You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2008/12/17 16:00:38 UTC
svn commit: r727404 - in /directory/apacheds/trunk/server-xml/src:
main/resources/serverAuthenticatorInAuthenticationInterceptor.xml
test/java/org/apache/directory/server/SpringServerTest.java
Author: elecharny
Date: Wed Dec 17 07:00:37 2008
New Revision: 727404
URL: http://svn.apache.org/viewvc?rev=727404&view=rev
Log:
Added a test for Authenticators checking
Added:
directory/apacheds/trunk/server-xml/src/main/resources/serverAuthenticatorInAuthenticationInterceptor.xml
Modified:
directory/apacheds/trunk/server-xml/src/test/java/org/apache/directory/server/SpringServerTest.java
Added: directory/apacheds/trunk/server-xml/src/main/resources/serverAuthenticatorInAuthenticationInterceptor.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-xml/src/main/resources/serverAuthenticatorInAuthenticationInterceptor.xml?rev=727404&view=auto
==============================================================================
--- directory/apacheds/trunk/server-xml/src/main/resources/serverAuthenticatorInAuthenticationInterceptor.xml (added)
+++ directory/apacheds/trunk/server-xml/src/main/resources/serverAuthenticatorInAuthenticationInterceptor.xml Wed Dec 17 07:00:37 2008
@@ -0,0 +1,212 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+
+<spring:beans xmlns:spring="http://xbean.apache.org/schemas/spring/1.0"
+ xmlns:s="http://www.springframework.org/schema/beans"
+ xmlns="http://apacheds.org/config/1.0">
+
+ <s:bean id="simpleAuthenticator" class="org.apache.directory.server.core.authn.SimpleAuthenticator">
+ <s:constructor-arg value="50"/>
+ </s:bean>
+ <s:bean id="strongAuthenticator" class="org.apache.directory.server.core.authn.StrongAuthenticator"/>
+
+ <defaultDirectoryService id="directoryService" instanceId="default"
+ workingDirectory="example.com"
+ allowAnonymousAccess="true"
+ accessControlEnabled="false"
+ denormalizeOpAttrsEnabled="false"
+ maxPDUSize="2000000">
+ <systemPartition>
+ <!-- use the following partitionConfiguration to override defaults for -->
+ <!-- the system partition -->
+ <jdbmPartition id="system" cacheSize="100" suffix="ou=system" optimizerEnabled="true" syncOnWrite="true">
+ <indexedAttributes>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.1" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.2" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.3" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.4" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.5" cacheSize="10"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.6" cacheSize="10"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.7" cacheSize="10"/>
+ <jdbmIndex attributeId="ou" cacheSize="100"/>
+ <jdbmIndex attributeId="uid" cacheSize="100"/>
+ <jdbmIndex attributeId="objectClass" cacheSize="100"/>
+ </indexedAttributes>
+ </jdbmPartition>
+ </systemPartition>
+
+ <partitions>
+ <!-- NOTE: when specifying new partitions you need not include those -->
+ <!-- attributes below with OID's which are the system indices, if left -->
+ <!-- out they will be automatically configured for you with defaults. -->
+ <jdbmPartition id="example" cacheSize="100" suffix="dc=example,dc=com" optimizerEnabled="true"
+ syncOnWrite="true">
+ <indexedAttributes>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.1" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.2" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.3" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.4" cacheSize="100"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.5" cacheSize="10"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.6" cacheSize="10"/>
+ <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.7" cacheSize="10"/>
+ <jdbmIndex attributeId="dc" cacheSize="100"/>
+ <jdbmIndex attributeId="ou" cacheSize="100"/>
