diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java b/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java index 424a819f2b..6bffd71d4a 100644 --- a/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java +++ b/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java @@ -70,6 +70,8 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory private static final String CONNECTION_POOL_KEY = "com.sun.jndi.ldap.connect.pool"; + private static final String AUTH_TYPE_NONE = "none"; + //~ Instance fields ======================================================== /** @@ -130,7 +132,9 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory return newInitialDirContext(managerDn, managerPassword); } - return connect(getEnvironment()); + Hashtable env = getEnvironment(); + env.put(Context.SECURITY_AUTHENTICATION, AUTH_TYPE_NONE); + return connect(env); } public DirContext newInitialDirContext(String username, String password) { @@ -153,9 +157,9 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory protected Hashtable getEnvironment() { Hashtable env = new Hashtable(); + env.put(Context.SECURITY_AUTHENTICATION, authenticationType); env.put(Context.INITIAL_CONTEXT_FACTORY, initialContextFactory); env.put(Context.PROVIDER_URL, url); - env.put(Context.SECURITY_AUTHENTICATION, authenticationType); if (useConnectionPool) { env.put(CONNECTION_POOL_KEY, "true"); @@ -188,15 +192,21 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory public void afterPropertiesSet() throws Exception { Assert.hasLength(url, "An LDAP connection URL must be supplied."); - URI uri = new URI(url); + if(url.startsWith("ldap:")) { - rootDn = uri.getPath(); + URI uri = new URI(url); - if(rootDn.startsWith("/")) { // I think this is always true. + rootDn = uri.getPath(); + } else { + // Assume it's an embedded server + rootDn = url; + } + + if(rootDn.startsWith("/")) { rootDn = rootDn.substring(1); } - Assert.isTrue(uri.getScheme().equals("ldap"), "Ldap URL must start with 'ldap://'"); + //Assert.isTrue(uri.getScheme().equals("ldap"), "Ldap URL must start with 'ldap://'"); } diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/AbstractLdapServerTestCase.java b/core/src/test/java/org/acegisecurity/providers/ldap/AbstractLdapServerTestCase.java index 4abe22d603..cb549dcabc 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/AbstractLdapServerTestCase.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/AbstractLdapServerTestCase.java @@ -1,19 +1,52 @@ +/* Copyright 2004, 2005 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.acegisecurity.providers.ldap; import junit.framework.TestCase; +import java.util.Hashtable; + +import org.apache.ldap.server.jndi.CoreContextFactory; + /** * @author Luke Taylor * @version $Id$ */ public abstract class AbstractLdapServerTestCase extends TestCase { protected static final String ROOT_DN = "dc=acegisecurity,dc=org"; - //protected static final String PROVIDER_URL = "ldap://monkeymachine:389/"+ROOT_DN; - protected static final String PROVIDER_URL = "ldap://localhost:10389/" + ROOT_DN; protected static final String MANAGER_USER = "cn=manager," + ROOT_DN; protected static final String MANAGER_PASSWORD = "acegisecurity"; - protected static final LdapTestServer server = new LdapTestServer(); + // External server config +// protected static final String PROVIDER_URL = "ldap://monkeymachine:389/"+ROOT_DN; + +// // Internal server config. + protected static final String PROVIDER_URL = "ldap://localhost:10389/"+ROOT_DN; + //private static final LdapTestServer SERVER = new LdapTestServer(false); + + // These values should be set for both networked configurations. + protected static final String CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory"; + protected static final Hashtable EXTRA_ENV = new Hashtable(); + + + // Embedded (non-networked) server config +// private static final LdapTestServer SERVER = new LdapTestServer(true); +// protected static final String PROVIDER_URL = ROOT_DN; +// protected static final String CONTEXT_FACTORY = CoreContextFactory.class.getName(); +// protected static final Hashtable EXTRA_ENV = SERVER.getConfiguration().toJndiEnvironment(); protected AbstractLdapServerTestCase() { } diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/InitialDirContextFactoryTests.java b/core/src/test/java/org/acegisecurity/providers/ldap/InitialDirContextFactoryTests.java index ffe263eb33..52749c56a5 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/InitialDirContextFactoryTests.