public void PasswordAttemptFailedTest()
{
User user = ClientMembershipService.GetUser("timm");
string passwordSalt = "1U3h6r/tQ+dGWhLm9Unyng==";
PasswordFormat passwordFormat = PasswordFormat.Hashed;
int failedPasswordAttemptCount = 0;
DateTime failedPasswordAttemptWindowStart = DateTime.MinValue;
int failedPasswordAnswerAttemptCount = 0;
DateTime failedPasswordAnswerAttemptWindowStart = DateTime.MinValue;
ClientMembershipUser target = new ClientMembershipUser(user,
passwordSalt, passwordFormat, failedPasswordAttemptCount,
failedPasswordAttemptWindowStart, failedPasswordAnswerAttemptCount,
failedPasswordAnswerAttemptWindowStart);
target.PasswordAttemptSucceeded();
target.PasswordAttemptFailed();
Assert.AreNotEqual(DateTime.MinValue, target.FailedPasswordAttemptWindowStart);
Assert.AreEqual(1, target.FailedPasswordAttemptCount);
Assert.AreEqual(false, target.IsLockedOut);
target.PasswordAttemptFailed();
target.PasswordAttemptFailed();
target.PasswordAttemptFailed();
target.PasswordAttemptFailed();
Assert.AreEqual(true, target.IsLockedOut);
Assert.AreNotEqual(DateTime.MinValue, target.LastLockoutDate);
}
private void ValidateUserWithPassword(ClientMembershipUser user,
string password, bool throwIfFails)
{
if (password != null)
{
password = password.Trim();
}
SecurityHelper.CheckParameter(password,
true, true, true,
this.Application.MaxPasswordAnswerSize,
"password");
string passwordFromPersistence =
this.GetPasswordFromPersistence(user);
try
{
if (!this.CheckPassword(password,
passwordFromPersistence,
user.PasswordFormat, user.PasswordSalt))
{
user.PasswordAttemptFailed();
if (throwIfFails)
{
throw new SecurityException
("The password supplied was not correct");
}
}
else
{
user.PasswordAttemptSucceeded();
}
}
finally
{
this.PersistUser(user);
}
}
