You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by ba...@apache.org on 2013/05/08 15:15:58 UTC
svn commit: r1480264 - in /jackrabbit/oak/trunk/oak-core/src:
main/java/org/apache/jackrabbit/oak/security/authentication/ldap/
test/java/org/apache/jackrabbit/oak/security/authentication/ldap/
Author: baedke
Date: Wed May 8 13:15:58 2013
New Revision: 1480264
URL: http://svn.apache.org/r1480264
Log:
OAK-516: fixed: LDAPLoginModule no longer stores the password in the repository
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/JndiLdapSearch.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapUser.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginStandaloneTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginWithRepoLoginTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/JndiLdapSearch.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/JndiLdapSearch.java?rev=1480264&r1=1480263&r2=1480264&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/JndiLdapSearch.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/JndiLdapSearch.java Wed May 8 13:15:58 2013
@@ -228,7 +228,7 @@ public class JndiLdapSearch implements L
try {
Hashtable<String,String> env = new Hashtable<String,String>(ldapEnvironment);
env.put(Context.SECURITY_PRINCIPAL, user.getDN());
- env.put(Context.SECURITY_CREDENTIALS, user.getPassword());
+ env.put(Context.SECURITY_CREDENTIALS, user.getLdapPassword());
//TODO
env.put(Context.SECURITY_AUTHENTICATION, "simple");
new InitialDirContext(env).close();
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapUser.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapUser.java?rev=1480264&r1=1480263&r2=1480264&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapUser.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapUser.java Wed May 8 13:15:58 2013
@@ -52,6 +52,10 @@ public class LdapUser implements Externa
@Override
public String getPassword() {
+ return null;
+ }
+
+ public String getLdapPassword() {
return pwd;
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginStandaloneTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginStandaloneTest.java?rev=1480264&r1=1480263&r2=1480264&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginStandaloneTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginStandaloneTest.java Wed May 8 13:15:58 2013
@@ -48,97 +48,4 @@ public class LdapLoginStandaloneTest ext
}
};
}
- @Test
- public void testSyncUpdateAndGroups() throws Exception {
-
- if (!USE_COMMON_LDAP_FIXTURE) {
- createLdapFixture();
- }
-
- options.put(ExternalLoginModule.PARAM_SYNC_MODE, new String[]{SyncMode.UPDATE, SyncMode.CREATE_GROUP});
-
- // create user upfront in order to test update mode
- userManager.createUser(USER_ID, USER_PWD);
- root.commit();
-
- ContentSession cs = null;
- try {
- cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
-
- root.refresh();
- Authorizable user = userManager.getAuthorizable(USER_ID);
- assertNotNull(user);
- assertTrue(user.hasProperty(USER_PROP));
- Authorizable group = userManager.getAuthorizable(GROUP_DN);
- assertTrue(group.hasProperty(GROUP_PROP));
- assertNotNull(group);
- } finally {
- if (cs != null) {
- cs.close();
- }
- options.clear();
- }
- }
-
- @Test
- public void testDefaultSync() throws Exception {
-
- if (!USE_COMMON_LDAP_FIXTURE) {
- createLdapFixture();
- }
-
- options.put(ExternalLoginModule.PARAM_SYNC_MODE, null);
-
- // create user upfront in order to test update mode
- userManager.createUser(USER_ID, USER_PWD);
- root.commit();
-
- ContentSession cs = null;
- try {
- cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
-
- root.refresh();
- Authorizable user = userManager.getAuthorizable(USER_ID);
- assertNotNull(user);
- assertTrue(user.hasProperty(USER_PROP));
- Authorizable group = userManager.getAuthorizable(GROUP_DN);
- assertTrue(group.hasProperty(GROUP_PROP));
- assertNotNull(group);
- } finally {
- if (cs != null) {
- cs.close();
- }
- options.clear();
- }
- }
-
- @Test
- public void testSyncUpdate() throws Exception {
-
- if (!USE_COMMON_LDAP_FIXTURE) {
- createLdapFixture();
- }
-
- options.put(ExternalLoginModule.PARAM_SYNC_MODE, SyncMode.UPDATE);
-
- // create user upfront in order to test update mode
- userManager.createUser(USER_ID, USER_PWD);
- root.commit();
-
- ContentSession cs = null;
- try {
- cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
-
- root.refresh();
- Authorizable user = userManager.getAuthorizable(USER_ID);
- assertNotNull(user);
- assertTrue(user.hasProperty(USER_PROP));
- assertNull(userManager.getAuthorizable(GROUP_DN));
- } finally {
- if (cs != null) {
- cs.close();
- }
- options.clear();
- }
- }
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java?rev=1480264&r1=1480263&r2=1480264&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java Wed May 8 13:15:58 2013
@@ -261,6 +261,100 @@ public abstract class LdapLoginTestBase
}
}
+ @Test
+ public void testDefaultSync() throws Exception {
+
+ if (!USE_COMMON_LDAP_FIXTURE) {
+ createLdapFixture();
+ }
+
