use of org.graylog2.security.ldap.LdapConnector in project graylog2-server by Graylog2.
the class LdapUserAuthenticatorTest method testSyncFromLdapEntryExistingUser.
@Test
@UsingDataSet(loadStrategy = LoadStrategyEnum.DELETE_ALL)
public void testSyncFromLdapEntryExistingUser() {
final LdapUserAuthenticator authenticator = spy(new LdapUserAuthenticator(ldapConnector, ldapSettingsService, userService, mock(RoleService.class), DateTimeZone.UTC));
final LdapEntry userEntry = new LdapEntry();
final LdapSettings ldapSettings = mock(LdapSettings.class);
when(ldapSettings.getDisplayNameAttribute()).thenReturn("displayName");
when(ldapSettings.getDefaultGroupId()).thenReturn("54e3deadbeefdeadbeef0001");
when(ldapSettings.getAdditionalDefaultGroupIds()).thenReturn(Collections.emptySet());
final HashMap<String, Object> fields = Maps.newHashMap();
fields.put("permissions", Collections.singletonList("test:permission:1234"));
when(userService.load(anyString())).thenReturn(new UserImpl(null, new Permissions(Collections.emptySet()), fields));
final User ldapUser = authenticator.syncFromLdapEntry(userEntry, ldapSettings, "user");
assertThat(ldapUser).isNotNull();
assertThat(ldapUser.getPermissions()).contains("test:permission:1234");
assertThat(ldapUser.isExternalUser()).isTrue();
assertThat(ldapUser.getName()).isEqualTo("user");
assertThat(ldapUser.getEmail()).isEqualTo("user@localhost");
assertThat(ldapUser.getHashedPassword()).isEqualTo("User synced from LDAP.");
assertThat(ldapUser.getTimeZone()).isEqualTo(DateTimeZone.UTC);
assertThat(ldapUser.getRoleIds()).containsOnly("54e3deadbeefdeadbeef0001");
assertThat(ldapUser.getPermissions()).isNotEmpty();
}
use of org.graylog2.security.ldap.LdapConnector in project graylog2-server by Graylog2.
the class LdapUserAuthenticatorTest method testSyncFromLdapEntry.
@Test
@UsingDataSet(loadStrategy = LoadStrategyEnum.DELETE_ALL)
public void testSyncFromLdapEntry() {
final LdapUserAuthenticator authenticator = spy(new LdapUserAuthenticator(ldapConnector, ldapSettingsService, userService, mock(RoleService.class), DateTimeZone.UTC));
final LdapEntry userEntry = new LdapEntry();
final LdapSettings ldapSettings = mock(LdapSettings.class);
when(ldapSettings.getDisplayNameAttribute()).thenReturn("displayName");
when(ldapSettings.getDefaultGroupId()).thenReturn("54e3deadbeefdeadbeef0001");
when(ldapSettings.getAdditionalDefaultGroupIds()).thenReturn(Collections.emptySet());
when(userService.create()).thenReturn(new UserImpl(null, new Permissions(Collections.emptySet()), Maps.newHashMap()));
final User ldapUser = authenticator.syncFromLdapEntry(userEntry, ldapSettings, "user");
assertThat(ldapUser).isNotNull();
assertThat(ldapUser.isExternalUser()).isTrue();
assertThat(ldapUser.getName()).isEqualTo("user");
assertThat(ldapUser.getEmail()).isEqualTo("user@localhost");
assertThat(ldapUser.getHashedPassword()).isEqualTo("User synced from LDAP.");
assertThat(ldapUser.getTimeZone()).isEqualTo(DateTimeZone.UTC);
assertThat(ldapUser.getRoleIds()).containsOnly("54e3deadbeefdeadbeef0001");
assertThat(ldapUser.getPermissions()).isNotEmpty();
}
use of org.graylog2.security.ldap.LdapConnector in project graylog2-server by Graylog2.
the class LdapUserAuthenticatorTest method setUp.
@Before
public void setUp() throws Exception {
server = getLdapServer();
final LdapConnectionConfig ldapConfig = new LdapConnectionConfig();
ldapConfig.setLdapHost("localHost");
ldapConfig.setLdapPort(server.getPort());
ldapConfig.setName(ADMIN_DN);
ldapConfig.setCredentials(ADMIN_PASSWORD);
configuration = mock(Configuration.class);
when(configuration.getPasswordSecret()).thenReturn(PASSWORD_SECRET);
ldapConnector = new LdapConnector(10000);
ldapSettingsService = mock(LdapSettingsService.class);
userService = mock(UserService.class);
ldapSettings = new LdapSettingsImpl(configuration, mock(RoleService.class));
ldapSettings.setEnabled(true);
ldapSettings.setUri(URI.create("ldap://localhost:" + server.getPort()));
ldapSettings.setUseStartTls(false);
ldapSettings.setSystemUsername(ADMIN_DN);
ldapSettings.setSystemPassword(ADMIN_PASSWORD);
ldapSettings.setSearchBase("ou=users,dc=example,dc=com");
ldapSettings.setSearchPattern("(&(objectClass=posixAccount)(uid={0}))");
ldapSettings.setDisplayNameAttribute("cn");
ldapSettings.setActiveDirectory(false);
ldapSettings.setGroupSearchBase("ou=groups,dc=example,dc=com");
ldapSettings.setGroupIdAttribute("cn");
ldapSettings.setGroupSearchPattern("(|(objectClass=groupOfNames)(objectClass=posixGroup))");
}
use of org.graylog2.security.ldap.LdapConnector in project graylog2-server by Graylog2.
the class LdapUserAuthenticatorTest method testDoGetAuthenticationInfoDeniesEmptyPassword.
@Test
public void testDoGetAuthenticationInfoDeniesEmptyPassword() throws Exception {
final LdapUserAuthenticator authenticator = new LdapUserAuthenticator(ldapConnector, ldapSettingsService, userService, mock(RoleService.class), DateTimeZone.UTC);
when(ldapSettingsService.load()).thenReturn(ldapSettings);
assertThat(authenticator.doGetAuthenticationInfo(new UsernamePasswordToken("john", (char[]) null))).isNull();
assertThat(authenticator.doGetAuthenticationInfo(new UsernamePasswordToken("john", new char[0]))).isNull();
}
Aggregations