honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-02-22 21:05:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix broken OpenLDAP Vagrant QA test

Browse Source 
This was broken due to c662565 but the problem didn't get detected as
CI builds typically don't run vagrant tests
This commit is contained in:
Tim Vernum 2018-07-16 15:43:41 +10:00
parent b65c586cef
commit edbea73f24
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapTestUtils.java
View File

@ -62,7 +62,7 @@ public class LdapTestUtils {
final SSLConfiguration sslConfiguration;
if (useGlobalSSL) {
sslConfiguration = sslService.getSSLConfiguration("_global");
sslConfiguration = sslService.getSSLConfiguration("xpack.ssl");
} else {
sslConfiguration = sslService.getSSLConfiguration("xpack.security.authc.realms.foo.ssl");
}

14
x-pack/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java
View File

@ -104,7 +104,13 @@ public class OpenLdapTests extends ESTestCase {
builder.put("xpack.security.authc.realms." + REALM_NAME + ".ssl.truststore.path", truststore);
mockSecureSettings.setString("xpack.security.authc.realms." + REALM_NAME + ".ssl.truststore.secure_password", "changeit");
builder.put("xpack.security.authc.realms." + REALM_NAME + ".ssl.verification_mode", VerificationMode.CERTIFICATE);
// If not using global ssl, need to set the truststore for the "full verification" realm
builder.put("xpack.security.authc.realms.vmode_full.ssl.truststore.path", truststore);
mockSecureSettings.setString("xpack.security.authc.realms.vmode_full.ssl.truststore.secure_password", "changeit");
}
builder.put("xpack.security.authc.realms.vmode_full.ssl.verification_mode", VerificationMode.FULL);
globalSettings = builder.setSecureSettings(mockSecureSettings).build();
Environment environment = TestEnvironment.newEnvironment(globalSettings);
sslService = new SSLService(globalSettings, environment);
@ -188,10 +194,10 @@ public class OpenLdapTests extends ESTestCase {
Settings settings = Settings.builder()
// The certificate used in the vagrant box is valid for "localhost", but not for "127.0.0.1"
.put(buildLdapSettings(OPEN_LDAP_IP_URL, userTemplate, groupSearchBase, LdapSearchScope.ONE_LEVEL))
.put("ssl.verification_mode", VerificationMode.FULL)
.build();
RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
// Pick up the "full" verification mode config
RealmConfig config = new RealmConfig("vmode_full", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
new ThreadContext(Settings.EMPTY));
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
@ -211,10 +217,10 @@ public class OpenLdapTests extends ESTestCase {
Settings settings = Settings.builder()
// The certificate used in the vagrant box is valid for "localhost" (but not for "127.0.0.1")
.put(buildLdapSettings(OPEN_LDAP_DNS_URL, userTemplate, groupSearchBase, LdapSearchScope.ONE_LEVEL))
.put("ssl.verification_mode", VerificationMode.FULL)
.build();
RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
// Pick up the "full" verification mode config
RealmConfig config = new RealmConfig("vmode_full", settings, globalSettings, TestEnvironment.newEnvironment(globalSettings),
new ThreadContext(Settings.EMPTY));
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);