aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-auth-ldap/src/test
diff options
context:
space:
mode:
Diffstat (limited to 'server/sonar-auth-ldap/src/test')
-rw-r--r--server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapAuthenticatorTest.java110
-rw-r--r--server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapGroupsProviderTest.java98
-rw-r--r--server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapUsersProviderTest.java59
-rw-r--r--server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/KerberosTest.java60
-rw-r--r--server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapRealmTest.java45
-rw-r--r--server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapSearchTest.java12
-rw-r--r--server/sonar-auth-ldap/src/test/resources/users.example.org.ldif17
-rw-r--r--server/sonar-auth-ldap/src/test/resources/users.infosupport.com.ldif33
8 files changed, 303 insertions, 131 deletions
diff --git a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapAuthenticatorTest.java b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapAuthenticatorTest.java
index cf56c14eec5..2559d8836d9 100644
--- a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapAuthenticatorTest.java
+++ b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapAuthenticatorTest.java
@@ -19,11 +19,13 @@
*/
package org.sonar.auth.ldap;
+import javax.servlet.http.HttpServletRequest;
import org.junit.ClassRule;
import org.junit.Test;
import org.sonar.auth.ldap.server.LdapServer;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
public class DefaultLdapAuthenticatorTest {
@@ -32,7 +34,7 @@ public class DefaultLdapAuthenticatorTest {
*/
public static final String USERS_EXAMPLE_ORG_LDIF = "/users.example.org.ldif";
/**
- * A reference to an aditional ldif file.
+ * A reference to an additional ldif file.
*/
public static final String USERS_INFOSUPPORT_COM_LDIF = "/users.infosupport.com.ldif";
@ClassRule
@@ -44,11 +46,12 @@ public class DefaultLdapAuthenticatorTest {
public void testNoConnection() {
exampleServer.disableAnonymousAccess();
try {
- LdapSettingsManager settingsManager = new LdapSettingsManager(LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_SIMPLE).asConfig(),
+ LdapSettingsManager settingsManager = new LdapSettingsManager(
+ LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_SIMPLE).asConfig(),
new LdapAutodiscovery());
DefaultLdapAuthenticator authenticator = new DefaultLdapAuthenticator(settingsManager.getContextFactories(), settingsManager.getUserMappings());
- boolean authenticate = authenticator.authenticate("godin", "secret1");
- assertThat(authenticate).isTrue();
+ boolean isAuthenticationSuccessful = authenticator.doAuthenticate(createContext("godin", "secret1")).isSuccess();
+ assertThat(isAuthenticationSuccessful).isTrue();
} finally {
exampleServer.enableAnonymousAccess();
}
@@ -56,20 +59,27 @@ public class DefaultLdapAuthenticatorTest {
@Test
public void testSimple() {
- LdapSettingsManager settingsManager = new LdapSettingsManager(LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_SIMPLE).asConfig(),
+ LdapSettingsManager settingsManager = new LdapSettingsManager(
+ LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_SIMPLE).asConfig(),
new LdapAutodiscovery());
DefaultLdapAuthenticator authenticator = new DefaultLdapAuthenticator(settingsManager.getContextFactories(), settingsManager.getUserMappings());
- assertThat(authenticator.authenticate("godin", "secret1")).isTrue();
- assertThat(authenticator.authenticate("godin", "wrong")).isFalse();
+ LdapAuthenticationResult user1Success = authenticator.doAuthenticate(createContext("godin", "secret1"));
+ assertThat(user1Success.isSuccess()).isTrue();
+ assertThat(user1Success.getServerKey()).isEqualTo("default");
+
+ assertThat(authenticator.doAuthenticate(createContext("godin", "wrong")).isSuccess()).isFalse();
- assertThat(authenticator.authenticate("tester", "secret2")).isTrue();
- assertThat(authenticator.authenticate("tester", "wrong")).isFalse();
+ LdapAuthenticationResult user2Success = authenticator.doAuthenticate(createContext("tester", "secret2"));
+ assertThat(user2Success.isSuccess()).isTrue();
+ assertThat(user2Success.getServerKey()).isEqualTo("default");
- assertThat(authenticator.authenticate("notfound", "wrong")).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("tester", "wrong")).isSuccess()).isFalse();
+
+ assertThat(authenticator.doAuthenticate(createContext("notfound", "wrong")).isSuccess()).isFalse();
// SONARPLUGINS-2493
- assertThat(authenticator.authenticate("godin", "")).isFalse();
- assertThat(authenticator.authenticate("godin", null)).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("godin", "")).isSuccess()).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("godin", null)).isSuccess()).isFalse();
}
@Test
@@ -78,35 +88,53 @@ public class DefaultLdapAuthenticatorTest {
LdapSettingsFactory.generateAuthenticationSettings(exampleServer, infosupportServer, LdapContextFactory.AUTH_METHOD_SIMPLE).asConfig(), new LdapAutodiscovery());
