Search in sources :

Example 11 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class InMemoryDirectoryServerTestCase method testAuthenticationRequiredOperationTypes.

/**
 * Provides a set of test cases that cover the ability to process operations
 * on unauthenticated connections when authentication is required.
 *
 * Provides a set of test cases to that operations are properly rejected if
 * they are not allowed.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testAuthenticationRequiredOperationTypes() throws Exception {
    final InMemoryDirectoryServerConfig cfg = new InMemoryDirectoryServerConfig("dc=example,dc=com");
    cfg.setAuthenticationRequiredOperationTypes(EnumSet.allOf(OperationType.class));
    cfg.addAdditionalBindCredentials("cn=Directory Manager", "password");
    cfg.setCodeLogDetails(createTempFile().getAbsolutePath(), true);
    final InMemoryDirectoryServer ds = new InMemoryDirectoryServer(cfg);
    ds.startListening();
    final LDAPConnection unauthenticatedConn = ds.getConnection();
    try {
        // Ensure that an anonymous simple bind is not allowed.
        unauthenticatedConn.bind("", "");
        fail("Expected an anonymous simple bind to fail when authentication is " + "required for bind operations");
    } catch (final LDAPException le) {
        assertResultCodeEquals(le, ResultCode.INVALID_CREDENTIALS);
    }
    try {
        // Ensure that an anonymous SASL bind is not allowed.
        unauthenticatedConn.bind(new PLAINBindRequest("dn:", ""));
        fail("Expected an anonymous PLAIN bind to fail when authentication is " + "required for bind operations");
    } catch (final LDAPException le) {
        assertResultCodeEquals(le, ResultCode.INVALID_CREDENTIALS);
    }
    final LDAPConnection authenticatedConn = ds.getConnection();
    authenticatedConn.bind("cn=Directory Manager", "password");
    try {
        unauthenticatedConn.add("dn: dc=example,dc=com", "objectClass: top", "objectClass: domain", "dc: example");
    } catch (final LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
    }
    authenticatedConn.add("dn: dc=example,dc=com", "objectClass: top", "objectClass: domain", "dc: example");
    ds.add("dn: ou=People,dc=example,dc=com", "objectClass: top", "objectClass: organizationalUnit", "ou: People");
    try {
        unauthenticatedConn.compare("dc=example,dc=com", "dc", "example");
    } catch (final LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
    }
    assertTrue(authenticatedConn.compare("dc=example,dc=com", "dc", "example").compareMatched());
    assertTrue(ds.compare("dc=example,dc=com", "dc", "example").compareMatched());
    try {
        unauthenticatedConn.processExtendedOperation(new WhoAmIExtendedRequest());
    } catch (final LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
    }
    assertEquals(authenticatedConn.processExtendedOperation(new WhoAmIExtendedRequest()).getResultCode(), ResultCode.SUCCESS);
    assertEquals(ds.processExtendedOperation(new WhoAmIExtendedRequest()).getResultCode(), ResultCode.SUCCESS);
    try {
        unauthenticatedConn.modify("dn: dc=example,dc=com", "changetype: modify", "replace: description", "description: foo");
    } catch (final LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
    }
    authenticatedConn.modify("dn: dc=example,dc=com", "changetype: modify", "replace: description", "description: foo");
    ds.modify("dn: dc=example,dc=com", "changetype: modify", "replace: description", "description: bar");
    try {
        unauthenticatedConn.modifyDN("ou=People,dc=example,dc=com", "ou=Users", true);
    } catch (final LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
    }
    authenticatedConn.modifyDN("ou=People,dc=example,dc=com", "ou=Users", true);
    ds.modifyDN("ou=Users,dc=example,dc=com", "ou=Persons", true);
    try {
        unauthenticatedConn.search("dc=example,dc=com", SearchScope.BASE, "(objectClass=*)");
    } catch (final LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
    }
    authenticatedConn.search("dc=example,dc=com", SearchScope.BASE, "(objectClass=*)");
    ds.search("dc=example,dc=com", SearchScope.BASE, "(objectClass=*)");
    try {
        unauthenticatedConn.delete("ou=Persons,dc=example,dc=com");
    } catch (final LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
    }
    authenticatedConn.delete("ou=Persons,dc=example,dc=com");
    ds.delete("dc=example,dc=com");
    authenticatedConn.close();
    unauthenticatedConn.close();
    ds.shutDown(true);
}
Also used : LDAPException(com.unboundid.ldap.sdk.LDAPException) WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) PLAINBindRequest(com.unboundid.ldap.sdk.PLAINBindRequest) OperationType(com.unboundid.ldap.sdk.OperationType) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) Test(org.testng.annotations.Test)

Example 12 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class InMemoryDirectoryServerDelayTestCase method testDelayBeforeProcessing.

