directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akaras...@apache.org
Subject svn commit: r683842 - in /directory/apacheds/branches/bigbang: core-integ/src/test/java/org/apache/directory/server/core/jndi/ server-integ/ server-integ/src/test/java/org/apache/directory/server/operations/bind/ server-unit/src/test/java/org/apache/di...
Date Fri, 08 Aug 2008 04:19:06 GMT
Author: akarasulu
Date: Thu Aug  7 21:19:06 2008
New Revision: 683842

URL: http://svn.apache.org/viewvc?rev=683842&view=rev
Log:
moving various server unit tests in MiscTest to proper places in core-integ and in server-integ

Added:
    directory/apacheds/branches/bigbang/server-integ/src/test/java/org/apache/directory/server/operations/bind/MiscBindIT.java
Removed:
    directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/MiscTest.java
Modified:
    directory/apacheds/branches/bigbang/core-integ/src/test/java/org/apache/directory/server/core/jndi/SearchIT.java
    directory/apacheds/branches/bigbang/server-integ/pom.xml

Modified: directory/apacheds/branches/bigbang/core-integ/src/test/java/org/apache/directory/server/core/jndi/SearchIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core-integ/src/test/java/org/apache/directory/server/core/jndi/SearchIT.java?rev=683842&r1=683841&r2=683842&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/core-integ/src/test/java/org/apache/directory/server/core/jndi/SearchIT.java
(original)
+++ directory/apacheds/branches/bigbang/core-integ/src/test/java/org/apache/directory/server/core/jndi/SearchIT.java
Thu Aug  7 21:19:06 2008
@@ -361,6 +361,44 @@
     }
 
 
+    /**
+     * Tests to make sure undefined attributes in filter assertions are pruned and do not
+     * result in exceptions.
+     */
+    @Test
+    public void testBogusAttributeInSearchFilter() throws Exception
+    {
+        boolean oldSetAllowAnnonymousAccess = service.isAllowAnonymousAccess();
+        service.setAllowAnonymousAccess( true );
+
+        LdapContext sysRoot = getSystemContext( service );
+        SearchControls cons = new SearchControls();
+        NamingEnumeration<SearchResult> e = sysRoot.search( "", "(bogusAttribute=abc123)",
cons );
+        assertNotNull( e );
+        
+        e = sysRoot.search( "", "(!(bogusAttribute=abc123))", cons );
+        assertNotNull( e );
+        assertFalse( e.hasMore() );
+        
+        e = sysRoot.search( "", "(|(bogusAttribute=abc123)(bogusAttribute=abc123))", cons
);
+        assertNotNull( e );
+        assertFalse( e.hasMore() );
+        
+        e = sysRoot.search( "", "(|(bogusAttribute=abc123)(ou=abc123))", cons );
+        assertNotNull( e );
+        assertFalse( e.hasMore() );
+
+        e = sysRoot.search( "", "(OBJECTclass=*)", cons );
+        assertNotNull( e );
+        assertTrue( e.hasMore() );
+
+        e = sysRoot.search( "", "(objectclass=*)", cons );
+        assertNotNull( e );
+        
+        service.setAllowAnonymousAccess( oldSetAllowAnnonymousAccess );
+    }
+
+
     @Test
     public void testSearchFilterArgs() throws Exception
     {

Modified: directory/apacheds/branches/bigbang/server-integ/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-integ/pom.xml?rev=683842&r1=683841&r2=683842&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/server-integ/pom.xml (original)
+++ directory/apacheds/branches/bigbang/server-integ/pom.xml Thu Aug  7 21:19:06 2008
@@ -87,6 +87,7 @@
             <include>**/*ISuite.java</include>
             <include>**/*IndexedNegationSearchIT.java</include>
             <include>**/*LdapsIT.java</include>
+            <include>**/*MiscBindIT.java</include>
           </includes>
         </configuration>
       </plugin>

Added: directory/apacheds/branches/bigbang/server-integ/src/test/java/org/apache/directory/server/operations/bind/MiscBindIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-integ/src/test/java/org/apache/directory/server/operations/bind/MiscBindIT.java?rev=683842&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/server-integ/src/test/java/org/apache/directory/server/operations/bind/MiscBindIT.java
(added)
+++ directory/apacheds/branches/bigbang/server-integ/src/test/java/org/apache/directory/server/operations/bind/MiscBindIT.java
Thu Aug  7 21:19:06 2008
@@ -0,0 +1,492 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.operations.bind;
+
+
+import java.util.HashMap;
+import java.util.Hashtable;
+import java.util.Map;
+
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.NoPermissionException;
+import javax.naming.OperationNotSupportedException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.ldap.InitialLdapContext;
+
+import org.apache.directory.server.core.DefaultDirectoryService;
+import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.server.core.entry.DefaultServerEntry;
+import org.apache.directory.server.core.entry.ServerEntry;
+import org.apache.directory.server.core.integ.IntegrationUtils;
+import org.apache.directory.server.core.integ.Level;
+import org.apache.directory.server.core.integ.annotations.CleanupLevel;
+import org.apache.directory.server.core.integ.annotations.Factory;
+import org.apache.directory.server.integ.LdapServerFactory;
+import org.apache.directory.server.integ.SiRunner;
+import org.apache.directory.server.newldap.LdapServer;
+import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.SimpleMechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.cramMD5.CramMd5MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.digestMD5.DigestMd5MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.gssapi.GssapiMechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.ntlm.NtlmMechanismHandler;
+import org.apache.directory.server.newldap.handlers.extended.StoredProcedureExtendedOperationHandler;
+import org.apache.directory.server.protocol.shared.SocketAcceptor;
+import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
+import org.apache.directory.shared.asn1.util.Asn1StringUtils;
+import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
+import org.apache.directory.shared.ldap.message.AttributeImpl;
+import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.message.MutableControl;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.ArrayUtils;
+import org.apache.mina.util.AvailablePortFinder;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import static org.junit.Assert.fail;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+
+
+/**
+ * A set of miscellaneous tests.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 682556 $
+ */
+@RunWith ( SiRunner.class ) 
+@CleanupLevel ( Level.CLASS )
+@Factory ( MiscBindIT.Factory.class )
+public class MiscBindIT
+{
+    public static LdapServer ldapServer;
+
+    
+    public static class Factory implements LdapServerFactory
+    {
+        public LdapServer newInstance() throws Exception
+        {
+            DirectoryService service = new DefaultDirectoryService();
+            IntegrationUtils.doDelete( service.getWorkingDirectory() );
+            service.getChangeLog().setEnabled( true );
+            service.setAllowAnonymousAccess( true );
+            service.setShutdownHookEnabled( false );
+
+            JdbmPartition apache = new JdbmPartition();
+            apache.setId( "apache" );
+
+            // @TODO need to make this configurable for the system partition
+            apache.setCacheSize( 500 );
+
+            apache.setSuffix( "dc=aPache,dc=org" );
+
+
+            apache.setId( "apache" );
+            
+            // Add context entry for system partition
+            LdapDN apacheDn = new LdapDN( "dc=aPache,dc=org" );
+            ServerEntry serverEntry = new DefaultServerEntry( service.getRegistries(), apacheDn
);
+            serverEntry.put( "dc", "aPache" );
+            serverEntry.put( "objectClass", "top", "domain" );
+            apache.setContextEntry( serverEntry );
+            service.addPartition( apache );
+
+            // change the working directory to something that is unique
+            // on the system and somewhere either under target directory
+            // or somewhere in a temp area of the machine.
+
+            LdapServer ldapServer = new LdapServer();
+            ldapServer.setDirectoryService( service );
+            ldapServer.setSocketAcceptor( new SocketAcceptor( null ) );
+            ldapServer.setIpPort( AvailablePortFinder.getNextAvailable( 1024 ) );
+            ldapServer.setAllowAnonymousAccess( true );
+            ldapServer.addExtendedOperationHandler( new StoredProcedureExtendedOperationHandler()
);
+
+            // Setup SASL Mechanisms
+            
+            Map<String, MechanismHandler> mechanismHandlerMap = new HashMap<String,MechanismHandler>();
+            mechanismHandlerMap.put( SupportedSaslMechanisms.PLAIN, new SimpleMechanismHandler()
);
+
+            CramMd5MechanismHandler cramMd5MechanismHandler = new CramMd5MechanismHandler();
+            mechanismHandlerMap.put( SupportedSaslMechanisms.CRAM_MD5, cramMd5MechanismHandler
);
+
+            DigestMd5MechanismHandler digestMd5MechanismHandler = new DigestMd5MechanismHandler();
+            mechanismHandlerMap.put( SupportedSaslMechanisms.DIGEST_MD5, digestMd5MechanismHandler
);
+
+            GssapiMechanismHandler gssapiMechanismHandler = new GssapiMechanismHandler();
+            mechanismHandlerMap.put( SupportedSaslMechanisms.GSSAPI, gssapiMechanismHandler
);
+
+            NtlmMechanismHandler ntlmMechanismHandler = new NtlmMechanismHandler();
+            mechanismHandlerMap.put( SupportedSaslMechanisms.NTLM, ntlmMechanismHandler );
+            mechanismHandlerMap.put( SupportedSaslMechanisms.GSS_SPNEGO, ntlmMechanismHandler
);
+
+            ldapServer.setSaslMechanismHandlers( mechanismHandlerMap );
+
+            return ldapServer;
+        }
+    }
+    
+    
+    
+    private boolean oldAnnonymousAccess;
+    
+    
+    @Before
+    public void recordAnnonymous() throws NamingException
+    {
+        oldAnnonymousAccess = ldapServer.getDirectoryService().isAllowAnonymousAccess();
+    }
+    
+    
+    @After
+    public void revertAnonnymous()
+    {
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( oldAnnonymousAccess );
+        ldapServer.setAllowAnonymousAccess( oldAnnonymousAccess );
+    }
+
+    
+    /**
+     * Test to make sure anonymous binds are disabled when going through
+     * the wire protocol.
+     *
+     * @throws Exception if anything goes wrong
+     */
+    @Test
+    public void testDisableAnonymousBinds() throws Exception
+    {
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( false );
+        ldapServer.setAllowAnonymousAccess( false );
+        
+        // Use the SUN JNDI provider to hit server port and bind as anonymous
+        InitialDirContext ic = null;
+        final Hashtable<String, Object> env = new Hashtable<String, Object>();
+
+        env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapServer.getIpPort() + "/ou=system"
);
+        env.put( Context.SECURITY_AUTHENTICATION, "none" );
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+
+        boolean connected = false;
+        while ( !connected )
+        {
+            try
+            {
+                ic = new InitialDirContext( env );
+                connected = true;
+            }
+            catch ( Exception e )
+            {
+            	// We should not get here
+            	fail();
+            }
+        }
+
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( false );
+        
+        try
+        {
+            ic.search( "", "(objectClass=*)", new SearchControls() );
+            fail( "If anonymous binds are disabled we should never get here!" );
+        }
+        catch ( NoPermissionException e )
+        {
+        }
+
+        Attributes attrs = new AttributesImpl( true );
+        Attribute oc = new AttributeImpl( "objectClass" );
+        attrs.put( oc );
+        oc.add( "top" );
+        oc.add( "organizationalUnit" );
+
+        try
+        {
+            ic.createSubcontext( "ou=blah", attrs );
+        }
+        catch ( NoPermissionException e )
+        {
+        }
+    }
+
+
+    /**
+     * Test to make sure anonymous binds are allowed on the RootDSE even when disabled
+     * in general when going through the wire protocol.
+     *
+     * @throws Exception if anything goes wrong
+     */
+    @Test
+    public void testEnableAnonymousBindsOnRootDSE() throws Exception
+    {
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( true );
+
+        // Use the SUN JNDI provider to hit server port and bind as anonymous
+        Hashtable<String, Object> env = new Hashtable<String, Object>();
+
+        env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapServer.getIpPort() + "/"
);
+        env.put( Context.SECURITY_AUTHENTICATION, "none" );
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+
+        InitialDirContext ctx = new InitialDirContext( env );
+        SearchControls cons = new SearchControls();
+        cons.setSearchScope( SearchControls.OBJECT_SCOPE );
+        NamingEnumeration<SearchResult> list = ctx.search( "", "(objectClass=*)", cons
);
+        
+        SearchResult result = null;
+        
+        if ( list.hasMore() )
+        {
+            result = list.next();
+        }
+        
+        assertFalse( list.hasMore() );
+        list.close();
+
+        assertNotNull( result );
+        assertEquals( "", result.getName().trim() );
+    }
+
+
+    /**
+     * Test to make sure that if anonymous binds are allowed a user may search
+     * within a a partition.
+     *
+     * @throws Exception if anything goes wrong
+     */
+    @Test
+    public void testAnonymousBindsEnabledBaseSearch() throws Exception
+    {
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( true );
+
+        // Use the SUN JNDI provider to hit server port and bind as anonymous
+        Hashtable<String, Object> env = new Hashtable<String, Object>();
+
+        env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapServer.getIpPort() + "/"
);
+        env.put( Context.SECURITY_AUTHENTICATION, "none" );
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+
+        InitialDirContext ctx = new InitialDirContext( env );
+        SearchControls cons = new SearchControls();
+        cons.setSearchScope( SearchControls.OBJECT_SCOPE );
+        NamingEnumeration<SearchResult> list = ctx.search( "dc=apache,dc=org", "(objectClass=*)",
cons );
+        SearchResult result = null;
+        
+        if ( list.hasMore() )
+        {
+            result = list.next();
+        }
+        
+        assertFalse( list.hasMore() );
+        list.close();
+
+        assertNotNull( result );
+        assertNotNull( result.getAttributes().get( "dc" ) );
+    }
+
+
+    /**
+     * Reproduces the problem with
+     * <a href="http://issues.apache.org/jira/browse/DIREVE-239">DIREVE-239</a>.
+     *
+     * @throws Exception if anything goes wrong
+     */
+    @Test
+    public void testAdminAccessBug() throws Exception
+    {
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( true );
+
+        // Use the SUN JNDI provider to hit server port and bind as anonymous
+
+        final Hashtable<String, Object> env = new Hashtable<String, Object>();
+
+        env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapServer.getIpPort() );
+        env.put( "java.naming.ldap.version", "3" );
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+
+        Attributes attributes = new AttributesImpl();
+        Attribute objectClass = new AttributeImpl( "objectClass" );
+        objectClass.add( "top" );
+        objectClass.add( "organizationalUnit" );
+        attributes.put( objectClass );
+        attributes.put( "ou", "blah" );
+        InitialDirContext ctx = new InitialDirContext( env );
+        ctx.createSubcontext( "ou=blah,ou=system", attributes );
+        SearchControls controls = new SearchControls();
+        controls.setSearchScope( SearchControls.OBJECT_SCOPE );
+        controls.setReturningAttributes( new String[]
+                {"+"} );
+        NamingEnumeration<SearchResult> list = ctx.search( "ou=blah,ou=system", "(objectClass=*)",
controls );
+        SearchResult result = list.next();
+        list.close();
+        Attribute creatorsName = result.getAttributes().get( "creatorsName" );
+        assertEquals( "", creatorsName.get() );
+    }
+
+
+    /**
+     * Test case for <a href="http://issues.apache.org/jira/browse/DIREVE-284" where users
in
+     * mixed case partitions were not able to authenticate properly.  This test case creates
+     * a new partition under dc=aPache,dc=org, it then creates the example user in the JIRA
+     * issue and attempts to authenticate as that user.
+     *
+     * @throws Exception if the user cannot authenticate or test fails
+     */
+    @Test
+    public void testUserAuthOnMixedCaseSuffix() throws Exception
+    {
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( true );
+
+        Hashtable<String, Object> env = new Hashtable<String, Object>();
+
+        env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapServer.getIpPort() + "/dc=aPache,dc=org"
);
+        env.put( "java.naming.ldap.version", "3" );
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+        InitialDirContext ctx = new InitialDirContext( env );
+        Attributes attrs = ctx.getAttributes( "" );
+        assertTrue( attrs.get( "dc" ).get().equals( "aPache" ) );
+
+        Attributes user = new AttributesImpl( "cn", "Kate Bush", true );
+        Attribute oc = new AttributeImpl( "objectClass" );
+        oc.add( "top" );
+        oc.add( "person" );
+        oc.add( "organizationalPerson" );
+        oc.add( "inetOrgPerson" );
+        user.put( oc );
+        user.put( "sn", "Bush" );
+        user.put( "userPassword", "Aerial" );
+        ctx.createSubcontext( "cn=Kate Bush", user );
+
+        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        env.put( Context.SECURITY_CREDENTIALS, "Aerial" );
+        env.put( Context.SECURITY_PRINCIPAL, "cn=Kate Bush,dc=aPache,dc=org" );
+
+        InitialDirContext userCtx = new InitialDirContext( env );
+        assertNotNull( userCtx );
+    }
+
+
+    @Test
+    public void testFailureWithUnsupportedControl() throws Exception
+    {
+        MutableControl unsupported = new MutableControl()
+        {
+            boolean isCritical = true;
+            private static final long serialVersionUID = 1L;
+
+
+            @SuppressWarnings("unused")
+            public String getType()
+            {
+                return "1.1.1.1";
+            }
+
+
+            public void setID( String oid )
+            {
+            }
+
+
+            @SuppressWarnings("unused")
+            public byte[] getValue()
+            {
+                return new byte[0];
+            }
+
+
+            @SuppressWarnings("unused")
+            public void setValue( byte[] value )
+            {
+            }
+
+
+            public boolean isCritical()
+            {
+                return isCritical;
+            }
+
+
+            public void setCritical( boolean isCritical )
+            {
+                this.isCritical = isCritical;
+            }
+
+
+            public String getID()
+            {
+                return "1.1.1.1";
+            }
+
+
+            public byte[] getEncodedValue()
+            {
+                return new byte[0];
+            }
+        };
+        
+        ldapServer.getDirectoryService().setAllowAnonymousAccess( true );
+        
+        Hashtable<String, Object> env = new Hashtable<String, Object>();
+
+        env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapServer.getIpPort() + "/ou=system"
);
+        env.put( "java.naming.ldap.version", "3" );
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        env.put( Context.SECURITY_CREDENTIALS, "secret" );
+        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
+        InitialLdapContext ctx = new InitialLdapContext( env, null );
+
+        Attributes user = new AttributesImpl( "cn", "Kate Bush", true );
+        Attribute oc = new AttributeImpl( "objectClass" );
+        oc.add( "top" );
+        oc.add( "person" );
+        oc.add( "organizationalPerson" );
+        oc.add( "inetOrgPerson" );
+        user.put( oc );
+        user.put( "sn", "Bush" );
+        user.put( "userPassword", "Aerial" );
+        ctx.setRequestControls( new MutableControl[]
+                {unsupported} );
+
+        try
+        {
+            ctx.createSubcontext( "cn=Kate Bush", user );
+        }
+        catch ( OperationNotSupportedException e )
+        {
+        }
+
+        unsupported.setCritical( false );
+        DirContext kate = ctx.createSubcontext( "cn=Kate Bush", user );
+        assertNotNull( kate );
+        assertTrue( ArrayUtils.isEquals( Asn1StringUtils.getBytesUtf8( "Aerial" ), kate.getAttributes(
"" ).get(
+                "userPassword" ).get() ) );
+    }
+}



Mime
View raw message