mirrors
/
gitblit
Mirror von https://github.com/gitblit/gitblit.git
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Releases 43 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
1533 Commits
11 Branches
Struktur: db4f6b5740
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „db4f6b5740“
${ noResults }
gitblit/src/test/java/com/gitblit/tests/HtpasswdUserServiceTest.java

HtpasswdUserServiceTest.java 20KB
Originalformat Blame Verlauf

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568 
  1. /*

  2.  * Copyright 2013 gitblit.com.

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *     http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. package com.gitblit.tests;

  17. 

  18. import java.io.File;

  19. import java.io.FilenameFilter;

  20. import java.io.IOException;

  21. import java.util.HashMap;

  22. 

  23. import org.apache.commons.io.FileUtils;

  24. import org.junit.After;

  25. import org.junit.Before;

  26. import org.junit.Test;

  27. 

  28. import com.gitblit.HtpasswdUserService;

  29. import com.gitblit.models.UserModel;

  30. import com.gitblit.tests.mock.MemorySettings;

  31. import com.gitblit.utils.StringUtils;

  32. 

  33. /**

  34.  * Test the Htpasswd user service.

  35.  *

  36.  */

  37. public class HtpasswdUserServiceTest extends GitblitUnitTest {

  38. 

  39.     private static final String RESOURCE_DIR = "src/test/resources/htpasswdUSTest/";

  40.     private static final String KEY_SUPPORT_PLAINTEXT_PWD = "realm.htpasswd.supportPlaintextPasswords";

  41. 

  42.     private static final int NUM_USERS_HTPASSWD = 10;

  43. 

  44.     private static final MemorySettings MS = new MemorySettings(new HashMap<String, Object>());

  45. 

  46.     private HtpasswdUserService htpwdUserService;

  47. 

  48. 

  49.     private MemorySettings getSettings( String userfile, String groupfile, Boolean overrideLA)

  50.     {

  51.         MS.put("realm.htpasswd.backingUserService", RESOURCE_DIR + "users.conf");

  52.         MS.put("realm.htpasswd.userfile", (userfile == null) ? (RESOURCE_DIR+"htpasswd") : userfile);

  53.         MS.put("realm.htpasswd.groupfile", (groupfile == null) ? (RESOURCE_DIR+"htgroup") : groupfile);

  54.         MS.put("realm.htpasswd.overrideLocalAuthentication", (overrideLA == null) ? "false" : overrideLA.toString());

  55.         // Default to keep test the same on all platforms.

  56.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "false");

  57. 

  58.         return MS;

  59.     }

  60. 

  61.     private MemorySettings getSettings()

  62.     {

  63.         return getSettings(null, null, null);

  64.     }

  65. 

  66.     private MemorySettings getSettings(boolean overrideLA)

  67.     {

  68.         return getSettings(null, null, new Boolean(overrideLA));

  69.     }

  70. 

  71. 

  72.     private void setupUS()

  73.     {

  74.         htpwdUserService = new HtpasswdUserService();

  75.         htpwdUserService.setup(getSettings());

  76.     }

  77. 

  78.     private void setupUS(boolean overrideLA)

  79.     {

  80.         htpwdUserService = new HtpasswdUserService();

  81.         htpwdUserService.setup(getSettings(overrideLA));

  82.     }

  83. 

  84. 

  85.     private void copyInFiles() throws IOException

  86.     {

  87.         File dir = new File(RESOURCE_DIR);

  88.         FilenameFilter filter = new FilenameFilter() {

  89.             @Override

  90. 			public boolean accept(File dir, String file) {

  91.                 return file.endsWith(".in");

  92.                 }

  93.             };

  94.         for (File inf : dir.listFiles(filter)) {

  95.             File dest = new File(inf.getParent(), inf.getName().substring(0, inf.getName().length()-3));

  96.             FileUtils.copyFile(inf, dest);

  97.         }

  98.     }

  99. 

  100. 

  101.     private void deleteGeneratedFiles()

  102.     {

  103.         File dir = new File(RESOURCE_DIR);

  104.         FilenameFilter filter = new FilenameFilter() {

  105.             @Override

  106. 			public boolean accept(File dir, String file) {

  107.                 return !(file.endsWith(".in"));

  108.                 }

  109.             };

  110.         for (File file : dir.listFiles(filter)) {

  111.             file.delete();

  112.         }

  113.     }

  114. 