DefaultLdapAuthenticator authenticator = new DefaultLdapAuthenticator(settingsManager.getContextFactories(), settingsManager.getUserMappings());
- assertThat(authenticator.authenticate("godin", "secret1")).isTrue();
- assertThat(authenticator.authenticate("godin", "wrong")).isFalse();
+ LdapAuthenticationResult user1Success = authenticator.doAuthenticate(createContext("godin", "secret1"));
+ assertThat(user1Success.isSuccess()).isTrue();
+ assertThat(user1Success.getServerKey()).isEqualTo("example");
+ assertThat(authenticator.doAuthenticate(createContext("godin", "wrong")).isSuccess()).isFalse();
+
+ LdapAuthenticationResult user2Server1Success = authenticator.doAuthenticate(createContext("tester", "secret2"));
+ assertThat(user2Server1Success.isSuccess()).isTrue();
+ assertThat(user2Server1Success.getServerKey()).isEqualTo("example");
- assertThat(authenticator.authenticate("tester", "secret2")).isTrue();
- assertThat(authenticator.authenticate("tester", "wrong")).isFalse();
+ LdapAuthenticationResult user2Server2Success = authenticator.doAuthenticate(createContext("tester", "secret3"));
+ assertThat(user2Server2Success.isSuccess()).isTrue();
+ assertThat(user2Server2Success.getServerKey()).isEqualTo("infosupport");
- assertThat(authenticator.authenticate("notfound", "wrong")).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("tester", "wrong")).isSuccess()).isFalse();
+
+ assertThat(authenticator.doAuthenticate(createContext("notfound", "wrong")).isSuccess()).isFalse();
// SONARPLUGINS-2493
- assertThat(authenticator.authenticate("godin", "")).isFalse();
- assertThat(authenticator.authenticate("godin", null)).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("godin", "")).isSuccess()).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("godin", null)).isSuccess()).isFalse();
// SONARPLUGINS-2793
- assertThat(authenticator.authenticate("robby", "secret1")).isTrue();
- assertThat(authenticator.authenticate("robby", "wrong")).isFalse();
+ LdapAuthenticationResult user3Success = authenticator.doAuthenticate(createContext("robby", "secret1"));
+ assertThat(user3Success.isSuccess()).isTrue();
+ assertThat(user3Success.getServerKey()).isEqualTo("infosupport");
+ assertThat(authenticator.doAuthenticate(createContext("robby", "wrong")).isSuccess()).isFalse();
}
@Test
public void testSasl() {
- LdapSettingsManager settingsManager = new LdapSettingsManager(LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_CRAM_MD5).asConfig(),
+ LdapSettingsManager settingsManager = new LdapSettingsManager(
+ LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_CRAM_MD5).asConfig(),
new LdapAutodiscovery());
DefaultLdapAuthenticator authenticator = new DefaultLdapAuthenticator(settingsManager.getContextFactories(), settingsManager.getUserMappings());
- assertThat(authenticator.authenticate("godin", "secret1")).isTrue();
- assertThat(authenticator.authenticate("godin", "wrong")).isFalse();
+ LdapAuthenticationResult user1Success = authenticator.doAuthenticate(createContext("godin", "secret1"));
+ assertThat(user1Success.isSuccess()).isTrue();
+ assertThat(user1Success.getServerKey()).isEqualTo("default");
+
+ assertThat(authenticator.doAuthenticate(createContext("godin", "wrong")).isSuccess()).isFalse();
- assertThat(authenticator.authenticate("tester", "secret2")).isTrue();
- assertThat(authenticator.authenticate("tester", "wrong")).isFalse();
+ LdapAuthenticationResult user2Success = authenticator.doAuthenticate(createContext("tester", "secret2"));
+ assertThat(user2Success.isSuccess()).isTrue();
+ assertThat(user2Success.getServerKey()).isEqualTo("default");
- assertThat(authenticator.authenticate("notfound", "wrong")).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("tester", "wrong")).isSuccess()).isFalse();
+
+ assertThat(authenticator.doAuthenticate(createContext("notfound", "wrong")).isSuccess()).isFalse();
}
@Test
@@ -115,16 +143,30 @@ public class DefaultLdapAuthenticatorTest {
LdapSettingsFactory.generateAuthenticationSettings(exampleServer, infosupportServer, LdapContextFactory.AUTH_METHOD_CRAM_MD5).asConfig(), new LdapAutodiscovery());
DefaultLdapAuthenticator authenticator = new DefaultLdapAuthenticator(settingsManager.getContextFactories(), settingsManager.getUserMappings());
- assertThat(authenticator.authenticate("godin", "secret1")).isTrue();
- assertThat(authenticator.authenticate("godin", "wrong")).isFalse();
+ LdapAuthenticationResult user1Success = authenticator.doAuthenticate(createContext("godin", "secret1"));
+ assertThat(user1Success.isSuccess()).isTrue();
+ assertThat(authenticator.doAuthenticate(createContext("godin", "wrong")).isSuccess()).isFalse();
+
+ LdapAuthenticationResult user2Server1Success = authenticator.doAuthenticate(createContext("tester", "secret2"));
+ assertThat(user2Server1Success.isSuccess()).isTrue();
+ assertThat(user2Server1Success.getServerKey()).isEqualTo("example");
+
+ LdapAuthenticationResult user2Server2Success = authenticator.doAuthenticate(createContext("tester", "secret3"));
+ assertThat(user2Server2Success.isSuccess()).isTrue();
+ assertThat(user2Server2Success.getServerKey()).isEqualTo("infosupport");
