Eddú Meléndez
Josh Cummings
parent
76718c4db6
commit
a171d8b4bf
|
|
@ -26,16 +26,6 @@ dependencies {
|
|||
}
|
||||
|
||||
integrationTest {
|
||||
include('**/ApacheDSServerIntegrationTests.class',
|
||||
'**/ApacheDSEmbeddedLdifTests.class',
|
||||
'**/LdapUserDetailsManagerModifyPasswordTests.class')
|
||||
// exclude('**/OpenLDAPIntegrationTestSuite.class')
|
||||
maxParallelForks = 1
|
||||
}
|
||||
|
||||
// Runs a server for running the integration tests against (from an IDE, for example)
|
||||
task(ldapServer, dependsOn: 'integrationTestClasses', type: JavaExec) {
|
||||
classpath = sourceSets.integrationTest.runtimeClasspath
|
||||
main = 'org.springframework.security.ldap.ApacheDSServerIntegrationTests'
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,44 +0,0 @@
|
|||
/*
|
||||
* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.ldap;
|
||||
|
||||
import org.junit.*;
|
||||
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
*/
|
||||
public abstract class AbstractLdapIntegrationTests {
|
||||
private static DefaultSpringSecurityContextSource contextSource;
|
||||
|
||||
@BeforeClass
|
||||
public static void createContextSource() throws Exception {
|
||||
int serverPort = ApacheDSServerIntegrationTests.getServerPort();
|
||||
contextSource = new DefaultSpringSecurityContextSource("ldap://127.0.0.1:"
|
||||
+ serverPort + "/dc=springframework,dc=org");
|
||||
// OpenLDAP configuration
|
||||
// contextSource = new
|
||||
// DefaultSpringSecurityContextSource("ldap://127.0.0.1:22389/dc=springsource,dc=com");
|
||||
// contextSource.setUserDn("cn=admin,dc=springsource,dc=com");
|
||||
// contextSource.setPassword("password");
|
||||
contextSource.afterPropertiesSet();
|
||||
}
|
||||
|
||||
public BaseLdapPathContextSource getContextSource() {
|
||||
return contextSource;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,121 +0,0 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.ldap;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.ServerSocket;
|
||||
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.junit.runners.Suite;
|
||||
|
||||
import org.springframework.security.ldap.authentication.BindAuthenticatorTests;
|
||||
import org.springframework.security.ldap.authentication.PasswordComparisonAuthenticatorTests;
|
||||
import org.springframework.security.ldap.search.FilterBasedLdapUserSearchTests;
|
||||
import org.springframework.security.ldap.server.ApacheDSContainer;
|
||||
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulatorTests;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsManagerTests;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
*/
|
||||
@RunWith(Suite.class)
|
||||
@Suite.SuiteClasses({ BindAuthenticatorTests.class,
|
||||
PasswordComparisonAuthenticatorTests.class, FilterBasedLdapUserSearchTests.class,
|
||||
DefaultLdapAuthoritiesPopulatorTests.class, LdapUserDetailsManagerTests.class,
|
||||
DefaultSpringSecurityContextSourceTests.class,
|
||||
SpringSecurityLdapTemplateITests.class })
|
||||
public final class ApacheDSServerIntegrationTests {
|
||||
private static ApacheDSContainer server;
|
||||
private static Integer serverPort;
|
||||
|
||||
@BeforeClass
|
||||
public static void startServer() throws Exception {
|
||||
// OpenLDAP configuration
|
||||
// contextSource = new
|
||||
// DefaultSpringSecurityContextSource("ldap://127.0.0.1:22389/dc=springsource,dc=com");
|
||||
// contextSource.setUserDn("cn=admin,dc=springsource,dc=com");
|
||||
// contextSource.setPassword("password");
|
||||
server = new ApacheDSContainer("dc=springframework,dc=org",
|
||||
"classpath:test-server.ldif");
|
||||
int port = getAvailablePort();
|
||||
server.setPort(port);
|
||||
server.afterPropertiesSet();
|
||||
serverPort = port;
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void stopServer() throws Exception {
|
||||
serverPort = null;
|
||||
if (server != null) {
|
||||
server.stop();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Main class to allow server to be started from gradle script
|
||||
*/
|
||||
public static void main(String[] args) throws Exception {
|
||||
ApacheDSContainer server = new ApacheDSContainer("dc=springframework,dc=org",
|
||||
"classpath:test-server.ldif");
|
||||
server.afterPropertiesSet();
|
||||
}
|
||||
|
||||
public static int getServerPort() {