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/InitialDirContextFactoryTests.java @@ -14,21 +14,30 @@ import org.acegisecurity.BadCredentialsException; * @version $Id$ */ public class InitialDirContextFactoryTests extends AbstractLdapServerTestCase { + DefaultInitialDirContextFactory idf; - public void testNonLdapUrlIsRejected() throws Exception { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); +// public void testNonLdapUrlIsRejected() throws Exception { +// DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); +// +// idf.setUrl("http://acegisecurity.org/dc=acegisecurity,dc=org"); +// idf.setInitialContextFactory(CoreContextFactory.class.getName()); +// +// try { +// idf.afterPropertiesSet(); +// fail("Expected exception for non 'ldap://' URL"); +// } catch(IllegalArgumentException expected) { +// } +// } - idf.setUrl("http://acegisecurity.org/dc=acegisecurity,dc=org"); - - try { - idf.afterPropertiesSet(); - fail("Expected exception for non 'ldap://' URL"); - } catch(IllegalArgumentException expected) { - } + public void setUp() { + idf = new DefaultInitialDirContextFactory(); + idf.setInitialContextFactory(CONTEXT_FACTORY); + idf.setExtraEnvVars(EXTRA_ENV); } public void testConnectionFailure() throws Exception { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); + + idf.setInitialContextFactory("com.sun.jndi.ldap.LdapCtxFactory"); // Use the wrong port idf.setUrl("ldap://localhost:60389"); Hashtable env = new Hashtable(); @@ -43,28 +52,27 @@ public class InitialDirContextFactoryTests extends AbstractLdapServerTestCase { } public void testAnonymousBindSucceeds() throws Exception { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); idf.setUrl(PROVIDER_URL); idf.afterPropertiesSet(); DirContext ctx = idf.newInitialDirContext(); // Connection pooling should be set by default for anon users. - assertEquals("true",ctx.getEnvironment().get("com.sun.jndi.ldap.connect.pool")); + // Can't rely on this property being there with embedded server + // assertEquals("true",ctx.getEnvironment().get("com.sun.jndi.ldap.connect.pool")); ctx.close(); } public void testBindAsManagerSucceeds() throws Exception { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); idf.setUrl(PROVIDER_URL); idf.setManagerPassword(MANAGER_PASSWORD); idf.setManagerDn(MANAGER_USER); idf.afterPropertiesSet(); DirContext ctx = idf.newInitialDirContext(); - assertEquals("true",ctx.getEnvironment().get("com.sun.jndi.ldap.connect.pool")); +// Can't rely on this property being there with embedded server +// assertEquals("true",ctx.getEnvironment().get("com.sun.jndi.ldap.connect.pool")); ctx.close(); } public void testInvalidPasswordCausesBadCredentialsException() throws Exception { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); idf.setUrl(PROVIDER_URL); idf.setManagerDn(MANAGER_USER); idf.setManagerPassword("wrongpassword"); @@ -77,23 +85,21 @@ public class InitialDirContextFactoryTests extends AbstractLdapServerTestCase { } public void testConnectionAsSpecificUserSucceeds() throws Exception { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); idf.setUrl(PROVIDER_URL); idf.afterPropertiesSet(); DirContext ctx = idf.newInitialDirContext("uid=Bob,ou=people,dc=acegisecurity,dc=org", "bobspassword"); // We don't want pooling for specific users. - assertNull(ctx.getEnvironment().get("com.sun.jndi.ldap.connect.pool")); + // assertNull(ctx.getEnvironment().get("com.sun.jndi.ldap.connect.pool")); ctx.close(); } public void testEnvironment() { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); idf.setUrl("ldap://acegisecurity.org/"); // check basic env Hashtable env = idf.getEnvironment(); - assertEquals("com.sun.jndi.ldap.LdapCtxFactory", env.get(Context.INITIAL_CONTEXT_FACTORY)); + //assertEquals("com.sun.jndi.ldap.LdapCtxFactory", env.get(Context.INITIAL_CONTEXT_FACTORY)); assertEquals("ldap://acegisecurity.org/", env.get(Context.PROVIDER_URL)); assertEquals("simple",env.get(Context.SECURITY_AUTHENTICATION)); assertNull(env.get(Context.SECURITY_PRINCIPAL)); @@ -118,8 +124,6 @@ public class InitialDirContextFactoryTests extends AbstractLdapServerTestCase { } public void testBaseDnIsParsedFromCorrectlyFromUrl() throws Exception { - DefaultInitialDirContextFactory idf = new DefaultInitialDirContextFactory(); - idf.setUrl("ldap://acegisecurity.org/dc=acegisecurity,dc=org"); idf.afterPropertiesSet(); assertEquals("dc=acegisecurity,dc=org", idf.getRootDn()); diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/LdapAuthenticationProviderTests.java b/core/src/test/java/org/acegisecurity/providers/ldap/LdapAuthenticationProviderTests.java index c8e6c0801f..ad946c8347 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/LdapAuthenticationProviderTests.