- assertThat(authenticator.authenticate("tester", "secret2")).isTrue();
- assertThat(authenticator.authenticate("tester", "wrong")).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("tester", "wrong")).isSuccess()).isFalse();
- assertThat(authenticator.authenticate("notfound", "wrong")).isFalse();
+ assertThat(authenticator.doAuthenticate(createContext("notfound", "wrong")).isSuccess()).isFalse();
+
+ LdapAuthenticationResult user3Success = authenticator.doAuthenticate(createContext("robby", "secret1"));
+ assertThat(user3Success.isSuccess()).isTrue();
+
+ assertThat(authenticator.doAuthenticate(createContext("robby", "wrong")).isSuccess()).isFalse();
+ }
- assertThat(authenticator.authenticate("robby", "secret1")).isTrue();
- assertThat(authenticator.authenticate("robby", "wrong")).isFalse();
+ private static LdapAuthenticator.Context createContext(String username, String password) {
+ return new LdapAuthenticator.Context(username, password, mock(HttpServletRequest.class));
}
}
diff --git a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapGroupsProviderTest.java b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapGroupsProviderTest.java
index dd759b2804e..6a527e6cb0a 100644
--- a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapGroupsProviderTest.java
+++ b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapGroupsProviderTest.java
@@ -20,12 +20,14 @@
package org.sonar.auth.ldap;
import java.util.Collection;
+import javax.servlet.http.HttpServletRequest;
import org.junit.ClassRule;
import org.junit.Test;
import org.sonar.api.config.internal.MapSettings;
import org.sonar.auth.ldap.server.LdapServer;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
public class DefaultLdapGroupsProviderTest {
@@ -44,58 +46,71 @@ public class DefaultLdapGroupsProviderTest {
public static LdapServer infosupportServer = new LdapServer(USERS_INFOSUPPORT_COM_LDIF, "infosupport.com", "dc=infosupport,dc=com");
@Test
- public void defaults() {
+ public void doGetGroups_when_single_server_without_key() {
MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, null);
LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
- DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings());
- Collection<String> groups;
+ DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(),
+ settingsManager.getGroupMappings());
- groups = groupsProvider.getGroups("tester");
+ Collection<String> groups = getGroupsForContext(createContextForDefaultServer("tester"), groupsProvider);
assertThat(groups).containsOnly("sonar-users");
- groups = groupsProvider.getGroups("godin");
+ groups = getGroupsForContext(createContextForDefaultServer("godin"), groupsProvider);
assertThat(groups).containsOnly("sonar-users", "sonar-developers");
- groups = groupsProvider.getGroups("notfound");
+ groups = getGroupsForContext(createContextForDefaultServer("unknown_user"), groupsProvider);
assertThat(groups).isEmpty();
}
@Test
- public void defaultsMultipleLdap() {
+ public void doGetGroups_when_two_ldap_servers() {
MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer);
LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
- DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings());
+ DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(),
+ settingsManager.getGroupMappings());
- Collection<String> groups;
-
- groups = groupsProvider.getGroups("tester");
+ Collection<String> groups = getGroupsForContext(createContextForExampleServer("tester"), groupsProvider);
assertThat(groups).containsOnly("sonar-users");
- groups = groupsProvider.getGroups("godin");
+ groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider);
assertThat(groups).containsOnly("sonar-users", "sonar-developers");
- groups = groupsProvider.getGroups("notfound");
+ groups = getGroupsForContext(createContextForExampleServer("unknown_user"), groupsProvider);
assertThat(groups).isEmpty();
- groups = groupsProvider.getGroups("testerInfo");
+ groups = getGroupsForContext(createContextForInfoSupportServer("testerInfo"), groupsProvider);
assertThat(groups).containsOnly("sonar-users");
- groups = groupsProvider.getGroups("robby");
+ groups = getGroupsForContext(createContextForInfoSupportServer("robby"), groupsProvider);
assertThat(groups).containsOnly("sonar-users", "sonar-developers");
}
@Test
+ public void doGetGroups_when_two_ldap_servers_with_same_username_resolves_groups_from_right_server() {
+ MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer);
+
+ LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
+ DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(),
+ settingsManager.getGroupMappings());
+
+ Collection<String> groups = getGroupsForContext(createContextForExampleServer("duplicated"), groupsProvider);
+ assertThat(groups).containsOnly("sonar-users");
+
+ groups = getGroupsForContext(createContextForInfoSupportServer("duplicated"), groupsProvider);
+ assertThat(groups).containsOnly("sonar-developers");
+ }
+
+ @Test
public void posix() {
MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, null);