|
||||
if (serverPort == null) {
|
||||
throw new IllegalStateException(
|
||||
"The ApacheDSContainer is not currently running");
|
||||
}
|
||||
return serverPort;
|
||||
}
|
||||
|
||||
/*
|
||||
* @After public final void reloadServerDataIfDirty() throws Exception {
|
||||
* ClassPathResource ldifs = new ClassPathResource("test-server.ldif");
|
||||
*
|
||||
* if (!ldifs.getFile().exists()) { throw new IllegalStateException(
|
||||
* "Ldif file not found: " + ldifs.getFile().getAbsolutePath()); }
|
||||
*
|
||||
* DirContext ctx = getContextSource().getReadWriteContext();
|
||||
*
|
||||
* // First of all, make sure the database is empty. Name startingPoint = new
|
||||
* DistinguishedName("dc=springframework,dc=org");
|
||||
*
|
||||
* try { clearSubContexts(ctx, startingPoint); LdifFileLoader loader = new
|
||||
* LdifFileLoader(server.getService().getAdminSession(),
|
||||
* ldifs.getFile().getAbsolutePath()); loader.execute(); } finally { ctx.close(); } }
|
||||
*
|
||||
* private void clearSubContexts(DirContext ctx, Name name) throws NamingException {
|
||||
*
|
||||
* NamingEnumeration<Binding> enumeration = null; try { enumeration =
|
||||
* ctx.listBindings(name); while (enumeration.hasMore()) { Binding element =
|
||||
* enumeration.next(); DistinguishedName childName = new
|
||||
* DistinguishedName(element.getName()); childName.prepend((DistinguishedName) name);
|
||||
*
|
||||
* try { ctx.destroySubcontext(childName); } catch (ContextNotEmptyException e) {
|
||||
* clearSubContexts(ctx, childName); ctx.destroySubcontext(childName); } } }
|
||||
* catch(NameNotFoundException ignored) { } catch (NamingException e) {
|
||||
* e.printStackTrace(); } finally { try { enumeration.close(); } catch (Exception
|
||||
* ignored) { } } }
|
||||
*/
|
||||
|
||||
private static int getAvailablePort() throws IOException {
|
||||
try (ServerSocket serverSocket = new ServerSocket(0)) {
|
||||
return serverSocket.getLocalPort();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.ldap;
|
||||
|
||||
import javax.annotation.PreDestroy;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.ldap.core.ContextSource;
|
||||
import org.springframework.security.ldap.server.ApacheDSContainer;
|
||||
|
||||
/**
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
@Configuration
|
||||
public class ApacheDsContainerConfig {
|
||||
|
||||
private ApacheDSContainer container;
|
||||
|
||||
@Bean
|
||||
ApacheDSContainer ldapContainer() throws Exception {
|
||||
this.container = new ApacheDSContainer("dc=springframework,dc=org",
|
||||
"classpath:test-server.ldif");
|
||||
return this.container;
|
||||
}
|
||||
|
||||
@Bean
|
||||
ContextSource contextSource() throws Exception {
|
||||
return new DefaultSpringSecurityContextSource("ldap://127.0.0.1:"
|
||||
+ ldapContainer().getPort() + "/dc=springframework,dc=org");
|
||||
}
|
||||
|
||||
@PreDestroy
|
||||
void shutdown() {
|
||||
this.container.stop();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -24,13 +24,24 @@ import java.util.List;
|
|||
import javax.naming.directory.DirContext;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.ldap.AuthenticationException;
|
||||
import org.springframework.ldap.core.support.AbstractContextSource;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
public class DefaultSpringSecurityContextSourceTests extends AbstractLdapIntegrationTests {
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
public class DefaultSpringSecurityContextSourceTests {
|
||||
|
||||
@Autowired
|
||||
private DefaultSpringSecurityContextSource contextSource;
|
||||
|
||||
@Test
|
||||
public void instantiationSucceedsWithExpectedProperties() {
|
||||
|
|
@ -76,7 +87,7 @@ public class DefaultSpringSecurityContextSourceTests extends AbstractLdapIntegra
|
|||
throws Exception {
|
||||
DirContext ctx = null;
|
||||
try {
|
||||
ctx = getContextSource().getContext(
|
||||
ctx = this.contextSource.getContext(
|
||||
"uid=Bob,ou=people,dc=springframework,dc=org", "bobspassword");
|
||||
}
|
||||
catch (Exception e) {
|
||||
|
|
@ -86,7 +97,7 @@ public class DefaultSpringSecurityContextSourceTests extends AbstractLdapIntegra
|
|||
ctx.close();
|
||||
// com.sun.jndi.ldap.LdapPoolManager.showStats(System.out);
|
||||
// Now get it gain, with wrong password. Should fail.
