@Test public void testDirectUserMembershipGroupFilterNegativeWithoutUserBases() throws Exception { testCase = defaultBuilder() .groupDNPatterns("cn=%s,ou=Teams,dc=ad,dc=example,dc=com") .groupFilters(GROUP_TEAM1_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .build(); testCase.assertAuthenticateFails(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticateFails(ENGINEER_2.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_1.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_2.credentialsWithId()); }
@Test public void testUserBindPositiveWithShortnameOldConfig() { testCase = defaultBuilder() .baseDN("ou=People,dc=example,dc=com") .build(); testCase.assertAuthenticatePasses(USER1.credentialsWithId()); testCase.assertAuthenticatePasses(USER2.credentialsWithId()); }
@Test public void testUserBindPositiveWithShortname() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .build(); testCase.assertAuthenticatePasses(USER1.credentialsWithId()); testCase.assertAuthenticatePasses(USER2.credentialsWithId()); }
@Test public void testUserBindNegativeWithShortname() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .build(); testCase.assertAuthenticateFailsUsingWrongPassword(USER1.credentialsWithId()); testCase.assertAuthenticateFailsUsingWrongPassword(USER2.credentialsWithId()); }
@Test public void testDirectUserMembershipGroupFilterPositive() { testCase = defaultBuilder() .userDNPatterns( "sAMAccountName=%s,ou=Engineering,dc=ad,dc=example,dc=com", "sAMAccountName=%s,ou=Management,dc=ad,dc=example,dc=com") .groupDNPatterns( "sAMAccountName=%s,ou=Teams,dc=ad,dc=example,dc=com", "sAMAccountName=%s,ou=Resources,dc=ad,dc=example,dc=com") .groupFilters( GROUP_TEAM1_NAME, GROUP_TEAM2_NAME, GROUP_RESOURCE1_NAME, GROUP_RESOURCE2_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .build(); testCase.assertAuthenticatePasses(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticatePasses(ENGINEER_2.credentialsWithId()); testCase.assertAuthenticatePasses(MANAGER_1.credentialsWithId()); testCase.assertAuthenticatePasses(MANAGER_2.credentialsWithId()); }
@Test public void testUserBindNegativeWithShortnameOldConfig() { testCase = defaultBuilder() .baseDN("ou=People,dc=example,dc=com") .build(); testCase.assertAuthenticateFailsUsingWrongPassword(USER1.credentialsWithId()); testCase.assertAuthenticateFails( USER1.getDn(), USER2.getPassword()); testCase.assertAuthenticateFailsUsingWrongPassword(USER2.credentialsWithId()); }
@Test public void testDirectUserMembershipGroupFilterNegative() { testCase = defaultBuilder() .userDNPatterns( "sAMAccountName=%s,ou=Engineering,dc=ad,dc=example,dc=com", "sAMAccountName=%s,ou=Management,dc=ad,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Teams,dc=ad,dc=example,dc=com") .groupFilters(GROUP_TEAM1_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .build(); testCase.assertAuthenticateFails(ENGINEER_2.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_2.credentialsWithId()); }
@Test public void testCustomQueryNegative() { testCase = defaultBuilder() .baseDN("ou=People,dc=example,dc=com") .customQuery( String.format("(&(objectClass=person)(uid=%s))", USER1.getId())) .build(); testCase.assertAuthenticateFails(USER2.credentialsWithDn()); testCase.assertAuthenticateFails(USER2.credentialsWithId()); }
@Test public void testDirectUserMembershipGroupFilterWithDifferentGroupClassKey() throws Exception { testCase = defaultBuilder() .userDNPatterns("sAMAccountName=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupFilters(GROUP_ADMINS_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .groupClassKey("groupOfUniqueNames") .build(); testCase.assertAuthenticatePasses(ADMIN_1.credentialsWithId()); testCase.assertAuthenticateFails(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_1.credentialsWithDn()); }
@Test public void testCustomQueryWithGroupsNegative() { testCase = defaultBuilder() .baseDN("dc=example,dc=com") .userDNPatterns( "cn=%s,ou=People,dc=example,dc=com", "uid=%s,ou=People,dc=example,dc=com") .customQuery( String.format("(&(objectClass=groupOfNames)(|(cn=%s)(cn=%s)))", GROUP1_NAME, GROUP2_NAME)) .build(); testCase.assertAuthenticateFails(USER3.credentialsWithDn()); testCase.assertAuthenticateFails(USER3.credentialsWithId()); }
@Test public void testDirectUserMembershipGroupFilterNegativeWithWrongGroupClassKey() throws Exception { testCase = defaultBuilder() .userDNPatterns("sAMAccountName=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Administration,dc=ad,dc=example,dc=com") .groupFilters(GROUP_ADMINS_NAME) .guidKey("sAMAccountName") .userMembershipKey("memberOf") .groupClassKey("wrongClass") .build(); testCase.assertAuthenticateFails(ADMIN_1.credentialsWithId()); testCase.assertAuthenticateFails(ENGINEER_1.credentialsWithId()); testCase.assertAuthenticateFails(MANAGER_1.credentialsWithDn()); } }