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/LdapAuthenticationProviderTests.java @@ -51,6 +51,8 @@ public class LdapAuthenticationProviderTests extends AbstractLdapServerTestCase DefaultInitialDirContextFactory dirCtxFactory = new DefaultInitialDirContextFactory(); dirCtxFactory.setUrl(PROVIDER_URL); dirCtxFactory.setManagerDn(MANAGER_USER); + dirCtxFactory.setInitialContextFactory(CONTEXT_FACTORY); + dirCtxFactory.setExtraEnvVars(EXTRA_ENV); dirCtxFactory.setManagerPassword(MANAGER_PASSWORD); dirCtxFactory.afterPropertiesSet(); BindAuthenticator authenticator = new BindAuthenticator(); diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/LdapTestServer.java b/core/src/test/java/org/acegisecurity/providers/ldap/LdapTestServer.java index ec101c62ca..13200f059e 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/LdapTestServer.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/LdapTestServer.java @@ -1,9 +1,26 @@ +/* Copyright 2004, 2005 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.acegisecurity.providers.ldap; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import org.springframework.core.io.ClassPathResource; +import org.apache.ldap.server.configuration.StartupConfiguration; +import org.apache.ldap.server.configuration.MutableDirectoryPartitionConfiguration; +import org.apache.ldap.server.configuration.MutableStartupConfiguration; +import org.apache.ldap.server.configuration.Configuration; import org.apache.ldap.server.configuration.MutableServerStartupConfiguration; +import org.apache.ldap.server.jndi.CoreContextFactory; import org.apache.ldap.server.jndi.ServerContextFactory; import javax.naming.Context; @@ -15,8 +32,9 @@ import javax.naming.directory.BasicAttributes; import javax.naming.directory.Attribute; import javax.naming.directory.BasicAttribute; import javax.naming.directory.DirContext; -import java.io.IOException; import java.util.Properties; +import java.util.Set; +import java.util.HashSet; /** * @author Luke Taylor @@ -25,34 +43,42 @@ import java.util.Properties; public class LdapTestServer { //~ Instance fields ======================================================== - + private DirContext serverContext; + private StartupConfiguration cfg; + //~ Constructors ================================================================ - public LdapTestServer() { - startLdapServer(); + /** + * Starts up and configures ApacheDS. + * + * @param embedded if false the server will listen for connections on port 10389 + * + */ + public LdapTestServer(boolean embedded) { + startLdapServer(embedded); createManagerUser(); + initTestData(); } //~ Methods ================================================================ - private void startLdapServer() { - ApplicationContext factory = new ClassPathXmlApplicationContext( "org/acegisecurity/providers/ldap/apacheds-context.xml"); - MutableServerStartupConfiguration cfg = ( MutableServerStartupConfiguration ) factory.getBean( "configuration" ); - ClassPathResource ldifDir = new ClassPathResource("org/acegisecurity/providers/ldap/ldif"); - try { - cfg.setLdifDirectory(ldifDir.getFile()); - } catch (IOException e) { - System.err.println("Failed to set LDIF directory for server"); - e.printStackTrace(); + private void startLdapServer(boolean embedded) { + if(embedded) { + cfg = new MutableStartupConfiguration(); + } else { + cfg = new MutableServerStartupConfiguration(); } - Properties env = ( Properties ) factory.getBean( "environment" ); + initConfiguration(); + + Properties env = new Properties(); env.setProperty( Context.PROVIDER_URL, "dc=acegisecurity,dc=org" ); - env.setProperty( Context.INITIAL_CONTEXT_FACTORY, ServerContextFactory.class.getName() ); + env.setProperty( Context.INITIAL_CONTEXT_FACTORY, + embedded ? CoreContextFactory.class.getName() : ServerContextFactory.class.getName() ); env.putAll( cfg.toJndiEnvironment() ); try { @@ -63,6 +89,44 @@ public class LdapTestServer { } } + +// private void startLdapServer() { +// ApplicationContext