|
||||
ctx = getContextSource().getContext(
|
||||
ctx = this.contextSource.getContext(
|
||||
"uid=Bob,ou=people,dc=springframework,dc=org", "wrongpassword");
|
||||
ctx.close();
|
||||
}
|
||||
|
|
@ -94,8 +105,8 @@ public class DefaultSpringSecurityContextSourceTests extends AbstractLdapIntegra
|
|||
@Test
|
||||
public void serverUrlWithSpacesIsSupported() throws Exception {
|
||||
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(
|
||||
"ldap://127.0.0.1:" + ApacheDSServerIntegrationTests.getServerPort()
|
||||
+ "/ou=space%20cadets,dc=springframework,dc=org");
|
||||
this.contextSource.getUrls()[0]
|
||||
+ "ou=space%20cadets,dc=springframework,dc=org");
|
||||
contextSource.afterPropertiesSet();
|
||||
contextSource.getContext(
|
||||
"uid=space cadet,ou=space cadets,dc=springframework,dc=org",
|
||||
|
|
|
|||
|
|
@ -29,17 +29,27 @@ import javax.naming.directory.SearchControls;
|
|||
import javax.naming.directory.SearchResult;
|
||||
|
||||
import org.junit.*;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.ldap.UncategorizedLdapException;
|
||||
import org.springframework.ldap.core.ContextExecutor;
|
||||
import org.springframework.security.crypto.codec.Utf8;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
public class SpringSecurityLdapTemplateITests extends AbstractLdapIntegrationTests {
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
public class SpringSecurityLdapTemplateITests {
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
|
||||
@Autowired
|
||||
private DefaultSpringSecurityContextSource contextSource;
|
||||
private SpringSecurityLdapTemplate template;
|
||||
|
||||
// ~ Methods
|
||||
|
|
@ -47,7 +57,7 @@ public class SpringSecurityLdapTemplateITests extends AbstractLdapIntegrationTes
|
|||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
template = new SpringSecurityLdapTemplate(getContextSource());
|
||||
template = new SpringSecurityLdapTemplate(this.contextSource);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -184,8 +194,7 @@ public class SpringSecurityLdapTemplateITests extends AbstractLdapIntegrationTes
|
|||
public void nonSpringLdapSearchCodeTestMethod() throws Exception {
|
||||
java.util.Hashtable<String, String> env = new java.util.Hashtable<>();
|
||||
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
|
||||
env.put(Context.PROVIDER_URL, "ldap://localhost:"
|
||||
+ ApacheDSServerIntegrationTests.getServerPort());
|
||||
env.put(Context.PROVIDER_URL, this.contextSource.getUrls()[0]);
|
||||
env.put(Context.SECURITY_PRINCIPAL, "");
|
||||
env.put(Context.SECURITY_CREDENTIALS, "");
|
||||
|
||||
|
|
|
|||
|
|
@ -18,14 +18,19 @@ package org.springframework.security.ldap.authentication;
|
|||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.ApacheDsContainerConfig;
|
||||
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
|
||||
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.fail;
|
||||
|
|
@ -35,11 +40,16 @@ import static org.assertj.core.api.Assertions.fail;
|
|||
* Tests for {@link BindAuthenticator}.
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
public class BindAuthenticatorTests extends AbstractLdapIntegrationTests {
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
public class BindAuthenticatorTests {
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
|
||||
@Autowired
|
||||
private DefaultSpringSecurityContextSource contextSource;
|
||||
private BindAuthenticator authenticator;
|
||||
private Authentication bob;
|
||||
|
||||
|
|
@ -48,7 +58,7 @@ public class BindAuthenticatorTests extends AbstractLdapIntegrationTests {
|
|||
|
||||
@Before
|
||||
public void setUp() {
|
||||
this.authenticator = new BindAuthenticator(getContextSource());
|
||||
this.authenticator = new BindAuthenticator(this.contextSource);
|
||||
this.authenticator.setMessageSource(new SpringSecurityMessageSource());
|
||||
this.bob = new UsernamePasswordAuthenticationToken("bob", "bobspassword");
|
||||
|
||||
|
|
@ -89,25 +99,25 @@ public class BindAuthenticatorTests extends AbstractLdapIntegrationTests {
|
|||
// DirContextAdapter ctx = new DirContextAdapter(new
|
||||
// DistinguishedName("uid=bob,ou=people"));
|
||||
this.authenticator.setUserSearch(new FilterBasedLdapUserSearch("ou=people",
|
||||
"(uid={0})", getContextSource()));
|
||||
"(uid={0})", this.contextSource));
|
||||
this.authenticator.afterPropertiesSet();
|
||||
DirContextOperations result = this.authenticator.authenticate(this.bob);
|
||||
//ensure we are getting the same attributes back
|
||||
assertThat(result.getStringAttribute("cn")).isEqualTo("Bob Hamilton");
|
||||
// SEC-1444
|
||||
this.authenticator.setUserSearch(new FilterBasedLdapUserSearch("ou=people",
|
||||
"(cn={0})", getContextSource()));
|
||||
"(cn={0})", this.contextSource));
|
||||
this.authenticator.authenticate(new UsernamePasswordAuthenticationToken(
|
||||
"mouse, jerry", "jerryspassword"));
|
||||
this.authenticator.authenticate(new UsernamePasswordAuthenticationToken(
|
||||
"slash/guy", "slashguyspassword"));
|
||||
// SEC-1661
|
||||
this.authenticator.setUserSearch(new FilterBasedLdapUserSearch(
|
||||
"ou=\\\"quoted people\\\"", "(cn={0})", getContextSource()));
|
||||
"ou=\\\"quoted people\\\"", "(cn={0})", this.contextSource));
|
||||
this.authenticator.authenticate(new UsernamePasswordAuthenticationToken(
|
||||
"quote\"guy", "quoteguyspassword"));
|
||||
this.authenticator.setUserSearch(
|
||||
new FilterBasedLdapUserSearch("", "(cn={0})", getContextSource()));
|
||||
new FilterBasedLdapUserSearch("", "(cn={0})", this.contextSource));
|
||||
this.authenticator.authenticate(new UsernamePasswordAuthenticationToken(
|
||||
"quote\"guy", "quoteguyspassword"));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,6 +17,9 @@
|
|||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import org.junit.*;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
|
@ -24,10 +27,13 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
|||
import org.springframework.security.crypto.keygen.KeyGenerators;
|
||||
import org.springframework.security.crypto.password.LdapShaPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
import org.springframework.security.ldap.ApacheDsContainerConfig;
|
||||
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
import static org.assertj.core.api.Assertions.*;
|
||||
|
||||
|
|
@ -35,11 +41,16 @@ import static org.assertj.core.api.Assertions.*;
|
|||
* Tests for {@link PasswordComparisonAuthenticator}.
