use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.
the class InMemoryDirectoryServerTestCase method testSASLBindWithAuthorizationIdentity.
/**
* Provides test coverage for the ability to process a SASL bind operation,
* including the authorization identity request control.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testSASLBindWithAuthorizationIdentity() throws Exception {
final InMemoryDirectoryServer ds = getTestDS(true, true);
final LDAPConnection conn = ds.getConnection();
final RootDSE rootDSE = conn.getRootDSE();
assertNotNull(rootDSE);
assertTrue(rootDSE.supportsSASLMechanism("PLAIN"));
assertTrue(rootDSE.supportsControl(AuthorizationIdentityRequestControl.AUTHORIZATION_IDENTITY_REQUEST_OID));
// Test a successful anonymous bind.
PLAINBindRequest bindRequest = new PLAINBindRequest("dn:", "", new AuthorizationIdentityRequestControl());
BindResult bindResult = conn.bind(bindRequest);
assertEquals(bindResult.getResultCode(), ResultCode.SUCCESS);
AuthorizationIdentityResponseControl authzIDResponse = AuthorizationIdentityResponseControl.get(bindResult);
assertNotNull(authzIDResponse);
String authzID = authzIDResponse.getAuthorizationID();
assertNotNull(authzID);
assertTrue(authzID.equals("dn:"));
// Perform the same test without the authorization identity request control.
bindRequest = new PLAINBindRequest("dn:", "");
bindResult = conn.bind(bindRequest);
assertEquals(bindResult.getResultCode(), ResultCode.SUCCESS);
assertFalse(bindResult.hasResponseControl(AuthorizationIdentityResponseControl.AUTHORIZATION_IDENTITY_RESPONSE_OID));
// Test an anonymous bind with a password.
bindRequest = new PLAINBindRequest("dn:", "password");
try {
bindResult = conn.bind(bindRequest);
fail("Expected an exception when trying to bind anonymously with a " + "password");
} catch (final LDAPException le) {
assertEquals(le.getResultCode(), ResultCode.INVALID_CREDENTIALS);
}
// Test an anonymous bind with an authzID.
bindRequest = new PLAINBindRequest("dn:", "dn:cn=Directory Manager", "");
try {
bindResult = conn.bind(bindRequest);
fail("Expected an exception when trying to bind anonymously with an " + "authorization ID");
} catch (final LDAPException le) {
assertEquals(le.getResultCode(), ResultCode.INVALID_CREDENTIALS);
}
// Test with a DN-style authID and no authzID.
bindRequest = new PLAINBindRequest("dn:uid=test.user,ou=People,dc=example,dc=com", "password", new AuthorizationIdentityRequestControl());
bindResult = conn.bind(bindRequest);
assertEquals(bindResult.getResultCode(), ResultCode.SUCCESS);
authzIDResponse = AuthorizationIdentityResponseControl.get(bindResult);
assertNotNull(authzIDResponse);
authzID = authzIDResponse.getAuthorizationID();
assertNotNull(authzID);
assertTrue(authzID.startsWith("dn:"));
assertEquals(new DN(authzID.substring(3)), new DN("uid=test.user,ou=People,dc=example,dc=com"));
// Test with a DN-style authID that is an additional bind user.
bindRequest = new PLAINBindRequest("dn:cn=Directory Manager", "password", new AuthorizationIdentityRequestControl());
bindResult = conn.bind(bindRequest);
assertEquals(bindResult.getResultCode(), ResultCode.SUCCESS);
authzIDResponse = AuthorizationIdentityResponseControl.get(bindResult);
assertNotNull(authzIDResponse);
authzID = authzIDResponse.getAuthorizationID();
assertNotNull(authzID);
assertTrue(authzID.startsWith("dn:"));
assertEquals(new DN(authzID.substring(3)), new DN("cn=Directory Manager"));
// Test with a u-style authID and an authzID that is an additional bind
// user.
bindRequest = new PLAINBindRequest("u:test.user", "dn:cn=Directory Manager", "password", new AuthorizationIdentityRequestControl());
bindResult = conn.bind(bindRequest);
assertEquals(bindResult.getResultCode(), ResultCode.SUCCESS);
authzIDResponse = AuthorizationIdentityResponseControl.get(bindResult);
assertNotNull(authzIDResponse);
authzID = authzIDResponse.getAuthorizationID();
assertNotNull(authzID);
assertTrue(authzID.startsWith("dn:"));
assertEquals(new DN(authzID.substring(3)), new DN("cn=Directory Manager"));
// Test a bind as a nonexistent dn-style authentication ID.
