I would check if the result is not null and then call the method several times and compare the results to show that each call returns a different value.
But remember: this does not say anything about the quality of randomness of your results!
@Test public void testGenerateSaltString() { String salt1 = YourClass.generateSaltString(); String salt2 = YourClass.generateSaltString(); String salt3 = YourClass.generateSaltString(); String salt4 = YourClass.generateSaltString(); assertNotNull(salt1); assertNotNull(salt2); assertNotNull(salt3); assertNotNull(salt4); assertNotEqual(salt1, salt2); assertNotEqual(salt1, salt3); assertNotEqual(salt1, salt4); assertNotEqual(salt2, salt3); assertNotEqual(salt2, salt4); assertNotEqual(salt3, salt4); }
Given GaborSch's comments, I thought of a somewhat fuzzy test implementation, as this is possible - albeit unlikely - two function calls will generate the same salt:
@Test public void testGenerateSaltString() { String salt1; String salt2; int differenceCount = 0; for(int i = 0; i < 1000; i++ ) { String salt1 = YourClass.generateSaltString(); String salt2 = YourClass.generateSaltString(); // null is still inacceptable assertNotNull(salt1); assertNotNull(salt2); if(!salt1.equalsIgnoreCase(salt2)) { differenceCount++; } } // check if at least at 95% of all tries resultet in different strings // change this value according to your needs assertTrue(differenceCount >= 950); }