use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.
the class LdapLoginModuleTest method testRoleMappingAdvanced.
@Test
public void testRoleMappingAdvanced() throws Exception {
Properties options = ldapLoginModuleOptions();
options.put(LDAPOptions.ROLE_MAPPING, "admin=karaf,test;admin=another");
LDAPLoginModule module = new LDAPLoginModule();
Subject subject = new Subject();
module.initialize(subject, new NamePasswordCallbackHandler("admin", "admin123"), null, options);
assertEquals("Precondition", 0, subject.getPrincipals().size());
assertTrue(module.login());
assertTrue(module.commit());
assertEquals(4, subject.getPrincipals().size());
final List<String> roles = new ArrayList<>(Arrays.asList("karaf", "test", "another"));
boolean foundUser = false;
boolean foundRole = false;
for (Principal principal : subject.getPrincipals()) {
if (principal instanceof UserPrincipal) {
assertEquals("admin", principal.getName());
foundUser = true;
} else if (principal instanceof RolePrincipal) {
assertTrue(roles.remove(principal.getName()));
foundRole = true;
}
}
assertTrue(foundUser);
assertTrue(foundRole);
assertTrue(roles.isEmpty());
assertTrue(module.logout());
assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
}
Aggregations