bindRequest = new PLAINBindRequest("dn:cn=missing", "password");
try {
bindResult = conn.bind(bindRequest);
fail("Expected an exception when trying to bind with a nonexistent " + "dn-style authentication ID");
} catch (final LDAPException le) {
assertEquals(le.getResultCode(), ResultCode.INVALID_CREDENTIALS);
}
// Test a bind as a nonexistent u-style authentication ID.
bindRequest = new PLAINBindRequest("u:missing", "password");
try {
bindResult = conn.bind(bindRequest);
fail("Expected an exception when trying to bind with a nonexistent " + "u-style authentication ID");
} catch (final LDAPException le) {
assertEquals(le.getResultCode(), ResultCode.INVALID_CREDENTIALS);
}
// Test a bind as a nonexistent dn-style authorization ID.
bindRequest = new PLAINBindRequest("dn:cn=Directory Manager", "dn:cn=missing", "password");
try {
bindResult = conn.bind(bindRequest);
fail("Expected an exception when trying to bind with a nonexistent " + "authorization ID");
} catch (final LDAPException le) {
assertEquals(le.getResultCode(), ResultCode.INVALID_CREDENTIALS);
}
// Test a bind with an incorrect password.
bindRequest = new PLAINBindRequest("u:test.user", "wrong");
try {
bindResult = conn.bind(bindRequest);
fail("Expected an exception when trying to bind anonymously with an " + "authorization ID");
} catch (final LDAPException le) {
assertEquals(le.getResultCode(), ResultCode.INVALID_CREDENTIALS);
}
// Test a bind with an unsupported critical control.
bindRequest = new PLAINBindRequest("u:test.user", "wrong", new Control("1.2.3.4", true));
try {
bindResult = conn.bind(bindRequest);
fail("Expected an exception when trying to bind anonymously with an " + "authorization ID");
} catch (final LDAPException le) {
assertEquals(le.getResultCode(), ResultCode.UNAVAILABLE_CRITICAL_EXTENSION);
}
final Control[] unbindControls = { new Control("1.2.3.4", false), new Control("1.2.3.5", false, new ASN1OctetString("foo")) };
conn.close(unbindControls);
}
use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.
the class InMemoryDirectoryServerConfigTestCase method testExtendedOperationHandlers.
/**
* Tests the behavior of the methods for the extended operation handlers.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testExtendedOperationHandlers() throws Exception {
final InMemoryDirectoryServerConfig cfg = new InMemoryDirectoryServerConfig("dc=example,dc=com");
assertNotNull(cfg.getExtendedOperationHandlers());
assertFalse(cfg.getExtendedOperationHandlers().isEmpty());
assertEquals(cfg.getExtendedOperationHandlers().size(), 3);
assertNotNull(cfg.toString());
InMemoryDirectoryServer ds = new InMemoryDirectoryServer(cfg);
RootDSE rootDSE = RootDSE.getRootDSE(ds);
assertTrue(rootDSE.supportsExtendedOperation(PasswordModifyExtendedRequest.PASSWORD_MODIFY_REQUEST_OID));
assertTrue(rootDSE.supportsExtendedOperation(StartTransactionExtendedRequest.START_TRANSACTION_REQUEST_OID));
assertTrue(rootDSE.supportsExtendedOperation(EndTransactionExtendedRequest.END_TRANSACTION_REQUEST_OID));
assertTrue(rootDSE.supportsExtendedOperation(WhoAmIExtendedRequest.WHO_AM_I_REQUEST_OID));
cfg.getExtendedOperationHandlers().clear();
assertTrue(cfg.getExtendedOperationHandlers().isEmpty());
assertNotNull(cfg.toString());
ds = new InMemoryDirectoryServer(cfg);
rootDSE = RootDSE.getRootDSE(ds);
assertFalse(rootDSE.supportsExtendedOperation(PasswordModifyExtendedRequest.PASSWORD_MODIFY_REQUEST_OID));
assertFalse(rootDSE.supportsExtendedOperation(StartTransactionExtendedRequest.START_TRANSACTION_REQUEST_OID));
assertFalse(rootDSE.supportsExtendedOperation(EndTransactionExtendedRequest.END_TRANSACTION_REQUEST_OID));
assertFalse(rootDSE.supportsExtendedOperation(WhoAmIExtendedRequest.WHO_AM_I_REQUEST_OID));
cfg.addExtendedOperationHandler(new PasswordModifyExtendedOperationHandler());
assertNotNull(cfg.toString());
ds = new InMemoryDirectoryServer(cfg);
rootDSE = RootDSE.getRootDSE(ds);
assertTrue(rootDSE.supportsExtendedOperation(PasswordModifyExtendedRequest.PASSWORD_MODIFY_REQUEST_OID));
assertFalse(rootDSE.supportsExtendedOperation(StartTransactionExtendedRequest.START_TRANSACTION_REQUEST_OID));
assertFalse(rootDSE.supportsExtendedOperation(EndTransactionExtendedRequest.END_TRANSACTION_REQUEST_OID));
assertFalse(rootDSE.supportsExtendedOperation(WhoAmIExtendedRequest.WHO_AM_I_REQUEST_OID));
}
use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.
the class MatchingEntryCountRequestControlTestCase method testServerSupportsExtendedResponseData.