/**
 * Tests the ability to insert an arbitrary delay before processing an
 * operation.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testDelayBeforeProcessing() throws Exception {
    final InMemoryDirectoryServerConfig cfg = new InMemoryDirectoryServerConfig("dc=example,dc=com");
    cfg.addAdditionalBindCredentials("cn=Directory Manager", "password");
    final InMemoryDirectoryServer ds = new InMemoryDirectoryServer(cfg);
    ds.add(generateDomainEntry("example", "dc=com"));
    ds.startListening();
    final LDAPConnection conn = ds.getConnection();
    try {
        assertEquals(ds.getProcessingDelayMillis(), 0L);
        ds.setProcessingDelayMillis(200L);
        assertEquals(ds.getProcessingDelayMillis(), 200L);
        // Test the bind operation.
        final long bindStartTime = System.currentTimeMillis();
        conn.bind("cn=Directory Manager", "password");
        final long bindEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(bindStartTime, bindEndTime, 200L, "bind");
        // Test the extended operation.
        final long extendedStartTime = System.currentTimeMillis();
        conn.processExtendedOperation(new WhoAmIExtendedRequest());
        final long extendedEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(extendedStartTime, extendedEndTime, 200L, "extended");
        // Test the add operation.
        final long addStartTime = System.currentTimeMillis();
        conn.add(generateOrgUnitEntry("test", "dc=example,dc=com"));
        final long addEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(addStartTime, addEndTime, 200L, "add");
        // Test the compare operation.
        final long compareStartTime = System.currentTimeMillis();
        conn.compare("dc=example,dc=com", "dc", "example");
        final long compareEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(compareStartTime, compareEndTime, 200L, "compare");
        // Test the modify operation.
        final long modifyStartTime = System.currentTimeMillis();
        conn.modify("dn: ou=test,dc=example,dc=com", "changeType: modify", "replace: description", "description: foo");
        final long modifyEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(modifyStartTime, modifyEndTime, 200L, "modify");
        // Test the modify DN operation.
        final long modifyDNStartTime = System.currentTimeMillis();
        conn.modifyDN("ou=test,dc=example,dc=com", "ou=test 2", true);
        final long modifyDNEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(modifyDNStartTime, modifyDNEndTime, 200L, "modify DN");
        // Test the search operation.
        final long searchStartTime = System.currentTimeMillis();
        conn.search("dc=example,dc=com", SearchScope.BASE, "(objectClass=*)");
        final long searchEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(searchStartTime, searchEndTime, 200L, "search");
        // Test the delete operation.
        final long deleteStartTime = System.currentTimeMillis();
        conn.delete("ou=test 2,dc=example,dc=com");
        final long deleteEndTime = System.currentTimeMillis();
        assertProcessingDelayExceeds(deleteStartTime, deleteEndTime, 200L, "delete");
    } finally {
        ds.setProcessingDelayMillis(0L);
        assertEquals(ds.getProcessingDelayMillis(), 0L);
        conn.close();
        ds.shutDown(true);
    }
}
Also used : WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) Test(org.testng.annotations.Test)

Example 13 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class InMemoryDirectoryServerDelayTestCase method testDelayCausesTimeout.

