コード例 #1
0
  /**
   * Tests whether the Who Am I? extended operation with an internal authenticated connection
   * succeeds with default setting of "ds-cfg-reject-unauthenticated-requests".
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test()
  public void testAuthWAIDefCfg() throws Exception {
    DirectoryServer.setRejectUnauthenticatedRequests(false);

    Socket s = new Socket("127.0.0.1", TestCaseUtils.getServerLdapPort());
    LDAPReader reader = new LDAPReader(s);
    LDAPWriter writer = new LDAPWriter(s);

    AtomicInteger nextMessageID = new AtomicInteger(1);
    LDAPAuthenticationHandler authHandler =
        new LDAPAuthenticationHandler(reader, writer, "localhost", nextMessageID);
    authHandler.doSimpleBind(
        3,
        ByteString.valueOf("cn=Directory Manager"),
        ByteString.valueOf("password"),
        new ArrayList<Control>(),
        new ArrayList<Control>());
    ByteString authzID = authHandler.requestAuthorizationIdentity();
    assertNotNull(authzID);

    LDAPMessage unbindMessage =
        new LDAPMessage(nextMessageID.getAndIncrement(), new UnbindRequestProtocolOp());
    writer.writeMessage(unbindMessage);
    s.close();
  }
コード例 #2
0
  /**
   * Tests the {@code getRawAuthorizationDN} and {@code setRawAuthorizationDN} methods.
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test()
  public void testGetAndSetRawAuthorizationDN() throws Exception {
    ProxiedAuthV1Control proxyControl = new ProxiedAuthV1Control(ByteString.valueOf(""));
    assertEquals(proxyControl.getRawAuthorizationDN(), ByteString.valueOf(""));

    proxyControl = new ProxiedAuthV1Control(ByteString.valueOf("uid=test,o=test"));
    assertEquals(proxyControl.getRawAuthorizationDN(), ByteString.valueOf("uid=test,o=test"));
  }
コード例 #3
0
  /**
   * Tests whether an authenticated BIND request will be allowed with the default configuration
   * settings for "ds-cfg-reject-unauthenticated-requests" .
   */
  @Test()
  public void testAuthBindDefCfg() {
    DirectoryServer.setRejectUnauthenticatedRequests(false);

    InternalClientConnection conn = new InternalClientConnection(new AuthenticationInfo());
    ByteString user = ByteString.valueOf("cn=Directory Manager");
    ByteString password = ByteString.valueOf("password");
    BindOperation bindOperation = conn.processSimpleBind(user, password);
    assertEquals(bindOperation.getResultCode(), ResultCode.SUCCESS);
  }
コード例 #4
0
 /**
  * Verifies that the server will reject a CRAM-MD5 bind in which the first message contains SASL
  * credentials (which isn't allowed).
  *
  * @throws Exception If an unexpected problem occurs.
  */
 @Test()
 public void testOutOfSequenceBind() throws Exception {
   InternalClientConnection conn = new InternalClientConnection(new AuthenticationInfo());
   BindOperation bindOperation =
       conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, ByteString.valueOf("invalid"));
   assertFalse(bindOperation.getResultCode() == ResultCode.SUCCESS);
 }
コード例 #5
0
  /**
   * Tests the {@code decodeControl} method when the control value is not a sequence.
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test(expectedExceptions = {DirectoryException.class})
  public void testDecodeControlValueNotSequence() throws Exception {
    LDAPControl c =
        new LDAPControl(OID_PROXIED_AUTH_V1, true, ByteString.valueOf("uid=test,o=test"));

    ProxiedAuthV1Control.DECODER.decode(c.isCritical(), c.getValue());
  }
コード例 #6
0
  /**
   * Tests whether authenticated and unauthenticated BIND requests will be allowed with the new
   * configuration settings for "ds-cfg-reject-unauthenticated-requests" .
   */
  @Test
  public void testBindNewCfg() {
    try {
      DirectoryServer.setRejectUnauthenticatedRequests(true);

      InternalClientConnection conn = new InternalClientConnection(new AuthenticationInfo());
      ByteString user = ByteString.valueOf("cn=Directory Manager");
      ByteString password = ByteString.valueOf("password");
      // Unauthenticated BIND request.
      BindOperation bindOperation = conn.processSimpleBind(DN.nullDN(), null);
      assertEquals(bindOperation.getResultCode(), ResultCode.SUCCESS);
      // Authenticated BIND request.
      bindOperation = conn.processSimpleBind(user, password);
      assertEquals(bindOperation.getResultCode(), ResultCode.SUCCESS);
    } finally {
      DirectoryServer.setRejectUnauthenticatedRequests(false);
    }
  }
コード例 #7
0
  /**
   * Verifies that the server will reject a CRAM-MD5 bind with credentials containing a malformed
   * digest.
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test()
  public void testMalformedDigest() throws Exception {
    InternalClientConnection conn = new InternalClientConnection(new AuthenticationInfo());
    BindOperation bindOperation = conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, null);
    assertEquals(bindOperation.getResultCode(), ResultCode.SASL_BIND_IN_PROGRESS);

    ByteString creds = ByteString.valueOf("dn:cn=Directory Manager malformeddigest");
    bindOperation = conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, creds);
    assertFalse(bindOperation.getResultCode() == ResultCode.SUCCESS);
  }
コード例 #8
0
  /**
   * Tests the {@code toString} methods.
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test()
  public void testToString() throws Exception {
    // The default toString() calls the version that takes a string builder
    // argument, so we only need to use the default version to cover both cases.
    ProxiedAuthV1Control proxyControl =
        new ProxiedAuthV1Control(ByteString.valueOf("uid=test,o=test"));
    proxyControl.toString();

    proxyControl = new ProxiedAuthV1Control(DN.decode("uid=test,o=test"));
    proxyControl.toString();
  }
コード例 #9
0
  /**
   * Tests the first constructor, which creates an instance of the control using a raw, unprocessed
   * DN.
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test()
  public void testConstructor1() throws Exception {
    // Try a DN of "null", which is not valid and will fail on the attempt to
    // create the control
    ProxiedAuthV1Control proxyControl;
    try {
      proxyControl = new ProxiedAuthV1Control((ByteString) null);
      throw new AssertionError(
          "Expected a failure when creating a proxied "
              + "auth V1 control with a null octet string.");
    } catch (Throwable t) {
    }

    // Try an empty DN, which is acceptable.
    proxyControl = new ProxiedAuthV1Control(ByteString.valueOf(""));
    assertTrue(proxyControl.getOID().equals(OID_PROXIED_AUTH_V1));
    assertTrue(proxyControl.isCritical());
    assertTrue(proxyControl.getAuthorizationDN().isNullDN());

    // Try a valid DN, which is acceptable.
    proxyControl = new ProxiedAuthV1Control(ByteString.valueOf("uid=test,o=test"));
    assertTrue(proxyControl.getOID().equals(OID_PROXIED_AUTH_V1));
    assertTrue(proxyControl.isCritical());
    assertEquals(proxyControl.getAuthorizationDN(), DN.decode("uid=test,o=test"));

    // Try an invalid DN, which will be initally accepted but will fail when
    // attempting to get the authorization DN.
    proxyControl = new ProxiedAuthV1Control(ByteString.valueOf("invalid"));
    assertTrue(proxyControl.getOID().equals(OID_PROXIED_AUTH_V1));
    assertTrue(proxyControl.isCritical());
    try {
      proxyControl.getAuthorizationDN();
      throw new AssertionError(
          "Expected a failure when creating a proxied "
              + "auth V1 control with an invalid DN string.");
    } catch (Exception e) {
    }
  }
コード例 #10
0
  /**
   * Tests the {@code decodeControl} method when the control value is a sequence with multiple
   * elements.
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test
  public void testDecodeControlValueMultiElementSequence() throws Exception {
    ByteStringBuilder bsb = new ByteStringBuilder();
    ASN1Writer writer = ASN1.getWriter(bsb);
    writer.writeStartSequence();
    writer.writeOctetString("uid=element1,o=test");
    writer.writeOctetString("uid=element2,o=test");
    writer.writeEndSequence();
    LDAPControl c = new LDAPControl(OID_PROXIED_AUTH_V1, true, bsb.toByteString());

    assertEquals(
        ByteString.valueOf("uid=element1,o=test"),
        ProxiedAuthV1Control.DECODER.decode(c.isCritical(), c.getValue()).getRawAuthorizationDN());
  }