  115. 

  116.     @Before

  117.     public void setup() throws IOException

  118.     {

  119.         copyInFiles();

  120.         setupUS();

  121.     }

  122. 

  123. 

  124.     @After

  125.     public void tearDown()

  126.     {

  127.         deleteGeneratedFiles();

  128.     }

  129. 

  130. 

  131. 

  132.     @Test

  133.     public void testSetup() throws IOException

  134.     {

  135.         assertEquals(NUM_USERS_HTPASSWD, htpwdUserService.getNumberHtpasswdUsers());

  136.     }

  137. 

  138. 

  139.     @Test

  140.     public void testAuthenticate()

  141.     {

  142.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "true");

  143.         UserModel user = htpwdUserService.authenticate("user1", "pass1".toCharArray());

  144.         assertNotNull(user);

  145.         assertEquals("user1", user.username);

  146. 

  147.         user = htpwdUserService.authenticate("user2", "pass2".toCharArray());

  148.         assertNotNull(user);

  149.         assertEquals("user2", user.username);

  150. 

  151.         // Test different encryptions

  152.         user = htpwdUserService.authenticate("plain", "passWord".toCharArray());

  153.         assertNotNull(user);

  154.         assertEquals("plain", user.username);

  155. 

  156.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "false");

  157.         user = htpwdUserService.authenticate("crypt", "password".toCharArray());

  158.         assertNotNull(user);

  159.         assertEquals("crypt", user.username);

  160. 

  161.         user = htpwdUserService.authenticate("md5", "password".toCharArray());

  162.         assertNotNull(user);

  163.         assertEquals("md5", user.username);

  164. 

  165.         user = htpwdUserService.authenticate("sha", "password".toCharArray());

  166.         assertNotNull(user);

  167.         assertEquals("sha", user.username);

  168. 

  169. 

  170.         // Test leading and trailing whitespace

  171.         user = htpwdUserService.authenticate("trailing", "whitespace".toCharArray());

  172.         assertNotNull(user);

  173.         assertEquals("trailing", user.username);

  174. 

  175.         user = htpwdUserService.authenticate("tabbed", "frontAndBack".toCharArray());

  176.         assertNotNull(user);

  177.         assertEquals("tabbed", user.username);

  178. 

  179.         user = htpwdUserService.authenticate("leading", "whitespace".toCharArray());

  180.         assertNotNull(user);

  181.         assertEquals("leading", user.username);

  182. 

  183. 

  184.         // Test local account

  185.         user = htpwdUserService.authenticate("admin", "admin".toCharArray());

  186.         assertNotNull(user);

  187.         assertEquals("admin", user.username);

  188.     }

  189. 

  190. 

  191.     @Test

  192.     public void testAttributes()

  193.     {

  194.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "true");

  195.         UserModel user = htpwdUserService.authenticate("user1", "pass1".toCharArray());

  196.         assertNotNull(user);

  197.         assertEquals("El Capitan", user.displayName);

  198.         assertEquals("cheffe@example.com", user.emailAddress);

  199.         assertTrue(user.canAdmin);

  200. 

  201.         user = htpwdUserService.authenticate("user2", "pass2".toCharArray());

  202.         assertNotNull(user);

  203.         assertEquals("User Two", user.displayName);

  204.         assertTrue(user.canCreate);

  205.         assertTrue(user.canFork);

  206. 

  207. 

  208.         user = htpwdUserService.authenticate("admin", "admin".toCharArray());

  209.         assertNotNull(user);

  210.         assertTrue(user.canAdmin);

  211. 

  212.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  213.         assertNotNull(user);

  214.         assertEquals("Local User", user.displayName);

  215.         assertFalse(user.canCreate);

  216.         assertFalse(user.canFork);

  217.         assertFalse(user.canAdmin);

  218.     }

  219. 

  220. 

  221.     @Test

  222.     public void testAuthenticateDenied()

  223.     {

  224.         UserModel user = null;

  225.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "true");

  226.         user = htpwdUserService.authenticate("user1", "".toCharArray());

  227.         assertNull("User 'user1' falsely authenticated.", user);

  228. 

  229.         user = htpwdUserService.authenticate("user1", "pass2".toCharArray());

  230.         assertNull("User 'user1' falsely authenticated.", user);

  231. 

  232.         user = htpwdUserService.authenticate("user2", "lalala".toCharArray());

  233.         assertNull("User 'user2' falsely authenticated.", user);

  234. 