settings.setProperty("ldap.group.request", "(&(objectClass=posixGroup)(memberUid={uid}))");
LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
- DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings());
-
- Collection<String> groups;
+ DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(),
+ settingsManager.getGroupMappings());
- groups = groupsProvider.getGroups("godin");
+ Collection<String> groups = getGroupsForContext(createContextForDefaultServer("godin"), groupsProvider);
assertThat(groups).containsOnly("linux-users");
}
@@ -105,27 +120,29 @@ public class DefaultLdapGroupsProviderTest {
settings.setProperty("ldap.example.group.request", "(&(objectClass=posixGroup)(memberUid={uid}))");
settings.setProperty("ldap.infosupport.group.request", "(&(objectClass=posixGroup)(memberUid={uid}))");
LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
- DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings());
-
- Collection<String> groups;
+ DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(),
+ settingsManager.getGroupMappings());
- groups = groupsProvider.getGroups("godin");
+ Collection<String> groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider);
assertThat(groups).containsOnly("linux-users");
- groups = groupsProvider.getGroups("robby");
+ groups = getGroupsForContext(createContextForInfoSupportServer("robby"), groupsProvider);
assertThat(groups).containsOnly("linux-users");
}
+ private static Collection<String> getGroupsForContext(LdapGroupsProvider.Context context, DefaultLdapGroupsProvider groupsProvider) {
+ return groupsProvider.doGetGroups(context);
+ }
+
@Test
public void mixed() {
MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer);
settings.setProperty("ldap.example.group.request", "(&(|(objectClass=groupOfUniqueNames)(objectClass=posixGroup))(|(uniqueMember={dn})(memberUid={uid})))");
LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
- DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings());
-
- Collection<String> groups;
+ DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(),
+ settingsManager.getGroupMappings());
- groups = groupsProvider.getGroups("godin");
+ Collection<String> groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider);
assertThat(groups).containsOnly("sonar-users", "sonar-developers", "linux-users");
}
@@ -135,15 +152,30 @@ public class DefaultLdapGroupsProviderTest {
settings.setProperty("ldap.example.group.request", "(&(|(objectClass=groupOfUniqueNames)(objectClass=posixGroup))(|(uniqueMember={dn})(memberUid={uid})))");
settings.setProperty("ldap.infosupport.group.request", "(&(|(objectClass=groupOfUniqueNames)(objectClass=posixGroup))(|(uniqueMember={dn})(memberUid={uid})))");
LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
- DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(), settingsManager.getGroupMappings());
+ DefaultLdapGroupsProvider groupsProvider = new DefaultLdapGroupsProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings(),
+ settingsManager.getGroupMappings());
- Collection<String> groups;
-
- groups = groupsProvider.getGroups("godin");
+ Collection<String> groups = getGroupsForContext(createContextForExampleServer("godin"), groupsProvider);
assertThat(groups).containsOnly("sonar-users", "sonar-developers", "linux-users");
- groups = groupsProvider.getGroups("robby");
+ groups = getGroupsForContext(createContextForInfoSupportServer("robby"), groupsProvider);
assertThat(groups).containsOnly("sonar-users", "sonar-developers", "linux-users");
}
+ private static LdapGroupsProvider.Context createContextForDefaultServer(String userName) {
+ return createContext("default", userName);
+ }
+
+ private static LdapGroupsProvider.Context createContextForExampleServer(String userName) {
+ return createContext("example", userName);
+ }
+
+ private static LdapGroupsProvider.Context createContextForInfoSupportServer(String userName) {
+ return createContext("infosupport", userName);
+ }
+
+ private static LdapGroupsProvider.Context createContext(String serverName, String userName) {
+ return new LdapGroupsProvider.Context(serverName, userName, mock(HttpServletRequest.class));
+ }
+
}
diff --git a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapUsersProviderTest.java b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapUsersProviderTest.java
index 79f601b520f..cde909e415b 100644
--- a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapUsersProviderTest.java
+++ b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/DefaultLdapUsersProviderTest.java
@@ -19,12 +19,14 @@
*/
package org.sonar.auth.ldap;
+import javax.servlet.http.HttpServletRequest;
import org.junit.ClassRule;
import org.junit.Test;
import org.sonar.api.config.internal.MapSettings;
import org.sonar.auth.ldap.server.LdapServer;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
public class DefaultLdapUsersProviderTest {
/**
@@ -32,7 +34,7 @@ public class DefaultLdapUsersProviderTest {
*/
public static final String USERS_EXAMPLE_ORG_LDIF = "/users.example.org.ldif";
/**
- * A reference to an aditional ldif file.