/**
 * Tests to ensure that processing time which takes too long will cause a
 * timeout exception to be thrown.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testDelayCausesTimeout() throws Exception {
    final InMemoryDirectoryServerConfig cfg = new InMemoryDirectoryServerConfig("dc=example,dc=com");
    cfg.addAdditionalBindCredentials("cn=Directory Manager", "password");
    final InMemoryDirectoryServer ds = new InMemoryDirectoryServer(cfg);
    ds.add(generateDomainEntry("example", "dc=com"));
    ds.startListening();
    final LDAPConnectionOptions options = new LDAPConnectionOptions();
    options.setResponseTimeoutMillis(50L);
    options.setAbandonOnTimeout(true);
    final LDAPConnection conn = ds.getConnection(options);
    try {
        assertEquals(ds.getProcessingDelayMillis(), 0L);
        ds.setProcessingDelayMillis(200L);
        assertEquals(ds.getProcessingDelayMillis(), 200L);
        // Test the bind operation.
        assertResultCodeEquals(conn, new SimpleBindRequest("cn=Directory Manager", "password"), ResultCode.TIMEOUT);
        // Test the extended operation.
        assertResultCodeEquals(conn, new WhoAmIExtendedRequest(), ResultCode.TIMEOUT);
        // Test the add operation.
        assertResultCodeEquals(conn, new AddRequest(generateOrgUnitEntry("test", "dc=example,dc=com")), ResultCode.TIMEOUT);
        // Test the compare operation.
        assertResultCodeEquals(conn, new CompareRequest("dc=example,dc=com", "dc", "example"), ResultCode.TIMEOUT);
        // Test the modify operation.
        assertResultCodeEquals(conn, new ModifyRequest("dn: ou=test,dc=example,dc=com", "changeType: modify", "replace: description", "description: foo"), ResultCode.TIMEOUT);
        // Test the modify DN operation.
        assertResultCodeEquals(conn, new ModifyDNRequest("ou=test,dc=example,dc=com", "ou=test 2", true), ResultCode.TIMEOUT);
        // Test the search operation.
        assertResultCodeEquals(conn, new SearchRequest("dc=example,dc=com", SearchScope.BASE, "(objectClass=*)"), ResultCode.TIMEOUT);
        // Test the delete operation.
        assertResultCodeEquals(conn, new DeleteRequest("ou=test 2,dc=example,dc=com"), ResultCode.TIMEOUT);
    } finally {
        ds.setProcessingDelayMillis(0L);
        assertEquals(ds.getProcessingDelayMillis(), 0L);
        conn.close();
        ds.shutDown(true);
    }
}
Also used : LDAPConnectionOptions(com.unboundid.ldap.sdk.LDAPConnectionOptions) AddRequest(com.unboundid.ldap.sdk.AddRequest) ModifyDNRequest(com.unboundid.ldap.sdk.ModifyDNRequest) SearchRequest(com.unboundid.ldap.sdk.SearchRequest) SimpleBindRequest(com.unboundid.ldap.sdk.SimpleBindRequest) CompareRequest(com.unboundid.ldap.sdk.CompareRequest) WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) ModifyRequest(com.unboundid.ldap.sdk.ModifyRequest) DeleteRequest(com.unboundid.ldap.sdk.DeleteRequest) Test(org.testng.annotations.Test)

Example 14 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class InMemoryOperationInterceptorTestCase method testExtendedWithTransformations.

/**
 * Tests to ensure that processing works correctly for extended operations.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testExtendedWithTransformations() throws Exception {
    final LDAPConnection conn = ds.getConnection();
    WhoAmIExtendedRequest whoAmIRequest = new WhoAmIExtendedRequest();
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.ALTER_DN));
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.REJECT_REQUEST));
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.UNWILLING_TO_PERFORM);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.REQUEST_RUNTIME_EXCEPTION));
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.OTHER);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.ERROR_RESULT));
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.UNWILLING_TO_PERFORM);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.RESULT_RUNTIME_EXCEPTION));
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.OTHER);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.INJECT_INTERMEDIATE_RESPONSE));
    final TestIntermediateResponseListener testIRListener = new TestIntermediateResponseListener();
    whoAmIRequest.setIntermediateResponseListener(testIRListener);
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    assertEquals(testIRListener.getCount(), 2);
    conn.close();
}
Also used : WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) TestIntermediateResponseListener(com.unboundid.ldap.sdk.TestIntermediateResponseListener) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) Test(org.testng.annotations.Test)

Example 15 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class InMemoryOperationInterceptorTestCase method testWithoutTransformations.

