Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +9 −42 Original line number Diff line number Diff line Loading @@ -213,12 +213,6 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO { BindRequest bindRequest = new SimpleBindRequest( getUserDN(username, config.getUsersDN()), password); // // String server = config.getReadOnlyPool().getServers().get(0); // int port = config.getPort(); // LDAPConnection conn = new LDAPConnection(LdapDAO.getSocketFactory(config), server, // config.getPort()); // BindResult bindResult = conn.bind(bindRequest); LDAPConnection conn = this.getUnboundReadConnection(); BindResult bindResult = conn.bind(bindRequest); Loading @@ -244,46 +238,13 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO { throw new AccessControlException("Invalid username"); } throw new RuntimeException("Unexpected LDAP exception", e); } } /** * @return * @throws TransientException */ public Collection<HttpPrincipal> getCadcIDs() throws TransientException else if (e.getResultCode() == ResultCode.UNWILLING_TO_PERFORM) { Filter filter = Filter.createPresenceFilter("uid"); String[] attributes = new String[]{"uid"}; SearchRequest searchRequest = new SearchRequest(config.getUsersDN(), SearchScope.ONE, filter, attributes); SearchResult searchResult = null; try { searchResult = getReadOnlyConnection().search(searchRequest); } catch (LDAPSearchException e) { if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) { logger.debug("Could not find users root", e); throw new IllegalStateException("Could not find users root"); } throw new AccessControlException("Account inactivated"); } LdapDAO.checkLdapResult(searchResult.getResultCode()); Collection<HttpPrincipal> userIDs = new HashSet<HttpPrincipal>(); for (SearchResultEntry next : searchResult.getSearchEntries()) { userIDs.add(new HttpPrincipal(next.getAttributeValue("uid"))); throw new RuntimeException("Unexpected LDAP exception", e); } return userIDs; } /** Loading Loading @@ -479,6 +440,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO try { filter = Filter.createEqualityFilter(searchField, userID.getName()); filter = Filter.createANDFilter(filter, Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock"))); logger.debug("search filter: " + filter); SearchRequest searchRequest = Loading Loading @@ -569,6 +532,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO try { Filter filter = Filter.createEqualityFilter(searchField, userID.getName()); filter = Filter.createANDFilter(filter, Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock"))); profiler.checkpoint("getAugmentedUser.createFilter"); logger.debug("search filter: " + filter); Loading Loading @@ -641,6 +606,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO final Collection<User<Principal>> users = new ArrayList<User<Principal>>(); Filter filter = Filter.createPresenceFilter(LDAP_UID); filter = Filter.createANDFilter(filter, Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock"))); logger.debug("search filter: " + filter); final String[] attributes = new String[] Loading projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapConnectionsTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -86,8 +86,8 @@ public class LdapConnectionsTest public LdapConnectionsTest() { Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.ac", Level.INFO); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.INFO); } @Test Loading projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java +1 −1 Original line number Diff line number Diff line Loading @@ -99,7 +99,7 @@ public class LdapDAOTest extends AbstractLdapDAOTest @BeforeClass public static void setUpBeforeClass() throws Exception { Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.ac", Level.INFO); // get the configuration of the development server from and config files... config = getLdapConfig(); } Loading projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapPersistenceTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -82,8 +82,8 @@ public class LdapPersistenceTest public LdapPersistenceTest() { Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.ac", Level.INFO); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.INFO); } @Test Loading projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java +167 −68 Original line number Diff line number Diff line Loading @@ -74,6 +74,7 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import java.security.AccessControlException; import java.security.Principal; import java.security.PrivilegedExceptionAction; import java.util.Collection; Loading Loading @@ -248,6 +249,9 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest final UserRequest<Principal> userRequest = new UserRequest<Principal>(expected, "123456".toCharArray()); final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.addPendingUser(userRequest); DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUserRequestsDN()); Subject