+ * A reference to an additional ldif file.
*/
public static final String USERS_INFOSUPPORT_COM_LDIF = "/users.infosupport.com.ldif";
@@ -42,35 +44,54 @@ public class DefaultLdapUsersProviderTest {
public static LdapServer infosupportServer = new LdapServer(USERS_INFOSUPPORT_COM_LDIF, "infosupport.com", "dc=infosupport,dc=com");
@Test
- public void test() {
+ public void test_user_from_first_server() {
MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer);
LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
DefaultLdapUsersProvider usersProvider = new DefaultLdapUsersProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings());
- LdapUserDetails details;
-
- details = usersProvider.getUserDetails("godin");
+ LdapUserDetails details = usersProvider.doGetUserDetails(createContext("example", "godin"));
assertThat(details.getName()).isEqualTo("Evgeny Mandrikov");
assertThat(details.getEmail()).isEqualTo("godin@example.org");
+ }
- details = usersProvider.getUserDetails("tester");
- assertThat(details.getName()).isEqualTo("Tester Testerovich");
- assertThat(details.getEmail()).isEqualTo("tester@example.org");
-
- details = usersProvider.getUserDetails("without_email");
- assertThat(details.getName()).isEqualTo("Without Email");
- assertThat(details.getEmail()).isEmpty();
-
- details = usersProvider.getUserDetails("notfound");
- assertThat(details).isNull();
+ @Test
+ public void test_user_from_second_server() {
+ MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer);
+ LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
+ DefaultLdapUsersProvider usersProvider = new DefaultLdapUsersProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings());
- details = usersProvider.getUserDetails("robby");
+ LdapUserDetails details = usersProvider.doGetUserDetails(createContext("infosupport", "robby"));
assertThat(details.getName()).isEqualTo("Robby Developer");
assertThat(details.getEmail()).isEqualTo("rd@infosupport.com");
- details = usersProvider.getUserDetails("testerInfo");
- assertThat(details.getName()).isEqualTo("Tester Testerovich");
- assertThat(details.getEmail()).isEqualTo("tester@infosupport.com");
}
+ @Test
+ public void test_user_on_multiple_servers() {
+ MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer);
+ LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
+ DefaultLdapUsersProvider usersProvider = new DefaultLdapUsersProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings());
+
+ LdapUserDetails detailsExample = usersProvider.doGetUserDetails(createContext("example", "tester"));
+ assertThat(detailsExample.getName()).isEqualTo("Tester Testerovich");
+ assertThat(detailsExample.getEmail()).isEqualTo("tester@example.org");
+
+ LdapUserDetails detailsInfoSupport = usersProvider.doGetUserDetails(createContext("infosupport", "tester"));
+ assertThat(detailsInfoSupport.getName()).isEqualTo("Tester Testerovich Testerov");
+ assertThat(detailsInfoSupport.getEmail()).isEqualTo("tester@example2.org");
+ }
+
+ @Test
+ public void test_user_doesnt_exist() {
+ MapSettings settings = LdapSettingsFactory.generateSimpleAnonymousAccessSettings(exampleServer, infosupportServer);
+ LdapSettingsManager settingsManager = new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery());
+ DefaultLdapUsersProvider usersProvider = new DefaultLdapUsersProvider(settingsManager.getContextFactories(), settingsManager.getUserMappings());
+
+ LdapUserDetails details = usersProvider.doGetUserDetails(createContext("example", "notfound"));
+ assertThat(details).isNull();
+ }
+
+ private static LdapUsersProvider.Context createContext(String serverKey, String username) {
+ return new LdapUsersProvider.Context(serverKey, username, mock(HttpServletRequest.class));
+ }
}
diff --git a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/KerberosTest.java b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/KerberosTest.java
index ac08ebe08fc..b0e49f746d3 100644
--- a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/KerberosTest.java
