Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-600: Added extra test assertions on authentication details object after password change.

This commit is contained in:
Luke Taylor 2007-11-13 17:17:25 +00:00
parent cb237055ac
commit 3e3dac4050
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/src/test/java/org/springframework/security/userdetails/jdbc/JdbcUserDetailsManagerTests.java
View File

@ -1,6 +1,7 @@
package org.springframework.security.userdetails.jdbc; package org.springframework.security.userdetails.jdbc;
import org.springframework.security.AccessDeniedException; import org.springframework.security.AccessDeniedException;
import org.springframework.security.Authentication;
import org.springframework.security.BadCredentialsException; import org.springframework.security.BadCredentialsException;
import org.springframework.security.MockAuthenticationManager; import org.springframework.security.MockAuthenticationManager;
import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.context.SecurityContextHolder;
@ -132,14 +133,17 @@ public class JdbcUserDetailsManagerTests {
@Test @Test
public void changePasswordSucceedsWithIfReAuthenticationSucceeds() { public void changePasswordSucceedsWithIfReAuthenticationSucceeds() {
insertJoe(); insertJoe();
authenticateJoe(); Authentication currentAuth = authenticateJoe();
manager.setAuthenticationManager(new MockAuthenticationManager(true)); manager.setAuthenticationManager(new MockAuthenticationManager(true));
manager.changePassword("password", "newPassword"); manager.changePassword("password", "newPassword");
UserDetails newJoe = manager.loadUserByUsername("joe"); UserDetails newJoe = manager.loadUserByUsername("joe");
assertEquals("newPassword", newJoe.getPassword()); assertEquals("newPassword", newJoe.getPassword());
// The password in the context should also be altered // The password in the context should also be altered
assertEquals("newPassword", SecurityContextHolder.getContext().getAuthentication().getCredentials()); Authentication newAuth = SecurityContextHolder.getContext().getAuthentication();
assertEquals("joe", newAuth.getName());
assertEquals(currentAuth.getDetails(), newAuth.getDetails());
assertEquals("newPassword", newAuth.getCredentials());
} }
@Test @Test
@ -160,10 +164,12 @@ public class JdbcUserDetailsManagerTests {
assertEquals("password", SecurityContextHolder.getContext().getAuthentication().getCredentials()); assertEquals("password", SecurityContextHolder.getContext().getAuthentication().getCredentials());
} }
private void authenticateJoe() { private Authentication authenticateJoe() {
UsernamePasswordAuthenticationToken auth = UsernamePasswordAuthenticationToken auth =
new UsernamePasswordAuthenticationToken("joe","password", joe.getAuthorities()); new UsernamePasswordAuthenticationToken("joe","password", joe.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth); SecurityContextHolder.getContext().setAuthentication(auth);
return auth;
} }
private void insertJoe() { private void insertJoe() {