@Test public void testDirectUserMembershipGroupFilterPositive() { testCase = defaultBuilder() .userDNPatterns( "sAMAccountName=%s,ou=Engineering,dc=ad,dc=example,dc=com", "sAMAccountName=%s,ou=Management,dc=ad,dc=example,dc=com") .groupDNPatterns( "sAMAccountName=%s,ou=Teams,dc=ad,dc=example,dc=com", "sAMAccountName=%s,ou=Resources,dc=ad,dc=example,dc=com") .groupFilters( GROUP_TEAM1_NAME, GROUP_TEAM2_NAME, GROUP_RESOURCE1_NAME, GROUP_RESOURCE2_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .build(); testCase.assertAuthenticatePasses(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticatePasses(ENGINEER_2.credentialsWithId()); testCase.assertAuthenticatePasses(MANAGER_1.credentialsWithId()); testCase.assertAuthenticatePasses(MANAGER_2.credentialsWithId()); }
@Test public void testDirectUserMembershipGroupFilterNegativeWithWrongGroupClassKey() throws Exception { testCase = defaultBuilder() .userDNPatterns("sAMAccountName=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupFilters(GROUP_ADMINS_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .groupClassKey("wrongClass") .build(); testCase.assertAuthenticateFails(ADMIN_1.credentialsWithId()); testCase.assertAuthenticateFails(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_1.credentialsWithDn()); } }
@Test public void testDirectUserMembershipGroupFilterNegative() { testCase = defaultBuilder() .userDNPatterns( "sAMAccountName=%s,ou=Engineering,dc=ad,dc=example,dc=com", "sAMAccountName=%s,ou=Management,dc=ad,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Teams,dc=ad,dc=example,dc=com") .groupFilters(GROUP_TEAM1_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .build(); testCase.assertAuthenticateFails(ENGINEER_2.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_2.credentialsWithId()); }
@Test public void testDirectUserMembershipGroupFilterWithDifferentGroupClassKey() throws Exception { testCase = defaultBuilder() .userDNPatterns("sAMAccountName=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupFilters(GROUP_ADMINS_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .groupClassKey("groupOfUniqueNames") .build(); testCase.assertAuthenticatePasses(ADMIN_1.credentialsWithId()); testCase.assertAuthenticateFails(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_1.credentialsWithDn()); }
@Test public void testDirectUserMembershipGroupFilterNegativeWithoutUserBases() throws Exception { testCase = defaultBuilder() .groupDNPatterns("cn=%s,ou=Teams,dc=ad,dc=example,dc=com") .groupFilters(GROUP_TEAM1_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .build(); testCase.assertAuthenticateFails(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticateFails(ENGINEER_2.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_1.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_2.credentialsWithId()); }
@Test public void testDirectUserMembershipGroupFilterWithDNCredentials() throws Exception { testCase = defaultBuilder() .userDNPatterns("sAMAccountName=%s,ou=Engineering,dc=ad,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Teams,dc=ad,dc=example,dc=com") .groupFilters(GROUP_TEAM1_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .build(); testCase.assertAuthenticatePasses(ENGINEER_1.credentialsWithDn()); testCase.assertAuthenticateFails(MANAGER_1.credentialsWithDn()); }