+++ b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/KerberosTest.java
@@ -21,7 +21,7 @@ package org.sonar.auth.ldap;
import java.io.File;
import javax.servlet.http.HttpServletRequest;
-import org.junit.Assert;
+import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Test;
import org.mockito.Mockito;
@@ -29,6 +29,7 @@ import org.sonar.api.config.internal.MapSettings;
import org.sonar.auth.ldap.server.LdapServer;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
public class KerberosTest {
@@ -39,33 +40,58 @@ public class KerberosTest {
@ClassRule
public static LdapServer server = new LdapServer("/krb.ldif");
- @Test
- public void test() {
- MapSettings settings = configure();
- LdapRealm ldapRealm = new LdapRealm(new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery()));
+ LdapAuthenticator authenticator;
+ LdapRealm ldapRealm;
+ @Before
+ public void before() {
+ MapSettings settings = configure();
+ ldapRealm = new LdapRealm(new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery()));
ldapRealm.init();
- assertThat(ldapRealm.doGetAuthenticator().doAuthenticate(new LdapAuthenticator.Context("Godin@EXAMPLE.ORG", "wrong_user_password", Mockito.mock(HttpServletRequest.class))))
- .isFalse();
- assertThat(ldapRealm.doGetAuthenticator().doAuthenticate(new LdapAuthenticator.Context("Godin@EXAMPLE.ORG", "user_password", Mockito.mock(HttpServletRequest.class)))).isTrue();
+ authenticator = ldapRealm.doGetAuthenticator();
+ }
+
+ @Test
+ public void test_wrong_password() {
+ LdapAuthenticator.Context wrongPasswordContext = new LdapAuthenticator.Context("Godin@EXAMPLE.ORG", "wrong_user_password", Mockito.mock(HttpServletRequest.class));
+ assertThat(authenticator.doAuthenticate(wrongPasswordContext).isSuccess()).isFalse();
+ }
+
+ @Test
+ public void test_correct_password() {
+
+ LdapAuthenticator.Context correctPasswordContext = new LdapAuthenticator.Context("Godin@EXAMPLE.ORG", "user_password", Mockito.mock(HttpServletRequest.class));
+ assertThat(authenticator.doAuthenticate(correctPasswordContext).isSuccess()).isTrue();
+
+ }
+
+ @Test
+ public void test_default_realm() {
+
// Using default realm from krb5.conf:
- assertThat(ldapRealm.doGetAuthenticator().doAuthenticate(new LdapAuthenticator.Context("Godin", "user_password", Mockito.mock(HttpServletRequest.class)))).isTrue();
+ LdapAuthenticator.Context defaultRealmContext = new LdapAuthenticator.Context("Godin", "user_password", Mockito.mock(HttpServletRequest.class));
+ assertThat(authenticator.doAuthenticate(defaultRealmContext).isSuccess()).isTrue();
+ }
- assertThat(ldapRealm.getGroupsProvider().doGetGroups(new LdapGroupsProvider.Context("godin", Mockito.mock(HttpServletRequest.class)))).containsOnly("sonar-users");
+ @Test
+ public void test_groups() {
+ LdapGroupsProvider groupsProvider = ldapRealm.getGroupsProvider();
+ LdapGroupsProvider.Context groupsContext = new LdapGroupsProvider.Context("default", "godin", Mockito.mock(HttpServletRequest.class));
+ assertThat(groupsProvider.doGetGroups(groupsContext))
+ .containsOnly("sonar-users");
}
@Test
public void wrong_bind_password() {
MapSettings settings = configure()
.setProperty("ldap.bindPassword", "wrong_bind_password");
- LdapRealm ldapRealm = new LdapRealm(new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery()));
- try {
- ldapRealm.init();
- Assert.fail();
- } catch (LdapException e) {
- assertThat(e.getMessage()).isEqualTo("Unable to open LDAP connection");
- }
+ LdapRealm wrongPasswordRealm = new LdapRealm(new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery()));
+
+ assertThatThrownBy(wrongPasswordRealm::init)
+ .isInstanceOf(LdapException.class)
+ .hasMessage("Unable to open LDAP connection");
+
}
private static MapSettings configure() {
diff --git a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapRealmTest.java b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapRealmTest.java
index ba1656009ef..a194ace6ac3 100644
