1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.operations.bind;
21
22
23 import java.util.Hashtable;
24
25 import javax.naming.AuthenticationException;
26 import javax.naming.Context;
27 import javax.naming.InvalidNameException;
28 import javax.naming.NamingException;
29 import javax.naming.OperationNotSupportedException;
30 import javax.naming.directory.Attribute;
31 import javax.naming.directory.Attributes;
32 import javax.naming.directory.BasicAttribute;
33 import javax.naming.directory.BasicAttributes;
34 import javax.naming.directory.DirContext;
35 import javax.naming.directory.InitialDirContext;
36
37 import org.apache.directory.server.core.integ.Level;
38 import org.apache.directory.server.core.integ.annotations.ApplyLdifs;
39 import org.apache.directory.server.core.integ.annotations.CleanupLevel;
40 import org.apache.directory.server.integ.SiRunner;
41 import org.apache.directory.server.ldap.LdapService;
42
43 import static org.junit.Assert.fail;
44 import static org.junit.Assert.assertTrue;
45 import static org.junit.Assert.assertEquals;
46 import static org.junit.Assert.assertNotNull;
47 import org.junit.Test;
48 import org.junit.runner.RunWith;
49
50
51
52
53
54
55
56
57 @RunWith ( SiRunner.class )
58 @CleanupLevel ( Level.CLASS )
59 @ApplyLdifs( {
60
61 "dn: uid=hnelson,ou=users,ou=system\n" +
62 "objectClass: inetOrgPerson\n" +
63 "objectClass: organizationalPerson\n" +
64 "objectClass: person\n" +
65 "objectClass: top\n" +
66 "userPassword: secret\n" +
67 "uid: hnelson\n" +
68 "cn: Horatio Nelson\n" +
69 "sn: Nelson\n\n"
70 }
71 )
72 public class SimpleBindIT
73 {
74 private static final String BASE = "ou=users,ou=system";
75
76
77 public static LdapService ldapService;
78
79
80
81
82
83 protected Attributes getPersonAttributes( String sn, String cn, String uid, String userPassword )
84 {
85 Attributes attrs = new BasicAttributes( true );
86 Attribute ocls = new BasicAttribute( "objectClass" );
87 ocls.add( "top" );
88 ocls.add( "person" );
89 ocls.add( "inetOrgPerson" );
90 attrs.put( ocls );
91 attrs.put( "cn", cn );
92 attrs.put( "sn", sn );
93 attrs.put( "uid", uid );
94 attrs.put( "userPassword", userPassword );
95
96 return attrs;
97 }
98
99
100
101
102
103 protected Attributes getOrgUnitAttributes( String ou )
104 {
105 Attributes attrs = new BasicAttributes( true );
106 Attribute ocls = new BasicAttribute( "objectClass" );
107 ocls.add( "top" );
108 ocls.add( "organizationalUnit" );
109 attrs.put( ocls );
110 attrs.put( "ou", ou );
111
112 return attrs;
113 }
114
115
116
117
118
119 @Test
120 public void testSimpleBind()
121 {
122 Hashtable<String, String> env = new Hashtable<String, String>();
123 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
124 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
125 env.put( Context.SECURITY_AUTHENTICATION, "simple" );
126 env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson," + BASE );
127 env.put( Context.SECURITY_CREDENTIALS, "secret" );
128
129 try
130 {
131 DirContext context = new InitialDirContext( env );
132
133 String[] attrIDs =
134 { "uid" };
135
136 Attributes attrs = context.getAttributes( "uid=hnelson," + BASE, attrIDs );
137
138 String uid = null;
139
140 if ( attrs.get( "uid" ) != null )
141 {
142 uid = ( String ) attrs.get( "uid" ).get();
143 }
144
145 assertEquals( uid, "hnelson" );
146 }
147 catch ( NamingException e )
148 {
149 fail( "Should not have caught exception." );
150 }
151 }
152
153
154
155
156
157 @Test
158 public void testSimpleBindBadPassword()
159 {
160 Hashtable<String, String> env = new Hashtable<String, String>();
161 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
162 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
163 env.put( Context.SECURITY_AUTHENTICATION, "simple" );
164 env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson," + BASE );
165 env.put( Context.SECURITY_CREDENTIALS, "badsecret" );
166
167 try
168 {
169 new InitialDirContext( env );
170 }
171 catch ( AuthenticationException ae )
172 {
173
174 assertTrue( ae.getMessage().contains( "error code 49" ) );
175 }
176 catch ( NamingException e )
177 {
178 fail();
179 }
180 }
181
182
183
184
185
186 @Test
187 public void testSimpleBindBadUserPassword()
188 {
189 Hashtable<String, String> env = new Hashtable<String, String>();
190 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
191 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
192
193 env.put( Context.SECURITY_AUTHENTICATION, "simple" );
194 env.put( Context.SECURITY_PRINCIPAL, "hnelson" );
195 env.put( Context.SECURITY_CREDENTIALS, "secret" );
196
197 try
198 {
199 new InitialDirContext( env );
200 }
201 catch ( InvalidNameException ine )
202 {
203
204 assertTrue( ine.getMessage().startsWith( "[LDAP: error code 34 - Incorrect DN given" ) );