  235. 

  236.         user = htpwdUserService.authenticate("user3", "disabled".toCharArray());

  237.         assertNull("User 'user3' falsely authenticated.", user);

  238. 

  239.         user = htpwdUserService.authenticate("user4", "disabled".toCharArray());

  240.         assertNull("User 'user4' falsely authenticated.", user);

  241. 

  242. 

  243.         user = htpwdUserService.authenticate("plain", "text".toCharArray());

  244.         assertNull("User 'plain' falsely authenticated.", user);

  245. 

  246.         user = htpwdUserService.authenticate("plain", "password".toCharArray());

  247.         assertNull("User 'plain' falsely authenticated.", user);

  248. 

  249. 

  250.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "false");

  251. 

  252.         user = htpwdUserService.authenticate("crypt", "".toCharArray());

  253.         assertNull("User 'cyrpt' falsely authenticated.", user);

  254. 

  255.         user = htpwdUserService.authenticate("crypt", "passwd".toCharArray());

  256.         assertNull("User 'crypt' falsely authenticated.", user);

  257. 

  258.         user = htpwdUserService.authenticate("md5", "".toCharArray());

  259.         assertNull("User 'md5' falsely authenticated.", user);

  260. 

  261.         user = htpwdUserService.authenticate("md5", "pwd".toCharArray());

  262.         assertNull("User 'md5' falsely authenticated.", user);

  263. 

  264.         user = htpwdUserService.authenticate("sha", "".toCharArray());

  265.         assertNull("User 'sha' falsely authenticated.", user);

  266. 

  267.         user = htpwdUserService.authenticate("sha", "letmein".toCharArray());

  268.         assertNull("User 'sha' falsely authenticated.", user);

  269. 

  270. 

  271.         user = htpwdUserService.authenticate("  tabbed", "frontAndBack".toCharArray());

  272.         assertNull("User 'tabbed' falsely authenticated.", user);

  273. 

  274.         user = htpwdUserService.authenticate("    leading", "whitespace".toCharArray());

  275.         assertNull("User 'leading' falsely authenticated.", user);

  276.     }

  277. 

  278. 

  279.     @Test

  280.     public void testNewLocalAccount()

  281.     {

  282.         UserModel newUser = new UserModel("newlocal");

  283.         newUser.displayName = "Local User 2";

  284.         newUser.password = StringUtils.MD5_TYPE + StringUtils.getMD5("localPwd2");

  285.         assertTrue("Failed to add local account.", htpwdUserService.updateUserModel(newUser));

  286. 

  287.         UserModel localAccount = htpwdUserService.authenticate(newUser.username, "localPwd2".toCharArray());

  288.         assertNotNull(localAccount);

  289.         assertEquals(newUser, localAccount);

  290. 

  291.         localAccount = htpwdUserService.authenticate(newUser.username, "localPwd2".toCharArray());

  292.         assertNotNull(localAccount);

  293.         assertEquals(newUser, localAccount);

  294. 

  295.         assertTrue("Failed to delete local account.", htpwdUserService.deleteUser(localAccount.username));

  296.         assertNull(htpwdUserService.authenticate(newUser.username, "localPwd2".toCharArray()));

  297.     }

  298. 

  299. 

  300.     @Test

  301.     public void testCleartextIntrusion()

  302.     {

  303.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "true");

  304.         assertNull(htpwdUserService.authenticate("md5", "$apr1$qAGGNfli$sAn14mn.WKId/3EQS7KSX0".toCharArray()));

  305.         assertNull(htpwdUserService.authenticate("sha", "{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=".toCharArray()));

  306. 

  307.         assertNull(htpwdUserService.authenticate("user1", "#externalAccount".toCharArray()));

  308. 

  309.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "false");

  310.         assertNull(htpwdUserService.authenticate("md5", "$apr1$qAGGNfli$sAn14mn.WKId/3EQS7KSX0".toCharArray()));

  311.         assertNull(htpwdUserService.authenticate("sha", "{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=".toCharArray()));

  312. 

  313.         assertNull(htpwdUserService.authenticate("user1", "#externalAccount".toCharArray()));

  314.     }

  315. 

  316. 

  317.     @Test

  318.     public void testCryptVsPlaintext()

  319.     {

  320.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "false");

  321.         assertNull(htpwdUserService.authenticate("crypt", "6TmlbxqZ2kBIA".toCharArray()));

  322.         assertNotNull(htpwdUserService.authenticate("crypt", "password".toCharArray()));

  323. 