@Test public void testCustomQueryPositive() { testCase = defaultBuilder() .baseDN("ou=People,dc=example,dc=com") .userDNPatterns( "cn=%s,ou=People,dc=example,dc=com", "uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=People,dc=example,dc=com") .customQuery( String.format("(&(objectClass=person)(|(uid=%s)(uid=%s)))", USER1.getId(), USER4.getId())) .build(); testCase.assertAuthenticatePasses(USER1.credentialsWithId()); testCase.assertAuthenticatePasses(USER1.credentialsWithDn()); testCase.assertAuthenticatePasses(USER4.credentialsWithId()); testCase.assertAuthenticatePasses(USER4.credentialsWithDn()); }
@Test public void testUserFilterNegative() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .userFilters(USER2.getId()) .build(); testCase.assertAuthenticateFails(USER1.credentialsWithId()); testCase.assertAuthenticateFails(USER1.credentialsWithDn()); testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .userFilters(USER1.getId()) .build(); testCase.assertAuthenticateFails(USER2.credentialsWithId()); testCase.assertAuthenticateFails(USER2.credentialsWithDn()); testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .userFilters(USER3.getId()) .build(); testCase.assertAuthenticateFails(USER1.credentialsWithId()); testCase.assertAuthenticateFails(USER2.credentialsWithId()); }
@Test public void testUserAndGroupFilterPositive() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .userFilters( USER1.getId(), USER2.getId()) .groupFilters( GROUP1_NAME, GROUP2_NAME) .build(); testCase.assertAuthenticatePasses(USER1.credentialsWithId()); testCase.assertAuthenticatePasses(USER1.credentialsWithDn()); testCase.assertAuthenticatePasses(USER2.credentialsWithId()); testCase.assertAuthenticatePasses(USER2.credentialsWithDn()); }
@Test public void testUserAndGroupFilterNegative() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .userFilters( USER1.getId(), USER2.getId()) .groupFilters( GROUP3_NAME, GROUP3_NAME) .build(); testCase.assertAuthenticateFails(USER2.credentialsWithDn()); testCase.assertAuthenticateFails(USER2.credentialsWithId()); testCase.assertAuthenticateFails(USER3.credentialsWithDn()); testCase.assertAuthenticateFails(USER3.credentialsWithId()); }
@Test public void testGroupFilterPositive() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .groupFilters( GROUP1_NAME, GROUP2_NAME) .build(); testCase.assertAuthenticatePasses(USER1.credentialsWithId()); testCase.assertAuthenticatePasses(USER1.credentialsWithDn()); testCase.assertAuthenticatePasses(USER2.credentialsWithId()); testCase.assertAuthenticatePasses(USER2.credentialsWithDn()); testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .groupFilters(GROUP2_NAME) .build(); testCase.assertAuthenticatePasses(USER2.credentialsWithId()); testCase.assertAuthenticatePasses(USER2.credentialsWithDn()); }
@Test public void testGroupFilterNegative() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .groupFilters(GROUP2_NAME) .build(); testCase.assertAuthenticateFails(USER1.credentialsWithId()); testCase.assertAuthenticateFails(USER1.credentialsWithDn()); testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .groupDNPatterns("uid=%s,ou=Groups,dc=example,dc=com") .groupFilters(GROUP1_NAME) .build(); testCase.assertAuthenticateFails(USER2.credentialsWithId()); testCase.assertAuthenticateFails(USER2.credentialsWithDn()); }
@Test public void testGroupFilterPositiveWithCustomGUID() { testCase = defaultBuilder() .userDNPatterns("cn=%s,ou=People,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Groups,dc=example,dc=com") .groupFilters(GROUP3_NAME) .guidKey("cn") .build(); testCase.assertAuthenticatePasses(USER3.credentialsWithId()); testCase.assertAuthenticatePasses(USER3.credentialsWithDn()); }
@Test public void testUserFilterPositive() { testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .userFilters(USER1.getId()) .build(); testCase.assertAuthenticatePasses(USER1.credentialsWithId()); testCase.assertAuthenticatePasses(USER1.credentialsWithDn()); testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .userFilters(USER2.getId()) .build(); testCase.assertAuthenticatePasses(USER2.credentialsWithId()); testCase.assertAuthenticatePasses(USER2.credentialsWithDn()); testCase = defaultBuilder() .userDNPatterns("uid=%s,ou=People,dc=example,dc=com") .userFilters( USER1.getId(), USER2.getId()) .build(); testCase.assertAuthenticatePasses(USER1.credentialsWithId()); testCase.assertAuthenticatePasses(USER1.credentialsWithDn()); testCase.assertAuthenticatePasses(USER2.credentialsWithId()); testCase.assertAuthenticatePasses(USER2.credentialsWithDn()); }
@Test public void testGroupFilterPositiveWithCustomAttributes() { testCase = defaultBuilder() .userDNPatterns("cn=%s,ou=People,dc=example,dc=com") .groupDNPatterns("cn=%s,ou=Groups,dc=example,dc=com") .groupFilters(GROUP4_NAME) .guidKey("cn") .groupMembershipKey("uniqueMember") .groupClassKey("groupOfUniqueNames") .build(); testCase.assertAuthenticatePasses(USER4.credentialsWithId()); testCase.assertAuthenticatePasses(USER4.credentialsWithDn()); }