--- a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapRealmTest.java
+++ b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapRealmTest.java
@@ -27,7 +27,7 @@ import org.sonar.api.config.internal.MapSettings;
import org.sonar.auth.ldap.server.LdapServer;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.junit.Assert.fail;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
public class LdapRealmTest {
@@ -49,32 +49,29 @@ public class LdapRealmTest {
public void noConnection() {
MapSettings settings = new MapSettings()
.setProperty("ldap.url", "ldap://no-such-host")
- .setProperty("ldap.group.baseDn", "cn=groups,dc=example,dc=org");
+ .setProperty("ldap.group.baseDn", "cn=groups,dc=example,dc=org")
+ .setProperty("ldap.user.baseDn", "cn=users,dc=example,dc=org");
LdapRealm realm = new LdapRealm(new LdapSettingsManager(settings.asConfig(), new LdapAutodiscovery()));
- try {
- realm.init();
- fail("Since there is no connection, the init method has to throw an exception.");
- } catch (LdapException e) {
- assertThat(e).hasMessage("Unable to open LDAP connection");
- }
+ assertThatThrownBy(realm::init).isInstanceOf(LdapException.class).hasMessage("Unable to open LDAP connection");
+
assertThat(realm.doGetAuthenticator()).isInstanceOf(DefaultLdapAuthenticator.class);
- assertThat(realm.getUsersProvider()).isInstanceOf(LdapUsersProvider.class).isInstanceOf(DefaultLdapUsersProvider.class);
- assertThat(realm.getGroupsProvider()).isInstanceOf(LdapGroupsProvider.class).isInstanceOf(DefaultLdapGroupsProvider.class);
- try {
- LdapUsersProvider.Context userContext = new DefaultLdapUsersProvider.Context("tester", Mockito.mock(HttpServletRequest.class));
- realm.getUsersProvider().doGetUserDetails(userContext);
- fail("Since there is no connection, the doGetUserDetails method has to throw an exception.");
- } catch (LdapException e) {
- assertThat(e.getMessage()).contains("Unable to retrieve details for user tester");
- }
- try {
- LdapGroupsProvider.Context groupsContext = new DefaultLdapGroupsProvider.Context("tester", Mockito.mock(HttpServletRequest.class));
- realm.getGroupsProvider().doGetGroups(groupsContext);
- fail("Since there is no connection, the doGetGroups method has to throw an exception.");
- } catch (LdapException e) {
- assertThat(e.getMessage()).contains("Unable to retrieve details for user tester");
- }
+ LdapUsersProvider usersProvider = realm.getUsersProvider();
+ assertThat(usersProvider).isInstanceOf(LdapUsersProvider.class).isInstanceOf(DefaultLdapUsersProvider.class);
+
+ LdapGroupsProvider groupsProvider = realm.getGroupsProvider();
+ assertThat(groupsProvider).isInstanceOf(LdapGroupsProvider.class).isInstanceOf(DefaultLdapGroupsProvider.class);
+
+ LdapUsersProvider.Context userContext = new DefaultLdapUsersProvider.Context("<default>", "tester", Mockito.mock(HttpServletRequest.class));
+ assertThatThrownBy(() -> usersProvider.doGetUserDetails(userContext))
+ .isInstanceOf(LdapException.class)
+ .hasMessage("Unable to retrieve details for user tester and server key <default>: No user mapping found.");
+
+ LdapGroupsProvider.Context groupsContext = new DefaultLdapGroupsProvider.Context("default", "tester", Mockito.mock(HttpServletRequest.class));
+ assertThatThrownBy(() -> groupsProvider.doGetGroups(groupsContext))
+ .isInstanceOf(LdapException.class)
+ .hasMessage("Unable to retrieve groups for user tester in server with key <default>");
+
}
}
diff --git a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapSearchTest.java b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapSearchTest.java
index 721fc546a36..d584cf21476 100644
--- a/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapSearchTest.java
+++ b/server/sonar-auth-ldap/src/test/java/org/sonar/auth/ldap/LdapSearchTest.java
@@ -24,6 +24,7 @@ import java.util.Enumeration;
import java.util.Map;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
@@ -57,12 +58,19 @@ public class LdapSearchTest {
assertThat(search.getParameters()).isEqualTo(new String[] {"inetOrgPerson"});