/**
* Provides test coverage for the methods used to determine whether a server
* supports including extended response data in the matching entry count
* response control.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testServerSupportsExtendedResponseData() throws Exception {
final RootDSE rootDSEWithoutSupport;
final InMemoryDirectoryServer ds = getTestDS();
try (LDAPConnection conn = ds.getConnection()) {
rootDSEWithoutSupport = conn.getRootDSE();
assertNotNull(rootDSEWithoutSupport);
assertFalse(rootDSEWithoutSupport.supportsFeature("1.3.6.1.4.1.30221.2.12.7"));
assertFalse(MatchingEntryCountRequestControl.serverSupportsExtendedResponseData(conn));
assertFalse(MatchingEntryCountRequestControl.serverSupportsExtendedResponseData(rootDSEWithoutSupport));
}
final Entry rootDSEEntryWithSupport = rootDSEWithoutSupport.duplicate();
rootDSEEntryWithSupport.addAttribute("supportedFeatures", "1.3.6.1.4.1.30221.2.12.7");
final RootDSE rootDSEWithSupport = new RootDSE(rootDSEEntryWithSupport);
assertTrue(MatchingEntryCountRequestControl.serverSupportsExtendedResponseData(rootDSEWithSupport));
}
use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.
the class StartInteractiveTransactionExtendedRequestTestCase method testCommitTransaction.
/**
* Tests the process of creating a transaction, including multiple operations
* as part of that transaction, and then committing it.
* <BR><BR>
* Access to a Directory Server instance is required for complete processing.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testCommitTransaction() throws Exception {
if (!isDirectoryInstanceAvailable()) {
return;
}
LDAPConnection conn = getAdminConnection();
RootDSE rootDSE = conn.getRootDSE();
if ((rootDSE == null) || (!rootDSE.supportsExtendedOperation(StartInteractiveTransactionExtendedRequest.START_INTERACTIVE_TRANSACTION_REQUEST_OID))) {
conn.close();
return;
}
// Start the interactive transaction.
StartInteractiveTransactionExtendedResult startTxnResult = (StartInteractiveTransactionExtendedResult) conn.processExtendedOperation(new StartInteractiveTransactionExtendedRequest(getTestBaseDN()));
assertEquals(startTxnResult.getResultCode(), ResultCode.SUCCESS);
ASN1OctetString txnID = startTxnResult.getTransactionID();
assertNotNull(txnID);
assertNotNull(startTxnResult.toString());
Control[] controls = { new com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationRequestControl(txnID, true, true) };
// Add the base entry.
AddRequest addRequest = new AddRequest(getTestBaseDN(), getBaseEntryAttributes(), controls);
LDAPResult addResult = conn.add(addRequest);
assertEquals(addResult.getResultCode(), ResultCode.SUCCESS);
Control c = addResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Ensure that we can retrieve the base entry as part of the transaction.
// Note that the search needs to be indexed, since unindexed searches won't
// be allowed as part of a transaction.
SearchRequest searchRequest = new SearchRequest(getTestBaseDN(), SearchScope.SUB, "(objectClass=top)");
searchRequest.setControls(controls);
SearchResult searchResult = conn.search(searchRequest);
assertEquals(searchResult.getResultCode(), ResultCode.SUCCESS);
assertEquals(searchResult.getEntryCount(), 1, searchResult.getSearchEntries().toString());
c = searchResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Add an "ou=People" entry.
addRequest = new AddRequest("dn: ou=People," + getTestBaseDN(), "objectClass: top", "objectClass: organizationalUnit", "ou: People", "description: foo");
addRequest.setControls(controls);
addResult = conn.add(addRequest);
assertEquals(addResult.getResultCode(), ResultCode.SUCCESS);
c = addResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Ensure that we can now retrieve the both entries as part of the
// transaction.
searchResult = conn.search(searchRequest);
assertEquals(searchResult.getResultCode(), ResultCode.SUCCESS);
assertEquals(searchResult.getEntryCount(), 2, searchResult.getSearchEntries().toString());
c = searchResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Perform a compare against the entry.
