public MasterPasswordChangeValidator createPasswordChangeValidator() { return new MasterPasswordChangeValidator(getSecurityManager()); } }
/** * Checks the {@link MasterPasswordChangeRequest} object * * @param request * @throws MasterPasswordChangeException * @throws PasswordPolicyException */ public void validateChangeRequest(MasterPasswordChangeRequest request) throws MasterPasswordChangeException, PasswordPolicyException { checkCurrentPassword(request); checkConfirmationPassword(request); checkNewPassword(request); checkNewEqualsConfirmation(request.getNewPassword(), request.getConfirmPassword()); validatePasswordAgainstPolicy(request.getNewPassword()); checkNewEqualsCurrent(request.getNewPassword(), request.getCurrentPassword()); }
protected void checkNewPassword(MasterPasswordChangeRequest request) throws MasterPasswordChangeException { if (isNotEmpty(request.getNewPassword()) == false) { throw createSecurityException(MasterPasswordChangeException.NEW_PASSWORD_REQUIRED); } }
protected void validateAgainstPolicy(MasterPasswordChangeRequest r) throws Exception { try { validator.validateChangeRequest(r); fail(); } catch (PasswordPolicyException ex) { } }
req.setConfirmPassword(newPasswdConfirm); MasterPasswordChangeValidator val = new MasterPasswordChangeValidator(this); val.validateChangeRequest(req);
protected void checkNewEqualsConfirmation(char[] newPassword, char[] confirmationPassword) throws MasterPasswordChangeException { if (!Arrays.equals(newPassword, confirmationPassword)) { throw createSecurityException( MasterPasswordChangeException.PASSWORD_AND_CONFIRMATION_NOT_EQUAL); } }
protected void checkConfirmationPassword(MasterPasswordChangeRequest r) throws Exception { try { validator.validateChangeRequest(r); fail(); } catch (MasterPasswordChangeException ex) { assertSecurityException( ex, MasterPasswordChangeException.CONFIRMATION_PASSWORD_REQUIRED); } }
protected void checkNewEqualsCurrent(char[] newPassword, char[] currentPassword) throws MasterPasswordChangeException { if (Arrays.equals(newPassword, currentPassword)) { throw createSecurityException(MasterPasswordChangeException.NEW_EQUALS_CURRENT); } }
protected void checkConfirmationEqualsNewPassword(MasterPasswordChangeRequest r) throws Exception { boolean fail = false; try { validator.validateChangeRequest(r); } catch (MasterPasswordChangeException ex) { fail = true; assertSecurityException( ex, MasterPasswordChangeException.PASSWORD_AND_CONFIRMATION_NOT_EQUAL); } assertTrue(fail); }
protected void checkConfirmationPassword(MasterPasswordChangeRequest request) throws MasterPasswordChangeException { if (isNotEmpty(request.getConfirmPassword()) == false) { throw createSecurityException( MasterPasswordChangeException.CONFIRMATION_PASSWORD_REQUIRED); } }
@Before public void setValidator() { validator = new MasterPasswordChangeValidator(getSecurityManager()); }
protected void checkNewPassword(MasterPasswordChangeRequest r) throws Exception { boolean fail = false; try { validator.validateChangeRequest(r); } catch (MasterPasswordChangeException ex) { fail = true; assertSecurityException(ex, MasterPasswordChangeException.NEW_PASSWORD_REQUIRED); } assertTrue(fail); }
protected void checkCurrentPassword(MasterPasswordChangeRequest request) throws MasterPasswordChangeException { if (isNotEmpty(request.getCurrentPassword()) == false) { throw createSecurityException(MasterPasswordChangeException.CURRENT_PASSWORD_REQUIRED); } try { if (!manager.getKeyStoreProvider().isKeyStorePassword(request.getCurrentPassword())) { throw createSecurityException(MasterPasswordChangeException.CURRENT_PASSWORD_ERROR); } } catch (IOException ex) { throw new RuntimeException(ex); } }
protected void checkCurrentEqualsNewPassword(MasterPasswordChangeRequest r) throws Exception { try { validator.validateChangeRequest(r); fail(); } catch (MasterPasswordChangeException ex) { assertSecurityException(ex, MasterPasswordChangeException.NEW_EQUALS_CURRENT); } }
protected void checkCurrentPassword(MasterPasswordChangeRequest r) throws Exception { try { validator.validateChangeRequest(r); fail(); } catch (MasterPasswordChangeException ex) { assertSecurityException(ex, MasterPasswordChangeException.CURRENT_PASSWORD_REQUIRED); } r.setCurrentPassword("blabalb".toCharArray()); try { validator.validateChangeRequest(r); fail(); } catch (MasterPasswordChangeException ex) { assertSecurityException(ex, MasterPasswordChangeException.CURRENT_PASSWORD_ERROR); } }
@Test public void testValidator() throws Exception { // test spring MasterPasswordChangeRequest r = new MasterPasswordChangeRequest(); checkCurrentPassword(r); r.setCurrentPassword("geoserver".toCharArray()); // r.setCurrentPassword(getMasterPassword().toCharArray()); checkConfirmationPassword(r); r.setConfirmPassword("abc".toCharArray()); checkNewPassword(r); r.setNewPassword("def".toCharArray()); checkConfirmationEqualsNewPassword(r); r.setNewPassword("abc".toCharArray()); validateAgainstPolicy(r); r.setConfirmPassword(r.getCurrentPassword()); r.setNewPassword(r.getCurrentPassword()); checkCurrentEqualsNewPassword(r); r.setConfirmPassword((new String(r.getCurrentPassword()) + "1").toCharArray()); r.setNewPassword((new String(r.getCurrentPassword()) + "1").toCharArray()); validator.validateChangeRequest(r); }