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
public class PasswordComparisonAuthenticatorTests extends AbstractLdapIntegrationTests {
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
public class PasswordComparisonAuthenticatorTests {
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
|
||||
@Autowired
|
||||
private DefaultSpringSecurityContextSource contextSource;
|
||||
private PasswordComparisonAuthenticator authenticator;
|
||||
private Authentication bob;
|
||||
private Authentication ben;
|
||||
|
|
@ -49,7 +60,7 @@ public class PasswordComparisonAuthenticatorTests extends AbstractLdapIntegratio
|
|||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
authenticator = new PasswordComparisonAuthenticator(getContextSource());
|
||||
authenticator = new PasswordComparisonAuthenticator(this.contextSource);
|
||||
authenticator.setPasswordEncoder(NoOpPasswordEncoder.getInstance());
|
||||
authenticator.setUserDnPatterns(new String[] { "uid={0},ou=people" });
|
||||
bob = new UsernamePasswordAuthenticationToken("bob", "bobspassword");
|
||||
|
|
@ -65,7 +76,7 @@ public class PasswordComparisonAuthenticatorTests extends AbstractLdapIntegratio
|
|||
|
||||
@Test
|
||||
public void testFailedSearchGivesUserNotFoundException() throws Exception {
|
||||
authenticator = new PasswordComparisonAuthenticator(getContextSource());
|
||||
authenticator = new PasswordComparisonAuthenticator(this.contextSource);
|
||||
assertThat(authenticator.getUserDns("Bob")).withFailMessage("User DN matches shouldn't be available").isEmpty();
|
||||
authenticator.setUserSearch(new MockUserSearch(null));
|
||||
authenticator.afterPropertiesSet();
|
||||
|
|
@ -140,7 +151,7 @@ public class PasswordComparisonAuthenticatorTests extends AbstractLdapIntegratio
|
|||
|
||||
@Test
|
||||
public void testWithUserSearch() {
|
||||
authenticator = new PasswordComparisonAuthenticator(getContextSource());
|
||||
authenticator = new PasswordComparisonAuthenticator(this.contextSource);
|
||||
authenticator.setPasswordEncoder(NoOpPasswordEncoder.getInstance());
|
||||
assertThat(authenticator.getUserDns("Bob")).withFailMessage("User DN matches shouldn't be available").isEmpty();
|
||||
|
||||
|
|
|
|||
|
|
@ -21,22 +21,34 @@ import static org.assertj.core.api.Assertions.assertThat;
|
|||
import javax.naming.ldap.LdapName;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.dao.IncorrectResultSizeDataAccessException;
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.ApacheDsContainerConfig;
|
||||
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
/**
|
||||
* Tests for FilterBasedLdapUserSearch.
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
public class FilterBasedLdapUserSearchTests extends AbstractLdapIntegrationTests {
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
public class FilterBasedLdapUserSearchTests {
|
||||
|
||||
@Autowired
|
||||
private DefaultSpringSecurityContextSource contextSource;
|
||||
|
||||
@Test
|
||||
public void basicSearchSucceeds() throws Exception {
|
||||
FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
|
||||
"(uid={0})", getContextSource());
|
||||
"(uid={0})", this.contextSource);
|
||||
locator.setSearchSubtree(false);
|
||||
locator.setSearchTimeLimit(0);
|
||||
locator.setDerefLinkFlag(false);
|
||||
|
|
@ -50,7 +62,7 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapIntegrationTests
|
|||
@Test
|
||||
public void searchForNameWithCommaSucceeds() throws Exception {
|
||||
FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
|
||||
"(uid={0})", getContextSource());
|
||||
"(uid={0})", this.contextSource);
|
||||
locator.setSearchSubtree(false);
|
||||
|
||||
DirContextOperations jerry = locator.searchForUser("jerry");
|
||||
|
|
@ -65,7 +77,7 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapIntegrationTests
|
|||
FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch(
|
||||
"ou=people",
|
||||
"(&(cn=*)(!(|(uid={0})(uid=rod)(uid=jerry)(uid=slashguy)(uid=javadude)(uid=groovydude)(uid=closuredude)(uid=scaladude))))",
|
||||
getContextSource());
|
||||
this.contextSource);
|
||||
|
||||
// Search for bob, get back ben...
