Skip to content
/ time-transformer-examples Public

Example project showing how to use the TimeTransformer

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TOPdesk/time-transformer-examples

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
.github
.github
 
 
src
src
 
 
.gitignore
.gitignore
 
 
AUTHORS
AUTHORS
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Example usage of the TimeTransformer, a Java agent to manipulate the time returned by System.currentTimeMillis() and System.nanoTime().

Example application: AuthenticationWebServer

The example application is a little authentication webservice where you have to login before you are greeted by the application. The only implemented OWASP recommendation is a user lockout system to prevent brute force attacks on the password.

Disclaimer: this application is only intended to give a use case for time-dependent code. It is explicitly not an example of how to do authentication in a web application!

Running the application server manually

  • This example project currently requires JDK21 to run. The JDK8 version of this example is available under the java-8 tag.

  • Build the application server:

    mvn clean package

  • Start the application server.

    java -jar target/time-transformer-examples-1.0.0-SNAPSHOT.jar

  • Browse to http://localhost:8080/login

  • Login using username admin and password admin

Configuring the application:

  • -DwebserverPort=[PORT] runs the webserver on port [PORT]. Defaults to 8080.

  • -Dquite=true ensures the webserver does not print any logging to stdout.

  • -DtestingMode=true enables the http://localhost:8080/test/transformtime endpoint in the webserver. Requires the time-transformer-agent to be attached to the JVM as a javaagent:

    java -javaagent:/path/to/time-transformer-agent-2.0.0.jar -DtestingMode=true -jar target/time-transformer-examples-1.0.0-SNAPSHOT.jar

End-to-end test scenarios:

These scenarios are implemented using Selenium's HtmlUnitDriver and can be found in AuthenticationWebserverE2ECase.java

Correct login:

  • When the user browses to http://localhost:8080/login and logs in using username admin and password admin.
  • Then the message "Welcome admin" should be shown.

Incorrect login:

  • When the user browses to http://localhost:8080/login and logs in using username admin and password wrong.
  • Then the message "Login incorrect" should be shown.

Can't login with correct credentials when locked out

  • Given that the user is locked out by browsing to http://localhost:8080/login and logging in using username admin and password wrong three times.
  • When the user logs in using username admin and password admin.
  • Then the message "Login incorrect" should be shown.

Can login with correct credentials after lockout time passed

  • Given that the user is locked out by browsing to http://localhost:8080/login and logging in using username admin and password wrong three times.
  • When the user lockout time of five minutes has passed (Or at least the server believes so, using the TimeTransformer).
  • When the user logs in using username admin and password admin.
  • Then the message "Welcome admin" should be shown.

Contributing:

By adding your name to the AUTHORS file, you accept that your changes will become public under the license specified in the LICENSE file.

About

Example project showing how to use the TimeTransformer

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

5 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages