@Test
public void testSearch() throws LdapDAOException {
Set<LdapUser> users = this.ldapManager.searchUsers("cstamas");
assertEquals(1, users.size());
LdapUser user = users.iterator().next();
assertEquals("cstamas", user.getUsername());
assertTrue(this.isPasswordsEncrypted() || ("cstamas123".equals(user.getPassword())));
users = this.ldapManager.searchUsers("br");
assertEquals(1, users.size());
user = users.iterator().next();
assertEquals("brianf", user.getUsername());
// assertEquals( "Brian Fox", user.getRealName() );
assertTrue(this.isPasswordsEncrypted() || ("brianf123".equals(user.getPassword())));
users = this.ldapManager.searchUsers("j");
assertEquals(1, users.size());
user = users.iterator().next();
assertEquals("jvanzyl", user.getUsername());
// assertEquals( "Jason Van Zyl", user.getRealName() );
assertTrue(this.isPasswordsEncrypted() || ("jvanzyl123".equals(user.getPassword())));
users = this.ldapManager.searchUsers("INVALID");
assertEquals(0, users.size());
}
public void authenticateUserWithPassword(LdapUser ldapUser, String password)
throws AuthenticationException {
// use the passwordmanager
if (!this.passwordManager.isPasswordValid(ldapUser.getPassword(), password, null)) {
throw new AuthenticationException(
"User '" + ldapUser.getUsername() + "' cannot be authenticated.");
}
}
public void authenticateUserWithBind(
LdapUser ldapUser, String password, LdapContextFactory ldapContextFactory, String authScheme)
throws AuthenticationException {
String userId = ldapUser.getUsername();
// Binds using the username and password provided by the user.
String bindUsername = ldapUser.getDn();
// if we are authorizing against DIGEST-MD5 or CRAM-MD5 then username is not the DN
if ("DIGEST-MD5".equals(authScheme) || "CRAM-MD5".equals(authScheme)) {
bindUsername = userId;
}
// check using bind
this.checkPasswordUsingBind(ldapContextFactory, bindUsername, password);
}
public void testUserManagerWithDynamicGroupsDisabled() throws Exception {
Map<String, Object> env = new HashMap<String, Object>();
// Create a new context pointing to the overseas partition
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:12345/o=sonatype");
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
InitialLdapContext initialContext =
new InitialLdapContext(new Hashtable<String, Object>(env), null);
LdapAuthConfiguration configuration = new LdapAuthConfiguration();
configuration.setUserBaseDn("ou=people");
configuration.setUserRealNameAttribute("cn");
configuration.setUserMemberOfAttribute("businesscategory");
configuration.setLdapGroupsAsRoles(false);
LdapUserDAO lum = (LdapUserDAO) lookup(LdapUserDAO.class.getName());
LdapUser user = lum.getUser("cstamas", initialContext, configuration);
assertEquals("cstamas", user.getUsername());
// assertEquals( "Tamas Cservenak", user.getRealName() );
assertEquals("cstamas123", user.getPassword());
assertEquals(0, user.getMembership().size());
user = lum.getUser("brianf", initialContext, configuration);
assertEquals("brianf", user.getUsername());
// assertEquals( "Brian Fox", user.getRealName() );
assertEquals("brianf123", user.getPassword());
assertEquals(0, user.getMembership().size());
user = lum.getUser("jvanzyl", initialContext, configuration);
assertEquals("jvanzyl", user.getUsername());
// assertEquals( "Jason Van Zyl", user.getRealName() );
assertEquals("jvanzyl123", user.getPassword());
assertEquals(0, user.getMembership().size());
try {
user = lum.getUser("intruder", initialContext, configuration);
fail();
} catch (NoSuchLdapUserException e) {
// good
}
}
@Test
public void testUserManager() throws Exception {
LdapUser user = this.ldapManager.getUser("cstamas");
assertEquals("cstamas", user.getUsername());
// assertEquals( "Tamas Cservenak", user.getRealName() );
assertTrue(this.isPasswordsEncrypted() || ("cstamas123".equals(user.getPassword())));
