This commit is contained in:
Clebert Suconic 2018-06-18 15:02:40 -04:00
commit 92d866b49f
2 changed files with 41 additions and 2 deletions

View File

@ -84,7 +84,6 @@ public class LDAPLoginModule implements LoginModule {
private static final String SASL_LOGIN_CONFIG_SCOPE = "saslLoginConfigScope"; private static final String SASL_LOGIN_CONFIG_SCOPE = "saslLoginConfigScope";
private static final String AUTHENTICATE_USER = "authenticateUser"; private static final String AUTHENTICATE_USER = "authenticateUser";
private static final String REFERRAL = "referral"; private static final String REFERRAL = "referral";
private static final String MASK_PASSWORD = "maskPassword";
private static final String PASSWORD_CODEC = "passwordCodec"; private static final String PASSWORD_CODEC = "passwordCodec";
protected DirContext context; protected DirContext context;
@ -126,6 +125,9 @@ public class LDAPLoginModule implements LoginModule {
new LDAPLoginProperty(USER_ROLE_NAME, (String) options.get(USER_ROLE_NAME)), new LDAPLoginProperty(USER_ROLE_NAME, (String) options.get(USER_ROLE_NAME)),
new LDAPLoginProperty(EXPAND_ROLES, (String) options.get(EXPAND_ROLES)), new LDAPLoginProperty(EXPAND_ROLES, (String) options.get(EXPAND_ROLES)),
new LDAPLoginProperty(EXPAND_ROLES_MATCHING, (String) options.get(EXPAND_ROLES_MATCHING)), new LDAPLoginProperty(EXPAND_ROLES_MATCHING, (String) options.get(EXPAND_ROLES_MATCHING)),
new LDAPLoginProperty(PASSWORD_CODEC, (String) options.get(PASSWORD_CODEC)),
new LDAPLoginProperty(SASL_LOGIN_CONFIG_SCOPE, (String) options.get(SASL_LOGIN_CONFIG_SCOPE)),
new LDAPLoginProperty(AUTHENTICATE_USER, (String) options.get(AUTHENTICATE_USER)),
new LDAPLoginProperty(REFERRAL, (String) options.get(REFERRAL))}; new LDAPLoginProperty(REFERRAL, (String) options.get(REFERRAL))};
if (isLoginPropertySet(AUTHENTICATE_USER)) { if (isLoginPropertySet(AUTHENTICATE_USER)) {
@ -133,7 +135,7 @@ public class LDAPLoginModule implements LoginModule {
} }
isRoleAttributeSet = isLoginPropertySet(ROLE_NAME); isRoleAttributeSet = isLoginPropertySet(ROLE_NAME);
roleAttributeName = getLDAPPropertyValue(ROLE_NAME); roleAttributeName = getLDAPPropertyValue(ROLE_NAME);
codecClass = (String) options.get(PASSWORD_CODEC); codecClass = getLDAPPropertyValue(PASSWORD_CODEC);
} }
private String getPlainPassword(String password) { private String getPlainPassword(String password) {

View File

@ -31,12 +31,15 @@ import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException; import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule; import javax.security.auth.spi.LoginModule;
import java.io.IOException; import java.io.IOException;
import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
import java.util.HashMap; import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.Hashtable; import java.util.Hashtable;
import org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler; import org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler;
import org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule; import org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule;
import org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginProperty;
import org.apache.directory.server.annotations.CreateLdapServer; import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport; import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifFiles; import org.apache.directory.server.core.annotations.ApplyLdifFiles;
@ -162,4 +165,38 @@ public class LDAPLoginModuleTest extends AbstractLdapTestUnit {
// since login failed commit should return false as well // since login failed commit should return false as well
assertFalse(loginModule.commit()); assertFalse(loginModule.commit());
} }
@Test
public void testPropertyConfigMap() throws Exception {
LDAPLoginModule loginModule = new LDAPLoginModule();
JaasCallbackHandler callbackHandler = new JaasCallbackHandler(null, null, null);
Field configMap = null;
HashMap<String, Object> options = new HashMap<>();
for (Field field: loginModule.getClass().getDeclaredFields()) {
if (Modifier.isStatic(field.getModifiers()) && Modifier.isFinal(field.getModifiers()) && field.getType().isAssignableFrom(String.class)) {
field.setAccessible(true);
options.put((String)field.get(loginModule), "SET");
}
if (field.getName().equals("config")) {
field.setAccessible(true);
configMap = field;
}
}
loginModule.initialize(new Subject(), callbackHandler, null, options);
LDAPLoginProperty[] ldapProps = (LDAPLoginProperty[]) configMap.get(loginModule);
for (String key: options.keySet()) {
assertTrue("val set: " + key, presentInArray(ldapProps, key));
}
}
private boolean presentInArray(LDAPLoginProperty[] ldapProps, String propertyName) {
for (LDAPLoginProperty conf : ldapProps) {
if (conf.getPropertyName().equals(propertyName) && (conf.getPropertyValue() != null && !"".equals(conf.getPropertyValue())))
return true;
}
return false;
}
} }