Search in sources :

Example 16 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class InMemoryOperationInterceptorTestCase method testIntermediateResponseWithTransformations.

/**
 * Tests to ensure that processing works correctly for intermediate responses.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testIntermediateResponseWithTransformations() throws Exception {
    final LDAPConnection conn = ds.getConnection();
    WhoAmIExtendedRequest whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.INJECT_INTERMEDIATE_RESPONSE));
    TestIntermediateResponseListener testIRListener = new TestIntermediateResponseListener();
    whoAmIRequest.setIntermediateResponseListener(testIRListener);
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    assertEquals(testIRListener.getCount(), 2);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.INJECT_INTERMEDIATE_RESPONSE, ControlBasedOperationInterceptor.TransformType.SUPPRESS_INTERMEDIATE_RESPONSE));
    testIRListener = new TestIntermediateResponseListener();
    whoAmIRequest.setIntermediateResponseListener(testIRListener);
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    assertEquals(testIRListener.getCount(), 0);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.INJECT_INTERMEDIATE_RESPONSE, ControlBasedOperationInterceptor.TransformType.ALTER_INTERMEDIATE_RESPONSE));
    testIRListener = new TestIntermediateResponseListener();
    whoAmIRequest.setIntermediateResponseListener(testIRListener);
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    assertEquals(testIRListener.getCount(), 2);
    whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.INJECT_INTERMEDIATE_RESPONSE, ControlBasedOperationInterceptor.TransformType.INTERMEDIATE_RESPONSE_RUNTIME_EXCEPTION));
    testIRListener = new TestIntermediateResponseListener();
    whoAmIRequest.setIntermediateResponseListener(testIRListener);
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    assertEquals(testIRListener.getCount(), 0);
    conn.close();
}
Also used : WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) TestIntermediateResponseListener(com.unboundid.ldap.sdk.TestIntermediateResponseListener) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) Test(org.testng.annotations.Test)

Example 17 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class InMemoryOperationInterceptorTestCase method testUnsolicitedResponse.

/**
 * Tests to ensure that unsolicited responses are handled properly.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testUnsolicitedResponse() throws Exception {
    final LDAPConnection conn = ds.getConnection();
    final TestUnsolicitedNotificationHandler testNotificationHandler = new TestUnsolicitedNotificationHandler();
    final LDAPConnectionOptions options = conn.getConnectionOptions();
    options.setUnsolicitedNotificationHandler(testNotificationHandler);
    conn.setConnectionOptions(options);
    WhoAmIExtendedRequest whoAmIRequest = new WhoAmIExtendedRequest(ControlBasedOperationInterceptor.createControls(ControlBasedOperationInterceptor.TransformType.INJECT_UNSOLICITED_NOTIFICATION));
    assertResultCodeEquals(conn, whoAmIRequest, ResultCode.SUCCESS);
    assertEquals(testNotificationHandler.getNotificationCount(), 2);
    conn.close();
}
Also used : LDAPConnectionOptions(com.unboundid.ldap.sdk.LDAPConnectionOptions) WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) TestUnsolicitedNotificationHandler(com.unboundid.ldap.sdk.TestUnsolicitedNotificationHandler) Test(org.testng.annotations.Test)

Example 18 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class RetainIdentityRequestControlTestCase method testSendFailedSimpleRequest.

/**
 * Sends a request to the server containing the retain identity request
 * control.  It will establish an unauthenticated connection, then send an
 * authenticated simple bind with invalid credentials including the retain
 * identity request control  It will verify that the identity of the client
 * connection has not changed.
 * <BR><BR>
 * Access to a Directory Server instance is required for complete processing.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testSendFailedSimpleRequest() throws Exception {
    if (!isDirectoryInstanceAvailable()) {
        return;
    }
    LDAPConnection conn = getAdminConnection();
    conn.add(getTestBaseDN(), getBaseEntryAttributes());
    conn.add("dn: uid=test," + getTestBaseDN(), "objectClass: top", "objectClass: person", "objectClass: organizationalPerson", "objectClass: inetOrgPerson", "givenName: Test", "sn: User", "cn: Test User", "uid: test", "userPassword: password");
    // First, use the "Who Am I?" request to get the current authorization
    // identity.
    WhoAmIExtendedResult whoAmIResult = (WhoAmIExtendedResult) conn.processExtendedOperation(new WhoAmIExtendedRequest());
    String authzID = whoAmIResult.getAuthorizationID();
    assertNotNull(authzID);
    // Perform an authenticated simple bind that includes both the retain
    // identity request control and the authorization identity request control.
    Control[] controls = { new RetainIdentityRequestControl() };
    SimpleBindRequest bindRequest = new SimpleBindRequest("uid=test," + getTestBaseDN(), "wrong", controls);
    try {
        BindResult bindResult = conn.bind(bindRequest);
        assertEquals(bindResult.getResultCode(), ResultCode.INVALID_CREDENTIALS);
    } catch (LDAPException le) {
        assertEquals(le.getResultCode(), ResultCode.INVALID_CREDENTIALS);
    }
    // Use the "Who Am I?" request again to verify that the client identity
    // hasn't really changed.
    whoAmIResult = (WhoAmIExtendedResult) conn.processExtendedOperation(new WhoAmIExtendedRequest());
    assertNotNull(whoAmIResult.getAuthorizationID());
    assertEquals(whoAmIResult.getAuthorizationID(), authzID);
    conn.delete("uid=test," + getTestBaseDN());
    conn.delete(getTestBaseDN());
    conn.close();
}
Also used : WhoAmIExtendedResult(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedResult) AuthorizationIdentityRequestControl(com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl) Control(com.unboundid.ldap.sdk.Control) AuthorizationIdentityResponseControl(com.unboundid.ldap.sdk.controls.AuthorizationIdentityResponseControl) SimpleBindRequest(com.unboundid.ldap.sdk.SimpleBindRequest) LDAPException(com.unboundid.ldap.sdk.LDAPException) WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) BindResult(com.unboundid.ldap.sdk.BindResult) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) Test(org.testng.annotations.Test)

