use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.
the class LdapUserSearchTest method shouldSkipInvalidSearchBaseWhenAuthenticating.
@Test
public void shouldSkipInvalidSearchBaseWhenAuthenticating() {
final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
DirContextOperations foundUser = mock(DirContextOperations.class);
when(filter1.searchForUser("username")).thenThrow(new RuntimeException("Invalid search base"));
when(filter2.searchForUser("username")).thenReturn(foundUser);
assertThat(spy.searchForUser("username"), is(foundUser));
verify(filter1).searchForUser("username");
verify(filter2).searchForUser("username");
}
use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.
the class LdapUserSearchTest method shouldLogErrorsForAllInvalidSearchBaseWhenAuthenticating.
@Test
public void shouldLogErrorsForAllInvalidSearchBaseWhenAuthenticating() {
final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
final FilterBasedLdapUserSearch filter3 = mock(FilterBasedLdapUserSearch.class);
final FilterBasedLdapUserSearch filter4 = mock(FilterBasedLdapUserSearch.class);
LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2"), new BaseConfig("base3"), new BaseConfig("base4")));
doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
doReturn(filter3).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(2).getValue(), ldapConfig.searchFilter());
doReturn(filter4).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(3).getValue(), ldapConfig.searchFilter());
DirContextOperations foundUser = mock(DirContextOperations.class);
RuntimeException runtimeException = new RuntimeException("Invalid search base");
when(filter1.searchForUser("username")).thenThrow(runtimeException);
when(filter2.searchForUser("username")).thenThrow(new UsernameNotFoundException("User not found"));
when(filter3.searchForUser("username")).thenThrow(runtimeException);
when(filter4.searchForUser("username")).thenReturn(foundUser);
assertThat(spy.searchForUser("username"), is(foundUser));
verify(logger, times(1)).warn("The ldap configuration for search base 'base1' is invalid", runtimeException);
verify(logger, times(1)).warn("The ldap configuration for search base 'base3' is invalid", runtimeException);
}
use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.
the class LdapUserSearchTest method shouldNotProceedWithTheNextSearchBaseWhenUserIsFoundInOne.
@Test
public void shouldNotProceedWithTheNextSearchBaseWhenUserIsFoundInOne() {
final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
DirContextOperations foundUser = mock(DirContextOperations.class);
when(filter1.searchForUser("username")).thenReturn(foundUser);
assertThat(spy.searchForUser("username"), is(foundUser));
verify(filter1).searchForUser("username");
verify(filter2, never()).searchForUser("username");
}
use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.
the class LdapUserSearchTest method shouldFilterForMatchingUsernamesInMultipleBases.
@Test
public void shouldFilterForMatchingUsernamesInMultipleBases() throws Exception {
AttributesMapperCallbackHandler handler = mock(AttributesMapperCallbackHandler.class);
doReturn(handler).when(spy).getAttributesMapperCallbackHandler();
when(handler.getList()).thenReturn(Arrays.asList());
spy.search("username", ldapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2"))));
verify(handler).getList();
verify(ldapTemplate).search(argThat(is("base1")), anyString(), any(SearchControls.class), eq(handler));
verify(ldapTemplate).search(argThat(is("base2")), anyString(), any(SearchControls.class), eq(handler));
}
use of com.thoughtworks.go.config.server.security.ldap.BasesConfig in project gocd by gocd.
the class LdapUserSearchTest method shouldThrowBadCredentialsExceptionWhenNoUserFound_WithOneSearchBase.
@Test
public void shouldThrowBadCredentialsExceptionWhenNoUserFound_WithOneSearchBase() {
final FilterBasedLdapUserSearch filterBasedLdapUserSearch = mock(FilterBasedLdapUserSearch.class);
LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("search_base,foo")));
doReturn(filterBasedLdapUserSearch).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().first().getValue(), ldapConfig.searchFilter());
when(filterBasedLdapUserSearch.searchForUser("username")).thenThrow(new UsernameNotFoundException("User username not found in directory."));
thrown.expect(BadCredentialsException.class);
thrown.expectMessage(is("Bad credentials"));
spy.searchForUser("username");
verify(filterBasedLdapUserSearch).searchForUser("username");
}
Aggregations