|
||||
DirContextOperations ben = locator.searchForUser("bob");
|
||||
|
|
@ -75,14 +87,14 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapIntegrationTests
|
|||
@Test(expected = IncorrectResultSizeDataAccessException.class)
|
||||
public void searchFailsOnMultipleMatches() {
|
||||
FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
|
||||
"(cn=*)", getContextSource());
|
||||
"(cn=*)", this.contextSource);
|
||||
locator.searchForUser("Ignored");
|
||||
}
|
||||
|
||||
@Test(expected = UsernameNotFoundException.class)
|
||||
public void searchForInvalidUserFails() {
|
||||
FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
|
||||
"(uid={0})", getContextSource());
|
||||
"(uid={0})", this.contextSource);
|
||||
locator.searchForUser("Joe");
|
||||
}
|
||||
|
||||
|
|
@ -90,7 +102,7 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapIntegrationTests
|
|||
public void subTreeSearchSucceeds() throws Exception {
|
||||
// Don't set the searchBase, so search from the root.
|
||||
FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("", "(cn={0})",
|
||||
getContextSource());
|
||||
this.contextSource);
|
||||
locator.setSearchSubtree(true);
|
||||
|
||||
DirContextOperations ben = locator.searchForUser("Ben Alex");
|
||||
|
|
@ -102,7 +114,7 @@ public class FilterBasedLdapUserSearchTests extends AbstractLdapIntegrationTests
|
|||
@Test
|
||||
public void searchWithDifferentSearchBaseIsSuccessful() throws Exception {
|
||||
FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch(
|
||||
"ou=otherpeople", "(cn={0})", getContextSource());
|
||||
"ou=otherpeople", "(cn={0})", this.contextSource);
|
||||
DirContextOperations joe = locator.searchForUser("Joe Smeth");
|
||||
assertThat(joe.getStringAttribute("cn")).isEqualTo("Joe Smeth");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,21 +19,33 @@ package org.springframework.security.ldap.userdetails;
|
|||
import static org.assertj.core.api.Assertions.*;
|
||||
|
||||
import org.junit.*;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.ldap.core.ContextSource;
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.ApacheDsContainerConfig;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
@SuppressWarnings({ "deprecation" })
|
||||
public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegrationTests {
|
||||
public class DefaultLdapAuthoritiesPopulatorTests {
|
||||
|
||||
@Autowired
|
||||
private ContextSource contextSource;
|
||||
private DefaultLdapAuthoritiesPopulator populator;
|
||||
|
||||
// ~ Methods
|
||||
|
|
@ -41,14 +53,14 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
populator = new DefaultLdapAuthoritiesPopulator(getContextSource(), "ou=groups");
|
||||
populator = new DefaultLdapAuthoritiesPopulator(this.contextSource, "ou=groups");
|
||||
populator.setIgnorePartialResultException(false);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void defaultRoleIsAssignedWhenSet() {
|
||||
populator.setDefaultRole("ROLE_USER");
|
||||
assertThat(populator.getContextSource()).isSameAs(getContextSource());
|
||||
assertThat(populator.getContextSource()).isSameAs(this.contextSource);
|
||||
|
||||
DirContextAdapter ctx = new DirContextAdapter(
|
||||
new DistinguishedName("cn=notfound"));
|
||||
|
|
@ -61,7 +73,7 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
@Test
|
||||
public void nullSearchBaseIsAccepted() throws Exception {
|
||||
populator = new DefaultLdapAuthoritiesPopulator(getContextSource(), null);
|
||||
populator = new DefaultLdapAuthoritiesPopulator(this.contextSource, null);
|
||||
populator.setDefaultRole("ROLE_USER");
|
||||
|
||||
Collection<GrantedAuthority> authorities = populator.getGrantedAuthorities(
|