subject = new Subject(); subject.getPrincipals().add(dnPrincipal); Loading @@ -260,9 +264,6 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest { try { final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.addPendingUser(userRequest); final User<Principal> actual = userDAO.getPendingUser(expected.getUserID()); check(expected, actual); Loading Loading @@ -508,7 +509,7 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest /** * Test of deleteUser method, of class LdapUserDAO. */ // @Test @Test public void deleteUser() throws Exception { String userID = createUsername(); Loading @@ -516,16 +517,13 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest HttpPrincipal httpPrincipal = new HttpPrincipal(userID); X500Principal x500Principal = new X500Principal("cn=" + userID + ",ou=cadc,o=hia,c=ca"); final User<HttpPrincipal> expected = new User<HttpPrincipal>(httpPrincipal); final User<Principal> expected = new User<Principal>(httpPrincipal); expected.getIdentities().add(httpPrincipal); expected.getIdentities().add(x500Principal); expected.details.add(new PersonalDetails("foo", "bar")); final UserRequest<HttpPrincipal> userRequest = new UserRequest<HttpPrincipal>(expected, "123456".toCharArray()); final LdapUserDAO<HttpPrincipal> userDAO = getUserDAO(); userDAO.addUser(userRequest); final UserRequest<Principal> userRequest = new UserRequest<Principal>(expected, "123456".toCharArray()); DNPrincipal dnPrincipal = new DNPrincipal("uid=" + userID + "," + config.getUsersDN()); Subject subject = new Subject(); Loading @@ -540,7 +538,16 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest try { final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.addUser(userRequest); userDAO.deleteUser(expected.getUserID()); try { userDAO.getUser(expected.getUserID()); fail("found deleted user"); } catch (UserNotFoundException expected) {} return null; } catch (Exception e) Loading @@ -554,7 +561,7 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest /** * Test of deletePendingUser method, of class LdapUserDAO. */ // @Test @Test public void deletePendingUser() throws Exception { String userID = createUsername(); Loading Loading @@ -585,8 +592,15 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest { try { final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.deletePendingUser(expected.getUserID()); try { userDAO.getPendingUser(expected.getUserID()); fail("found deleted pending user"); } catch (UserNotFoundException expected) {} return null; } catch (Exception e) Loading Loading @@ -728,26 +742,34 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest }); } /** * Test of testGetCadcUserIDs. */ @Test public void testGetCadcUserIDs() throws Exception public void testGetUsers() throws Exception { // anonymous access // try // { // getUserDAO().getUsers(); // fail("anonymous request should throw exception"); // } // catch (AccessControlException expected) {} // authenticated access Subject subject = new Subject(); subject.getPrincipals().add(testUser.getUserID()); subject.getPrincipals().add(testUser1DNPrincipal); // anonymous access int users1 = (Integer) Subject .doAs(subject, new PrivilegedExceptionAction<Object>() Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { final Collection<User<Principal>> users = getUserDAO().getUsers(); assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# users found: " + users.size()); int count = getUserDAO().getCadcIDs().size(); assertTrue(count > 0); return count; return null; } catch (Exception e) { Loading @@ -755,20 +777,36 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest } } }); } @Test public void testGetPendingUsers() throws Exception { // anonymous access try { getUserDAO().getPendingUsers(); fail("anonymous request should throw exception"); } catch (AccessControlException expected) {} // authenticated access Subject subject = new Subject(); subject.getPrincipals().add(testUser.getUserID()); int users2 = (Integer) Subject .doAs(subject, new PrivilegedExceptionAction<Object>() subject.getPrincipals().add(testUser1DNPrincipal); Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { final Collection<User<Principal>> users = getUserDAO().getPendingUsers(); assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# users found: " + users.size()); int count = getUserDAO().getCadcIDs().size(); assertTrue(count > 0); return count; return null; } catch (Exception e) { Loading @@ -776,33 +814,94 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest } } }); assertEquals("User listing should be independent of the access type", users1, users2); } @Test public void testGetUsers() throws Exception public void testDoLogin() throws Exception { final String username = createUsername(); final String password = "123456"; HttpPrincipal userID = new HttpPrincipal(username); X500Principal x500Principal = new X500Principal("cn=" + username + ",ou=cadc,o=hia,c=ca"); NumericPrincipal numericPrincipal = new NumericPrincipal(ran.nextInt(Integer.MAX_VALUE)); final User<Principal> expected = new User<Principal>(userID); expected.getIdentities().add(userID); expected.getIdentities().add(x500Principal); expected.getIdentities().add(numericPrincipal); expected.details.add(new PersonalDetails("foo", "bar")); final UserRequest<Principal> userRequest = new UserRequest<Principal>(expected, password.toCharArray()); DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUsersDN()); Subject subject = new Subject(); subject.getPrincipals().add(dnPrincipal); // do everything as owner Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { // add a user final LdapUserDAO<Principal> userDAO = getUserDAO(); final Collection<User<Principal>> users = userDAO.getUsers(); userDAO.addUser(userRequest); assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# users found: " + users.size()); // login as the user boolean success = userDAO.doLogin(username, password); assertTrue("login failed", success); // login with wrong username try { success = userDAO.doLogin("foo", password); fail("unknown username should throw AccessControlException"); } catch (AccessControlException expected) { log.debug("expected exception " + expected.getMessage()); } @Test public void testGetPendingUsers() throws Exception // login with wrong password try { final LdapUserDAO<Principal> userDAO = getUserDAO(); final Collection<User<Principal>> users = userDAO.getPendingUsers(); success = userDAO.doLogin(username, "foo"); fail("wrong password should throw AccessControlException"); } catch (AccessControlException expected) { log.debug("expected exception " + expected.getMessage()); } assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# pending users found: " + users.size()); // delete the user userDAO.deleteUser(userRequest.getUser().getUserID()); // login as deleted user try { success = userDAO.doLogin(username, password); fail("deactivated user should throw AccessControlException"); } catch (AccessControlException expected) { log.debug("expected exception " + expected.getMessage()); } return null; } catch (Exception e) { throw new Exception("Problems", e); } } }); } // @Test //// @Test public void testSetPassword() throws Exception { // LDAPConnection connection = Loading Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +9 −42 Original line number Diff line number Diff line Loading @@ -213,12 +213,6 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO { BindRequest bindRequest = new SimpleBindRequest( getUserDN(username, config.getUsersDN()), password); // // String server = config.getReadOnlyPool().getServers().get(0); // int port = config.getPort(); // LDAPConnection conn = new LDAPConnection(LdapDAO.getSocketFactory(config), server, // config.getPort()); // BindResult bindResult = conn.bind(bindRequest); LDAPConnection conn = this.getUnboundReadConnection(); BindResult bindResult = conn.bind(bindRequest); Loading @@ -244,46 +238,13 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO { throw new AccessControlException("Invalid username"); } throw new RuntimeException("Unexpected LDAP exception", e); } } /** * @return * @throws TransientException */ public Collection<HttpPrincipal> getCadcIDs() throws TransientException else if (e.getResultCode() == ResultCode.UNWILLING_TO_PERFORM) { Filter filter = Filter.createPresenceFilter("uid"); String[] attributes = new String[]{"uid"}; SearchRequest searchRequest = new SearchRequest(config.getUsersDN(), SearchScope.ONE, filter, attributes); SearchResult searchResult = null; try { searchResult = getReadOnlyConnection().search(searchRequest); } catch (LDAPSearchException e) { if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) { logger.debug("Could not find users root", e); throw new IllegalStateException("Could not find users root"); } throw new AccessControlException("Account inactivated"); } LdapDAO.checkLdapResult(searchResult.getResultCode()); Collection<HttpPrincipal> userIDs = new HashSet<HttpPrincipal>(); for (SearchResultEntry next : searchResult.getSearchEntries()) { userIDs.add(new HttpPrincipal(next.getAttributeValue("uid"))); throw new RuntimeException("Unexpected LDAP exception", e); } return userIDs; } /** Loading Loading @@ -479,6 +440,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO try { filter = Filter.createEqualityFilter(searchField, userID.getName()); filter = Filter.createANDFilter(filter, Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock"))); logger.debug("search filter: " + filter); SearchRequest searchRequest = Loading Loading @@ -569,6 +532,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO try { Filter filter = Filter.createEqualityFilter(searchField, userID.getName()); filter = Filter.createANDFilter(filter, Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock"))); profiler.checkpoint("getAugmentedUser.createFilter"); logger.debug("search filter: " + filter); Loading Loading @@ -641,6 +606,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO final Collection<User<Principal>> users = new ArrayList<User<Principal>>(); Filter filter = Filter.createPresenceFilter(LDAP_UID); filter = Filter.createANDFilter(filter, Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock"))); logger.debug("search filter: " + filter); final String[] attributes = new String[] Loading
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapConnectionsTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -86,8 +86,8 @@ public class LdapConnectionsTest public LdapConnectionsTest() { Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.ac", Level.INFO); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.INFO); } @Test Loading
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java +1 −1 Original line number Diff line number Diff line Loading @@ -99,7 +99,7 @@ public class LdapDAOTest extends AbstractLdapDAOTest @BeforeClass public static void setUpBeforeClass() throws Exception { Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.ac", Level.INFO); // get the configuration of the development server from and config files... config = getLdapConfig(); } Loading
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapPersistenceTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -82,8 +82,8 @@ public class LdapPersistenceTest public LdapPersistenceTest() { Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.DEBUG); Log4jInit.setLevel("ca.nrc.cadc.ac", Level.INFO); Log4jInit.setLevel("ca.nrc.cadc.profiler", Level.INFO); } @Test Loading
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java +167 −68 Original line number Diff line number Diff line Loading @@ -74,6 +74,7 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import java.security.AccessControlException; import java.security.Principal; import java.security.PrivilegedExceptionAction; import java.util.Collection; Loading Loading @@ -248,6 +249,9 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest final UserRequest<Principal> userRequest = new UserRequest<Principal>(expected, "123456".toCharArray()); final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.addPendingUser(userRequest); DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUserRequestsDN()); Subject subject = new Subject(); subject.getPrincipals().add(dnPrincipal); Loading @@ -260,9 +264,6 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest { try { final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.addPendingUser(userRequest); final User<Principal> actual = userDAO.getPendingUser(expected.getUserID()); check(expected, actual); Loading Loading @@ -508,7 +509,7 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest /** * Test of deleteUser method, of class LdapUserDAO. */ // @Test @Test public void deleteUser() throws Exception { String userID = createUsername(); Loading @@ -516,16 +517,13 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest HttpPrincipal httpPrincipal = new HttpPrincipal(userID); X500Principal x500Principal = new X500Principal("cn=" + userID + ",ou=cadc,o=hia,c=ca"); final User<HttpPrincipal> expected = new User<HttpPrincipal>(httpPrincipal); final User<Principal> expected = new User<Principal>(httpPrincipal); expected.getIdentities().add(httpPrincipal); expected.getIdentities().add(x500Principal); expected.details.add(new PersonalDetails("foo", "bar")); final UserRequest<HttpPrincipal> userRequest = new UserRequest<HttpPrincipal>(expected, "123456".toCharArray()); final LdapUserDAO<HttpPrincipal> userDAO = getUserDAO(); userDAO.addUser(userRequest); final UserRequest<Principal> userRequest = new UserRequest<Principal>(expected, "123456".toCharArray()); DNPrincipal dnPrincipal = new DNPrincipal("uid=" + userID + "," + config.getUsersDN()); Subject subject = new Subject(); Loading @@ -540,7 +538,16 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest try { final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.addUser(userRequest); userDAO.deleteUser(expected.getUserID()); try { userDAO.getUser(expected.getUserID()); fail("found deleted user"); } catch (UserNotFoundException expected) {} return null; } catch (Exception e) Loading @@ -554,7 +561,7 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest /** * Test of deletePendingUser method, of class LdapUserDAO. */ // @Test @Test public void deletePendingUser() throws Exception { String userID = createUsername(); Loading Loading @@ -585,8 +592,15 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest { try { final LdapUserDAO<Principal> userDAO = getUserDAO(); userDAO.deletePendingUser(expected.getUserID()); try { userDAO.getPendingUser(expected.getUserID()); fail("found