Fix AD / vagrant based tests for #30953
These tests were creating a SSL service that was not aware of the realm that they were trying to test. This no longer works.
This commit is contained in:
parent
c32981db6b
commit
6f2b7dc9fe
|
@ -85,7 +85,7 @@ public class ADLdapUserSearchSessionFactoryTests extends AbstractActiveDirectory
|
||||||
Settings.Builder builder = Settings.builder()
|
Settings.Builder builder = Settings.builder()
|
||||||
.put(globalSettings);
|
.put(globalSettings);
|
||||||
settings.keySet().forEach(k -> {
|
settings.keySet().forEach(k -> {
|
||||||
builder.copy("xpack.security.authc.realms.ldap." + k, k, settings);
|
builder.copy("xpack.security.authc.realms.ad-as-ldap-test." + k, k, settings);
|
||||||
|
|
||||||
});
|
});
|
||||||
Settings fullSettings = builder.build();
|
Settings fullSettings = builder.build();
|
||||||
|
|
|
@ -12,6 +12,7 @@ import org.elasticsearch.common.settings.SecureString;
|
||||||
import org.elasticsearch.common.settings.Settings;
|
import org.elasticsearch.common.settings.Settings;
|
||||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||||
import org.elasticsearch.common.util.concurrent.UncategorizedExecutionException;
|
import org.elasticsearch.common.util.concurrent.UncategorizedExecutionException;
|
||||||
|
import org.elasticsearch.env.Environment;
|
||||||
import org.elasticsearch.env.TestEnvironment;
|
import org.elasticsearch.env.TestEnvironment;
|
||||||
import org.elasticsearch.threadpool.TestThreadPool;
|
import org.elasticsearch.threadpool.TestThreadPool;
|
||||||
import org.elasticsearch.threadpool.ThreadPool;
|
import org.elasticsearch.threadpool.ThreadPool;
|
||||||
|
@ -59,9 +60,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
|
|
||||||
@SuppressWarnings("unchecked")
|
@SuppressWarnings("unchecked")
|
||||||
public void testAdAuth() throws Exception {
|
public void testAdAuth() throws Exception {
|
||||||
RealmConfig config = new RealmConfig("ad-test",
|
RealmConfig config = configureRealm("ad-test", buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false));
|
||||||
buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false),
|
|
||||||
globalSettings, TestEnvironment.newEnvironment(globalSettings), new ThreadContext(Settings.EMPTY));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
String userName = "ironman";
|
String userName = "ironman";
|
||||||
|
@ -82,11 +81,21 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private RealmConfig configureRealm(String name, Settings settings) {
|
||||||
|
final Environment env = TestEnvironment.newEnvironment(globalSettings);
|
||||||
|
final Settings mergedSettings = Settings.builder()
|
||||||
|
.put(settings)
|
||||||
|
.normalizePrefix("xpack.security.authc.realms." + name + ".")
|
||||||
|
.put(globalSettings)
|
||||||
|
.build();
|
||||||
|
this.sslService = new SSLService(mergedSettings, env);
|
||||||
|
return new RealmConfig(name, settings, globalSettings, env, new ThreadContext(globalSettings));
|
||||||
|
}
|
||||||
|
|
||||||
@SuppressWarnings("unchecked")
|
@SuppressWarnings("unchecked")
|
||||||
public void testNetbiosAuth() throws Exception {
|
public void testNetbiosAuth() throws Exception {
|
||||||
final String adUrl = randomFrom(AD_LDAP_URL, AD_LDAP_GC_URL);
|
final String adUrl = randomFrom(AD_LDAP_URL, AD_LDAP_GC_URL);
|
||||||
RealmConfig config = new RealmConfig("ad-test", buildAdSettings(adUrl, AD_DOMAIN, false), globalSettings,
|
RealmConfig config = configureRealm("ad-test", buildAdSettings(adUrl, AD_DOMAIN, false));
|
||||||
TestEnvironment.newEnvironment(globalSettings), new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
String userName = "ades\\ironman";
|
String userName = "ades\\ironman";
|
||||||
|
@ -108,8 +117,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAdAuthAvengers() throws Exception {
|
public void testAdAuthAvengers() throws Exception {
|
||||||
RealmConfig config = new RealmConfig("ad-test", buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false), globalSettings,
|
RealmConfig config = configureRealm("ad-test", buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false));
|
||||||
TestEnvironment.newEnvironment(globalSettings), new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
String[] users = new String[]{"cap", "hawkeye", "hulk", "ironman", "thor", "blackwidow"};
|
String[] users = new String[]{"cap", "hawkeye", "hulk", "ironman", "thor", "blackwidow"};
|
||||||
|
@ -126,8 +134,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
public void testAuthenticate() throws Exception {
|
public void testAuthenticate() throws Exception {
|
||||||
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
||||||
LdapSearchScope.ONE_LEVEL, false);
|
LdapSearchScope.ONE_LEVEL, false);
|
||||||
RealmConfig config = new RealmConfig("ad-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
String userName = "hulk";
|
String userName = "hulk";
|
||||||
|
@ -151,8 +158,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
public void testAuthenticateBaseUserSearch() throws Exception {