||||
|
|
@ -143,7 +155,7 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
@Test
|
||||
public void extraRolesAreAdded() throws Exception {
|
||||
populator = new DefaultLdapAuthoritiesPopulator(getContextSource(), null) {
|
||||
populator = new DefaultLdapAuthoritiesPopulator(this.contextSource, null) {
|
||||
@Override
|
||||
protected Set<GrantedAuthority> getAdditionalRoles(DirContextOperations user,
|
||||
String username) {
|
||||
|
|
|
|||
|
|
@ -24,6 +24,10 @@ import java.util.List;
|
|||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.ldap.core.ContextSource;
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
|
|
@ -31,14 +35,22 @@ import org.springframework.security.core.GrantedAuthority;
|
|||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.ApacheDsContainerConfig;
|
||||
import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper;
|
||||
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
public class LdapUserDetailsManagerTests extends AbstractLdapIntegrationTests {
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
public class LdapUserDetailsManagerTests {
|
||||
|
||||
@Autowired
|
||||
private ContextSource contextSource;
|
||||
|
||||
private static final List<GrantedAuthority> TEST_AUTHORITIES = AuthorityUtils.createAuthorityList(
|
||||
"ROLE_CLOWNS", "ROLE_ACROBATS");
|
||||
|
|
@ -49,8 +61,8 @@ public class LdapUserDetailsManagerTests extends AbstractLdapIntegrationTests {
|
|||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
mgr = new LdapUserDetailsManager(getContextSource());
|
||||
template = new SpringSecurityLdapTemplate(getContextSource());
|
||||
mgr = new LdapUserDetailsManager(this.contextSource);
|
||||
template = new SpringSecurityLdapTemplate(this.contextSource);
|
||||
DirContextAdapter ctx = new DirContextAdapter();
|
||||
|
||||
ctx.setAttributeValue("objectclass", "organizationalUnit");
|
||||
|
|
|
|||
|
|
@ -17,9 +17,15 @@ package org.springframework.security.ldap.userdetails;
|
|||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.ldap.core.ContextSource;
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.ApacheDsContainerConfig;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
|
|
@ -29,9 +35,14 @@ import static org.assertj.core.api.Assertions.*;
|
|||
|
||||
/**
|
||||
* @author Filip Hanik
|
||||
* @author Eddú Meléndez
|
||||
*/
|
||||
public class NestedLdapAuthoritiesPopulatorTests extends AbstractLdapIntegrationTests {
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration(classes = ApacheDsContainerConfig.class)
|
||||
public class NestedLdapAuthoritiesPopulatorTests {
|
||||
|
||||
@Autowired
|
||||
private ContextSource contextSource;
|
||||
private NestedLdapAuthoritiesPopulator populator;
|
||||
private LdapAuthority javaDevelopers;
|
||||
private LdapAuthority groovyDevelopers;
|
||||
|
|
@ -45,7 +56,7 @@ public class NestedLdapAuthoritiesPopulatorTests extends AbstractLdapIntegration
|
|||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
populator = new NestedLdapAuthoritiesPopulator(getContextSource(),
|
||||
populator = new NestedLdapAuthoritiesPopulator(this.contextSource,
|
||||
"ou=jdeveloper");
|
||||
populator.setGroupSearchFilter("(member={0})");
|
||||
populator.setIgnorePartialResultException(false);
|
||||
|
|
@ -73,8 +84,8 @@ public class NestedLdapAuthoritiesPopulatorTests extends AbstractLdapIntegration
|
|||
Collection<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx,
|
||||
"scaladude");
|
||||
assertThat(authorities).hasSize(5);
|
||||
assertThat(Arrays.asList(javaDevelopers, scalaDevelopers,
|
||||
circularJavaDevelopers, jDevelopers, groovyDevelopers)).isEqualTo(authorities);
|
||||
