You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/04/13 14:23:24 UTC
[tomcat] 01/10: Start to expand JNDIRealm unit tests
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit fa4d19c0c6ea28eae41c29ed5b16a2ccbd7e9ba1
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Apr 13 10:13:12 2021 +0100
Start to expand JNDIRealm unit tests
---
build.properties.default | 9 ++
build.xml | 9 ++
.../catalina/realm/TestJNDIRealmIntegration.java | 144 +++++++++++++++++++++
webapps/docs/changelog.xml | 8 ++
4 files changed, 170 insertions(+)
diff --git a/build.properties.default b/build.properties.default
index fd8d153..2c3323a 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -250,6 +250,15 @@ objenesis.home=${base.path}/objenesis-${objenesis.version}
objenesis.jar=${objenesis.home}/objenesis-${objenesis.version}.jar
objenesis.loc=${base-maven.loc}/org/objenesis/objenesis/${objenesis.version}/objenesis-${objenesis.version}.jar
+# ----- UnboundID, used by unit tests, version 5.1.4 or later -----
+unboundid.version=5.1.4
+unboundid.checksum.enabled=true
+unboundid.checksum.algorithm=SHA-512
+unboundid.checksum.value=04cf7f59eddebdd5b51e5be55021f9d9c667cca6101eac954e7a8d5b51f4c23372cd8f041640157f082435a166b75d85e79252b516130ede7d966dae6d3eae67
+unboundid.home=${base.path}/unboundid-${unboundid.version}
+unboundid.jar=${unboundid.home}/unboundid-ldapsdk-${unboundid.version}.jar
+unboundid.loc=${base-maven.loc}/com/unboundid/unboundid-ldapsdk/${unboundid.version}/unboundid-ldapsdk-${unboundid.version}.jar
+
# ----- Checkstyle, version 6.16 or later -----
checkstyle.version=8.22
checkstyle.checksum.enabled=true
diff --git a/build.xml b/build.xml
index 38aeaf2..835cc36 100644
--- a/build.xml
+++ b/build.xml
@@ -3271,6 +3271,15 @@ skip.installer property in build.properties" />
<param name="checksum.value" value="${objenesis.checksum.value}"/>
</antcall>
+ <antcall target="downloadfile">
+ <param name="sourcefile" value="${unboundid.loc}"/>
+ <param name="destfile" value="${unboundid.jar}"/>
+ <param name="destdir" value="${unboundid.home}"/>
+ <param name="checksum.enabled" value="${unboundid.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${unboundid.checksum.algorithm}"/>
+ <param name="checksum.value" value="${unboundid.checksum.value}"/>
+ </antcall>
+
</target>
<target name="download-cobertura"
diff --git a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
new file mode 100644
index 0000000..03e1655
--- /dev/null
+++ b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
@@ -0,0 +1,144 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.realm;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameter;
+
+import org.apache.juli.logging.LogFactory;
+
+import com.unboundid.ldap.listener.InMemoryDirectoryServer;
+import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
+import com.unboundid.ldap.sdk.AddRequest;
+import com.unboundid.ldap.sdk.LDAPConnection;
+import com.unboundid.ldap.sdk.LDAPResult;
+import com.unboundid.ldap.sdk.ResultCode;
+
+@RunWith(Parameterized.class)
+public class TestJNDIRealmIntegration {
+
+ private static InMemoryDirectoryServer ldapServer;
+
+ @Parameterized.Parameters(name = "{index}: in[{0}], out[{1}]")
+ public static Collection<Object[]> parameters() {
+ List<Object[]> parameterSets = new ArrayList<>();
+
+ parameterSets.add(new Object[] { "test", "test", new String[] {"TestGroup"} });
+
+ return parameterSets;
+ }
+
+
+ @Parameter(0)
+ public String username;
+ @Parameter(1)
+ public String credentials;
+ @Parameter(2)
+ public String[] groups;
+
+ @Test
+ public void testAuthenication() throws Exception {
+ JNDIRealm realm = new JNDIRealm();
+ realm.containerLog = LogFactory.getLog(TestJNDIRealmIntegration.class);
+
+ realm.setConnectionURL("ldap://localhost:" + ldapServer.getListenPort());
+ realm.setUserPattern("cn={0},ou=people,dc=example,dc=com");
+ realm.setRoleName("cn");
+ realm.setRoleBase("ou=people,dc=example,dc=com");
+ realm.setRoleSearch("member={0}");
+
+ GenericPrincipal p = (GenericPrincipal) realm.authenticate(username, credentials);
+
+ Assert.assertNotNull(p);
+ Assert.assertEquals(username, p.name);
+
+ Set<String> actualGroups = new HashSet<>(Arrays.asList(p.getRoles()));
+ Set<String> expectedGroups = new HashSet<>(Arrays.asList(groups));
+
+ Assert.assertEquals(expectedGroups.size(), actualGroups.size());
+ Set<String> tmp = new HashSet<>();
+ tmp.addAll(expectedGroups);
+ tmp.removeAll(actualGroups);
+ Assert.assertEquals(0, tmp.size());
+ }
+
+
+ @BeforeClass
+ public static void createLDAP() throws Exception {
+ InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig("dc=example,dc=com");
+ config.addAdditionalBindCredentials("cn=admin", "password");
+ ldapServer = new InMemoryDirectoryServer(config);
+
+ ldapServer.startListening();
+
+ try (LDAPConnection conn = ldapServer.getConnection()) {
+
+ AddRequest addBase = new AddRequest(
+ "dn: dc=example,dc=com",
+ "objectClass: top",
+ "objectClass: domain",
+ "dc: example");
+ LDAPResult result = conn.processOperation(addBase);
+ Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
+ AddRequest addPeople = new AddRequest(
+ "dn: ou=people,dc=example,dc=com",
+ "objectClass: top",
+ "objectClass: organizationalUnit");
+ result = conn.processOperation(addPeople);
+ Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
+ AddRequest addUserTest = new AddRequest(
+ "dn: cn=test,ou=people,dc=example,dc=com",
+ "objectClass: top",
+ "objectClass: person",
+ "objectClass: organizationalPerson",
+ "cn: test",
+ "sn: Test",
+ "userPassword: test");
+ result = conn.processOperation(addUserTest);
+ Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
+ AddRequest addGroupTest = new AddRequest(
+ "dn: cn=TestGroup,ou=people,dc=example,dc=com",
+ "objectClass: top",
+ "objectClass: groupOfNames",
+ "cn: TestGroup",
+ "member: cn=test,ou=people,dc=example,dc=com");
+ result = conn.processOperation(addGroupTest);
+ Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+ }
+ }
+
+
+ @AfterClass
+ public static void destroyLDAP() {
+ ldapServer.shutDown(true);
+ }
+}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 8e002bd..646bdab 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -104,6 +104,14 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 10.0.6 (markt)" rtext="in development">
+ <subsection name="Catalina">
+ <changelog>
+ <scode>
+ Expand coverage of unit tests for JNDIRealm using the UnboundID LDAP SDK
+ for Java. (markt)
+ </scode>
+ </changelog>
+ </subsection>
<subsection name="Jasper">
<changelog>
<scode>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org