/** * Tests whether the who am I? extended operation with an unauthenticated connection fails with * new setting of "ds-cfg-reject-unauthenticated-requests". * * @throws UnsupportedEncodingException If an unexpected problem occurs. * @throws IOException If an unexpected problem occurs. * @throws ClientException If an unexpected problem occurs. */ @Test public void testUnauthWAINewCfg() throws UnsupportedEncodingException, IOException, ClientException { try { DirectoryServer.setRejectUnauthenticatedRequests(true); Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort()); LDAPReader reader = new LDAPReader(s); LDAPWriter writer = new LDAPWriter(s); AtomicInteger nextMessageID = new AtomicInteger(1); LDAPAuthenticationHandler authHandler = new LDAPAuthenticationHandler(reader, writer, "localhost", nextMessageID); ByteString authzID = null; try { authzID = authHandler.requestAuthorizationIdentity(); } catch (LDAPException e) { assertNull(authzID); } finally { LDAPMessage unbindMessage = new LDAPMessage(nextMessageID.getAndIncrement(), new UnbindRequestProtocolOp()); writer.writeMessage(unbindMessage); s.close(); } } finally { DirectoryServer.setRejectUnauthenticatedRequests(false); } }
/** * Tests the use of the StartTLS extended operation to communicate with the server in conjunction * with no authentication and using blind trust. * * @throws Exception If an unexpected problem occurs. */ @Test public void testStartTLSNoAuthTrustAll() throws Exception { try { DirectoryServer.setRejectUnauthenticatedRequests(true); String[] argSearch = { "--noPropertiesFile", "-h", "127.0.0.1", "-p", String.valueOf(TestCaseUtils.getServerLdapPort()), "-D", "cn=directory manager", "-w", "password", "-q", "-X", "-b", "", "-s", "base", "(objectClass=*)" }; assertEquals(LDAPSearch.mainSearch(argSearch, false, null, System.err), 0); } finally { DirectoryServer.setRejectUnauthenticatedRequests(false); } }
/** * Tests whether the Who Am I? extended operation with an internal authenticated connection * succeeds with new setting of "ds-cfg-reject-unauthenticated-requests". * * @throws Exception If an unexpected problem occurs. */ @Test public void testAuthWAINewCfg() throws Exception { try { DirectoryServer.setRejectUnauthenticatedRequests(true); InternalClientConnection conn = InternalClientConnection.getRootConnection(); ExtendedOperation extOp = conn.processExtendedOperation(OID_WHO_AM_I_REQUEST, null); assertEquals(extOp.getResultCode(), ResultCode.SUCCESS); assertNotNull(extOp.getResponseValue()); } finally { DirectoryServer.setRejectUnauthenticatedRequests(false); } }
/** * Tests whether the Who Am I? extended operation with an internal authenticated connection * succeeds with default setting of "ds-cfg-reject-unauthenticated-requests". * * @throws Exception If an unexpected problem occurs. */ @Test() public void testAuthWAIDefCfg() throws Exception { DirectoryServer.setRejectUnauthenticatedRequests(false); Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort()); LDAPReader reader = new LDAPReader(s); LDAPWriter writer = new LDAPWriter(s); AtomicInteger nextMessageID = new AtomicInteger(1); LDAPAuthenticationHandler authHandler = new LDAPAuthenticationHandler(reader, writer, "localhost", nextMessageID); authHandler.doSimpleBind( 3, ByteString.valueOf("cn=Directory Manager"), ByteString.valueOf("password"), new ArrayList<Control>(), new ArrayList<Control>()); ByteString authzID = authHandler.requestAuthorizationIdentity(); assertNotNull(authzID); LDAPMessage unbindMessage = new LDAPMessage(nextMessageID.getAndIncrement(), new UnbindRequestProtocolOp()); writer.writeMessage(unbindMessage); s.close(); }
/** * Tests whether an Unauthenticated BIND request will be allowed with the default configuration * settings for "ds-cfg-reject-unauthenticated-requests". */ @Test() public void testUnauthBindDefCfg() { DirectoryServer.setRejectUnauthenticatedRequests(false); InternalClientConnection conn = new InternalClientConnection(new AuthenticationInfo()); BindOperation bindOperation = conn.processSimpleBind(DN.nullDN(), null); assertEquals(bindOperation.getResultCode(), ResultCode.SUCCESS); }
/** * Tests the whether the unauthenticated ADD,MODIFY,COMPARE,MODRDN and DELETE requests fail with * the new configuration settings. * * @throws Exception If an unexpected problem occurs. */ @Test public void testOtherOpsUnauthNewCfg() throws Exception { try { DirectoryServer.setRejectUnauthenticatedRequests(true); assertFalse(performAddOperation(false) == 0); assertFalse(performModifyOperation(false) == 0); assertFalse(performCompareOperation(false) == 0); assertFalse(performModRdnOperation(false) == 0); assertFalse(performDeleteOperation(false) == 0); } finally { DirectoryServer.setRejectUnauthenticatedRequests(false); } }
/** * Tests whether authenticated and unauthenticated BIND requests will be allowed with the new * configuration settings for "ds-cfg-reject-unauthenticated-requests" . */ @Test public void testBindNewCfg() { try { DirectoryServer.setRejectUnauthenticatedRequests(true); InternalClientConnection conn = new InternalClientConnection(new AuthenticationInfo()); ByteString user = ByteString.valueOf("cn=Directory Manager"); ByteString password = ByteString.valueOf("password"); // Unauthenticated BIND request. BindOperation bindOperation = conn.processSimpleBind(DN.nullDN(), null); assertEquals(bindOperation.getResultCode(), ResultCode.SUCCESS); // Authenticated BIND request. bindOperation = conn.processSimpleBind(user, password); assertEquals(bindOperation.getResultCode(), ResultCode.SUCCESS); } finally { DirectoryServer.setRejectUnauthenticatedRequests(false); } }
/** * Tests whether an authenticated BIND request will be allowed with the default configuration * settings for "ds-cfg-reject-unauthenticated-requests" . */ @Test() public void testAuthBindDefCfg() { DirectoryServer.setRejectUnauthenticatedRequests(false); InternalClientConnection conn = new InternalClientConnection(new AuthenticationInfo()); ByteString user = ByteString.valueOf("cn=Directory Manager"); ByteString password = ByteString.valueOf("password"); BindOperation bindOperation = conn.processSimpleBind(user, password); assertEquals(bindOperation.getResultCode(), ResultCode.SUCCESS); }
/** * Tests whether both authenticated and unauthenticated SEARCH requests will be allowed with the * new configuration settings for "ds-cfg-reject-unauthenticated-requests" . */ @Test public void testSearchNewCfg() { try { DirectoryServer.setRejectUnauthenticatedRequests(true); String[] args = { "--noPropertiesFile", "-h", "127.0.0.1", "-p", String.valueOf(TestCaseUtils.getServerLdapPort()), "-b", "", "-s", "base", "(objectClass=*)" }; assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0); String[] authArgs = { "--noPropertiesFile", "-h", "127.0.0.1", "-p", String.valueOf(TestCaseUtils.getServerLdapPort()), "-D", "cn=Directory Manager", "-w", "password", "-b", "", "-s", "base", "(objectClass=*)" }; assertEquals(LDAPSearch.mainSearch(authArgs, false, null, System.err), 0); } finally { DirectoryServer.setRejectUnauthenticatedRequests(false); } }
/** * Tests the whether the authenticated ADD,MODIFY,COMPARE,MODRDN and DELETE requests succeed with * the default configuration settings. * * @throws Exception If an unexpected problem occurs. */ @Test() public void testOtherOpsAuthDefCfg() throws Exception { DirectoryServer.setRejectUnauthenticatedRequests(false); assertEquals(performAddOperation(true), 0); assertEquals(performModifyOperation(true), 0); assertEquals(performCompareOperation(true), 0); assertEquals(performModRdnOperation(true), 0); assertEquals(performDeleteOperation(true), 0); }
/** * Tests whether an unauthenticated SEARCH request will be allowed with the default configuration * settings for "ds-cfg-reject-unauthenticated-requests". */ @Test() public void testUnauthSearchDefCfg() { DirectoryServer.setRejectUnauthenticatedRequests(false); String[] args = { "--noPropertiesFile", "-h", "127.0.0.1", "-p", String.valueOf(TestCaseUtils.getServerLdapPort()), "-b", "", "-s", "base", "(objectClass=*)" }; assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0); }