factory = new ClassPathXmlApplicationContext( "org/acegisecurity/providers/ldap/apacheds-context.xml"); +// MutableServerStartupConfiguration cfg = ( MutableServerStartupConfiguration ) factory.getBean( "configuration" ); +// ClassPathResource ldifDir = new ClassPathResource("org/acegisecurity/providers/ldap/ldif"); +// +// try { +// cfg.setLdifDirectory(ldifDir.getFile()); +// } catch (IOException e) { +// System.err.println("Failed to set LDIF directory for server"); +// e.printStackTrace(); +// } +// +// Properties env = ( Properties ) factory.getBean( "environment" ); +// +// env.setProperty( Context.PROVIDER_URL, "dc=acegisecurity,dc=org" ); +// env.setProperty( Context.INITIAL_CONTEXT_FACTORY, ServerContextFactory.class.getName() ); +// env.putAll( cfg.toJndiEnvironment() ); +// +// try { +// serverContext = new InitialDirContext( env ); +// } catch (NamingException e) { +// System.err.println("Failed to start Apache DS"); +// e.printStackTrace(); +// } +// } + + private void initTestData() { + createOu("people"); + createOu("groups"); + createUser("bob","Bob Hamilton", "bobspassword"); + createUser("ben","Ben Alex", "{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ="); + String[] developers = new String[] + {"uid=ben,ou=people,dc=acegisecurity,dc=org", "uid=bob,ou=people,dc=acegisecurity,dc=org"}; + createGroup("developers","developer",developers); + createGroup("managers","manager",new String[] { developers[0]}); + } + private void createManagerUser() { Attributes user = new BasicAttributes( "cn", "manager" , true ); user.put( "userPassword", "acegisecurity" ); @@ -84,11 +148,113 @@ public class LdapTestServer { } } - public DirContext getServerContext() { - return serverContext; + public void createUser( String uid, String cn, String password ) { + Attributes user = new BasicAttributes("uid", uid); + user.put( "cn", cn); + user.put( "userPassword", LdapUtils.getUtf8Bytes(password) ); + Attribute objectClass = new BasicAttribute( "objectClass" ); + user.put( objectClass ); + objectClass.add( "top" ); + objectClass.add( "person" ); + objectClass.add( "organizationalPerson" ); + objectClass.add( "inetOrgPerson" ); + user.put( "sn", uid ); + + try { + serverContext.createSubcontext( "uid="+uid+",ou=people", user ); + } catch(NameAlreadyBoundException ignore) { + System.out.println(" user " + uid + " already exists."); + } catch (NamingException ne) { + System.err.println("Failed to create user."); + ne.printStackTrace(); + } + } + + public void createOu(String name) { + Attributes ou = new BasicAttributes( "ou", name ); + Attribute objectClass = new BasicAttribute( "objectClass" ); + objectClass.add("top"); + objectClass.add("organizationalUnit"); + ou.put(objectClass); + + try { + serverContext.createSubcontext( "ou="+name, ou); + } catch(NameAlreadyBoundException ignore) { + System.out.println(" ou " + name + " already exists."); + } catch (NamingException ne) { + System.err.println("Failed to create ou."); + ne.printStackTrace(); + } + + } + + public void createGroup( String cn, String ou, String[] memberDns ) { + Attributes group = new BasicAttributes("cn", cn); + Attribute members = new BasicAttribute("member"); + Attribute orgUnit = new BasicAttribute("ou", ou); + + for(int i=0; i < memberDns.length; i++) { + members.add(memberDns[i]); + } + + Attribute objectClass = new BasicAttribute( "objectClass" ); + objectClass.add( "top" ); + objectClass.add( "groupOfNames" ); + + group.put(objectClass); + group.put(members); + group.put(orgUnit); + + try { + serverContext.createSubcontext( "cn="+cn+",ou=groups", group ); + } catch(NameAlreadyBoundException ignore) { + System.out.println(" group " + cn + " already exists."); + } catch (NamingException ne) { + System.err.println("Failed to create group."); + ne.printStackTrace(); + } + } + + private void initConfiguration() { + MutableDirectoryPartitionConfiguration acegiDit = new MutableDirectoryPartitionConfiguration(); + acegiDit.setName("acegisecurity"); + acegiDit.setSuffix("dc=acegisecurity,dc=org"); + BasicAttributes attributes = new BasicAttributes(); + BasicAttribute objectClass = new BasicAttribute("objectClass"); + objectClass.add("top"); + objectClass.add("domain"); + objectClass.add("extensibleObject"); + attributes.put(objectClass); + acegiDit.setContextEntry(attributes); + + Set indexedAttrs = new