/** * Checks the {@link MasterPasswordChangeRequest} object * * @param request * @throws MasterPasswordChangeException * @throws PasswordPolicyException */ public void validateChangeRequest(MasterPasswordChangeRequest request) throws MasterPasswordChangeException, PasswordPolicyException { checkCurrentPassword(request); checkConfirmationPassword(request); checkNewPassword(request); checkNewEqualsConfirmation(request.getNewPassword(), request.getConfirmPassword()); validatePasswordAgainstPolicy(request.getNewPassword()); checkNewEqualsCurrent(request.getNewPassword(), request.getCurrentPassword()); }
MasterPasswordChangeRequest req = new MasterPasswordChangeRequest(); req.setCurrentPassword(currPasswd); req.setNewPassword(newPasswd); req.setConfirmPassword(newPasswdConfirm);
protected void checkCurrentPassword(MasterPasswordChangeRequest request) throws MasterPasswordChangeException { if (isNotEmpty(request.getCurrentPassword()) == false) { throw createSecurityException(MasterPasswordChangeException.CURRENT_PASSWORD_REQUIRED); } try { if (!manager.getKeyStoreProvider().isKeyStorePassword(request.getCurrentPassword())) { throw createSecurityException(MasterPasswordChangeException.CURRENT_PASSWORD_ERROR); } } catch (IOException ex) { throw new RuntimeException(ex); } }
protected void checkCurrentPassword(MasterPasswordChangeRequest r) throws Exception { try { validator.validateChangeRequest(r); fail(); } catch (MasterPasswordChangeException ex) { assertSecurityException(ex, MasterPasswordChangeException.CURRENT_PASSWORD_REQUIRED); } r.setCurrentPassword("blabalb".toCharArray()); try { validator.validateChangeRequest(r); fail(); } catch (MasterPasswordChangeException ex) { assertSecurityException(ex, MasterPasswordChangeException.CURRENT_PASSWORD_ERROR); } }
protected void checkNewPassword(MasterPasswordChangeRequest request) throws MasterPasswordChangeException { if (isNotEmpty(request.getNewPassword()) == false) { throw createSecurityException(MasterPasswordChangeException.NEW_PASSWORD_REQUIRED); } }
protected void checkConfirmationPassword(MasterPasswordChangeRequest request) throws MasterPasswordChangeException { if (isNotEmpty(request.getConfirmPassword()) == false) { throw createSecurityException( MasterPasswordChangeException.CONFIRMATION_PASSWORD_REQUIRED); } }
@Test public void testValidator() throws Exception { // test spring MasterPasswordChangeRequest r = new MasterPasswordChangeRequest(); checkCurrentPassword(r); r.setCurrentPassword("geoserver".toCharArray()); // r.setCurrentPassword(getMasterPassword().toCharArray()); checkConfirmationPassword(r); r.setConfirmPassword("abc".toCharArray()); checkNewPassword(r); r.setNewPassword("def".toCharArray()); checkConfirmationEqualsNewPassword(r); r.setNewPassword("abc".toCharArray()); validateAgainstPolicy(r); r.setConfirmPassword(r.getCurrentPassword()); r.setNewPassword(r.getCurrentPassword()); checkCurrentEqualsNewPassword(r); r.setConfirmPassword((new String(r.getCurrentPassword()) + "1").toCharArray()); r.setNewPassword((new String(r.getCurrentPassword()) + "1").toCharArray()); validator.validateChangeRequest(r); }