|
public void testAuthenticateBaseUserSearch() throws Exception {
|
||||||
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Bruce Banner, CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Bruce Banner, CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
||||||
LdapSearchScope.BASE, false);
|
LdapSearchScope.BASE, false);
|
||||||
RealmConfig config = new RealmConfig("ad-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
String userName = "hulk";
|
String userName = "hulk";
|
||||||
|
@ -180,8 +186,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
"CN=Avengers,CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com")
|
"CN=Avengers,CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com")
|
||||||
.put(ActiveDirectorySessionFactorySettings.AD_GROUP_SEARCH_SCOPE_SETTING, LdapSearchScope.BASE)
|
.put(ActiveDirectorySessionFactorySettings.AD_GROUP_SEARCH_SCOPE_SETTING, LdapSearchScope.BASE)
|
||||||
.build();
|
.build();
|
||||||
RealmConfig config = new RealmConfig("ad-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
String userName = "hulk";
|
String userName = "hulk";
|
||||||
|
@ -198,8 +203,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
public void testAuthenticateWithUserPrincipalName() throws Exception {
|
public void testAuthenticateWithUserPrincipalName() throws Exception {
|
||||||
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
||||||
LdapSearchScope.ONE_LEVEL, false);
|
LdapSearchScope.ONE_LEVEL, false);
|
||||||
RealmConfig config = new RealmConfig("ad-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
//Login with the UserPrincipalName
|
//Login with the UserPrincipalName
|
||||||
|
@ -220,8 +224,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
public void testAuthenticateWithSAMAccountName() throws Exception {
|
public void testAuthenticateWithSAMAccountName() throws Exception {
|
||||||
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
Settings settings = buildAdSettings(AD_LDAP_URL, AD_DOMAIN, "CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com",
|
||||||
LdapSearchScope.ONE_LEVEL, false);
|
LdapSearchScope.ONE_LEVEL, false);
|
||||||
RealmConfig config = new RealmConfig("ad-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
//login with sAMAccountName
|
//login with sAMAccountName
|
||||||
|
@ -247,8 +250,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
.put(ActiveDirectorySessionFactorySettings.AD_USER_SEARCH_FILTER_SETTING,
|
.put(ActiveDirectorySessionFactorySettings.AD_USER_SEARCH_FILTER_SETTING,
|
||||||
"(&(objectclass=user)(userPrincipalName={0}@ad.test.elasticsearch.com))")
|
"(&(objectclass=user)(userPrincipalName={0}@ad.test.elasticsearch.com))")
|
||||||
.build();
|
.build();
|
||||||
RealmConfig config = new RealmConfig("ad-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
//Login with the UserPrincipalName
|
//Login with the UserPrincipalName
|
||||||
|
@ -284,8 +286,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
.putList("ssl.certificate_authorities", certificatePaths)
|
.putList("ssl.certificate_authorities", certificatePaths)
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
RealmConfig config = new RealmConfig("ad-as-ldap-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-as-ldap-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
|
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
|
||||||
|
|
||||||
String user = "Bruce Banner";
|
String user = "Bruce Banner";
|
||||||
|
@ -348,8 +349,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
.putList("ssl.certificate_authorities", certificatePaths)
|
.putList("ssl.certificate_authorities", certificatePaths)
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
RealmConfig config = new RealmConfig("ad-as-ldap-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
|
RealmConfig config = configureRealm("ad-as-ldap-test", settings);
|
||||||
new ThreadContext(globalSettings));
|
|
||||||
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
|
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
|
||||||
|
|
||||||
String user = "Bruce Banner";
|
String user = "Bruce Banner";
|
||||||
|
@ -366,9 +366,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryT
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testADLookup() throws Exception {
|
public void testADLookup() throws Exception {
|
||||||
RealmConfig config = new RealmConfig("ad-test",
|
RealmConfig config = configureRealm("ad-test", buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false, true));
|
||||||
buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false, true),
|
|
||||||
globalSettings, TestEnvironment.newEnvironment(globalSettings), new ThreadContext(Settings.EMPTY));
|
|
||||||
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
|
||||||
|
|
||||||
List<String> users = randomSubsetOf(Arrays.asList("cap", "hawkeye", "hulk", "ironman", "thor", "blackwidow",
|
List<String> users = randomSubsetOf(Arrays.asList("cap", "hawkeye", "hulk", "ironman", "thor", "blackwidow",
|
||||||
|
|
Loading…
Reference in New Issue