Changes in 5fdf9c3: bug fixes for user creation fail2ban impl and test fail2ban didn't extend the lock when a lock already existed on said IP. this was remedied. the test failed because selenium was looking for a component using the driver, so from the head of the tree, instead of from the webelement, which was at a specific lower point in the element tree and thus is unaffected by selenium IDs being similar. the findElement is now done from a method on the webelement.

				java/com.sap.sailing.selenium.test/src/com/sap/sailing/selenium/pages/adminconsole/advanced/IpBlocklistPanelPO.java
			
          @@ -10,8 +10,8 @@ import com.sap.sailing.selenium.pages.gwt.CellTablePO;

           import com.sap.sailing.selenium.pages.gwt.DataEntryPO;

           public class IpBlocklistPanelPO extends PageArea {

          -    static class TablePO extends CellTablePO<IPLockEntry> {

          -        public TablePO(WebDriver driver, WebElement element) {

          +    static class IPBlocklistTablePO extends CellTablePO<IPLockEntry> {

          +        public IPBlocklistTablePO(WebDriver driver, WebElement element) {

                       super(driver, element);

                   }

          @@ -46,8 +46,8 @@ public class IpBlocklistPanelPO extends PageArea {

               public IpBlocklistPanelPO(WebDriver driver, WebElement element) {

                   super(driver, element);

          -        final WebElement cellTableWebElement = driver.findElement(new BySeleniumId("cellTable"));

          -        this.cellTable = new TablePO(driver, cellTableWebElement);

          +        final WebElement cellTableWebElement = this.findElementBySeleniumId("cellTable");

          +        this.cellTable = new IPBlocklistTablePO(driver, cellTableWebElement);

               }

               @FindBy(how = BySeleniumId.class, using = "refreshButton")

          @@ -56,16 +56,13 @@ public class IpBlocklistPanelPO extends PageArea {

               @FindBy(how = BySeleniumId.class, using = "unlockButton")

               private WebElement unlockButton;

          -    private final TablePO cellTable;

          +    private final IPBlocklistTablePO cellTable;

               public void refresh() {

                   refreshButton.click();

               }

          -    /**

          -     * @return true if IP was found, false if not found

          -     */

          -    public boolean expectIpInTable(final String ip) {

          +    public boolean isIpInTable(final String ip) {

                   final IPLockEntry entry = cellTable.getEntry(ip);

                   final boolean wasFound = entry != null;

                   return wasFound;

				java/com.sap.sailing.selenium.test/src/com/sap/sailing/selenium/test/adminconsole/TestIpLocking.java
			
          @@ -32,9 +32,9 @@ public class TestIpLocking extends AbstractSeleniumTest {

                   attemptBearerTokenAbuse(5);

                   tablePO.refresh();

                   final String ip = "127.0.0.1";

          -        assertTrue(tablePO.expectIpInTable(ip));

          +        assertTrue(tablePO.isIpInTable(ip));

                   tablePO.unblockIP(ip);

          -        assertFalse(tablePO.expectIpInTable(ip));

          +        assertFalse(tablePO.isIpInTable(ip));

                   attemptValidBearerTokenUse();

               }

          @@ -74,21 +74,21 @@ public class TestIpLocking extends AbstractSeleniumTest {

               public void testUnlockingForUserCreationAbuser() throws InterruptedException {

                   final AdminConsolePage adminConsole = AdminConsolePage.goToPage(getWebDriver(), getContextRoot());

                   final IpBlocklistPanelPO tablePO = adminConsole.goToLocalServerPanel().getUserCreationAbusePO();

          -        attemptUserCreationAbuse(5);

          +        spamUserCreation(4);

                   tablePO.refresh();

                   final String ip = "127.0.0.1";

          -        assertTrue(tablePO.expectIpInTable(ip));

          +        assertTrue(tablePO.isIpInTable(ip));

                   tablePO.unblockIP(ip);

          -        assertFalse(tablePO.expectIpInTable(ip));

          +        assertFalse(tablePO.isIpInTable(ip));

                   attemptValidBearerTokenUse();

               }

          -    private void attemptUserCreationAbuse(final int attempts) throws InterruptedException {

          +    private void spamUserCreation(final int attempts) throws InterruptedException {

                   for (int i = 0; i < attempts; i++) {

                       attemptUserCreation(String.valueOf(i));

                       // wait for lock to expire

          -            long lockDuration = (long) Math.pow(2, i) * 1000;

          -            boolean isFinalAttempt = i == (attempts - 1);

          +            final long lockDuration = (long) Math.pow(2, i) * 1000;

          +            final boolean isFinalAttempt = i == (attempts - 1);

                       if (!isFinalAttempt) {

                           Thread.sleep(lockDuration);

                       }

				java/com.sap.sse.security/src/com/sap/sse/security/impl/SecurityServiceImpl.java
			
          @@ -1186,6 +1186,7 @@ implements ReplicableSecurityService, ClearStateTestSupport {

                       if (timedLock == null || !timedLock.isLocked()) {

                           apply(s->s.internalRecordUserCreationFromClientIP(clientIP));

                       } else {

          +                timedLock.extendLockDuration();