assertThat(search.getReturningAttributes()).isEqualTo(new String[] {"objectClass"});
assertThat(search.toString()).isEqualTo("LdapSearch{baseDn=dc=example,dc=org, scope=subtree, request=(objectClass={0}), parameters=[inetOrgPerson], attributes=[objectClass]}");
- assertThat(enumerationToArrayList(search.find()).size()).isEqualTo(3);
+ assertThat(enumerationToArrayList(search.find()))
+ .extracting(SearchResult::getName)
+ .containsExactlyInAnyOrder(
+ "cn=Without Email,ou=users",
+ "cn=Evgeny Mandrikov,ou=users",
+ "cn=Tester Testerovich,ou=users",
+ "cn=duplicated,ou=users"
+ );
+
assertThatThrownBy(search::findUnique)
.isInstanceOf(NamingException.class)
.hasMessage("Non unique result for " + search.toString());
-
}
@Test
diff --git a/server/sonar-auth-ldap/src/test/resources/users.example.org.ldif b/server/sonar-auth-ldap/src/test/resources/users.example.org.ldif
index 3dc462afbb0..fe3341c92f9 100644
--- a/server/sonar-auth-ldap/src/test/resources/users.example.org.ldif
+++ b/server/sonar-auth-ldap/src/test/resources/users.example.org.ldif
@@ -23,6 +23,20 @@ cn: bind
uid: sonar
userpassword: bindpassword
+# Duplicated user on infosupport ldap
+dn: cn=duplicated,ou=users,dc=example,dc=org
+objectClass: organizationalPerson
+objectClass: person
+objectClass: extensibleObject
+objectClass: uidObject
+objectClass: inetOrgPerson
+objectClass: top
+cn: duplicated
+uid: duplicated
+sn: Duplicated
+mail: duplicated@example.org
+userpassword: duplicated
+
# Typical user
dn: cn=Evgeny Mandrikov,ou=users,dc=example,dc=org
objectClass: organizationalPerson
@@ -82,6 +96,7 @@ objectclass: groupOfUniqueNames
cn: sonar-users
uniqueMember: cn=Tester Testerovich,ou=users,dc=example,dc=org
uniqueMember: cn=Evgeny Mandrikov,ou=users,dc=example,dc=org
+uniqueMember: cn=duplicated,ou=users,dc=example,dc=org
# sonar-developers
dn: cn=sonar-developers,ou=groups,dc=example,dc=org
@@ -95,4 +110,4 @@ objectclass: posixGroup
objectclass: top
cn: linux-users
gidNumber: 10000
-memberUid: godin \ No newline at end of file
+memberUid: godin
diff --git a/server/sonar-auth-ldap/src/test/resources/users.infosupport.com.ldif b/server/sonar-auth-ldap/src/test/resources/users.infosupport.com.ldif
index a08174bf72b..d57addd4bf3 100644
--- a/server/sonar-auth-ldap/src/test/resources/users.infosupport.com.ldif
+++ b/server/sonar-auth-ldap/src/test/resources/users.infosupport.com.ldif
@@ -23,6 +23,20 @@ cn: bind
uid: sonar
userpassword: bindpassword
+# Duplicated user on example ldap
+dn: cn=duplicated,ou=users,dc=infosupport,dc=com
+objectClass: organizationalPerson
+objectClass: person
+objectClass: extensibleObject
+objectClass: uidObject
+objectClass: inetOrgPerson
+objectClass: top
+cn: duplicated
+uid: duplicated
+sn: Duplicated
+mail: duplicated@infosupport.com
+userpassword: duplicated
+
# Typical user
dn: cn=Robby Developer,ou=users,dc=infosupport,dc=com
objectClass: organizationalPerson
@@ -53,6 +67,22 @@ mail: tester@infosupport.com
uid: testerInfo
userpassword: secret2
+# User repeated on multiple servers
+dn: cn=Tester Testerovich Testerov,ou=users,dc=infosupport,dc=com
+objectClass: organizationalPerson
+objectClass: person
+objectClass: extensibleObject
+objectClass: uidObject
+objectClass: inetOrgPerson
+objectClass: top
+cn: Tester Testerovich Testerov
+givenname: Tester
+sn: Testerovich
+mail: tester@example2.org
+uid: tester
+userpassword: secret3
+
+
# Special case which can cause NPE
dn: cn=Without Email,ou=users,dc=infosupport,dc=com
objectClass: organizationalPerson
@@ -88,6 +118,7 @@ dn: cn=sonar-developers,ou=groups,dc=infosupport,dc=com
objectclass: groupOfUniqueNames
cn: sonar-developers
uniqueMember: cn=Robby Developer,ou=users,dc=infosupport,dc=com
+uniqueMember: cn=duplicated,ou=users,dc=infosupport,dc=com
# linux-users
dn: cn=linux-users,ou=groups,dc=infosupport,dc=com
@@ -95,4 +126,4 @@ objectclass: posixGroup
objectclass: top
cn: linux-users
gidNumber: 10000
-memberUid: robby \ No newline at end of file
+memberUid: robby