@Override public String getNameInNamespace() throws NamingException { return delegating.getNameInNamespace(); }
@Test public void testGetRelativeNameReturnsFullDnWithEmptyBaseName() throws Exception { final DirContext mockCtx = mock(DirContext.class); when(mockCtx.getNameInNamespace()).thenReturn(""); assertThat(LdapUtils.getRelativeName("cn=jane,dc=springframework,dc=org", mockCtx)).isEqualTo("cn=jane,dc=springframework,dc=org"); }
throws NamingException { final DistinguishedName ctxBaseDn = new DistinguishedName( ctx.getNameInNamespace()); final DistinguishedName searchBaseDn = new DistinguishedName(base); final NamingEnumeration<SearchResult> resultsEnum = ctx.search(searchBaseDn,
public Object executeWithContext(DirContext ctx) throws NamingException { Attributes attrs = ctx.getAttributes(dn, attributesToRetrieve); // Object object = ctx.lookup(LdapUtils.getRelativeName(dn, ctx)); return new DirContextAdapter(attrs, new DistinguishedName(dn), new DistinguishedName(ctx.getNameInNamespace())); } });
@Test public void testGetRelativeNameWorksWithArbitrarySpaces() throws Exception { final DirContext mockCtx = mock(DirContext.class); when(mockCtx.getNameInNamespace()).thenReturn("dc=springsecurity,dc = org"); assertThat(LdapUtils.getRelativeName( "cn=jane smith, dc = springsecurity , dc=org", mockCtx)).isEqualTo("cn=jane smith"); }
@Test public void testGetRelativeNameReturnsEmptyStringForDnEqualToBaseName() throws Exception { final DirContext mockCtx = mock(DirContext.class); when(mockCtx.getNameInNamespace()).thenReturn("dc=springframework,dc=org"); assertThat(LdapUtils.getRelativeName("dc=springframework,dc=org", mockCtx)).isEqualTo(""); }
@Test(expected = BadCredentialsException.class) public void noUserSearchCausesUsernameNotFound() throws Exception { DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); when( ctx.search(any(Name.class), any(String.class), any(Object[].class), any(SearchControls.class))).thenReturn( new EmptyEnumeration<>()); provider.contextFactory = createContextFactoryReturning(ctx); provider.authenticate(joe); }
final DistinguishedName ctxBaseDn = new DistinguishedName(ctx.getNameInNamespace()); final DistinguishedName searchBaseDn = new DistinguishedName(base); final NamingEnumeration<SearchResult> resultsEnum = ctx.search(searchBaseDn, filter, params, buildControls(searchControls));
@Test(expected = BadCredentialsException.class) public void failedUserSearchCausesBadCredentials() throws Exception { DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); when( ctx.search(any(Name.class), any(String.class), any(Object[].class), any(SearchControls.class))) .thenThrow(new NameNotFoundException()); provider.contextFactory = createContextFactoryReturning(ctx); provider.authenticate(joe); }
public Object executeWithContext(DirContext ctx) throws NamingException { Attributes attrs = ctx.getAttributes(dn, attributesToRetrieve); // Object object = ctx.lookup(LdapUtils.getRelativeName(dn, ctx)); return new DirContextAdapter(attrs, new DistinguishedName(dn), new DistinguishedName(ctx.getNameInNamespace())); } });
@SuppressWarnings("unchecked") @Test(expected = IncorrectResultSizeDataAccessException.class) public void duplicateUserSearchCausesError() throws Exception { DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); NamingEnumeration<SearchResult> searchResults = mock(NamingEnumeration.class); when(searchResults.hasMore()).thenReturn(true, true, false); SearchResult searchResult = mock(SearchResult.class); when(searchResult.getObject()).thenReturn(new DirContextAdapter("ou=1"), new DirContextAdapter("ou=2")); when(searchResults.next()).thenReturn(searchResult); when( ctx.search(any(Name.class), any(String.class), any(Object[].class), any(SearchControls.class))).thenReturn(searchResults); provider.contextFactory = createContextFactoryReturning(ctx); provider.authenticate(joe); }
@Test public void defaultSearchFilter() throws Exception { // given final String defaultSearchFilter = "(&(objectClass=user)(userPrincipalName={0}))"; DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); DirContextAdapter dca = new DirContextAdapter(); SearchResult sr = new SearchResult("CN=Joe Jannsen,CN=Users", dca, dca.getAttributes()); when( ctx.search(any(Name.class), eq(defaultSearchFilter), any(Object[].class), any(SearchControls.class))).thenReturn( new MockNamingEnumeration(sr)); ActiveDirectoryLdapAuthenticationProvider customProvider = new ActiveDirectoryLdapAuthenticationProvider( "mydomain.eu", "ldap://192.168.1.200/"); customProvider.contextFactory = createContextFactoryReturning(ctx); // when Authentication result = customProvider.authenticate(joe); // then assertThat(result.isAuthenticated()).isTrue(); verify(ctx).search(any(DistinguishedName.class), eq(defaultSearchFilter), any(Object[].class), any(SearchControls.class)); }