deleted pending user"); } catch (UserNotFoundException expected) {} return null; } catch (Exception e) Loading Loading @@ -728,26 +742,34 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest }); } /** * Test of testGetCadcUserIDs. */ @Test public void testGetCadcUserIDs() throws Exception public void testGetUsers() throws Exception { // anonymous access // try // { // getUserDAO().getUsers(); // fail("anonymous request should throw exception"); // } // catch (AccessControlException expected) {} // authenticated access Subject subject = new Subject(); subject.getPrincipals().add(testUser.getUserID()); subject.getPrincipals().add(testUser1DNPrincipal); // anonymous access int users1 = (Integer) Subject .doAs(subject, new PrivilegedExceptionAction<Object>() Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { final Collection<User<Principal>> users = getUserDAO().getUsers(); assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# users found: " + users.size()); int count = getUserDAO().getCadcIDs().size(); assertTrue(count > 0); return count; return null; } catch (Exception e) { Loading @@ -755,20 +777,36 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest } } }); } @Test public void testGetPendingUsers() throws Exception { // anonymous access try { getUserDAO().getPendingUsers(); fail("anonymous request should throw exception"); } catch (AccessControlException expected) {} // authenticated access Subject subject = new Subject(); subject.getPrincipals().add(testUser.getUserID()); int users2 = (Integer) Subject .doAs(subject, new PrivilegedExceptionAction<Object>() subject.getPrincipals().add(testUser1DNPrincipal); Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { final Collection<User<Principal>> users = getUserDAO().getPendingUsers(); assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# users found: " + users.size()); int count = getUserDAO().getCadcIDs().size(); assertTrue(count > 0); return count; return null; } catch (Exception e) { Loading @@ -776,33 +814,94 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest } } }); assertEquals("User listing should be independent of the access type", users1, users2); } @Test public void testGetUsers() throws Exception public void testDoLogin() throws Exception { final String username = createUsername(); final String password = "123456"; HttpPrincipal userID = new HttpPrincipal(username); X500Principal x500Principal = new X500Principal("cn=" + username + ",ou=cadc,o=hia,c=ca"); NumericPrincipal numericPrincipal = new NumericPrincipal(ran.nextInt(Integer.MAX_VALUE)); final User<Principal> expected = new User<Principal>(userID); expected.getIdentities().add(userID); expected.getIdentities().add(x500Principal); expected.getIdentities().add(numericPrincipal); expected.details.add(new PersonalDetails("foo", "bar")); final UserRequest<Principal> userRequest = new UserRequest<Principal>(expected, password.toCharArray()); DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUsersDN()); Subject subject = new Subject(); subject.getPrincipals().add(dnPrincipal); // do everything as owner Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { // add a user final LdapUserDAO<Principal> userDAO = getUserDAO(); final Collection<User<Principal>> users = userDAO.getUsers(); userDAO.addUser(userRequest); assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# users found: " + users.size()); // login as the user boolean success = userDAO.doLogin(username, password); assertTrue("login failed", success); // login with wrong username try { success = userDAO.doLogin("foo", password); fail("unknown username should throw AccessControlException"); } catch (AccessControlException expected) { log.debug("expected exception " + expected.getMessage()); } @Test public void testGetPendingUsers() throws Exception // login with wrong password try { final LdapUserDAO<Principal> userDAO = getUserDAO(); final Collection<User<Principal>> users = userDAO.getPendingUsers(); success = userDAO.doLogin(username, "foo"); fail("wrong password should throw AccessControlException"); } catch (AccessControlException expected) { log.debug("expected exception " + expected.getMessage()); } assertNotNull("returned users is null", users); assertFalse("no users found", users.isEmpty()); log.debug("# pending users found: " + users.size()); // delete the user userDAO.deleteUser(userRequest.getUser().getUserID()); // login as deleted user try { success = userDAO.doLogin(username, password); fail("deactivated user should throw AccessControlException"); } catch (AccessControlException expected) { log.debug("expected exception " + expected.getMessage()); } return null; } catch (Exception e) { throw new Exception("Problems", e); } } }); } // @Test //// @Test public void testSetPassword() throws Exception { // LDAPConnection connection = Loading
