directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akaras...@apache.org
Subject svn commit: r599639 - in /directory/apacheds/branches/bigbang: core-unit/src/main/java/org/apache/directory/server/core/unit/ core-unit/src/test/java/org/apache/directory/server/core/authn/ core/src/main/java/org/apache/directory/server/core/ core/src/...
Date Thu, 29 Nov 2007 23:54:57 GMT
Author: akarasulu
Date: Thu Nov 29 15:54:56 2007
New Revision: 599639

URL: http://svn.apache.org/viewvc?rev=599639&view=rev
Log:
speed up a test and experimenting with features of JUnit 4.4

Added:
    directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/DirectoryServiceFactory.java
    directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/IntegrationUtils.java
    directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/TestMode.java
Modified:
    directory/apacheds/branches/bigbang/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
    directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
    directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java

Added: directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/DirectoryServiceFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/DirectoryServiceFactory.java?rev=599639&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/DirectoryServiceFactory.java (added)
+++ directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/DirectoryServiceFactory.java Thu Nov 29 15:54:56 2007
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.directory.server.core.unit;
+
+
+import org.apache.directory.server.core.DefaultDirectoryService;
+import org.apache.directory.server.core.DirectoryService;
+
+
+/**
+ * A factory used to generate differently configured DirectoryService objects.
+ * Since the DirectoryService itself is what is configured then a factory for
+ * these objects acts as a configurator.  Tests can provide different factory
+ * methods to be used.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public interface DirectoryServiceFactory
+{
+    /**
+     * The default factory returns stock instances of a directory
+     * service with smart defaults
+     */
+    DirectoryServiceFactory DEFAULT = new DirectoryServiceFactory()
+    {
+        public DirectoryService newInstance()
+        {
+            return new DefaultDirectoryService();
+        }
+    };
+
+    DirectoryService newInstance();
+}

