Search in sources :

Example 31 with BasesConfig

use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.

the class LdapUserSearchTest method shouldSkipInvalidSearchBaseWhenAuthenticating.

@Test
public void shouldSkipInvalidSearchBaseWhenAuthenticating() {
    final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
    doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
    doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
    DirContextOperations foundUser = mock(DirContextOperations.class);
    when(filter1.searchForUser("username")).thenThrow(new RuntimeException("Invalid search base"));
    when(filter2.searchForUser("username")).thenReturn(foundUser);
    assertThat(spy.searchForUser("username"), is(foundUser));
    verify(filter1).searchForUser("username");
    verify(filter2).searchForUser("username");
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) DirContextOperations(org.springframework.ldap.core.DirContextOperations) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Example 32 with BasesConfig

use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.

the class LdapUserSearchTest method shouldLogErrorsForAllInvalidSearchBaseWhenAuthenticating.

@Test
public void shouldLogErrorsForAllInvalidSearchBaseWhenAuthenticating() {
    final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter3 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter4 = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2"), new BaseConfig("base3"), new BaseConfig("base4")));
    doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
    doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
    doReturn(filter3).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(2).getValue(), ldapConfig.searchFilter());
    doReturn(filter4).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(3).getValue(), ldapConfig.searchFilter());
    DirContextOperations foundUser = mock(DirContextOperations.class);
    RuntimeException runtimeException = new RuntimeException("Invalid search base");
    when(filter1.searchForUser("username")).thenThrow(runtimeException);
    when(filter2.searchForUser("username")).thenThrow(new UsernameNotFoundException("User not found"));
    when(filter3.searchForUser("username")).thenThrow(runtimeException);
    when(filter4.searchForUser("username")).thenReturn(foundUser);
    assertThat(spy.searchForUser("username"), is(foundUser));
    verify(logger, times(1)).warn("The ldap configuration for search base 'base1' is invalid", runtimeException);
    verify(logger, times(1)).warn("The ldap configuration for search base 'base3' is invalid", runtimeException);
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException) DirContextOperations(org.springframework.ldap.core.DirContextOperations) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Example 33 with BasesConfig

use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.

the class LdapUserSearchTest method shouldNotProceedWithTheNextSearchBaseWhenUserIsFoundInOne.

@Test
public void shouldNotProceedWithTheNextSearchBaseWhenUserIsFoundInOne() {
    final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
    doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
    doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
    DirContextOperations foundUser = mock(DirContextOperations.class);
    when(filter1.searchForUser("username")).thenReturn(foundUser);
    assertThat(spy.searchForUser("username"), is(foundUser));
    verify(filter1).searchForUser("username");
    verify(filter2, never()).searchForUser("username");
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) DirContextOperations(org.springframework.ldap.core.DirContextOperations) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Example 34 with BasesConfig

use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.

the class LdapUserSearchTest method shouldFilterForMatchingUsernamesInMultipleBases.

@Test
public void shouldFilterForMatchingUsernamesInMultipleBases() throws Exception {
    AttributesMapperCallbackHandler handler = mock(AttributesMapperCallbackHandler.class);
    doReturn(handler).when(spy).getAttributesMapperCallbackHandler();
    when(handler.getList()).thenReturn(Arrays.asList());
    spy.search("username", ldapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2"))));
    verify(handler).getList();
    verify(ldapTemplate).search(argThat(is("base1")), anyString(), any(SearchControls.class), eq(handler));
    verify(ldapTemplate).search(argThat(is("base2")), anyString(), any(SearchControls.class), eq(handler));
}
Also used : SearchControls(javax.naming.directory.SearchControls) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) AttributesMapperCallbackHandler(org.springframework.ldap.core.AttributesMapperCallbackHandler) Test(org.junit.Test)

Example 35 with BasesConfig

use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.

the class LdapUserSearchTest method shouldThrowBadCredentialsExceptionWhenNoUserFound_WithOneSearchBase.

@Test
public void shouldThrowBadCredentialsExceptionWhenNoUserFound_WithOneSearchBase() {
    final FilterBasedLdapUserSearch filterBasedLdapUserSearch = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("search_base,foo")));
    doReturn(filterBasedLdapUserSearch).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().first().getValue(), ldapConfig.searchFilter());
    when(filterBasedLdapUserSearch.searchForUser("username")).thenThrow(new UsernameNotFoundException("User username not found in directory."));
    thrown.expect(BadCredentialsException.class);
    thrown.expectMessage(is("Bad credentials"));
    spy.searchForUser("username");
    verify(filterBasedLdapUserSearch).searchForUser("username");
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Aggregations

BasesConfig (com.thoughtworks.go.config.server.security.ldap.BasesConfig)35 Test (org.junit.Test)33 BaseConfig (com.thoughtworks.go.config.server.security.ldap.BaseConfig)30 LdapConfig (com.thoughtworks.go.config.LdapConfig)14 FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)10 DirContextOperations (org.springframework.ldap.core.DirContextOperations)6 UsernameNotFoundException (org.springframework.security.userdetails.UsernameNotFoundException)6 GoCipher (com.thoughtworks.go.security.GoCipher)4 AdminsConfig (com.thoughtworks.go.config.AdminsConfig)3 PasswordFileConfig (com.thoughtworks.go.config.PasswordFileConfig)3 HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)2 SearchControls (javax.naming.directory.SearchControls)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2 AttributesMapperCallbackHandler (org.springframework.ldap.core.AttributesMapperCallbackHandler)2 DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)2 StringContains.containsString (org.hamcrest.core.StringContains.containsString)1 AbstractContextSource (org.springframework.ldap.core.support.AbstractContextSource)1