CompareRequest compareRequest = new CompareRequest("ou=People," + getTestBaseDN(), "description", "foo", controls);
CompareResult compareResult = conn.compare(compareRequest);
assertTrue(compareResult.compareMatched());
c = compareResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Modify the entry.
ModifyRequest modifyRequest = new ModifyRequest("dn: ou=People," + getTestBaseDN(), "changetype: modify", "replace: description", "description: bar");
modifyRequest.setControls(controls);
LDAPResult modifyResult = conn.modify(modifyRequest);
assertEquals(modifyResult.getResultCode(), ResultCode.SUCCESS);
c = modifyResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Perform another compare against the entry to verify the change.
compareRequest = new CompareRequest("ou=People," + getTestBaseDN(), "description", "bar", controls);
compareResult = conn.compare(compareRequest);
assertTrue(compareResult.compareMatched());
c = compareResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Rename the target entry.
ModifyDNRequest modifyDNRequest = new ModifyDNRequest("ou=People," + getTestBaseDN(), "ou=Users", true, controls);
LDAPResult modifyDNResult = conn.modifyDN(modifyDNRequest);
assertEquals(modifyDNResult.getResultCode(), ResultCode.SUCCESS);
c = modifyDNResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Perform a search below the base entry and verify that we still get two
// entries returned.
searchResult = conn.search(searchRequest);
assertEquals(searchResult.getResultCode(), ResultCode.SUCCESS);
assertEquals(searchResult.getEntryCount(), 2, searchResult.getSearchEntries().toString());
c = searchResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Delete the "ou=Users" entry.
DeleteRequest deleteRequest = new DeleteRequest("ou=Users," + getTestBaseDN(), controls);
LDAPResult deleteResult = conn.delete(deleteRequest);
assertEquals(deleteResult.getResultCode(), ResultCode.SUCCESS);
c = deleteResult.getResponseControl(com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.INTERACTIVE_TRANSACTION_SPECIFICATION_RESPONSE_OID);
assertNotNull(c);
assertTrue(c instanceof com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl);
itsrc = (com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl) c;
assertTrue(itsrc.transactionValid());
// Commit the transaction.
ExtendedResult endTxnResult = conn.processExtendedOperation(new EndInteractiveTransactionExtendedRequest(txnID, true));
assertEquals(endTxnResult.getResultCode(), ResultCode.SUCCESS);
// Re-perform the search below the base entry and verify that only a single
// entry is returned.
searchRequest.clearControls();
searchResult = conn.search(searchRequest);
assertEquals(searchResult.getResultCode(), ResultCode.SUCCESS);
assertEquals(searchResult.getEntryCount(), 1);
// Delete the base entry and close the connection.
conn.delete(getTestBaseDN());
conn.close();
}
use of com.unboundid.ldap.sdk.RootDSE in project ldapsdk by pingidentity.
the class StartBatchedTransactionExtendedRequestTestCase method testAbortTransaction.
/**
* Tests the process of creating a transaction, including multiple operations
* as part of that transaction, and then aborting it.
* <BR><BR>
* Access to a Directory Server instance is required for complete processing.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testAbortTransaction() throws Exception {
if (!isDirectoryInstanceAvailable()) {
return;
}
LDAPConnection conn = getAdminConnection();
RootDSE rootDSE = conn.getRootDSE();
if ((rootDSE == null) || (!rootDSE.supportsExtendedOperation(StartBatchedTransactionExtendedRequest.START_BATCHED_TRANSACTION_REQUEST_OID))) {
conn.close();
return;
}
StartBatchedTransactionExtendedResult startTxnResult = (StartBatchedTransactionExtendedResult) conn.processExtendedOperation(new StartBatchedTransactionExtendedRequest());
assertEquals(startTxnResult.getResultCode(), ResultCode.SUCCESS);
ASN1OctetString txnID = startTxnResult.getTransactionID();
assertNotNull(txnID);
assertNotNull(startTxnResult.toString());
Control[] controls = { new BatchedTransactionSpecificationRequestControl(txnID) };
AddRequest addRequest = new AddRequest(getTestBaseDN(), getBaseEntryAttributes(), controls);
conn.add(addRequest);
Modification[] mods = { new Modification(ModificationType.REPLACE, "description", "foo") };
ModifyRequest modifyRequest = new ModifyRequest(getTestBaseDN(), mods, controls);
conn.modify(modifyRequest);
ExtendedResult endTxnResult = conn.processExtendedOperation(new EndBatchedTransactionExtendedRequest(txnID, false));
assertEquals(endTxnResult.getResultCode(), ResultCode.SUCCESS);
assertNotNull(endTxnResult.toString());
try {
assertNull(conn.getEntry(getTestBaseDN()));
} finally {
conn.close();
}
}
Aggregations