Added: directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/IntegrationUtils.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/IntegrationUtils.java?rev=599639&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/IntegrationUtils.java (added)
+++ directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/IntegrationUtils.java Thu Nov 29 15:54:56 2007
@@ -0,0 +1,176 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.directory.server.core.unit;
+
+
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.shared.ldap.ldif.ChangeType;
+import org.apache.directory.shared.ldap.ldif.Entry;
+import org.apache.directory.shared.ldap.message.AttributeImpl;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.naming.InvalidNameException;
+import javax.naming.NamingException;
+import javax.naming.ldap.LdapContext;
+import java.io.File;
+import java.io.IOException;
+
+
+/**
+ * Integration test utility methods.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class IntegrationUtils
+{
+    private static final Logger LOG = LoggerFactory.getLogger( IntegrationUtils.class );
+
+
+    /**
+     * Deletes the working directory.
+     *
+     * @param wkdir the working directory to delete
+     * @throws IOException if the working directory cannot be deleted
+     */
+    public static void doDelete( File wkdir ) throws IOException
+    {
+        if ( wkdir.exists() )
+        {
+            try
+            {
+                FileUtils.deleteDirectory( wkdir );
+            }
+            catch ( IOException e )
+            {
+                LOG.error( "Failed to delete the working directory.", e );
+            }
+        }
+        if ( wkdir.exists() )
+        {
+            throw new IOException( "Failed to delete: " + wkdir );
+        }
+    }
+
+
+    public static Entry getUserAddLdif() throws InvalidNameException
+    {
+        return getUserAddLdif( "uid=akarasulu,ou=users,ou=system", "test".getBytes(), "Alex Karasulu", "Karasulu" );
+    }
+
+
+
+    public static void apply( LdapContext root, Entry entry ) throws NamingException
+    {
+        LdapDN dn = new LdapDN( entry.getDn() );
+
+        switch( entry.getChangeType().getChangeType() )
+        {
+            case( ChangeType.ADD_ORDINAL ):
+                root.createSubcontext( dn, entry.getAttributes() );
+                break;
+            case( ChangeType.DELETE_ORDINAL ):
+                root.destroySubcontext( entry.getDn() );
+                break;
+            case( ChangeType.MODDN_ORDINAL ):
+                LdapDN target = new LdapDN( entry.getNewSuperior() );
+                if ( entry.getNewRdn() != null )
+                {
+                    target.add( entry.getNewRdn() );
+                }
+                else
+                {
+                    target.add( dn.getRdn().toString() );
+                }
+
+                if ( entry.isDeleteOldRdn() )
+                {
+                    root.addToEnvironment( "java.naming.ldap.deleteRDN", "true" );
+                }
+                else
+                {
+                    root.addToEnvironment( "java.naming.ldap.deleteRDN", "false" );
+                }
+
+                root.rename( dn, target );
+                break;
+            case( ChangeType.MODRDN_ORDINAL ):
+                target = ( LdapDN ) dn.clone();
+                target.remove( dn.size() - 1 );
+                target.add( entry.getNewRdn() );
+
+                if ( entry.isDeleteOldRdn() )
+                {
+                    root.addToEnvironment( "java.naming.ldap.deleteRDN", "true" );
+                }
+                else
+                {
+                    root.addToEnvironment( "java.naming.ldap.deleteRDN", "false" );
+                }
+
+                root.rename( dn, target );
+                break;
+            case( ChangeType.MODIFY_ORDINAL ):
+                root.modifyAttributes( dn, entry.getModificationItemsArray() );
+                break;
+
+            default:
+                throw new IllegalStateException( "Unidentified change type value: " + entry.getChangeType() );
+        }
+    }
+
+
+    public static Entry getUserAddLdif( String dnstr, byte[] password, String cn, String sn )
+            throws InvalidNameException
+    {
+        LdapDN dn = new LdapDN( dnstr );
+        Entry ldif = new Entry();
+        ldif.setDn( dnstr );
+        ldif.setChangeType( ChangeType.Add );
+
+        AttributeImpl attr = new AttributeImpl( "objectClass", "top" );
+        attr.add( "person" );
+        attr.add( "organizationalPerson" );
+        attr.add( "inetOrgPerson" );
+        ldif.addAttribute( attr );
+
+        attr = new AttributeImpl( "ou", "Engineering" );
+        attr.add( "People" );
+        ldif.addAttribute( attr );
+
+        String uid = ( String ) dn.getRdn().getValue();
+        ldif.putAttribute( "uid", uid );
+
+        ldif.putAttribute( "l", "Bogusville" );
+        ldif.putAttribute( "cn", cn );
+        ldif.putAttribute( "sn", sn );
+        ldif.putAttribute( "mail", uid + "@apache.org" );
+        ldif.putAttribute( "telephoneNumber", "+1 408 555 4798" );
+        ldif.putAttribute( "facsimileTelephoneNumber", "+1 408 555 9751" );
+        ldif.putAttribute( "roomnumber", "4612" );
+        ldif.putAttribute( "userPassword", password );
+
+        String givenName = cn.split( " " )[0];
+        ldif.putAttribute( "givenName", givenName );
+        return ldif;
+    }
+}

Added: directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/TestMode.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/TestMode.java?rev=599639&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/TestMode.java (added)
+++ directory/apacheds/branches/bigbang/core-unit/src/main/java/org/apache/directory/server/core/unit/TestMode.java Thu Nov 29 15:54:56 2007
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.directory.server.core.unit;
+
+
+/**
+ * Different modes of conducting core tests.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public enum TestMode
+{
+    PRISTINE( 0, "Fresh test with full working directory cleanout." ),
+    RESTART( 1, "Working directories are not cleaned out but the core is restarted." ),
+    ROLLBACK( 2, "The server is not stopped, it's state is restored to the original startup state." ),
+    ADDITIVE( 3, "Nothing is done to the server which collects changes across tests." );
+    
+    public static final int PRISTINE_ORDINAL = 0;
+    public static final int RESTART_ORDINAL = 1;
+    public static final int ROLLBACK_ORDINAL = 2;
+    public static final int ADDITIVE_ORDINAL = 3;
+
+
+    public final int ordinal;
+    public final String description;
+
+
+    private TestMode( int ordinal, String description )
+    {
+        this.ordinal = ordinal;
+        this.description = description;
+    }
+}

Modified: directory/apacheds/branches/bigbang/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java?rev=599639&r1=599638&r2=599639&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java (original)
+++ directory/apacheds/branches/bigbang/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java Thu Nov 29 15:54:56 2007
@@ -21,25 +21,26 @@
 
 
 import org.apache.directory.server.core.DirectoryService;
-import org.apache.directory.server.core.unit.AbstractAdminTestCase;
-import org.apache.directory.shared.ldap.exception.LdapConfigurationException;
-import org.apache.directory.shared.ldap.exception.LdapNoPermissionException;
+import org.apache.directory.server.core.changelog.Tag;
+import org.apache.directory.server.core.unit.TestMode;
+import org.apache.directory.server.core.unit.DirectoryServiceFactory;
+import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
 import org.apache.directory.shared.ldap.message.AttributeImpl;
 import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.name.LdapDN;
 import org.apache.directory.shared.ldap.util.ArrayUtils;
+import static org.apache.directory.server.core.unit.IntegrationUtils.*;
+
+import org.junit.*;
+import static org.junit.Assert.*;
 
-import javax.naming.ConfigurationException;
-import javax.naming.Context;
-import javax.naming.InitialContext;
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-import javax.naming.ldap.InitialLdapContext;
-import java.io.File;
-import java.io.IOException;
-import java.util.Hashtable;
+import javax.naming.ldap.LdapContext;
+import java.util.Arrays;
+import java.util.List;
 
 
 /**
@@ -49,45 +50,154 @@
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$
  */
-public class SimpleAuthenticationITest extends AbstractAdminTestCase
+public class SimpleAuthenticationITest
 {
-    /**
-     * Cleans up old database files on creation.
-     * @throws IOException if we cannot delete some working directories
-     */
-    public SimpleAuthenticationITest() throws IOException
+    private static DirectoryService service;
+    private static Tag startTag;
+
+    private String password;
+    private TestMode mode = TestMode.ROLLBACK;
+    private DirectoryServiceFactory factory = DirectoryServiceFactory.DEFAULT;
+
+
+    public SimpleAuthenticationITest()
     {
-        doDelete( new File( "target" + File.separator + "eve" ) );
     }
 
 
-    /**
-     * Customizes setup for each test case.
-     *
-     * <ul>
-     *   <li>sets doDelete to false for test1AdminAccountCreation</li>
-     *   <li>sets doDelete to false for test2AccountExistsOnRestart</li>
-     *   <li>sets doDelete to true for all other cases</li>
-     *   <li>bypasses normal setup for test5BuildDbNoPassWithPrincAuthNone</li>
-     *   <li>bypasses normal setup for test4BuildDbNoPassNoPrincAuthNone</li>
-     *   <li>bypasses normal setup for test6BuildDbNoPassNotAdminPrinc</li>
-     * </ul>
-     *
-     * @throws Exception
-     */
-    protected void setUp() throws Exception
+    public SimpleAuthenticationITest( String password )
+    {
+        this.password = password;
+    }
+
+
+    public String getPassword()
+    {
+        return password;
+    }
+
+
+    @AfterClass
+    public static void afterClass() throws Exception
+    {
+        if ( service != null && service.isStarted() )
+        {
+            service.shutdown();
+        }
+
+        if ( service != null )
+        {
+            doDelete( service.getWorkingDirectory() );
+        }
+
+        service = null;
+    }
+
+
+    @Before
+    public void setUp() throws Exception
+    {
+        if ( service == null )
+        {
+            service = factory.newInstance();
+        }
+
+        if ( mode == TestMode.PRISTINE )
+        {
+            doDelete( service.getWorkingDirectory() );
+        }
+
+        if ( mode == TestMode.ROLLBACK )
+        {
+            service.getChangeLog().setEnabled( true );
+        }
+
+        if ( ! service.isStarted() )
+        {
+            service.startup();
+        }
+
+        startTag = service.getChangeLog().tag();
+    }
+
+
+    @After
+    public void tearDown() throws Exception
+    {
+        switch( mode.ordinal )
+        {
+            case( TestMode.PRISTINE_ORDINAL ):
+                service.shutdown();
+                doDelete( service.getWorkingDirectory() );
+                service = null;
+                break;
+            case( TestMode.RESTART_ORDINAL ):
+                service.startup();
+                break;
+            case( TestMode.ROLLBACK_ORDINAL ):
+                if ( startTag != null && ( startTag.getRevision() < service.getChangeLog().getCurrentRevision() ) )
+                {
+                    service.revert( startTag.getRevision() );
+                }
+                break;
+            case( TestMode.ADDITIVE_ORDINAL ):
+                break;
+            default:
+                throw new IllegalStateException( "Unidentified test mode: " + mode.ordinal );
+        }
+    }
+
+
+    public static LdapContext getRootDSE() throws NamingException
+    {
+        if ( service.isStarted() )
+        {
+            LdapDN dn = new LdapDN( "uid=admin,ou=system" );
+            dn.normalize( service.getRegistries().getAttributeTypeRegistry().getNormalizerMapping() );
+            return service.getJndiContext( new LdapPrincipal( dn, AuthenticationLevel.SIMPLE ) );
+        }
+
+        throw new IllegalStateException( "Cannot acquire rootDSE before the service has been started!" );
+    }
+
+
+    public static LdapContext getRootDSE( String bindDn ) throws NamingException
+    {
+        if ( service.isStarted() )
+        {
+            LdapDN dn = new LdapDN( bindDn );
+            dn.normalize( service.getRegistries().getAttributeTypeRegistry().getNormalizerMapping() );
+            return service.getJndiContext( new LdapPrincipal( dn, AuthenticationLevel.SIMPLE ) );
+        }
+
+        throw new IllegalStateException( "Cannot acquire rootDSE before the service has been started!" );
+    }
+
+
+    public static LdapContext getSystemRoot() throws NamingException
     {
-        super.doDelete = !( getName().equals( "test1AdminAccountCreation" ) || getName().equals(
-            "test2AccountExistsOnRestart" ) );
+        if ( service.isStarted() )
+        {
+            LdapDN dn = new LdapDN( "uid=admin,ou=system" );
+            dn.normalize( service.getRegistries().getAttributeTypeRegistry().getNormalizerMapping() );
+            return service.getJndiContext( new LdapPrincipal(
+                    dn, AuthenticationLevel.SIMPLE ), "ou=system" );
+        }
 
-        if ( getName().equals( "test5BuildDbNoPassWithPrincAuthNone" )
-            || getName().equals( "test6BuildDbNoPassNotAdminPrinc" )
-            || getName().equals( "test4BuildDbNoPassNoPrincAuthNone" ) )
+        throw new IllegalStateException( "Cannot acquire rootDSE before the service has been started!" );
+    }
+
+
+    public static LdapContext getSystemRoot( String bindDn ) throws NamingException
+    {
+        if ( service.isStarted() )
         {
-            return;
+            LdapDN dn = new LdapDN( bindDn );
+            dn.normalize( service.getRegistries().getAttributeTypeRegistry().getNormalizerMapping() );
+            return service.getJndiContext( new LdapPrincipal( dn, AuthenticationLevel.SIMPLE ), "ou=system" );
         }
 
-        super.setUp();
+        throw new IllegalStateException( "Cannot acquire rootDSE before the service has been started!" );
     }
 
 
@@ -108,45 +218,41 @@
 
 
     /**
-     * Check the creation of the admin account.
+     * Check the creation of the admin account and persistence across restarts.
      *
      * @throws NamingException if there are failures
      */
-    public void test1AdminAccountCreation() throws NamingException
+    @Test
+    public void testAdminAccountCreation() throws NamingException
     {
-        DirContext ctx = ( DirContext ) sysRoot.lookup( "uid=admin" );
-        Attributes attrs = ctx.getAttributes( "" );
+        String userDn = "uid=admin,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn,
+                "secret".getBytes(), "simple", "ou=system" );
+        Attributes attrs = ctx.getAttributes( "uid=admin" );
         performAdminAccountChecks( attrs );
         assertTrue( ArrayUtils.isEquals( attrs.get( "userPassword" ).get(), "secret".getBytes() ) );
-    }
-
+        ctx.close();
 
-    /**
-     * Check the creation of the admin account even after a restart.
-     *
-     * @throws NamingException if there are failures
-     */
-    public void test2AccountExistsOnRestart() throws NamingException
-    {
-        DirContext ctx = ( DirContext ) sysRoot.lookup( "uid=admin" );
-        Attributes attrs = ctx.getAttributes( "" );
+        service.shutdown();
+        service.startup();
 
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn,
+                "secret".getBytes(), "simple", "ou=system" );
+        attrs = ctx.getAttributes( "uid=admin" );
         performAdminAccountChecks( attrs );
         assertTrue( ArrayUtils.isEquals( attrs.get( "userPassword" ).get(), "secret".getBytes() ) );
+        ctx.close();
     }
 
 
+    @Test
     public void test3UseAkarasulu() throws NamingException
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext ic = new InitialDirContext( env );
-        Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+
+        Attributes attrs = ctx.getAttributes( "" );
         Attribute ou = attrs.get( "ou" );
         assertTrue( ou.contains( "Engineering" ) );
         assertTrue( ou.contains( "People" ) );
@@ -170,140 +276,16 @@
 
 
     /**
-     * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION
-     * is set to "none" when trying to bootstrap the system.  Only the admin
-     * user is allowed to bootstrap.
-     *
-     * @throws Exception if anything goes wrong
-     */
-    public void test4BuildDbNoPassNoPrincAuthNone() throws Exception
-    {
-        // clean out the database
-        tearDown();
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.SECURITY_AUTHENTICATION, "none" );
-        service.setAllowAnonymousAccess( false );
-        service.startup();
-
-        try
-        {
-            setContextRoots( env );
-            fail( "should not get here due to exception" );
-        }
-        catch ( LdapNoPermissionException e )
-        {
-        }
-        tearDown();
-
-        // ok this should start up the system now as admin
-        env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.SECURITY_AUTHENTICATION, "none" );
-        service.setAllowAnonymousAccess( true );
-        service.startup();
-
-        setContextRoots( env );
-        assertNotNull( sysRoot );
-
-        // now go in as anonymous user and we should be ok
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialLdapContext initial = new InitialLdapContext( env, null );
-
-        try
-        {
-            initial.lookup( "uid=admin" );
-            fail( "should not get here due to exception cuz anonymous user is "
-                + "not allowed read access to the admin account entry" );
-        }
-        catch ( LdapConfigurationException e )
-        {
-        }
-        catch ( LdapNoPermissionException e )
-        {
-        }
-    }
-
-
-    /**
-     * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION
-     * is set to "none" when trying to bootstrap the system even when the
-     * principal is set to the admin user.  Only the admin user is allowed to
-     * bootstrap.  This is a configuration issue or a nonsense set of property
-     * values.
-     *
-     * @throws Exception if anything goes wrong
-     */
-    public void test5BuildDbNoPassWithPrincAuthNone() throws Exception
-    {
-        // clean out the database
-        tearDown();
-        doDelete( new File( "target" + File.separator + "eve" ) );
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.SECURITY_AUTHENTICATION, "none" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
-        service.startup();
-
-        try
-        {
-            setContextRoots( env );
-            fail( "should not get here due to exception" );
-        }
-        catch ( ConfigurationException e )
-        {
-        }
-    }
-
-
-    /**
-     * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION
-     * is set to "simple" when trying to bootstrap the system but the admin is
-     * not the principal.  Only the admin user is allowed to bootstrap.
-     * Subsequent calls can 'bind' (authenticate in our case since there is no
-     * network connection) anonymously though.
-     *
-     * @throws Exception if anything goes wrong
-     */
-    public void test6BuildDbNoPassNotAdminPrinc() throws Exception
-    {
-        // clean out the database
-        tearDown();
-        doDelete( new File( "target" + File.separator + "eve" ) );
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        service.startup();
-
-        try
-        {
-            setContextRoots( env );
-            fail( "should not get here due to exception" );
-        }
-        catch ( ConfigurationException e )
-        {
-        }
-    }
-
-
-    /**
      * Tests to make sure we can authenticate after the database has already
      * been started by the admin user when simple authentication is in effect.
      *
      * @throws Exception if anything goes wrong
      */
+    @Test
     public void test8PassPrincAuthTypeSimple() throws Exception
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        assertNotNull( new InitialContext( env ) );
+        String userDn = "uid=admin,ou=system";
+        assertNotNull( service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn ) );
     }
 
 
@@ -313,30 +295,23 @@
      *
      * @throws Exception if anything goes wrong
      */
+    @Test
     public void test10TestNonAdminUser() throws Exception
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        assertNotNull( new InitialContext( env ) );
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        assertNotNull( service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn ) );
     }
 
 
+    @Test
     public void test11InvalidateCredentialCache() throws NamingException
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext ic = new InitialDirContext( env );
-        Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+        assertNotNull( ctx );
+        Attributes attrs = ctx.getAttributes( "" );
         Attribute ou = attrs.get( "ou" );
         assertTrue( ou.contains( "Engineering" ) );
         assertTrue( ou.contains( "People" ) );
@@ -356,30 +331,28 @@
         assertTrue( attrs.get( "cn" ).contains( "Alex Karasulu" ) );
         assertTrue( attrs.get( "facsimiletelephonenumber" ).contains( "+1 408 555 9751" ) );
         assertTrue( attrs.get( "roomnumber" ).contains( "4612" ) );
-        
+
         // now modify the password for akarasulu
         AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "newpwd" );
-        ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
             new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
-        
+
         // close and try with old password (should fail)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
+        ctx.close();
         try
         {
-            ic = new InitialDirContext( env );
+            service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
             fail( "Authentication with old password should fail" );
         }
         catch ( NamingException e )
         {
-            // we should fail 
+            // we should fail
         }
 
         // close and try again now with new password (should fail)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "newpwd" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        ctx.close();
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "newpwd".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         ou = attrs.get( "ou" );
         assertTrue( ou.contains( "Engineering" ) );
         assertTrue( ou.contains( "People" ) );
@@ -401,316 +374,369 @@
         assertTrue( attrs.get( "roomnumber" ).contains( "4612" ) );
     }
 
+
+    // @Parameterized.Parameters
+    public static List<?> getHashedSecrets()
+    {
+        //noinspection RedundantArrayCreation
+        return Arrays.asList( new Object[] {
+                "",
+                "",
+                ""
+        } );
+    }
+
+
+    // @RunWith(Parameterized.class)
+    @Ignore ( "This test was put here just to figure out how to use parameterization in junit 4" )
+    public void testHashedAuthentication() throws NamingException
+    {
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+
+        // Check that we can get the attributes
+        Attributes attrs = ctx.getAttributes( "" );
+        assertNotNull( attrs );
+        assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+        // now modify the password for akarasulu : 'secret', encrypted using SHA
+        AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", password );
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
+            new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
+
+        // close and try with old password (should fail)
+        ctx.close();
+
+        try
+        {
+            ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+            fail( "Authentication with old password should fail" );
+        }
+        catch ( NamingException e )
+        {
+            // we should fail
+        }
+        finally
+        {
+            if ( ctx != null )
+            {
+                ctx.close();
+            }
+        }
+
+        // try again now with new password (should be successfull)
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
+        assertNotNull( attrs );
+        assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+        // close and try again now with new password, to check that the
+        // cache is updated (should be successfull)
+        ctx.close();
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
+        assertNotNull( attrs );
+        assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+    }
+
+
+    @Test
     public void testSHA() throws NamingException
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext ic = new InitialDirContext( env );
-        
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+
         // Check that we can get the attributes
-        Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        Attributes attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
-        
+
         // now modify the password for akarasulu : 'secret', encrypted using SHA
         AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SHA}5en6G6MezRroT3XKqkdPOmY/BfQ=" );
-        ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
             new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
-        
+
         // close and try with old password (should fail)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        
+        ctx.close();
+
         try
         {
-            ic = new InitialDirContext( env );
+            ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
             fail( "Authentication with old password should fail" );
         }
         catch ( NamingException e )
         {
-            // we should fail 
+            // we should fail
+        }
+        finally
+        {
+            if ( ctx != null )
+            {
+                ctx.close();
+            }
         }
 
-        // close and try again now with new password (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        // try again now with new password (should be successfull)
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
 
         // close and try again now with new password, to check that the
         // cache is updated (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        ctx.close();
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
     }
 
+
+    @Test
     public void testSSHA() throws NamingException
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext ic = new InitialDirContext( env );
-        
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+
         // Check that we can get the attributes
-        Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        Attributes attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
-        
+
         // now modify the password for akarasulu : 'secret', encrypted using SHA
         AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SSHA}mjVVxasFkk59wMW4L1Ldt+YCblfhULHs03WW7g==" );
-        ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
             new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
-        
+
         // close and try with old password (should fail)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        
+        ctx.close();
+
         try
         {
-            ic = new InitialDirContext( env );
+            ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
             fail( "Authentication with old password should fail" );
         }
         catch ( NamingException e )
         {
-            // we should fail 
+            // we should fail
+        }
+        finally
+        {
+            if ( ctx != null )
+            {
+                ctx.close();
+            }
         }
 
-        // close and try again now with new password (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        // try again now with new password (should be successfull)
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
 
         // close and try again now with new password, to check that the
         // cache is updated (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
     }
 
 
+    @Test
     public void testMD5() throws NamingException
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext ic = new InitialDirContext( env );
-        
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+
         // Check that we can get the attributes
-        Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        Attributes attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
-        
+
         // now modify the password for akarasulu : 'secret', encrypted using MD5
         AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ==" );
-        ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
             new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
-        
+
         // close and try with old password (should fail)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        
+        ctx.close();
+
         try
         {
-            ic = new InitialDirContext( env );
+            ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
             fail( "Authentication with old password should fail" );
         }
         catch ( NamingException e )
         {
-            // we should fail 
+            // we should fail
+        }
+        finally
+        {
+            if ( ctx != null )
+            {
+                ctx.close();
+            }
         }
 
-        // close and try again now with new password (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        // try again now with new password (should be successfull)
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
 
-        // close and try again now with new password, to check that the
+        // try again now with new password, to check that the
         // cache is updated (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
     }
 
 
+    @Test
     public void testSMD5() throws NamingException
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext ic = new InitialDirContext( env );
-        
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+
         // Check that we can get the attributes
-        Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        Attributes attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
-        
+
         // now modify the password for akarasulu : 'secret', encrypted using SHA
         AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SMD5}tQ9wo/VBuKsqBtylMMCcORbnYOJFMyDJ" );
-        ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
             new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
-        
+
         // close and try with old password (should fail)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        
+        ctx.close();
+
         try
         {
-            ic = new InitialDirContext( env );
+            ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
             fail( "Authentication with old password should fail" );
         }
         catch ( NamingException e )
         {
-            // we should fail 
+            // we should fail
+        }
+        finally
+        {
+            if ( ctx != null )
+            {
+                ctx.close();
+            }
         }
 
-        // close and try again now with new password (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        // try again now with new password (should be successfull)
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
 
-        // close and try again now with new password, to check that the
+        // try again now with new password, to check that the
         // cache is updated (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
     }
 
+
+    @Test
     public void testCRYPT() throws NamingException
     {
-        Hashtable<String,Object> env = new Hashtable<String,Object>();
-        env.put( DirectoryService.JNDI_KEY, super.service );
-        env.put( Context.PROVIDER_URL, "ou=system" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext ic = new InitialDirContext( env );
-        
+        apply( getRootDSE(), getUserAddLdif() );
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+
         // Check that we can get the attributes
-        Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        Attributes attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
-        
+
         // now modify the password for akarasulu : 'secret', encrypted using CRYPT
         AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{crypt}qFkH8Z1woBlXw" );
-        ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
             new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
-        
+
         // close and try with old password (should fail)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "test" );
-        
+        ctx.close();
+
         try
         {
-            ic = new InitialDirContext( env );
+            ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
             fail( "Authentication with old password should fail" );
         }
         catch ( NamingException e )
         {
-            // we should fail 
+            // we should fail
+        }
+        finally
+        {
+            if ( ctx != null )
+            {
+                ctx.close();
+            }
         }
 
-        // close and try again now with new password (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        // try again now with new password (should be successfull)
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
 
-        // close and try again now with new password, to check that the
+        // try again now with new password, to check that the
         // cache is updated (should be successfull)
-        ic.close();
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        ic = new InitialDirContext( env );
-        attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+        attrs = ctx.getAttributes( "" );
         assertNotNull( attrs );
         assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
     }
-    
-    /**
-     * @see <a ref="https://issues.apache.org/jira/browse/DIRSERVER-1001"/>
-     * @throws NamingException on errors
-     */
+
+
+    @Test
     public void testInvalidateCredentialCacheForUpdatingAnotherUsersPassword() throws NamingException
     {
+        apply( getRootDSE(), getUserAddLdif() );
+
         // bind as akarasulu
-        Hashtable<String,Object> envUser = new Hashtable<String,Object>();
-        envUser.put( DirectoryService.JNDI_KEY, super.service );
-        envUser.put( Context.PROVIDER_URL, "ou=system" );
-        envUser.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
-        envUser.put( Context.SECURITY_CREDENTIALS, "test" );
-        envUser.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        envUser.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext idcUser = new InitialDirContext( envUser );
-        idcUser.close();
-        
+        String userDn = "uid=akarasulu,ou=users,ou=system";
+        LdapContext ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
+        ctx.close();
+
         // bind as admin
-        Hashtable<String,Object> envAdmin = new Hashtable<String,Object>();
-        envAdmin.put( DirectoryService.JNDI_KEY, super.service );
-        envAdmin.put( Context.PROVIDER_URL, "ou=system" );
-        envAdmin.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
-        envAdmin.put( Context.SECURITY_CREDENTIALS, "secret" );
-        envAdmin.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        envAdmin.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        InitialDirContext idcAdmin = new InitialDirContext( envAdmin );
-        
+        userDn = "uid=admin,ou=system";
+        ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "secret".getBytes(), "simple", userDn );
+
         // now modify the password for akarasulu (while we're admin)
         AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "newpwd" );
-        idcAdmin.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] { 
+        ctx.modifyAttributes( "", new ModificationItemImpl[] {
             new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
-        idcAdmin.close();
-        
-        // try to bind as akarasulu with old password
-        envUser.put( Context.SECURITY_CREDENTIALS, "test" );
+        ctx.close();
+
         try
         {
-            new InitialDirContext( envUser );
+            ctx = service.getJndiContext( new LdapDN( userDn ), userDn, "test".getBytes(), "simple", userDn );
             fail( "Authentication with old password should fail" );
         }
         catch ( NamingException e )
         {
             // we should fail
+        }
+        finally
+        {
+            if ( ctx != null )
+            {
+                ctx.close();
+            }
         }
     }
 }

Modified: directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java?rev=599639&r1=599638&r2=599639&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java (original)
+++ directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java Thu Nov 29 15:54:56 2007
@@ -121,6 +121,8 @@
     /** the change log service */
     private ChangeLog changeLog;
 
+    private LdapDN adminDn;
+
     /** remove me after implementation is completed */
     private static final String PARTIAL_IMPL_WARNING =
             "WARNING: the changelog is only partially operational and will revert\n" +
@@ -581,8 +583,7 @@
             throw new IllegalArgumentException( "revision must be less than the current revision" );
         }
 
-        DirContext ctx = getJndiContext( new LdapPrincipal( new LdapDN( "uid=admin,ou=system" ),
-                AuthenticationLevel.SIMPLE ) );
+        DirContext ctx = getJndiContext( new LdapPrincipal( adminDn, AuthenticationLevel.SIMPLE ) );
         Cursor<ChangeLogEvent> cursor = changeLog.getChangeLogStore().findAfter( revision );
 
         /*
@@ -689,6 +690,9 @@
         showSecurityWarnings();
         started = true;
         
+        adminDn = new LdapDN( DefaultPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+        adminDn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
+
         if ( !testEntries.isEmpty() )
         {
             createTestEntries();
@@ -1143,8 +1147,7 @@
      */
     private void createTestEntries() throws NamingException
     {
-        LdapPrincipal principal = new LdapPrincipal( new LdapDN( PartitionNexus.ADMIN_PRINCIPAL ),
-                AuthenticationLevel.SIMPLE );
+        LdapPrincipal principal = new LdapPrincipal( adminDn, AuthenticationLevel.SIMPLE );
         ServerLdapContext ctx = new ServerLdapContext( this, principal, new LdapDN() );
 
         for ( Entry testEntry : testEntries )

Modified: directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java?rev=599639&r1=599638&r2=599639&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java (original)
+++ directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java Thu Nov 29 15:54:56 2007
@@ -67,6 +67,10 @@
     public LdapPrincipal( LdapDN name, AuthenticationLevel authenticationLevel )
     {
         this.name = name;
+        if ( ! name.isNormalized() )
+        {
+            throw new IllegalStateException( "Names used for principals must be normalized!" );
+        }
         this.authenticationLevel = authenticationLevel;
         this.userPassword = null;
     }



Mime
View raw message