1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.ssl;
21  
22  
23  import org.apache.directory.server.core.DefaultDirectoryService;
24  import org.apache.directory.server.core.DirectoryService;
25  import org.apache.directory.server.core.integ.IntegrationUtils;
26  import org.apache.directory.server.core.integ.Level;
27  import org.apache.directory.server.core.integ.annotations.CleanupLevel;
28  import org.apache.directory.server.core.integ.annotations.Factory;
29  import org.apache.directory.server.integ.LdapServerFactory;
30  import org.apache.directory.server.integ.SiRunner;
31  import org.apache.directory.server.ldap.LdapService;
32  import org.apache.directory.server.ldap.handlers.bind.MechanismHandler;
33  import org.apache.directory.server.ldap.handlers.bind.SimpleMechanismHandler;
34  import org.apache.directory.server.ldap.handlers.bind.cramMD5.CramMd5MechanismHandler;
35  import org.apache.directory.server.ldap.handlers.bind.digestMD5.DigestMd5MechanismHandler;
36  import org.apache.directory.server.ldap.handlers.bind.gssapi.GssapiMechanismHandler;
37  import org.apache.directory.server.ldap.handlers.bind.ntlm.NtlmMechanismHandler;
38  import org.apache.directory.server.ldap.handlers.extended.StoredProcedureExtendedOperationHandler;
39  import org.apache.directory.server.protocol.shared.SocketAcceptor;
40  import org.apache.directory.server.ssl.SSLSocketFactory;
41  import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
42  import org.apache.mina.util.AvailablePortFinder;
43  import org.junit.Test;
44  import org.junit.runner.RunWith;
45  import static org.junit.Assert.assertNotNull;
46  
47  import javax.naming.NamingException;
48  import javax.naming.directory.Attribute;
49  import javax.naming.directory.Attributes;
50  import javax.naming.directory.BasicAttribute;
51  import javax.naming.directory.BasicAttributes;
52  import javax.naming.directory.DirContext;
53  import javax.naming.directory.InitialDirContext;
54  
55  import java.util.HashMap;
56  import java.util.Hashtable;
57  import java.util.Map;
58  
59  
60  /**
61   * Test case to verify DIREVE-216.  Starts up the server binds via SUN JNDI provider
62   * to perform add modify operations on entries.
63   * 
64   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
65   * @version $Rev: 642496 $
66   */
67  @RunWith ( SiRunner.class ) 
68  @CleanupLevel ( Level.CLASS )
69  @Factory ( LdapsIT.Factory.class )
70  public class LdapsIT
71  {
72      private static final String RDN = "cn=The Person";
73  
74      
75      public static LdapService ldapService;
76  
77      
78      public static class Factory implements LdapServerFactory
79      {
80          public LdapService newInstance() throws Exception
81          {
82              DirectoryService service = new DefaultDirectoryService();
83              IntegrationUtils.doDelete( service.getWorkingDirectory() );
84              service.getChangeLog().setEnabled( true );
85              service.setShutdownHookEnabled( false );
86  
87              // change the working directory to something that is unique
88              // on the system and somewhere either under target directory
89              // or somewhere in a temp area of the machine.
90  
91              LdapService ldapService = new LdapService();
92              ldapService.setDirectoryService( service );
93              ldapService.setSocketAcceptor( new SocketAcceptor( null ) );
94              ldapService.setIpPort( AvailablePortFinder.getNextAvailable( 1024 ) );
95              ldapService.setEnabled( true );
96              ldapService.setEnableLdaps( true );
97              ldapService.setConfidentialityRequired( true );
98              ldapService.addExtendedOperationHandler( new StoredProcedureExtendedOperationHandler() );
99  
100             // Setup SASL Mechanisms
101             
102             Map<String, MechanismHandler> mechanismHandlerMap = new HashMap<String,MechanismHandler>();
103             mechanismHandlerMap.put( SupportedSaslMechanisms.PLAIN, new SimpleMechanismHandler() );
104 
105             CramMd5MechanismHandler cramMd5MechanismHandler = new CramMd5MechanismHandler();
106             mechanismHandlerMap.put( SupportedSaslMechanisms.CRAM_MD5, cramMd5MechanismHandler );
107 
108             DigestMd5MechanismHandler digestMd5MechanismHandler = new DigestMd5MechanismHandler();
109             mechanismHandlerMap.put( SupportedSaslMechanisms.DIGEST_MD5, digestMd5MechanismHandler );
110 
111             GssapiMechanismHandler gssapiMechanismHandler = new GssapiMechanismHandler();
112             mechanismHandlerMap.put( SupportedSaslMechanisms.GSSAPI, gssapiMechanismHandler );
113 
114             NtlmMechanismHandler ntlmMechanismHandler = new NtlmMechanismHandler();
115             mechanismHandlerMap.put( SupportedSaslMechanisms.NTLM, ntlmMechanismHandler );
116             mechanismHandlerMap.put( SupportedSaslMechanisms.GSS_SPNEGO, ntlmMechanismHandler );
117 
118             ldapService.setSaslMechanismHandlers( mechanismHandlerMap );
119 
120             return ldapService;
121         }
122     }
123     
124     
125     /**
126      * Create an entry for a person.
127      */
128     public DirContext getSecureConnection() throws Exception
129     {
130         Hashtable<String, String> env = new Hashtable<String, String>();
131         env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
132         env.put( "java.naming.provider.url", "ldap://localhost:" + ldapService.getIpPort() + "/ou=system" );
133         env.put( "java.naming.ldap.factory.socket", SSLSocketFactory.class.getName() );
134         env.put( "java.naming.security.principal", "uid=admin,ou=system" );
135         env.put( "java.naming.security.credentials", "secret" );
136         env.put( "java.naming.security.authentication", "simple" );
137         return new InitialDirContext( env );
138     }
139 
140 
141     /**
142      * Just a little test to check if the connection is made successfully.
143      * 
144      * @throws NamingException cannot create person
145      */
146     @Test
147     public void testLdapS() throws Exception
148     {
149         // Create a person
150         Attributes attributes = new BasicAttributes( true );
151         Attribute attribute = new BasicAttribute( "objectClass" );
152         attribute.add( "top" );
153         attribute.add( "person" );
154         attributes.put( attribute );
155         attributes.put( "cn", "The Person" );
156         attributes.put( "sn", "Person" );
157         attributes.put( "description", "this is a person" );
158         DirContext ctx = getSecureConnection();
159         DirContext person = ctx.createSubcontext( RDN, attributes );
160 
161         assertNotNull( person );
162     }
163 }