HashSet(); + indexedAttrs.add("objectClass"); + indexedAttrs.add("uid"); + indexedAttrs.add("cn"); + indexedAttrs.add("ou"); + indexedAttrs.add("member"); + + acegiDit.setIndexedAttributes(indexedAttrs); + + Set partitions = new HashSet(); + partitions.add(acegiDit); + + if(cfg instanceof MutableServerStartupConfiguration) { + MutableServerStartupConfiguration serverCfg = (MutableServerStartupConfiguration)cfg; + serverCfg.setLdapPort(10389); + serverCfg.setContextPartitionConfigurations(partitions); + } else { + ((MutableStartupConfiguration)cfg).setContextPartitionConfigurations(partitions); + } + } + + public Configuration getConfiguration() { + return cfg; } public static void main(String[] args) { - new LdapTestServer(); + LdapTestServer server = new LdapTestServer(false); } + + } diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticatorTests.java b/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticatorTests.java index 1879440fee..e03f0a1205 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticatorTests.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticatorTests.java @@ -17,8 +17,9 @@ public class BindAuthenticatorTests extends AbstractLdapServerTestCase { private BindAuthenticator authenticator; public void setUp() throws Exception { - // Connection information dirCtxFactory = new DefaultInitialDirContextFactory(); + dirCtxFactory.setInitialContextFactory(CONTEXT_FACTORY); + dirCtxFactory.setExtraEnvVars(EXTRA_ENV); dirCtxFactory.setUrl(PROVIDER_URL); dirCtxFactory.afterPropertiesSet(); authenticator = new BindAuthenticator(); diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/FilterBasedLdapUserSearchTests.java b/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/FilterBasedLdapUserSearchTests.java index bde70301bd..9b1ac9426c 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/FilterBasedLdapUserSearchTests.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/FilterBasedLdapUserSearchTests.java @@ -18,6 +18,8 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapServerTestCase { public void setUp() throws Exception { dirCtxFactory = new DefaultInitialDirContextFactory(); + dirCtxFactory.setInitialContextFactory(CONTEXT_FACTORY); + dirCtxFactory.setExtraEnvVars(EXTRA_ENV); dirCtxFactory.setUrl(PROVIDER_URL); dirCtxFactory.setManagerDn(MANAGER_USER); dirCtxFactory.setManagerPassword(MANAGER_PASSWORD); @@ -40,17 +42,17 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapServerTestCase { locator.setSearchBase("ou=people"); locator.setSearchFilter("(uid={0})"); locator.afterPropertiesSet(); - LdapUserDetails bob = locator.searchForUser("Bob"); + LdapUserDetails bob = locator.searchForUser("bob"); assertEquals("uid=bob,ou=people,"+ROOT_DN, bob.getDn()); } public void testSubTreeSearchSucceeds() throws Exception { // Don't set the searchBase, so search from the root. - locator.setSearchFilter("(uid={0})"); + locator.setSearchFilter("(cn={0})"); locator.setSearchSubtree(true); locator.afterPropertiesSet(); - LdapUserDetails bob = locator.searchForUser("Bob"); - assertEquals("uid=bob,ou=people,"+ROOT_DN, bob.getDn()); + LdapUserDetails bob = locator.searchForUser("Ben Alex"); + assertEquals("uid=ben,ou=people,"+ROOT_DN, bob.getDn()); } public void testSearchForInvalidUserFails() { @@ -82,6 +84,6 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapServerTestCase { // Search for bob, get back ben... LdapUserDetails ben = locator.searchForUser("bob"); - assertEquals("cn=Ben Alex,ou=people,"+ROOT_DN, ben.getDn()); + assertEquals("uid=ben,ou=people,"+ROOT_DN, ben.getDn()); } } diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticatorTests.java b/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticatorTests.java index 32d13fef86..5173484885 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticatorTests.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticatorTests.java @@ -20,6 +20,8 @@ public class PasswordComparisonAuthenticatorTests extends AbstractLdapServerTest public void setUp() throws Exception { // Connection information dirCtxFactory = new DefaultInitialDirContextFactory(); + dirCtxFactory.setInitialContextFactory(CONTEXT_FACTORY); + dirCtxFactory.setExtraEnvVars(EXTRA_ENV); dirCtxFactory.setUrl(PROVIDER_URL); dirCtxFactory.setManagerDn(MANAGER_USER); dirCtxFactory.setManagerPassword(MANAGER_PASSWORD); @@ -35,19 +37,19 @@ public class PasswordComparisonAuthenticatorTests extends AbstractLdapServerTest public void testLdapCompareSucceedsWithCorrectPassword() { // Don't retrieve the password - authenticator.setUserAttributes(new String[] {"cn", "sn"}); + authenticator.setUserAttributes(new String[] {"cn"}); // Bob has a plaintext password. authenticator.setPasswordEncoder(new PlaintextPasswordEncoder()); - authenticator.authenticate("Bob", "bobspassword"); + authenticator.authenticate("bob", "bobspassword"); } public void testLdapCompareSucceedsWithShaEncodedPassword() { authenticator = new PasswordComparisonAuthenticator(); authenticator.setInitialDirContextFactory(dirCtxFactory); - authenticator.setUserDnPattern("cn={0},ou=people"); + authenticator.setUserDnPattern("uid={0},ou=people"); // Don't retrieve the password - authenticator.setUserAttributes(new String[] {"cn", "sn"}); - authenticator.authenticate("Ben Alex", "benspassword"); + authenticator.setUserAttributes(new String[] {"cn"}); + authenticator.authenticate("ben", "benspassword"); } public void testPasswordEncoderCantBeNull() { @@ -76,8 +78,8 @@ public class PasswordComparisonAuthenticatorTests extends AbstractLdapServerTest public void testLocalCompareSucceedsWithShaEncodedPassword() { authenticator = new PasswordComparisonAuthenticator(); authenticator.setInitialDirContextFactory(dirCtxFactory); - authenticator.setUserDnPattern("cn={0},ou=people"); - authenticator.authenticate("Ben Alex", "benspassword"); + authenticator.setUserDnPattern("uid={0},ou=people"); + authenticator.authenticate("ben", "benspassword"); } public void testLocalPasswordComparisonFailsWithWrongPassword() { @@ -96,19 +98,27 @@ public class PasswordComparisonAuthenticatorTests extends AbstractLdapServerTest } public void testOnlySpecifiedAttributesAreRetrieved() throws Exception { - authenticator.setUserAttributes(new String[] {"cn", "sn"}); + authenticator.setUserAttributes(new String[] {"cn", "uid"}); authenticator.setPasswordEncoder(new PlaintextPasswordEncoder()); LdapUserDetails user = authenticator.authenticate("Bob", "bobspassword"); - assertEquals("Should have retrieved 2 attributes (cn, sn)",2, user.getAttributes().size()); + assertEquals("Should have retrieved 2 attributes (cn, uid)",2, user.getAttributes().size()); assertEquals("Bob Hamilton", user.getAttributes().get("cn").get()); - assertEquals("Hamilton", user.getAttributes().get("sn").get()); + assertEquals("bob", user.getAttributes().get("uid").get()); } public void testUseOfDifferentPasswordAttribute() { - authenticator.setPasswordAttributeName("sn"); - authenticator.authenticate("Bob", "Hamilton"); + authenticator.setPasswordAttributeName("uid"); + authenticator.authenticate("bob", "bob"); } + public void testLdapCompareWithDifferentPasswordAttribute() { + authenticator.setUserAttributes(new String[] {"cn"}); + authenticator.setPasswordEncoder(new PlaintextPasswordEncoder()); + authenticator.setPasswordAttributeName("uid"); + authenticator.authenticate("bob", "bob"); + } + + public void testWithUserSearch() { LdapUserDetails user = new LdapUserDetails("uid=Bob,ou=people" + ROOT_DN, new BasicAttributes("userPassword","bobspassword")); diff --git a/core/src/test/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java b/core/src/test/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java index 2ac3cb2d4c..f6f381dce4 100644 --- a/core/src/test/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java +++ b/core/src/test/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java @@ -65,7 +65,7 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapServerTest populator.setGroupSearchFilter("member={0}"); populator.afterPropertiesSet(); - GrantedAuthority[] authorities = populator.getGrantedAuthorities("Ben", "cn=Ben Alex,ou=people,"+ROOT_DN, new BasicAttributes()); + GrantedAuthority[] authorities = populator.getGrantedAuthorities("ben", "uid=ben,ou=people,"+ROOT_DN, new BasicAttributes()); assertEquals("Should have 2 roles", 2, authorities.length); Set roles = new HashSet(); roles.add(authorities[0].toString()); diff --git a/core/src/test/resources/org/acegisecurity/providers/ldap/apacheds-context.xml b/core/src/test/resources/org/acegisecurity/providers/ldap/apacheds-context.xml index 9b1259a8d2..393498a28e 100644 --- a/core/src/test/resources/org/acegisecurity/providers/ldap/apacheds-context.xml +++ b/core/src/test/resources/org/acegisecurity/providers/ldap/apacheds-context.xml @@ -46,7 +46,7 @@ --> -