/**
 * Tests to ensure that everything works properly without any transformations
 * in place.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testWithoutTransformations() throws Exception {
    final LDAPConnection conn = ds.getConnection();
    final SimpleBindRequest simpleBind = new SimpleBindRequest("cn=Directory Manager", "password");
    assertResultCodeEquals(conn, simpleBind, ResultCode.SUCCESS);
    final PLAINBindRequest plainBind = new PLAINBindRequest("dn:cn=Directory Manager", "password");
    assertResultCodeEquals(conn, plainBind, ResultCode.SUCCESS);
    final WhoAmIExtendedResult whoAmIResult = (WhoAmIExtendedResult) conn.processExtendedOperation(new WhoAmIExtendedRequest());
    assertResultCodeEquals(whoAmIResult, ResultCode.SUCCESS);
    assertTrue(whoAmIResult.getAuthorizationID().startsWith("dn:"));
    assertDNsEqual(whoAmIResult.getAuthorizationID().substring(3), "cn=Directory Manager");
    final AddRequest addRequest = new AddRequest("dn: ou=test,dc=example,dc=com", "objectClass: top", "objectClass: organizationalUnit", "ou: test");
    assertResultCodeEquals(conn, addRequest, ResultCode.SUCCESS);
    final SearchResult searchResult = conn.search("ou=test,dc=example,dc=com", SearchScope.SUB, "(objectClass=*)");
    assertResultCodeEquals(searchResult, ResultCode.SUCCESS);
    assertEntriesReturnedEquals(searchResult, 1);
    assertDNsEqual(searchResult.getSearchEntries().get(0).getDN(), "ou=test,dc=example,dc=com");
    final CompareRequest compareRequest = new CompareRequest("ou=test,dc=example,dc=com", "ou", "test");
    assertResultCodeEquals(conn, compareRequest, ResultCode.COMPARE_TRUE);
    final ModifyRequest modifyRequest = new ModifyRequest("dn: ou=test,dc=example,dc=com", "changetype: modify", "replace: description", "description: foo");
    assertResultCodeEquals(conn, modifyRequest, ResultCode.SUCCESS);
    final ModifyDNRequest modifyDNRequest = new ModifyDNRequest("ou=test,dc=example,dc=com", "ou=renamed test", true);
    assertResultCodeEquals(conn, modifyDNRequest, ResultCode.SUCCESS);
    final DeleteRequest deleteRequest = new DeleteRequest("ou=renamed test,dc=example,dc=com");
    assertResultCodeEquals(conn, deleteRequest, ResultCode.SUCCESS);
    conn.close();
}
Also used : WhoAmIExtendedResult(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedResult) AddRequest(com.unboundid.ldap.sdk.AddRequest) ModifyDNRequest(com.unboundid.ldap.sdk.ModifyDNRequest) SimpleBindRequest(com.unboundid.ldap.sdk.SimpleBindRequest) CompareRequest(com.unboundid.ldap.sdk.CompareRequest) WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) PLAINBindRequest(com.unboundid.ldap.sdk.PLAINBindRequest) SearchResult(com.unboundid.ldap.sdk.SearchResult) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) ModifyRequest(com.unboundid.ldap.sdk.ModifyRequest) DeleteRequest(com.unboundid.ldap.sdk.DeleteRequest) Test(org.testng.annotations.Test)

Aggregations

WhoAmIExtendedRequest (com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest)37 Test (org.testng.annotations.Test)31 LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)21 WhoAmIExtendedResult (com.unboundid.ldap.sdk.extensions.WhoAmIExtendedResult)15 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)9 Control (com.unboundid.ldap.sdk.Control)8 LDAPException (com.unboundid.ldap.sdk.LDAPException)7 SimpleBindRequest (com.unboundid.ldap.sdk.SimpleBindRequest)7 AuthorizationIdentityRequestControl (com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl)6 AuthorizationIdentityResponseControl (com.unboundid.ldap.sdk.controls.AuthorizationIdentityResponseControl)6 InMemoryDirectoryServer (com.unboundid.ldap.listener.InMemoryDirectoryServer)4 BindResult (com.unboundid.ldap.sdk.BindResult)4 AddRequest (com.unboundid.ldap.sdk.AddRequest)3 CompareRequest (com.unboundid.ldap.sdk.CompareRequest)3 DeleteRequest (com.unboundid.ldap.sdk.DeleteRequest)3 ExtendedResult (com.unboundid.ldap.sdk.ExtendedResult)3 LDAPConnectionOptions (com.unboundid.ldap.sdk.LDAPConnectionOptions)3 ModifyDNRequest (com.unboundid.ldap.sdk.ModifyDNRequest)3 ModifyRequest (com.unboundid.ldap.sdk.ModifyRequest)3 PLAINBindRequest (com.unboundid.ldap.sdk.PLAINBindRequest)3