  324.         MS.put(KEY_SUPPORT_PLAINTEXT_PWD, "true");

  325.         assertNotNull(htpwdUserService.authenticate("crypt", "6TmlbxqZ2kBIA".toCharArray()));

  326.         assertNull(htpwdUserService.authenticate("crypt", "password".toCharArray()));

  327.     }

  328. 

  329. 

  330.     /*

  331.      * Test case: User exists in user.conf with a local password and in htpasswd with an external password.

  332.      * If overrideLocalAuthentication is false, the local account takes precedence and is never updated.

  333.      */

  334.     @Test

  335.     public void testPreparedAccountPreferLocal() throws IOException

  336.     {

  337.         setupUS(false);

  338. 

  339.         UserModel user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  340.         assertNotNull(user);

  341.         assertEquals("leaderred", user.getName());

  342. 

  343.         user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  344.         assertNotNull(user);

  345.         assertEquals("leaderred", user.getName());

  346. 

  347.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  348.         assertNull(user);

  349. 

  350.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  351.         assertNotNull(user);

  352.         assertEquals("staylocal", user.getName());

  353. 

  354. 

  355.         deleteGeneratedFiles();

  356.         copyInFiles();

  357.         setupUS(false);

  358. 

  359.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  360.         assertNull(user);

  361. 

  362.         user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  363.         assertNotNull(user);

  364.         assertEquals("leaderred", user.getName());

  365. 

  366.         user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  367.         assertNotNull(user);

  368.         assertEquals("leaderred", user.getName());

  369. 

  370.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  371.         assertNotNull(user);

  372.         assertEquals("staylocal", user.getName());

  373.     }

  374. 

  375. 

  376.     /*

  377.      * Test case: User exists in user.conf with a local password and in htpasswd with an external password.

  378.      * If overrideLocalAuthentication is true, the external account takes precedence,

  379.      * the initial local password is never used and discarded.

  380.      */

  381.     @Test

  382.     public void testPreparedAccountPreferExternal() throws IOException

  383.     {

  384.         setupUS(true);

  385. 

  386.         UserModel user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  387.         assertNotNull(user);

  388.         assertEquals("leaderred", user.getName());

  389. 

  390.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  391.         assertNotNull(user);

  392.         assertEquals("leaderred", user.getName());

  393. 

  394.         user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  395.         assertNull(user);

  396. 

  397.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  398.         assertNotNull(user);

  399.         assertEquals("staylocal", user.getName());

  400. 

  401. 

  402.         deleteGeneratedFiles();

  403.         copyInFiles();

  404.         setupUS(true);

  405. 

  406. 

  407.         user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  408.         assertNull(user);

  409. 

  410.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  411.         assertNotNull(user);

  412.         assertEquals("leaderred", user.getName());

  413. 

  414.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  415.         assertNotNull(user);

  416.         assertEquals("leaderred", user.getName());

  417. 

  418.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  419.         assertNotNull(user);

  420.         assertEquals("staylocal", user.getName());

  421. 

  422.         // Make sure no authentication by using the string constant for external accounts is possible.

  423.         user = htpwdUserService.authenticate("leaderred", "#externalAccount".toCharArray());

  424.         assertNull(user);

  425.     }

  426. 

  427. 

  428.     /*

  429.      * Test case: User exists in user.conf with a local password and in htpasswd with an external password.

  430.      * If overrideLocalAuthentication is true, the external account takes precedence,

  431.      * the initial local password is never used and discarded.

  432.      */

  433.     @Test

  434.     public void testPreparedAccountChangeSetting() throws IOException

  435.     {

  436.         getSettings(false);

  437. 

  438.         UserModel user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  439.         assertNotNull(user);

  440.         assertEquals("leaderred", user.getName());

  441. 

  442.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  443.         assertNull(user);

  444. 

  445.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  446.         assertNotNull(user);

  447.         assertEquals("staylocal", user.getName());

  448. 

  449. 

  450.         getSettings(true);

  451. 

  452. 

  453.         user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  454.         assertNull(user);

  455. 

  456.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  457.         assertNotNull(user);

  458.         assertEquals("leaderred", user.getName());

  459. 

  460.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  461.         assertNotNull(user);

  462.         assertEquals("staylocal", user.getName());

  463. 