                           throw new UserManagementException("Client IP "+clientIP+" locked for user creation: "+timedLock);

                       }

                   }

...	...	@@ -10,8 +10,8 @@ import com.sap.sailing.selenium.pages.gwt.CellTablePO;
10	10	import com.sap.sailing.selenium.pages.gwt.DataEntryPO;
11	11
12	12	public class IpBlocklistPanelPO extends PageArea {
13		- static class TablePO extends CellTablePO<IPLockEntry> {
14		- public TablePO(WebDriver driver, WebElement element) {
	13	+ static class IPBlocklistTablePO extends CellTablePO<IPLockEntry> {
	14	+ public IPBlocklistTablePO(WebDriver driver, WebElement element) {
15	15	super(driver, element);
16	16	}
17	17
...	...	@@ -46,8 +46,8 @@ public class IpBlocklistPanelPO extends PageArea {
46	46
47	47	public IpBlocklistPanelPO(WebDriver driver, WebElement element) {
48	48	super(driver, element);
49		- final WebElement cellTableWebElement = driver.findElement(new BySeleniumId("cellTable"));
50		- this.cellTable = new TablePO(driver, cellTableWebElement);
	49	+ final WebElement cellTableWebElement = this.findElementBySeleniumId("cellTable");
	50	+ this.cellTable = new IPBlocklistTablePO(driver, cellTableWebElement);
51	51	}
52	52
53	53	@FindBy(how = BySeleniumId.class, using = "refreshButton")
...	...	@@ -56,16 +56,13 @@ public class IpBlocklistPanelPO extends PageArea {
56	56	@FindBy(how = BySeleniumId.class, using = "unlockButton")
57	57	private WebElement unlockButton;
58	58
59		- private final TablePO cellTable;
	59	+ private final IPBlocklistTablePO cellTable;
60	60
61	61	public void refresh() {
62	62	refreshButton.click();
63	63	}
64	64
65		- /**
66		- * @return true if IP was found, false if not found
67		- */
68		- public boolean expectIpInTable(final String ip) {
	65	+ public boolean isIpInTable(final String ip) {
69	66	final IPLockEntry entry = cellTable.getEntry(ip);
70	67	final boolean wasFound = entry != null;
71	68	return wasFound;

...	...	@@ -32,9 +32,9 @@ public class TestIpLocking extends AbstractSeleniumTest {
32	32	attemptBearerTokenAbuse(5);
33	33	tablePO.refresh();
34	34	final String ip = "127.0.0.1";
35		- assertTrue(tablePO.expectIpInTable(ip));
	35	+ assertTrue(tablePO.isIpInTable(ip));
36	36	tablePO.unblockIP(ip);
37		- assertFalse(tablePO.expectIpInTable(ip));
	37	+ assertFalse(tablePO.isIpInTable(ip));
38	38	attemptValidBearerTokenUse();
39	39	}
40	40
...	...	@@ -74,21 +74,21 @@ public class TestIpLocking extends AbstractSeleniumTest {
74	74	public void testUnlockingForUserCreationAbuser() throws InterruptedException {
75	75	final AdminConsolePage adminConsole = AdminConsolePage.goToPage(getWebDriver(), getContextRoot());
76	76	final IpBlocklistPanelPO tablePO = adminConsole.goToLocalServerPanel().getUserCreationAbusePO();
77		- attemptUserCreationAbuse(5);
	77	+ spamUserCreation(4);
78	78	tablePO.refresh();
79	79	final String ip = "127.0.0.1";
80		- assertTrue(tablePO.expectIpInTable(ip));
	80	+ assertTrue(tablePO.isIpInTable(ip));
81	81	tablePO.unblockIP(ip);
82		- assertFalse(tablePO.expectIpInTable(ip));
	82	+ assertFalse(tablePO.isIpInTable(ip));
83	83	attemptValidBearerTokenUse();
84	84	}
85	85
86		- private void attemptUserCreationAbuse(final int attempts) throws InterruptedException {
	86	+ private void spamUserCreation(final int attempts) throws InterruptedException {
87	87	for (int i = 0; i < attempts; i++) {
88	88	attemptUserCreation(String.valueOf(i));
89	89	// wait for lock to expire
90		- long lockDuration = (long) Math.pow(2, i) * 1000;
91		- boolean isFinalAttempt = i == (attempts - 1);
	90	+ final long lockDuration = (long) Math.pow(2, i) * 1000;
	91	+ final boolean isFinalAttempt = i == (attempts - 1);
92	92	if (!isFinalAttempt) {
93	93	Thread.sleep(lockDuration);
94	94	}

...	...	@@ -1186,6 +1186,7 @@ implements ReplicableSecurityService, ClearStateTestSupport {
1186	1186	if (timedLock == null \|\| !timedLock.isLocked()) {
1187	1187	apply(s->s.internalRecordUserCreationFromClientIP(clientIP));
1188	1188	} else {
	1189	+ timedLock.extendLockDuration();
1189	1190	throw new UserManagementException("Client IP "+clientIP+" locked for user creation: "+timedLock);
1190	1191	}
1191	1192	}