/** Test that LDAPAuthenticationProvider finds roles even if there is a colon in the password */ @Test public void testColonPassword() throws Exception { Assume.assumeTrue( LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath, "data3.ldif")); ((LDAPSecurityServiceConfig) config).setUserDnPattern("uid={0},ou=People"); createAuthenticationProvider(); authentication = new UsernamePasswordAuthenticationToken("colon", "da:da"); Authentication result = authProvider.authenticate(authentication); assertEquals(2, result.getAuthorities().size()); }
/** * Test that if and adminGroup is defined, the roles contain * ROLE_ADMINISTRATOR * * @throws Exception */ public void testAdminGroup() throws Exception { if(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath)) { config.setUserDnPattern("uid={0},ou=People"); config.setAdminGroup("other"); createAuthenticationProvider(); Authentication result = authProvider.authenticate(authenticationOther); boolean foundAdmin = false; for (GrantedAuthority authority : result.getAuthorities()) { if (authority.getAuthority().equalsIgnoreCase("ROLE_ADMINISTRATOR")) { foundAdmin = true; } } assertTrue(foundAdmin); } }
/** * Test that if and groupAdminGroup is defined, the roles contain * ROLE_GROUP_ADMIN * * @throws Exception */ public void testGroupAdminGroup() throws Exception { if(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath)) { config.setUserDnPattern("uid={0},ou=People"); config.setGroupAdminGroup("other"); createAuthenticationProvider(); Authentication result = authProvider.authenticate(authenticationOther); boolean foundAdmin = false; for (GrantedAuthority authority : result.getAuthorities()) { if (authority.getAuthority().equalsIgnoreCase("ROLE_GROUP_ADMIN")) { foundAdmin = true; } } assertTrue(foundAdmin); } }
/** Test that if and groupAdminGroup is defined, the roles contain ROLE_GROUP_ADMIN */ @Test public void testGroupAdminGroup() throws Exception { Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath)); ((LDAPSecurityServiceConfig) config).setUserDnPattern("uid={0},ou=People"); config.setGroupAdminGroup("other"); createAuthenticationProvider(); Authentication result = authProvider.authenticate(authenticationOther); boolean foundAdmin = false; for (GrantedAuthority authority : result.getAuthorities()) { if (authority.getAuthority().equalsIgnoreCase("ROLE_GROUP_ADMIN")) { foundAdmin = true; } } assertTrue(foundAdmin); }
/** Test that if and adminGroup is defined, the roles contain ROLE_ADMINISTRATOR */ @Test public void testAdminGroup() throws Exception { Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath)); ((LDAPSecurityServiceConfig) config).setUserDnPattern("uid={0},ou=People"); config.setAdminGroup("other"); createAuthenticationProvider(); Authentication result = authProvider.authenticate(authenticationOther); boolean foundAdmin = false; for (GrantedAuthority authority : result.getAuthorities()) { if (authority.getAuthority().equalsIgnoreCase("ROLE_ADMINISTRATOR")) { foundAdmin = true; } } assertTrue(foundAdmin); }
/** * Test that bindBeforeGroupSearch correctly enables roles fetching on a * server without anonymous access enabled. * * @throws Exception */ public void testBindBeforeGroupSearch() throws Exception { // no anonymous access if(LDAPTestUtils.initLdapServer(false, ldapServerUrl, basePath)) { config.setUserDnPattern("uid={0},ou=People"); config.setBindBeforeGroupSearch(true); createAuthenticationProvider(); Authentication result = authProvider.authenticate(authentication); assertNotNull(result); assertEquals("admin", result.getName()); assertEquals(2, result.getAuthorities().size()); } }
/** * LdapTestUtils Test that bindBeforeGroupSearch correctly enables roles fetching on a server * without anonymous access enabled. */ @Test public void testBindBeforeGroupSearch() throws Exception { // no anonymous access Assume.assumeTrue(LDAPTestUtils.initLdapServer(false, ldapServerUrl, basePath)); ((LDAPSecurityServiceConfig) config).setUserDnPattern("uid={0},ou=People"); config.setBindBeforeGroupSearch(true); createAuthenticationProvider(); Authentication result = authProvider.authenticate(authentication); assertNotNull(result); assertEquals("admin", result.getName()); assertEquals(3, result.getAuthorities().size()); }
protected void setupPanel(final String userDnPattern, String userFilter, String userFormat) { config = new LDAPSecurityServiceConfig(); config.setName("test"); config.setServerURL(ldapServerUrl + "/" + basePath); config.setUserDnPattern(userDnPattern); config.setUserFilter(userFilter); config.setUserFormat(userFormat); setupPanel(config); }
/** Test that active role service is applied in the LDAPAuthenticationProvider */ @Test public void testRoleService() throws Exception { Assume.assumeTrue(LDAPTestUtils.initLdapServer(true, ldapServerUrl, basePath)); ((LDAPSecurityServiceConfig) config).setUserDnPattern("uid={0},ou=People"); createAuthenticationProvider(); authProvider.setSecurityManager(securityManager); securityManager.setProviders(Collections.singletonList(authProvider)); MemoryRoleStore roleService = new MemoryRoleStore(); roleService.initializeFromService(new MemoryRoleService()); roleService.setSecurityManager(securityManager); GeoServerRole role = roleService.createRoleObject("MyRole"); roleService.addRole(role); roleService.associateRoleToUser(role, "other"); securityManager.setActiveRoleService(roleService); Authentication result = authProvider.authenticate(authenticationOther); assertTrue(result.getAuthorities().contains(role)); assertEquals(3, result.getAuthorities().size()); }
protected void setupPanel(final String userDnPattern, String userFilter, String userFormat, String userGroupService) { config = new LDAPSecurityServiceConfig(); config.setName("test"); config.setServerURL(ldapServerUrl + "/" + basePath); config.setUserDnPattern(userDnPattern); config.setUserFilter(userFilter); config.setUserFormat(userFormat); config.setUserGroupServiceName(userGroupService); setupPanel(config); }
/** * Test that without bindBeforeGroupSearch we get an exception during roles * fetching on a server without anonymous access enabled. * * @throws Exception */ public void testBindBeforeGroupSearchRequiredIfAnonymousDisabled() throws Exception { // no anonymous access if(LDAPTestUtils.initLdapServer(false, ldapServerUrl, basePath)) { config.setUserDnPattern("uid={0},ou=People"); // we don't bind config.setBindBeforeGroupSearch(false); createAuthenticationProvider(); boolean error = false; try { authProvider.authenticate(authentication); } catch (Exception e) { error = true; } assertTrue(error); } }
protected void setupPanel( final String userDnPattern, String userFilter, String userFormat, String userGroupService) { config = new LDAPSecurityServiceConfig(); config.setName("test"); config.setServerURL(ldapServerUrl + "/" + basePath); config.setUserDnPattern(userDnPattern); config.setUserFilter(userFilter); config.setUserFormat(userFormat); config.setUserGroupServiceName(userGroupService); setupPanel(config); }
/** * Test that without bindBeforeGroupSearch we get an exception during roles fetching on a server * without anonymous access enabled. */ @Test public void testBindBeforeGroupSearchRequiredIfAnonymousDisabled() throws Exception { // no anonymous access Assume.assumeTrue(LDAPTestUtils.initLdapServer(false, ldapServerUrl, basePath)); ((LDAPSecurityServiceConfig) config).setUserDnPattern("uid={0},ou=People"); // we don't bind config.setBindBeforeGroupSearch(false); createAuthenticationProvider(); boolean error = false; try { authProvider.authenticate(authentication); } catch (Exception e) { error = true; } assertTrue(error); }