  464.         // Make sure no authentication by using the string constant for external accounts is possible.

  465.         user = htpwdUserService.authenticate("leaderred", "#externalAccount".toCharArray());

  466.         assertNull(user);

  467. 

  468. 

  469.         getSettings(false);

  470.         // The preference is now back to local accounts but since the prepared account got switched

  471.         // to an external account, it will stay this way.

  472. 

  473.         user = htpwdUserService.authenticate("leaderred", "localPassword".toCharArray());

  474.         assertNull(user);

  475. 

  476.         user = htpwdUserService.authenticate("leaderred", "externalPassword".toCharArray());

  477.         assertNotNull(user);

  478.         assertEquals("leaderred", user.getName());

  479. 

  480.         user = htpwdUserService.authenticate("staylocal", "localUser".toCharArray());

  481.         assertNotNull(user);

  482.         assertEquals("staylocal", user.getName());

  483. 

  484.         // Make sure no authentication by using the string constant for external accounts is possible.

  485.         user = htpwdUserService.authenticate("leaderred", "#externalAccount".toCharArray());

  486.         assertNull(user);

  487.     }

  488. 

  489. 

  490.     @Test

  491.     public void testChangeHtpasswdFile()

  492.     {

  493.         UserModel user;

  494. 

  495.         // User default set up.

  496.         user = htpwdUserService.authenticate("md5", "password".toCharArray());

  497.         assertNotNull(user);

  498.         assertEquals("md5", user.username);

  499. 

  500.         user = htpwdUserService.authenticate("sha", "password".toCharArray());

  501.         assertNotNull(user);

  502.         assertEquals("sha", user.username);

  503. 

  504.         user = htpwdUserService.authenticate("blueone", "GoBlue!".toCharArray());

  505.         assertNull(user);

  506. 

  507.         user = htpwdUserService.authenticate("bluetwo", "YayBlue!".toCharArray());

  508.         assertNull(user);

  509. 

  510. 

  511.         // Switch to different htpasswd file.

  512.         getSettings(RESOURCE_DIR + "htpasswd-user", null, null);

  513. 

  514.         user = htpwdUserService.authenticate("md5", "password".toCharArray());

  515.         assertNull(user);

  516. 

  517.         user = htpwdUserService.authenticate("sha", "password".toCharArray());

  518.         assertNull(user);

  519. 

  520.         user = htpwdUserService.authenticate("blueone", "GoBlue!".toCharArray());

  521.         assertNotNull(user);

  522.         assertEquals("blueone", user.username);

  523. 

  524.         user = htpwdUserService.authenticate("bluetwo", "YayBlue!".toCharArray());

  525.         assertNotNull(user);

  526.         assertEquals("bluetwo", user.username);

  527.     }

  528. 

  529. 

  530.     @Test

  531.     public void testChangeHtpasswdFileNotExisting()

  532.     {

  533.         UserModel user;

  534. 

  535.         // User default set up.

  536.         user = htpwdUserService.authenticate("md5", "password".toCharArray());

  537.         assertNotNull(user);

  538.         assertEquals("md5", user.username);

  539. 

  540.         user = htpwdUserService.authenticate("sha", "password".toCharArray());

  541.         assertNotNull(user);

  542.         assertEquals("sha", user.username);

  543. 

  544.         user = htpwdUserService.authenticate("blueone", "GoBlue!".toCharArray());

  545.         assertNull(user);

  546. 

  547.         user = htpwdUserService.authenticate("bluetwo", "YayBlue!".toCharArray());

  548.         assertNull(user);

  549. 

  550. 

  551.         // Switch to different htpasswd file that doesn't exist.

  552.         // Currently we stop working with old users upon this change.

  553.         getSettings(RESOURCE_DIR + "no-such-file", null, null);

  554. 

  555.         user = htpwdUserService.authenticate("md5", "password".toCharArray());

  556.         assertNull(user);

  557. 

  558.         user = htpwdUserService.authenticate("sha", "password".toCharArray());

  559.         assertNull(user);

  560. 

  561.         user = htpwdUserService.authenticate("blueone", "GoBlue!".toCharArray());

  562.         assertNull(user);

  563. 

  564.         user = htpwdUserService.authenticate("bluetwo", "YayBlue!".toCharArray());

  565.         assertNull(user);

  566.     }

  567. 

  568. }