PlaintextPasswordEncoderTests xref


1   /* Copyright 2004 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.providers.encoding;
17  
18  import junit.framework.TestCase;
19  
20  
21  /***
22   * <p>
23   * TestCase for PlaintextPasswordEncoder.
24   * </p>
25   *
26   * @author colin sampaleanu
27   * @author Ben Alex
28   * @version $Id: PlaintextPasswordEncoderTests.java,v 1.2 2005/11/17 00:56:08 benalex Exp $
29   */
30  public class PlaintextPasswordEncoderTests extends TestCase {
31      //~ Methods ================================================================
32  
33      public void testBasicFunctionality() {
34          PlaintextPasswordEncoder pe = new PlaintextPasswordEncoder();
35  
36          String raw = "abc123";
37          String rawDiffCase = "AbC123";
38          String badRaw = "abc321";
39          String salt = "THIS_IS_A_SALT";
40  
41          String encoded = pe.encodePassword(raw, salt);
42          assertEquals("abc123{THIS_IS_A_SALT}", encoded);
43          assertTrue(pe.isPasswordValid(encoded, raw, salt));
44          assertFalse(pe.isPasswordValid(encoded, badRaw, salt));
45  
46          // make sure default is not to ignore password case
47          assertFalse(pe.isIgnorePasswordCase());
48          encoded = pe.encodePassword(rawDiffCase, salt);
49          assertFalse(pe.isPasswordValid(encoded, raw, salt));
50  
51          // now check for ignore password case
52          pe = new PlaintextPasswordEncoder();
53          pe.setIgnorePasswordCase(true);
54  
55          // should be able to validate even without encoding
56          encoded = pe.encodePassword(rawDiffCase, salt);
57          assertTrue(pe.isPasswordValid(encoded, raw, salt));
58          assertFalse(pe.isPasswordValid(encoded, badRaw, salt));
59      }
60  
61      public void testMergeDemerge() {
62          PlaintextPasswordEncoder pwd = new PlaintextPasswordEncoder();
63  
64          String merged = pwd.encodePassword("password", "foo");
65          String[] demerged = pwd.obtainPasswordAndSalt(merged);
66          assertEquals("password", demerged[0]);
67          assertEquals("foo", demerged[1]);
68      }
69  }