assertThat(authorities).isEqualTo(Arrays.asList(javaDevelopers, circularJavaDevelopers,
|
||||
scalaDevelopers, groovyDevelopers, jDevelopers));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -83,7 +94,7 @@ public class NestedLdapAuthoritiesPopulatorTests extends AbstractLdapIntegration
|
|||
"uid=javadude,ou=people,dc=springframework,dc=org");
|
||||
Collection<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx,
|
||||
"javadude");
|
||||
assertThat(authorities).hasSize(3);
|
||||
assertThat(authorities).hasSize(4);
|
||||
assertThat(authorities).contains(javaDevelopers);
|
||||
}
|
||||
|
||||
|
|
@ -105,8 +116,8 @@ public class NestedLdapAuthoritiesPopulatorTests extends AbstractLdapIntegration
|
|||
Collection<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx,
|
||||
"groovydude");
|
||||
assertThat(authorities).hasSize(4);
|
||||
assertThat(authorities).isEqualTo(Arrays.asList(javaDevelopers, circularJavaDevelopers, jDevelopers,
|
||||
groovyDevelopers));
|
||||
assertThat(authorities).isEqualTo(Arrays.asList(javaDevelopers, circularJavaDevelopers, groovyDevelopers,
|
||||
jDevelopers));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -118,30 +129,30 @@ public class NestedLdapAuthoritiesPopulatorTests extends AbstractLdapIntegration
|
|||
Collection<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx,
|
||||
"closuredude");
|
||||
assertThat(authorities).hasSize(5);
|
||||
assertThat(authorities).isEqualTo(Arrays.asList(closureDevelopers, javaDevelopers,
|
||||
circularJavaDevelopers, jDevelopers, groovyDevelopers));
|
||||
assertThat(authorities).isEqualTo(Arrays.asList(javaDevelopers, circularJavaDevelopers,
|
||||
closureDevelopers, groovyDevelopers, jDevelopers));
|
||||
|
||||
LdapAuthority[] ldapAuthorities = authorities.toArray(new LdapAuthority[0]);
|
||||
assertThat(ldapAuthorities).hasSize(5);
|
||||
// closure group
|
||||
// groovy-developers group
|
||||
assertThat(ldapAuthorities[0].getAttributes().containsKey("member")).isTrue();
|
||||
assertThat(ldapAuthorities[0].getAttributes().get("member")).isNotNull();
|
||||
assertThat(ldapAuthorities[0].getAttributes().get("member")).hasSize(1);
|
||||
assertThat(ldapAuthorities[0].getFirstAttributeValue("member")).isEqualTo("uid=closuredude,ou=people,dc=springframework,dc=org");
|
||||
assertThat(ldapAuthorities[0].getAttributes().get("member")).hasSize(3);
|
||||
assertThat(ldapAuthorities[0].getFirstAttributeValue("member")).isEqualTo("cn=groovy-developers,ou=jdeveloper,dc=springframework,dc=org");
|
||||
|
||||
// java group
|
||||
assertThat(ldapAuthorities[1].getAttributes().containsKey("member")).isTrue();
|
||||
assertThat(ldapAuthorities[1].getAttributes().get("member")).isNotNull();
|
||||
assertThat(ldapAuthorities[1].getAttributes().get("member")).hasSize(3);
|
||||
assertThat(groovyDevelopers.getDn()).isEqualTo(ldapAuthorities[1].getFirstAttributeValue("member"));
|
||||
assertThat(scalaDevelopers.getDn()).isEqualTo(ldapAuthorities[2]
|
||||
.getAttributes().get("member"));
|
||||
assertThat(ldapAuthorities[2]
|
||||
.getAttributes().get("member")).contains("uid=closuredude,ou=people,dc=springframework,dc=org");
|
||||
|
||||
// test non existent attribute
|
||||
assertThat(ldapAuthorities[2].getFirstAttributeValue("test")).isNull();
|
||||
assertThat(ldapAuthorities[2].getAttributeValues("test")).isNotNull();
|
||||
assertThat(ldapAuthorities[2].getAttributeValues("test")).isEmpty();
|
||||
// test role name
|
||||
assertThat(ldapAuthorities[3].getAuthority()).isEqualTo(jDevelopers.getAuthority());
|
||||
assertThat(ldapAuthorities[3].getAuthority()).isEqualTo(groovyDevelopers.getAuthority());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue