directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Boreham <da...@bozemanpass.com>
Subject Re: Configure (Eve) server from properties file.
Date Thu, 03 Mar 2005 19:14:13 GMT
Robert r. Sanders wrote:

>
>    I haven't read the book you note, but I just looked it up and will 
> think about buying it...  I have done a little JNDI in the past, but 
> not a huge amount.
>    The code I am trying to write tests for is:  
> http://cvs.sourceforge.net/viewcvs.py/acegisecurity/acegisecurity/sandbox/src/main/java/net/sf/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationDao.java?rev=1.4&view=log

>
>
> The code's goal is to validate a username/password against an LDAP 
> server (via JNDI) and retrieve a list of roles associated with the 
> user.  Currently any testing is pretty dependent on a user/developer 
> having an already working LDAP server; my goal is to have a bunch of 
> server configurations which can be 'loaded' so I can see if my code 
> returns the expected results when run against the different 
> configurations - its more functional than unit testing, but if I can 
> get it to work it'll be a whole lot better than the way most such code 
> is tested.

Ok, thanks. The code was a great help in understanding where you're at !

So I'm not sure that you really need to change the server's schema:
that would entail for example adding a new LDAP object class with
new attributes : say a 'fordMotorCompanyPerson' with a 'favouriteSuv'
attribute, or similar. I can't see why you'd want to do that : seems
that you can use the standard inetOrgPerson schema here.
Is it possible that when you say 'schema' you aren't using the
term in the way that it's used in Directory-land ?

Otherwise, it seems to me that you'd want to load some test users
and perhaps groups into the LDAP server under test, and then call
your auth code and see if you get the correct results back
(can authenticate with valid user, can not with unvalid user etc etc).

I think your best option for doing that would be to simply write
JNDI code that adds the users and groups. Forgive my relative
lack of JNDI knowledge : back in the day JNDI did not
support the full fidelity of the LDAP protocol, so I've mostly
worked with other LDAP client libraries that did. However I'm
fairly confident that you should be able to add basic users
and groups with JNDI these days.

So all your test code would be a JNDI application. I don't
think you need LDIF or DSML for this: just write Java that
generates some user objects and pass then to JNDI.







Mime
View raw message