+ options.put(ExternalLoginModule.PARAM_SYNC_MODE, null);
+
+ // create user upfront in order to test update mode
+ userManager.createUser(USER_ID, null);
+ root.commit();
+
+ ContentSession cs = null;
+ try {
+ cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
+
+ root.refresh();
+ Authorizable user = userManager.getAuthorizable(USER_ID);
+ assertNotNull(user);
+ assertTrue(user.hasProperty(USER_PROP));
+ Authorizable group = userManager.getAuthorizable(GROUP_DN);
+ assertTrue(group.hasProperty(GROUP_PROP));
+ assertNotNull(group);
+ } finally {
+ if (cs != null) {
+ cs.close();
+ }
+ options.clear();
+ }
+ }
+
+ @Test
+ public void testSyncUpdate() throws Exception {
+
+ if (!USE_COMMON_LDAP_FIXTURE) {
+ createLdapFixture();
+ }
+
+ options.put(ExternalLoginModule.PARAM_SYNC_MODE, SyncMode.UPDATE);
+
+ // create user upfront in order to test update mode
+ userManager.createUser(USER_ID, null);
+ root.commit();
+
+ ContentSession cs = null;
+ try {
+ cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
+
+ root.refresh();
+ Authorizable user = userManager.getAuthorizable(USER_ID);
+ assertNotNull(user);
+ assertTrue(user.hasProperty(USER_PROP));
+ assertNull(userManager.getAuthorizable(GROUP_DN));
+ } finally {
+ if (cs != null) {
+ cs.close();
+ }
+ options.clear();
+ }
+ }
+
+ @Test
+ public void testSyncUpdateAndGroups() throws Exception {
+
+ if (!USE_COMMON_LDAP_FIXTURE) {
+ createLdapFixture();
+ }
+
+ options.put(ExternalLoginModule.PARAM_SYNC_MODE, new String[]{SyncMode.UPDATE, SyncMode.CREATE_GROUP});
+
+ // create user upfront in order to test update mode
+ userManager.createUser(USER_ID, null);
+ root.commit();
+
+ ContentSession cs = null;
+ try {
+ cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
+
+ root.refresh();
+ Authorizable user = userManager.getAuthorizable(USER_ID);
+ assertNotNull(user);
+ assertTrue(user.hasProperty(USER_PROP));
+ Authorizable group = userManager.getAuthorizable(GROUP_DN);
+ assertTrue(group.hasProperty(GROUP_PROP));
+ assertNotNull(group);
+ } finally {
+ if (cs != null) {
+ cs.close();
+ }
+ options.clear();
+ }
+ }
+
protected static void createLdapFixture() throws Exception {
LDAP_SERVER.addMember(
GROUP_DN = LDAP_SERVER.addGroup(GROUP_NAME),
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginWithRepoLoginTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginWithRepoLoginTest.java?rev=1480264&r1=1480263&r2=1480264&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginWithRepoLoginTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginWithRepoLoginTest.java Wed May 8 13:15:58 2013
@@ -54,99 +54,4 @@ public class LdapLoginWithRepoLoginTest
}
};
}
-
- @Test
- public void testSyncUpdateAndGroups() throws Exception {
-
- if (!USE_COMMON_LDAP_FIXTURE) {
- createLdapFixture();
- }
-
- options.put(ExternalLoginModule.PARAM_SYNC_MODE, new String[]{SyncMode.UPDATE, SyncMode.CREATE_GROUP});
-
- // create user upfront in order to test update mode
- userManager.createUser(USER_ID, USER_PWD);
- root.commit();
-
- ContentSession cs = null;
- try {
- cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
-
- root.refresh();
- Authorizable user = userManager.getAuthorizable(USER_ID);
- assertNotNull(user);
- //verify that nothing was synced because LoginModuleImpl handled the login
- assertFalse(user.hasProperty(USER_PROP));
- Authorizable group = userManager.getAuthorizable(GROUP_DN);
- assertNull(group);
- } finally {
- if (cs != null) {
- cs.close();
- }
- options.clear();
- }
- }
-
- @Test
- public void testDefaultSync() throws Exception {
-
- if (!USE_COMMON_LDAP_FIXTURE) {
- createLdapFixture();
- }
-
- options.put(ExternalLoginModule.PARAM_SYNC_MODE, null);
-
- // create user upfront in order to test update mode
- userManager.createUser(USER_ID, USER_PWD);
- root.commit();
-
- ContentSession cs = null;
- try {
- cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
-
- root.refresh();
- Authorizable user = userManager.getAuthorizable(USER_ID);
- assertNotNull(user);
- //verify that nothing was synced because LoginModuleImpl handled the login
- assertFalse(user.hasProperty(USER_PROP));
- Authorizable group = userManager.getAuthorizable(GROUP_DN);
- assertNull(group);
- } finally {
- if (cs != null) {
- cs.close();
- }
- options.clear();
- }
- }
-
- @Test
- public void testSyncUpdate() throws Exception {
-
- if (!USE_COMMON_LDAP_FIXTURE) {
- createLdapFixture();
- }
-
- options.put(ExternalLoginModule.PARAM_SYNC_MODE, SyncMode.UPDATE);
-
- // create user upfront in order to test update mode
- userManager.createUser(USER_ID, USER_PWD);
- root.commit();
-
- ContentSession cs = null;
- try {
- cs = login(new SimpleCredentials(USER_ID, USER_PWD.toCharArray()));
-
- root.refresh();
- Authorizable user = userManager.getAuthorizable(USER_ID);
- assertNotNull(user);
- //verify that nothing was synced because LoginModuleImpl handled the login
- assertFalse(user.hasProperty(USER_PROP));
- assertNull(userManager.getAuthorizable(GROUP_DN));
- } finally {
- if (cs != null) {
- cs.close();
- }
- options.clear();
- }
- }
}