+ <jdbmIndex attributeId="krb5PrincipalName" cacheSize="100"/>
+ <jdbmIndex attributeId="uid" cacheSize="100"/>
+ <jdbmIndex attributeId="objectClass" cacheSize="100"/>
+ </indexedAttributes>
+ </jdbmPartition>
+ </partitions>
+
+ <interceptors>
+ <normalizationInterceptor/>
+ <authenticationInterceptor>
+ <s:property name="authenticators">
+ <s:set>
+ <!--s:value>The supported authenticators</s:value-->
+ <s:ref bean="simpleAuthenticator"/>
+ <s:ref bean="strongAuthenticator"/>
+ </s:set>
+ </s:property>
+ </authenticationInterceptor>
+ <referralInterceptor/>
+ <aciAuthorizationInterceptor/>
+ <defaultAuthorizationInterceptor/>
+ <exceptionInterceptor/>
+ <operationalAttributeInterceptor/>
+
+ <!-- Uncomment to enable the password policy interceptor
+ <passwordPolicyInterceptor/>
+ <keyDerivationInterceptor/>
+ -->
+
+ <schemaInterceptor/>
+ <subentryInterceptor/>
+ <collectiveAttributeInterceptor/>
+ <eventInterceptor/>
+ <triggerInterceptor/>
+
+ <!-- Uncomment to enable replication interceptor
+ <replicationInterceptor>
+ <configuration>
+ <replicationConfiguration serverPort="10390" peerReplicas="instance_b@localhost:10392">
+ <replicaId>
+ <replicaId id="instance_a"/>
+ </replicaId>
+ </replicationConfiguration>
+ </configuration>
+ </replicationInterceptor>
+ -->
+ </interceptors>
+ </defaultDirectoryService>
+
+<!-- missing atou=users,dc=example,dc=com
+ <changePasswordServer ipPort="60464" nbThreads="8">
+ <directoryService>#directoryService</directoryService>
+ </changePasswordServer>
+-->
+<!-- missing atou=users,dc=example,dc=com
+ <kdcServer ipPort="60088" nbThreads="8">
+ <directoryService>#directoryService</directoryService>
+ </kdcServer>
+-->
+ <ntpServer ipPort="60123" nbThreads="8"/>
+<!-- missing atou=users,dc=example,dc=com
+ <dnsServer ipPort="8053" nbThreads="8">
+ <directoryService>#directoryService</directoryService>
+ </dnsServer>
+-->
+
+ <ldapService id="ldapsService"
+ enabled="true"
+ tcpPort="10636"
+ enableLdaps="true"
+ nbTcpThreads="8">
+ <directoryService>#directoryService</directoryService>
+ </ldapService>
+
+ <ldapService id="ldapService"
+ tcpPort="10389"
+ allowAnonymousAccess="false"
+ saslHost="ldap.example.com"
+ saslPrincipal="ldap/ldap.example.com@EXAMPLE.COM"
+ searchBaseDn="ou=users,ou=system"
+ maxTimeLimit="15000"
+ maxSizeLimit="1000"
+ nbTcpThreads="8">
+
+ <directoryService>#directoryService</directoryService>
+
+ <!-- The list of supported authentication mechanisms. -->
+ <saslMechanismHandlers>
+ <simpleMechanismHandler mech-name="SIMPLE"/>
+ <cramMd5MechanismHandler mech-name="CRAM-MD5" />
+ <digestMd5MechanismHandler mech-name="DIGEST-MD5" />
+ <gssapiMechanismHandler mech-name="GSSAPI" />
+ <ntlmMechanismHandler mech-name="NTLM" ntlmProviderFqcn="com.foo.Bar"/>
+ <ntlmMechanismHandler mech-name="GSS-SPNEGO" ntlmProviderFqcn="com.foo.Bar"/>
+ </saslMechanismHandlers>
+
+ <!-- The desired quality-of-protection, used by DIGEST-MD5 and GSSAPI. -->
+ <saslQop>
+ <s:value>auth</s:value>
+ <s:value>auth-int</s:value>
+ <s:value>auth-conf</s:value>
+ </saslQop>
+
+ <!-- The realms serviced by this SASL host, used by DIGEST-MD5 and GSSAPI. -->
+ <saslRealms>
+ <s:value>example.com</s:value>
+ <s:value>apache.org</s:value>
+ </saslRealms>
+
+ <!-- the collection of extended operation handlers to install -->
+ <extendedOperationHandlers>
+ <startTlsHandler/>
+ <gracefulShutdownHandler/>
+ <launchDiagnosticUiHandler/>
+ <!-- The Stored Procedure Extended Operation is not stable yet and it may cause security risks.-->
+ <!--storedProcedureExtendedOperationHandler/-->
+ </extendedOperationHandlers>
+ </ldapService>
+
+
+ <apacheDS id="apacheDS"
+ synchPeriodMillis="15000"
+ allowAnonymousAccess="false">
+
+ <directoryService>#directoryService</directoryService>
+ <ldapService>#ldapService</ldapService>
