1   /*
2    *   Licensed to the Apache Software Foundation (ASF) under one
3    *   or more contributor license agreements.  See the NOTICE file
4    *   distributed with this work for additional information
5    *   regarding copyright ownership.  The ASF licenses this file
6    *   to you under the Apache License, Version 2.0 (the
7    *   "License"); you may not use this file except in compliance
8    *   with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *   Unless required by applicable law or agreed to in writing,
13   *   software distributed under the License is distributed on an
14   *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *   KIND, either express or implied.  See the License for the
16   *   specific language governing permissions and limitations
17   *   under the License.
18   *
19   */
20  package org.apache.directory.server.operations.bind;
21  
22  
23  import javax.naming.AuthenticationException;
24  
25  import netscape.ldap.LDAPConnection;
26  import netscape.ldap.LDAPConstraints;
27  import netscape.ldap.LDAPControl;
28  import netscape.ldap.LDAPException;
29  
30  import org.apache.directory.server.core.integ.Level;
31  import org.apache.directory.server.core.integ.annotations.ApplyLdifs;
32  import org.apache.directory.server.core.integ.annotations.CleanupLevel;
33  import static org.apache.directory.server.integ.ServerIntegrationUtils.getWiredContext;
34  import org.apache.directory.server.integ.SiRunner;
35  import org.apache.directory.server.ldap.LdapService;
36  import org.junit.Test;
37  import org.junit.runner.RunWith;
38  
39  import static org.junit.Assert.assertEquals;
40  import static org.junit.Assert.fail;
41  
42  
43  /**
44   * Tests the server to make sure standard compare operations work properly.
45   *
46   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
47   * @version $Rev$, $Date$
48   */
49  @RunWith ( SiRunner.class ) 
50  @CleanupLevel ( Level.CLASS )
51  @ApplyLdifs( {
52      // Entry # 1
53      "dn: uid=akarasulu,ou=users,ou=system\n" +
54      "objectClass: uidObject\n" +
55      "objectClass: person\n" +
56      "objectClass: top\n" +
57      "uid: akarasulu\n" +
58      "cn: Alex Karasulu\n" +
59      "sn: karasulu\n\n" + 
60      // Entry # 2
61      "dn: ou=Computers,uid=akarasulu,ou=users,ou=system\n" +
62      "objectClass: organizationalUnit\n" +
63      "objectClass: top\n" +
64      "ou: computers\n" +
65      "description: Computers for Alex\n" +
66      "seeAlso: ou=Machines,uid=akarasulu,ou=users,ou=system\n\n" + 
67      // Entry # 3
68      "dn: uid=akarasuluref,ou=users,ou=system\n" +
69      "objectClass: extensibleObject\n" +
70      "objectClass: uidObject\n" +
71      "objectClass: referral\n" +
72      "objectClass: top\n" +
73      "uid: akarasuluref\n" +
74      "userPassword: secret\n" +
75      "ref: ldap://localhost:10389/uid=akarasulu,ou=users,ou=system\n" + 
76      "ref: ldap://foo:10389/uid=akarasulu,ou=users,ou=system\n" +
77      "ref: ldap://bar:10389/uid=akarasulu,ou=users,ou=system\n\n"
78      }
79  )
80  public class BindIT
81  {
82      public static LdapService ldapService;
83      
84  
85      /**
86       * Test with bindDn which is not even found under any namingContext of the
87       * server.
88       * 
89       * @throws Exception 
90       */
91      @Test
92      public void testBadBindDnNotInContext() throws Exception
93      {
94          try
95          {
96              getWiredContext( ldapService, "cn=bogus", "blah" );
97              fail( "should never get here due to a " );
98          }
99          catch ( AuthenticationException e )
100         {
101         }
102     }
103 
104 
105     /**
106      * Test with bindDn that is under a naming context but points to non-existant user.
107      * @todo make this pass: see http://issues.apache.org/jira/browse/DIREVE-339
108      */
109     //    public void testBadBindDnMalformed() throws Exception
110     //    {
111     //        try
112     //        {
113     //            bind( "system", "blah" );
114     //            fail( "should never get here due to a " );
115     //        }
116     //        catch ( InvalidNameException e ){}
117     //    }
118 
119     /**
120      * Test with bindDn that is under a naming context but points to non-existant user.
121      * 
122      * @throws Exception 
123      */
124     @Test
125     public void testBadBindDnInContext() throws Exception
126     {
127         try
128         {
129             getWiredContext( ldapService, "cn=bogus,ou=system", "blah" );
130             fail( "should never get here due to a " );
131         }
132         catch ( AuthenticationException e )
133         {
134         }
135     }
136 
137     
138     @Test
139     public void testConnectWithIllegalLDAPVersion() throws Exception
140     {
141         LDAPConnection conn = null;
142         
143         try
144         {
145             conn = new LDAPConnection();
146             conn.connect( 100, "localhost", ldapService.getIpPort(), "uid=admin,ou=system", "secret" );
147             fail( "try to connect with illegal version number should fail" );
148         }
149         catch ( LDAPException e )
150         {
151             assertEquals( "statuscode", LDAPException.PROTOCOL_ERROR, e.getLDAPResultCode() );
152         }
153         finally
154         {
155             if ( conn != null )
156             {
157                 conn.disconnect();
158             }
159         }
160     }
161 
162     
163     /**
164      * Tests bind operation on referral entry.
165      */
166     @Test
167     public void testOnReferralWithOrWithoutManageDsaItControl() throws Exception
168     {
169         LDAPConnection conn = new LDAPConnection();
170         LDAPConstraints constraints = new LDAPConstraints();
171         constraints.setClientControls( new LDAPControl( LDAPControl.MANAGEDSAIT, true, new byte[0] ) );
172         constraints.setServerControls( new LDAPControl( LDAPControl.MANAGEDSAIT, true, new byte[0] ) );
173         conn.setConstraints( constraints );
174         
175         try
176         {
177             conn.connect( 3, "localhost", ldapService.getIpPort(), 
178                 "uid=akarasuluref,ou=users,ou=system", "secret", constraints );
179             fail( "try to connect with illegal version number should fail" );
180         }
181         catch( LDAPException e )
182         {
183             assertEquals( "statuscode", LDAPException.INVALID_CREDENTIALS, e.getLDAPResultCode() );
184         }
185         
186         try
187         {
188             conn.connect( 3, "localhost", ldapService.getIpPort(), 
189                 "uid=akarasuluref,ou=users,ou=system", "secret" );
190             fail( "try to connect with illegal version number should fail" );
191         }
192         catch( LDAPException e )
193         {
194             assertEquals( "statuscode", LDAPException.INVALID_CREDENTIALS, e.getLDAPResultCode() );
195         }
196     }
197 }