public String getCookie(UserModel model) {

  531. 				return null;

  532. 			}

  533. 

  534. 			@Override

  535. 			public UserModel getUserModel(char[] cookie) {

  536. 				return null;

  537. 			}

  538. 

  539. 			@Override

  540. 			public UserModel getUserModel(String username) {

  541. 				return virtualUsers.get(username);

  542. 			}

  543. 

  544. 			@Override

  545. 			public boolean updateUserModel(UserModel model) {

  546. 				virtualUsers.put(model.username, model);

  547. 				return true;

  548. 			}

  549. 

  550. 			@Override

  551. 			public boolean updateUserModels(Collection<UserModel> models) {

  552. 				return false;

  553. 			}

  554. 

  555. 			@Override

  556. 			public boolean updateUserModel(String username, UserModel model) {

  557. 				virtualUsers.put(username, model);

  558. 				return true;

  559. 			}

  560. 

  561. 			@Override

  562. 			public boolean deleteUserModel(UserModel model) {

  563. 				return false;

  564. 			}

  565. 

  566. 			@Override

  567. 			public boolean deleteUser(String username) {

  568. 				return false;

  569. 			}

  570. 

  571. 			@Override

  572. 			public List<String> getAllUsernames() {

  573. 				return null;

  574. 			}

  575. 

  576. 			@Override

  577. 			public List<UserModel> getAllUsers() {

  578. 				return null;

  579. 			}

  580. 

  581. 			@Override

  582. 			public List<String> getAllTeamNames() {

  583. 				return null;

  584. 			}

  585. 

  586. 			@Override

  587. 			public List<TeamModel> getAllTeams() {

  588. 				return null;

  589. 			}

  590. 

  591. 			@Override

  592. 			public List<String> getTeamNamesForRepositoryRole(String role) {

  593. 				return null;

  594. 			}

  595. 

  596. 			@Override

  597. 			public TeamModel getTeamModel(String teamname) {

  598. 				return null;

  599. 			}

  600. 

  601. 			@Override

  602. 			public boolean updateTeamModel(TeamModel model) {

  603. 				return false;

  604. 			}

  605. 

  606. 			@Override

  607. 			public boolean updateTeamModels(Collection<TeamModel> models) {

  608. 				return false;

  609. 			}

  610. 

  611. 			@Override

  612. 			public boolean updateTeamModel(String teamname, TeamModel model) {

  613. 				return false;

  614. 			}

  615. 

  616. 			@Override

  617. 			public boolean deleteTeamModel(TeamModel model) {

  618. 				return false;

  619. 			}

  620. 

  621. 			@Override

  622. 			public boolean deleteTeam(String teamname) {

  623. 				return false;

  624. 			}

  625. 

  626. 			@Override

  627. 			public List<String> getUsernamesForRepositoryRole(String role) {

  628. 				return null;

  629. 			}

  630. 

  631. 			@Override

  632. 			public boolean renameRepositoryRole(String oldRole,

  633. 					String newRole) {

  634. 				return false;

  635. 			}

  636. 

  637. 			@Override

  638. 			public boolean deleteRepositoryRole(String role) {

  639. 				return false;

  640. 			}

  641. 

  642. 		});

  643. 		AuthenticationManager auth = new AuthenticationManager(runtime, users).start();

  644. 		return auth;

  645. 	}

  646. 

  647. 	@Test

  648. 	public void testAuthenticate() throws Exception {

  649. 		IAuthenticationManager auth = newAuthenticationManager();

  650. 

  651. 

  652. 		String password = "pass word";

  653. 		UserModel user = new UserModel("sunnyjim");

  654. 		user.password = password;

  655. 		users.updateUserModel(user);

  656. 

  657. 		char[] pwd = password.toCharArray();

  658. 		assertNotNull(auth.authenticate(user.username, pwd, null));

  659. 

  660. 		// validate that the passed in password has been zeroed out in memory

  661. 		char[] zeroes = new char[pwd.length];

  662. 		Arrays.fill(zeroes, Character.MIN_VALUE);

  663. 		assertArrayEquals(zeroes, pwd);

  664. 	}

  665. 

  666. 

  667. 	@Test

  668. 	public void testAuthenticateDisabledUser() throws Exception {

  669. 		IAuthenticationManager auth = newAuthenticationManager();

  670. 

  671. 

  672. 		String password = "password";

  673. 		UserModel user = new UserModel("sunnyjim");

  674. 		user.password = password;

  675. 		user.disabled = true;

  676. 		users.updateUserModel(user);

  677. 

  678. 		assertNull(auth.authenticate(user.username, password.toCharArray(), null));

  679. 

  680. 		user.disabled = false;

  681. 		users.updateUserModel(user);

  682. 		assertNotNull(auth.authenticate(user.username, password.toCharArray(), null));

  683. 	}

  684. 

  685. 

  686. 	@Test

  687. 	public void testAuthenticateEmptyPassword() throws Exception {

  688. 		IAuthenticationManager auth = newAuthenticationManager();

  689. 

  690. 

  691. 		String password = "password";

  692. 		UserModel user = new UserModel("sunnyjim");

  693. 		user.password = password;

  694. 		users.updateUserModel(user);

  695. 