+ <ldapsService>#ldapsService</ldapsService>
+ </apacheDS>
+
+ <!-- another bean I didn't convert -->
+ <spring:bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
+ <spring:property name="customEditors">
+ <spring:map>
+ <spring:entry key="javax.naming.directory.Attributes">
+ <spring:bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
+ </spring:entry>
+ </spring:map>
+ </spring:property>
+ </spring:bean>
+</spring:beans>
Modified: directory/apacheds/trunk/server-xml/src/test/java/org/apache/directory/server/SpringServerTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-xml/src/test/java/org/apache/directory/server/SpringServerTest.java?rev=727404&r1=727403&r2=727404&view=diff
==============================================================================
--- directory/apacheds/trunk/server-xml/src/test/java/org/apache/directory/server/SpringServerTest.java (original)
+++ directory/apacheds/trunk/server-xml/src/test/java/org/apache/directory/server/SpringServerTest.java Wed Dec 17 07:00:37 2008
@@ -19,12 +19,24 @@
package org.apache.directory.server;
import org.apache.directory.server.configuration.ApacheDS;
+import org.apache.directory.server.core.authn.AuthenticationInterceptor;
+import org.apache.directory.server.core.authn.Authenticator;
+import org.apache.directory.server.core.authn.SimpleAuthenticator;
+import org.apache.directory.server.core.authn.StrongAuthenticator;
+import org.apache.directory.server.core.interceptor.Interceptor;
import org.apache.xbean.spring.context.FileSystemXmlApplicationContext;
import org.junit.Test;
import org.springframework.context.ApplicationContext;
import java.io.File;
import java.net.URL;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertEquals;
/**
@@ -32,10 +44,12 @@
*/
public class SpringServerTest
{
- private String providerURL = "dc=example,dc=com";
-
+ /**
+ * Test a default server.xml file
+ * @throws Exception
+ */
@Test
- public void testSpringServerStartup() throws Exception {
+ public void testSpringServerDefault() throws Exception {
ClassLoader classLoader = this.getClass().getClassLoader();
URL configURL = classLoader.getResource( "server.xml" );
@@ -45,4 +59,50 @@
File workingDirFile = new File( configF.getParentFile(), "work" );
apacheDS.getDirectoryService().setWorkingDirectory( workingDirFile );
}
+
+ /**
+ * Test a server.xml with Authenticator in the authenticationInterceptor
+ */
+ @Test
+ public void testSpringServerAuthenticatorInAuthenticationInterceptor() throws Exception {
+ ClassLoader classLoader = this.getClass().getClassLoader();
+ URL configURL = classLoader.getResource( "serverAuthenticatorInAuthenticationInterceptor.xml" );
+
+ File configF = new File( configURL.toURI() );
+ ApplicationContext factory = new FileSystemXmlApplicationContext( configF.toURI().toURL().toString() );
+ ApacheDS apacheDS = ( ApacheDS ) factory.getBean( "apacheDS" );
+ File workingDirFile = new File( configF.getParentFile(), "work" );
+ apacheDS.getDirectoryService().setWorkingDirectory( workingDirFile );
+
+ List<Interceptor> interceptors = apacheDS.getDirectoryService().getInterceptors();
+
+ Map<String, Interceptor> map = new HashMap<String, Interceptor>();
+
+ for ( Interceptor interceptor:interceptors )
+ {
+ map.put( interceptor.getName(), interceptor );
+ }
+
+ Interceptor authentication = map.get( AuthenticationInterceptor.class.getName() );
+ assertNotNull( authentication );
+ Set<Authenticator> authenticators = ((AuthenticationInterceptor)authentication).getAuthenticators();
+ assertNotNull( authenticators );
+ assertEquals( 2, authenticators.size() );
+ int count = 2;
+
+ for ( Authenticator authenticator: authenticators )
+ {
+ if ( authenticator instanceof SimpleAuthenticator )
+ {
+ count--;
+ }
+
+ if ( authenticator instanceof StrongAuthenticator )
+ {
+ count--;
+ }
+ }
+
+ assertEquals( 0, count );
+ }
}