Example 19 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class RetainIdentityRequestControlTestCase method testSendAuthenticatedPLAINRequest.

/**
 * Sends a request to the server containing the retain identity request
 * control.  It will establish an unauthenticated connection, then send a SASL
 * PLAIN bind including the retain identity request control  It will verify
 * that the identity of the client connection has not changed.
 * <BR><BR>
 * Access to a Directory Server instance is required for complete processing.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testSendAuthenticatedPLAINRequest() throws Exception {
    if (!isDirectoryInstanceAvailable()) {
        return;
    }
    LDAPConnection conn = getAdminConnection();
    conn.add(getTestBaseDN(), getBaseEntryAttributes());
    conn.add("dn: uid=test," + getTestBaseDN(), "objectClass: top", "objectClass: person", "objectClass: organizationalPerson", "objectClass: inetOrgPerson", "givenName: Test", "sn: User", "cn: Test User", "uid: test", "userPassword: password");
    // First, use the "Who Am I?" request to get the current authorization
    // identity.
    WhoAmIExtendedResult whoAmIResult = (WhoAmIExtendedResult) conn.processExtendedOperation(new WhoAmIExtendedRequest());
    String authzID = whoAmIResult.getAuthorizationID();
    assertNotNull(authzID);
    // Perform an authenticated simple bind that includes both the retain
    // identity request control and the authorization identity request control.
    Control[] controls = { new RetainIdentityRequestControl(), new AuthorizationIdentityRequestControl() };
    PLAINBindRequest bindRequest = new PLAINBindRequest("dn:uid=test," + getTestBaseDN(), "password", controls);
    BindResult bindResult = conn.bind(bindRequest);
    assertEquals(bindResult.getResultCode(), ResultCode.SUCCESS);
    boolean authzIDFound = false;
    for (Control c : bindResult.getResponseControls()) {
        if (c instanceof AuthorizationIdentityResponseControl) {
            authzIDFound = true;
            String bindAuthzID = ((AuthorizationIdentityResponseControl) c).getAuthorizationID();
            assertNotNull(bindAuthzID);
            assertFalse(bindAuthzID.equals(authzID));
            break;
        }
    }
    assertTrue(authzIDFound);
    // Use the "Who Am I?" request again to verify that the client identity
    // hasn't really changed.
    whoAmIResult = (WhoAmIExtendedResult) conn.processExtendedOperation(new WhoAmIExtendedRequest());
    assertNotNull(whoAmIResult.getAuthorizationID());
    assertEquals(whoAmIResult.getAuthorizationID(), authzID);
    conn.delete("uid=test," + getTestBaseDN());
    conn.delete(getTestBaseDN());
    conn.close();
}
Also used : WhoAmIExtendedResult(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedResult) AuthorizationIdentityRequestControl(com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl) Control(com.unboundid.ldap.sdk.Control) AuthorizationIdentityResponseControl(com.unboundid.ldap.sdk.controls.AuthorizationIdentityResponseControl) WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) AuthorizationIdentityResponseControl(com.unboundid.ldap.sdk.controls.AuthorizationIdentityResponseControl) PLAINBindRequest(com.unboundid.ldap.sdk.PLAINBindRequest) AuthorizationIdentityRequestControl(com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl) BindResult(com.unboundid.ldap.sdk.BindResult) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) Test(org.testng.annotations.Test)

Example 20 with WhoAmIExtendedRequest

use of com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest in project ldapsdk by pingidentity.

the class MoveSubtree method getAuthenticatedUserDN.