  696. 		assertNull(auth.authenticate(user.username, "".toCharArray(), null));

  697. 		assertNull(auth.authenticate(user.username, " 	 ".toCharArray(), null));

  698. 		assertNull(auth.authenticate(user.username, new char[]{' ', '\u0010', '\u0015'}, null));

  699. 	}

  700. 

  701. 

  702. 

  703. 

  704. 	@Test

  705. 	public void testAuthenticateWrongPassword() throws Exception {

  706. 		IAuthenticationManager auth = newAuthenticationManager();

  707. 

  708. 

  709. 		String password = "password";

  710. 		UserModel user = new UserModel("sunnyjim");

  711. 		user.password = password;

  712. 		users.updateUserModel(user);

  713. 

  714. 		assertNull(auth.authenticate(user.username, "helloworld".toCharArray(), null));

  715. 	}

  716. 

  717. 

  718. 	@Test

  719. 	public void testAuthenticateNoSuchUser() throws Exception {

  720. 		IAuthenticationManager auth = newAuthenticationManager();

  721. 

  722. 

  723. 		String password = "password";

  724. 		UserModel user = new UserModel("sunnyjim");

  725. 		user.password = password;

  726. 		users.updateUserModel(user);

  727. 

  728. 		assertNull(auth.authenticate("rainyjoe", password.toCharArray(), null));

  729. 	}

  730. 

  731. 

  732. 	@Test

  733. 	public void testAuthenticateUpgradePlaintext() throws Exception {

  734. 		IAuthenticationManager auth = newAuthenticationManager();

  735. 

  736. 		String password = "topsecret";

  737. 		UserModel user = new UserModel("sunnyjim");

  738. 		user.password = password;

  739. 		users.updateUserModel(user);

  740. 

  741. 		assertNotNull(auth.authenticate(user.username, password.toCharArray(), null));

  742. 

  743. 		// validate that plaintext password was automatically updated to hashed one

  744. 		assertTrue(user.password.startsWith(PasswordHash.getDefaultType().name() + ":"));

  745. 

  746. 		// validate that the password is still valid and the user can log in

  747. 		assertNotNull(auth.authenticate(user.username, password.toCharArray(), null));

  748. 	}

  749. 

  750. 

  751. 	@Test

  752. 	public void testAuthenticateUpgradeMD5() throws Exception {

  753. 		IAuthenticationManager auth = newAuthenticationManager();

  754. 

  755. 		String password = "secretAndHashed";

  756. 		UserModel user = new UserModel("sunnyjim");

  757. 		user.password = "MD5:BD95A1CFD00868B59B3564112D1E5847";

  758. 		users.updateUserModel(user);

  759. 

  760. 		assertNotNull(auth.authenticate(user.username, password.toCharArray(), null));

  761. 

  762. 		// validate that MD5 password was automatically updated to hashed one

  763. 		assertTrue(user.password.startsWith(PasswordHash.getDefaultType().name() + ":"));

  764. 

  765. 		// validate that the password is still valid and the user can log in

  766. 		assertNotNull(auth.authenticate(user.username, password.toCharArray(), null));

  767. 	}

  768. 

  769. 

  770. 	@Test

  771. 	public void testContenairAuthenticate() throws Exception {

  772. 		settings.put(Keys.realm.container.autoCreateAccounts, "true");

  773. 		settings.put(Keys.realm.container.autoAccounts.displayName, "displayName");

  774. 		settings.put(Keys.realm.container.autoAccounts.emailAddress, "emailAddress");

  775. 		settings.put(Keys.realm.container.autoAccounts.adminRole, "admin");

  776. 		settings.put(Keys.realm.container.autoAccounts.locale, "locale");

  777. 

  778. 		DummyHttpServletRequest request = new DummyHttpServletRequest();

  779. 		request.sessionAttributes.put("displayName", "Sunny Jim");

  780. 		request.sessionAttributes.put("emailAddress", "Jim.Sunny@gitblit.com");

  781. 		request.sessionAttributes.put("locale", "it");

  782. 

  783. 		IAuthenticationManager auth = newAuthenticationManager();

  784. 

  785. 		UserModel user = auth.authenticate(request);

  786. 

  787. 		assertTrue(user.canAdmin);

  788. 		assertEquals("Sunny Jim", user.displayName);

  789. 		assertEquals("Jim.Sunny@gitblit.com", user.emailAddress);

  790. 		assertEquals(Locale.ITALIAN, user.getPreferences().getLocale());

  791. 	}

  792. 

  793. 	@Test

  794. 	public void testContenairAuthenticateEmpty() throws Exception {

  795. 		settings.put(Keys.realm.container.autoCreateAccounts, "true");

  796. 		settings.put(Keys.realm.container.autoAccounts.displayName, "displayName");

  797. 		settings.put(Keys.realm.container.autoAccounts.emailAddress, "emailAddress");

  798. 		settings.put(Keys.realm.container.autoAccounts.adminRole, "notAdmin");

  799. 

  800. 		DummyHttpServletRequest request = new DummyHttpServletRequest();

  801. 

  802. 		IAuthenticationManager auth = newAuthenticationManager();

  803. 

  804. 		UserModel user = auth.authenticate(request);

  805. 

  806. 		assertFalse(user.canAdmin);

  807. 		assertEquals("sunnyjim", user.displayName);

  808. 		assertNull(user.emailAddress);

  809. 		assertNull(user.getPreferences().getLocale());

  810. 	}

  811. 

  812. }