user = this.ldapManager.getUser("brianf");
assertEquals("brianf", user.getUsername());
// assertEquals( "Brian Fox", user.getRealName() );
assertTrue(this.isPasswordsEncrypted() || ("brianf123".equals(user.getPassword())));
user = this.ldapManager.getUser("jvanzyl");
assertEquals("jvanzyl", user.getUsername());
// assertEquals( "Jason Van Zyl", user.getRealName() );
assertTrue(this.isPasswordsEncrypted() || ("jvanzyl123".equals(user.getPassword())));
try {
user = this.ldapManager.getUser("intruder");
fail("Expected NoSuchUserException");
} catch (NoSuchLdapUserException e) {
// good
}
}
@Test
public void stripEmailWhitespace() throws Exception {
when(ldapManager.getUser("test")).thenReturn(user);
when(user.getEmail()).thenReturn(" [email protected] ");
final User user = underTest.getUser("test");
assertThat(user.getEmailAddress(), is("*****@*****.**"));
}
private User toPlexusUser(LdapUser ldapUser) {
User user = new DefaultUser();
String email = ldapUser.getEmail();
if (email != null) {
email = email.trim();
}
user.setEmailAddress(email);
user.setName(ldapUser.getRealName());
user.setUserId(ldapUser.getUsername());
user.setSource(USER_SOURCE);
user.setStatus(UserStatus.active);
for (String roleId : ldapUser.getMembership()) {
RoleIdentifier role = new RoleIdentifier(USER_SOURCE, roleId);
user.addRole(role);
}
return user;
}
public int compareTo(LdapUser o) {
if (o == null) return 1;
return this.getUsername().compareTo(o.getUsername());
}
@Test
public void testUserManagerWithDynamicGroups() throws Exception {
Map<String, Object> env = new HashMap<String, Object>();
// Create a new context pointing to the overseas partition
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:12345/o=sonatype");
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
// if want to use explicitly ApacheDS and not the Sun supplied ones
// env.put( Context.PROVIDER_URL, "o=sonatype" );
// env.put( Context.INITIAL_CONTEXT_FACTORY,
// "org.apache.directory.server.jndi.ServerContextFactory" );
InitialLdapContext initialContext =
new InitialLdapContext(new Hashtable<String, Object>(env), null);
LdapAuthConfiguration configuration = new LdapAuthConfiguration();
configuration.setUserBaseDn("ou=people");
// configuration.setGroupBaseDn( "ou=groups" );
// configuration.setGroupObjectClass( "groupOfUniqueNames" );
// configuration.setGroupMemberAttribute( "uniqueMember" );
configuration.setUserRealNameAttribute("cn");
configuration.setUserMemberOfAttribute("businesscategory");
configuration.setLdapGroupsAsRoles(true);
LdapUserDAO lum = (LdapUserDAO) lookup(LdapUserDAO.class.getName());
LdapUser user = lum.getUser("cstamas", initialContext, configuration);
assertEquals("cstamas", user.getUsername());
// assertEquals( "Tamas Cservenak", user.getRealName() );
assertEquals("cstamas123", user.getPassword());
assertEquals(2, user.getMembership().size());
assertTrue(user.getMembership().contains("public"));
assertTrue(user.getMembership().contains("snapshots"));
user = lum.getUser("brianf", initialContext, configuration);
assertEquals("brianf", user.getUsername());
// assertEquals( "Brian Fox", user.getRealName() );
assertEquals("brianf123", user.getPassword());
assertEquals(2, user.getMembership().size());
assertTrue(user.getMembership().contains("public"));
assertTrue(user.getMembership().contains("releases"));
user = lum.getUser("jvanzyl", initialContext, configuration);
assertEquals("jvanzyl", user.getUsername());
// assertEquals( "Jason Van Zyl", user.getRealName() );
assertEquals("jvanzyl123", user.getPassword());
assertEquals(3, user.getMembership().size());
assertTrue(user.getMembership().contains("public"));
assertTrue(user.getMembership().contains("releases"));
assertTrue(user.getMembership().contains("snapshots"));
try {
user = lum.getUser("intruder", initialContext, configuration);
fail();
} catch (NoSuchLdapUserException e) {
// good
}
}
