View Javadoc
1   /*
2    * Copyright (c) 2002-2025, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.service.security;
35  
36  import javax.security.auth.login.FailedLoginException;
37  import javax.security.auth.login.LoginException;
38  
39  import org.springframework.mock.web.MockHttpServletRequest;
40  import org.springframework.test.util.ReflectionTestUtils;
41  
42  import fr.paris.lutece.test.LuteceTestCase;
43  
44  /**
45   * This class tests the class fr.paris.lutece.portal.service.SecurityService
46   */
47  public class SecurityServiceTest extends LuteceTestCase
48  {
49      /**
50       * Login User fail test
51       * 
52       * @throws LoginException
53       */
54      public void testLoginUserFail( )
55      {
56          MockHttpServletRequest request = new MockHttpServletRequest( );
57  
58          String strUserName = "";
59          String strPassword = "";
60  
61          try
62          {
63              SecurityService securityService = SecurityService.getInstance( );
64              MokeLuteceAuthenticationcation.html#MokeLuteceAuthentication">MokeLuteceAuthentication mockLuteceAuthentication = new MokeLuteceAuthentication( );
65              ReflectionTestUtils.setField( securityService, "_authenticationService", mockLuteceAuthentication );
66  
67              securityService.loginUser( request, strUserName, strPassword );
68  
69              // FailedLoginException should be thrown before this assertion
70              assertTrue( false );
71          }
72          catch( LoginException e )
73          {
74              assertEquals( e.getClass( ), FailedLoginException.class );
75          }
76          catch( NullPointerException e )
77          {
78              assertTrue( false );
79          }
80          catch( LoginRedirectException e )
81          {
82              assertTrue( false );
83          }
84      }
85  
86      /**
87       * Login User success test
88       *
89       * @throws LoginException
90       */
91      public void testLoginUserSuccess( ) throws LoginException
92      {
93          MockHttpServletRequest request = new MockHttpServletRequest( );
94          String strUserName = "admin";
95          String strPassword = "adminadmin";
96          String sessionId = request.getSession( true ).getId( );
97  
98          try
99          {
100             SecurityService securityService = SecurityService.getInstance( );
101             MokeLuteceAuthenticationcation.html#MokeLuteceAuthentication">MokeLuteceAuthentication mockLuteceAuthentication = new MokeLuteceAuthentication( );
102             ReflectionTestUtils.setField( securityService, "_authenticationService", mockLuteceAuthentication );
103 
104             securityService.loginUser( request, strUserName, strPassword );
105 
106             String newSessionId = request.getSession( true ).getId( );
107 
108             // session Id should not changed during authentication process
109             assertTrue( sessionId.contentEquals( newSessionId ) );
110         }
111         catch( Exception e )
112         {
113             assertTrue( false );
114         }
115     }
116 }