@Test public void ldapCompareOperationIsUsedWhenPasswordIsNotRetrieved() throws Exception { final DirContext dirCtx = mock(DirContext.class); final BaseLdapPathContextSource source = mock(BaseLdapPathContextSource.class); final BasicAttributes attrs = new BasicAttributes(); attrs.put(new BasicAttribute("uid", "bob")); PasswordComparisonAuthenticator authenticator = new PasswordComparisonAuthenticator( source); authenticator.setUserDnPatterns(new String[] { "cn={0},ou=people" }); // Get the mock to return an empty attribute set when(source.getReadOnlyContext()).thenReturn(dirCtx); when(dirCtx.getAttributes(eq("cn=Bob,ou=people"), any(String[].class))) .thenReturn(attrs); when(dirCtx.getNameInNamespace()).thenReturn("dc=springframework,dc=org"); // Setup a single return value (i.e. success) final NamingEnumeration searchResults = new BasicAttributes("", null).getAll(); when( dirCtx.search(eq("cn=Bob,ou=people"), eq("(userPassword={0})"), any(Object[].class), any(SearchControls.class))).thenReturn( searchResults); authenticator.authenticate(new UsernamePasswordAuthenticationToken("Bob", "bobspassword")); } }
@Test public void bindPrincipalAndUsernameUsed() throws Exception { // given final String defaultSearchFilter = "(&(objectClass=user)(userPrincipalName={0}))"; ArgumentCaptor<Object[]> captor = ArgumentCaptor.forClass(Object[].class); DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); DirContextAdapter dca = new DirContextAdapter(); SearchResult sr = new SearchResult("CN=Joe Jannsen,CN=Users", dca, dca.getAttributes()); when( ctx.search(any(Name.class), eq(defaultSearchFilter), captor.capture(), any(SearchControls.class))).thenReturn( new MockNamingEnumeration(sr)); ActiveDirectoryLdapAuthenticationProvider customProvider = new ActiveDirectoryLdapAuthenticationProvider( "mydomain.eu", "ldap://192.168.1.200/"); customProvider.contextFactory = createContextFactoryReturning(ctx); // when Authentication result = customProvider.authenticate(joe); // then assertThat(captor.getValue()).containsExactly("joe@mydomain.eu", "joe"); assertThat(result.isAuthenticated()).isTrue(); }
private void checkAuthentication(String rootDn, ActiveDirectoryLdapAuthenticationProvider provider) throws NamingException { DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); DirContextAdapter dca = new DirContextAdapter(); SearchResult sr = new SearchResult("CN=Joe Jannsen,CN=Users", dca, dca.getAttributes()); @SuppressWarnings("deprecation") DistinguishedName searchBaseDn = new DistinguishedName(rootDn); when( ctx.search(eq(searchBaseDn), any(String.class), any(Object[].class), any(SearchControls.class))).thenReturn( new MockNamingEnumeration(sr)).thenReturn(new MockNamingEnumeration(sr)); provider.contextFactory = createContextFactoryReturning(ctx); Authentication result = provider.authenticate(joe); assertThat(result.getAuthorities()).isEmpty(); dca.addAttributeValue("memberOf", "CN=Admin,CN=Users,DC=mydomain,DC=eu"); result = provider.authenticate(joe); assertThat(result.getAuthorities()).hasSize(1); }
@Test public void customSearchFilterIsUsedForSuccessfulAuthentication() throws Exception { // given String customSearchFilter = "(&(objectClass=user)(sAMAccountName={0}))"; DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); DirContextAdapter dca = new DirContextAdapter(); SearchResult sr = new SearchResult("CN=Joe Jannsen,CN=Users", dca, dca.getAttributes()); when( ctx.search(any(Name.class), eq(customSearchFilter), any(Object[].class), any(SearchControls.class))).thenReturn( new MockNamingEnumeration(sr)); ActiveDirectoryLdapAuthenticationProvider customProvider = new ActiveDirectoryLdapAuthenticationProvider( "mydomain.eu", "ldap://192.168.1.200/"); customProvider.contextFactory = createContextFactoryReturning(ctx); // when customProvider.setSearchFilter(customSearchFilter); Authentication result = customProvider.authenticate(joe); // then assertThat(result.isAuthenticated()).isTrue(); }
Name contextName = parser.parse(context.getNameInNamespace()); Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE)); Name entryName = parser.parse(result.getName());
@Test public void nullDomainIsSupportedIfAuthenticatingWithFullUserPrincipal() throws Exception { provider = new ActiveDirectoryLdapAuthenticationProvider(null, "ldap://192.168.1.200/"); DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); DirContextAdapter dca = new DirContextAdapter(); SearchResult sr = new SearchResult("CN=Joe Jannsen,CN=Users", dca, dca.getAttributes()); when( ctx.search(eq(new DistinguishedName("DC=mydomain,DC=eu")), any(String.class), any(Object[].class), any(SearchControls.class))) .thenReturn(new MockNamingEnumeration(sr)); provider.contextFactory = createContextFactoryReturning(ctx); try { provider.authenticate(joe); fail("Expected BadCredentialsException for user with no domain information"); } catch (BadCredentialsException expected) { } provider.authenticate(new UsernamePasswordAuthenticationToken("joe@mydomain.eu", "password")); }
@Override public String getNameInNamespace() throws NamingException { return delegating.getNameInNamespace(); }
@Override public String getNameInNamespace() throws NamingException { return delegating.getNameInNamespace(); } }