205 }
206 catch ( NamingException e )
207 {
208 fail();
209 }
210 }
211
212
213
214
215
216 @Test
217 public void testSimpleBindUnknowUserPassword()
218 {
219 Hashtable<String, String> env = new Hashtable<String, String>();
220 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
221 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
222 env.put( Context.SECURITY_AUTHENTICATION, "simple" );
223 env.put( Context.SECURITY_PRINCIPAL, "uid=unknown,ou=system" );
224 env.put( Context.SECURITY_CREDENTIALS, "secret" );
225
226 try
227 {
228 new InitialDirContext( env );
229 }
230 catch ( AuthenticationException ae )
231 {
232 }
233 catch ( NamingException e )
234 {
235 fail( "Expected AuthenticationException with error code 49 for invalidate credentials instead got: "
236 + e.getMessage() );
237 }
238 }
239
240
241
242
243
244 @Test
245 public void testSimpleBindNoUserNoPassword()
246 {
247 boolean oldValue = ldapService.getDirectoryService().isAllowAnonymousAccess();
248 ldapService.getDirectoryService().setAllowAnonymousAccess( false );
249 ldapService.setAllowAnonymousAccess( false );
250
251 Hashtable<String, String> env = new Hashtable<String, String>();
252 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
253 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
254 env.put( Context.SECURITY_AUTHENTICATION, "simple" );
255 env.put( Context.SECURITY_PRINCIPAL, "" );
256 env.put( Context.SECURITY_CREDENTIALS, "" );
257
258 String[] attrIDs = { "*", "+" };
259 DirContext ctx = null;
260
261
262 try
263 {
264 ctx = new InitialDirContext(env);
265 }
266 catch ( NamingException ne )
267 {
268 fail();
269 }
270
271
272
273 try
274 {
275 Attributes attrs = ctx.getAttributes( "", attrIDs );
276
277 assertNotNull( attrs );
278 assertEquals( "Apache Software Foundation", attrs.get( "vendorName" ).get() );
279 }
280 catch ( NamingException ne )
281 {
282 fail();
283 }
284
285
286 try
287 {
288 Attributes attrs = ctx.getAttributes( "uid=admin,ou=system", attrIDs );
289
290 assertNotNull( attrs );
291 assertEquals( 0, attrs.size() );
292 fail( "Should not be able to read the root DSE" );
293 }
294 catch ( NamingException ne )
295 {
296 }
297
298 ldapService.getDirectoryService().setAllowAnonymousAccess( oldValue );
299 ldapService.setAllowAnonymousAccess( oldValue );
300 }
301
302
303
304
305
306 @Test
307 public void testSimpleBindUserNoPassword()
308 {
309 Hashtable<String, String> env = new Hashtable<String, String>();
310 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
311 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
312 env.put( Context.SECURITY_AUTHENTICATION, "simple" );
313 env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
314 env.put( Context.SECURITY_CREDENTIALS, "" );
315
316
317 try
318 {
319 new InitialDirContext(env);
320 }
321 catch ( OperationNotSupportedException onse )
322 {
323
324 assertTrue( onse.getMessage().contains( "error code 53" ) );
325 }
326 catch ( NamingException ne )
327 {
328 fail();
329 }
330 }
331
332
333
334
335
336 @Test
337 public void testSimpleBindNoUserPassword() throws Exception
338 {
339 Hashtable<String, String> env = new Hashtable<String, String>();
340 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
341 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
342
343 env.put( Context.SECURITY_AUTHENTICATION, "simple" );
344 env.put( Context.SECURITY_PRINCIPAL, "" );
345 env.put( Context.SECURITY_CREDENTIALS, "secret" );
346
347
348 try
349 {
350 new InitialDirContext(env);
351 }
352 catch ( AuthenticationException ae )
353 {
354 }
355 catch ( NamingException ne )
356 {
357 fail( "Expected AuthenticationException but instead got: " + ne.getMessage() );
358 }
359 }
360
361
362
363
364
365
366 @Test
367 public void testAnonymousRootDSE()
368 {
369 boolean oldValue = ldapService.getDirectoryService().isAllowAnonymousAccess();
370 ldapService.getDirectoryService().setAllowAnonymousAccess( false );
371
372 try
373 {
374 Hashtable<String, String> env = new Hashtable<String, String>();
375 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
376 env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapService.getIpPort() );
377
378 DirContext context = new InitialDirContext( env );
379
380 String[] attrIDs =
381 { "vendorName" };
382
383 Attributes attrs = context.getAttributes( "", attrIDs );
384
385 String vendorName = null;
386
387 if ( attrs.get( "vendorName" ) != null )
388 {
389 vendorName = ( String ) attrs.get( "vendorName" ).get();
390 }
391
392 assertEquals( "Apache Software Foundation", vendorName );
393 }
394 catch ( NamingException e )
395 {
396 e.printStackTrace();
397 fail( "Should not have caught exception." );
398 }
399 finally
400 {
401 ldapService.getDirectoryService().setAllowAnonymousAccess( oldValue );
402 }
403 }
404 }