/**
 * Retrieves the DN of the user authenticated on the provided connection.  It
 * will first try to look at the last successful bind request processed on the
 * connection, and will fall back to using the "Who Am I?" extended request.
 *
 * @param  connection        The connection for which to make the
 *                           determination.
 * @param  isSource          Indicates whether the connection is to the source
 *                           or target server.
 * @param  opPurposeControl  An optional operation purpose request control
 *                           that may be included in the request.
 *
 * @return  The DN of the user authenticated on the provided connection, or
 *          {@code null} if the connection is not authenticated.
 *
 * @throws  LDAPException  If a problem is encountered while making the
 *                         determination.
 */
@Nullable()
private static String getAuthenticatedUserDN(@NotNull final LDAPConnection connection, final boolean isSource, @Nullable final OperationPurposeRequestControl opPurposeControl) throws LDAPException {
    final BindRequest bindRequest = InternalSDKHelper.getLastBindRequest(connection);
    if ((bindRequest != null) && (bindRequest instanceof SimpleBindRequest)) {
        final SimpleBindRequest r = (SimpleBindRequest) bindRequest;
        return r.getBindDN();
    }
    final Control[] controls;
    if (opPurposeControl == null) {
        controls = StaticUtils.NO_CONTROLS;
    } else {
        controls = new Control[] { opPurposeControl };
    }
    final String connectionName = isSource ? INFO_MOVE_SUBTREE_CONNECTION_NAME_SOURCE.get() : INFO_MOVE_SUBTREE_CONNECTION_NAME_TARGET.get();
    final WhoAmIExtendedResult whoAmIResult;
    try {
        whoAmIResult = (WhoAmIExtendedResult) connection.processExtendedOperation(new WhoAmIExtendedRequest(controls));
    } catch (final LDAPException le) {
        Debug.debugException(le);
        throw new LDAPException(le.getResultCode(), ERR_MOVE_SUBTREE_ERROR_INVOKING_WHO_AM_I.get(connectionName, StaticUtils.getExceptionMessage(le)), le);
    }
    if (whoAmIResult.getResultCode() != ResultCode.SUCCESS) {
        throw new LDAPException(whoAmIResult.getResultCode(), ERR_MOVE_SUBTREE_ERROR_INVOKING_WHO_AM_I.get(connectionName, whoAmIResult.getDiagnosticMessage()));
    }
    final String authzID = whoAmIResult.getAuthorizationID();
    if ((authzID != null) && authzID.startsWith("dn:")) {
        return authzID.substring(3);
    } else {
        throw new LDAPException(ResultCode.UNWILLING_TO_PERFORM, ERR_MOVE_SUBTREE_CANNOT_IDENTIFY_CONNECTED_USER.get(connectionName));
    }
}
Also used : WhoAmIExtendedResult(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedResult) SimpleBindRequest(com.unboundid.ldap.sdk.SimpleBindRequest) Control(com.unboundid.ldap.sdk.Control) RealAttributesOnlyRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.RealAttributesOnlyRequestControl) OperationPurposeRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl) SuppressReferentialIntegrityUpdatesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SuppressReferentialIntegrityUpdatesRequestControl) SoftDeletedEntryAccessRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SoftDeletedEntryAccessRequestControl) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) ReturnConflictEntriesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.ReturnConflictEntriesRequestControl) DraftLDUPSubentriesRequestControl(com.unboundid.ldap.sdk.controls.DraftLDUPSubentriesRequestControl) LDAPException(com.unboundid.ldap.sdk.LDAPException) WhoAmIExtendedRequest(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest) BindRequest(com.unboundid.ldap.sdk.BindRequest) SimpleBindRequest(com.unboundid.ldap.sdk.SimpleBindRequest) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) Nullable(com.unboundid.util.Nullable)

Aggregations

WhoAmIExtendedRequest (com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest)37 Test (org.testng.annotations.Test)31 LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)21 WhoAmIExtendedResult (com.unboundid.ldap.sdk.extensions.WhoAmIExtendedResult)15 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)9 Control (com.unboundid.ldap.sdk.Control)8 LDAPException (com.unboundid.ldap.sdk.LDAPException)7 SimpleBindRequest (com.unboundid.ldap.sdk.SimpleBindRequest)7 AuthorizationIdentityRequestControl (com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl)6 AuthorizationIdentityResponseControl (com.unboundid.ldap.sdk.controls.AuthorizationIdentityResponseControl)6 InMemoryDirectoryServer (com.unboundid.ldap.listener.InMemoryDirectoryServer)4 BindResult (com.unboundid.ldap.sdk.BindResult)4 AddRequest (com.unboundid.ldap.sdk.AddRequest)3 CompareRequest (com.unboundid.ldap.sdk.CompareRequest)3 DeleteRequest (com.unboundid.ldap.sdk.DeleteRequest)3 ExtendedResult (com.unboundid.ldap.sdk.ExtendedResult)3 LDAPConnectionOptions (com.unboundid.ldap.sdk.LDAPConnectionOptions)3 ModifyDNRequest (com.unboundid.ldap.sdk.ModifyDNRequest)3 ModifyRequest (com.unboundid.ldap.sdk.ModifyRequest)3 PLAINBindRequest (com.unboundid.ldap.sdk.PLAINBindRequest)3