Add test for using LDAP reserved characters in password
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/645d1a22 Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/645d1a22 Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/645d1a22 Branch: refs/heads/karaf-2.3.x Commit: 645d1a22fff343a9bf945ae62e6b4ed715234be3 Parents: 87c6031 Author: Jonathan Anstey <[email protected]> Authored: Wed Apr 30 15:51:13 2014 -0230 Committer: Jonathan Anstey <[email protected]> Committed: Wed Apr 30 15:52:42 2014 -0230 ---------------------------------------------------------------------- .../jaas/modules/ldap/LdapLoginModuleTest.java | 1 - .../ldap/LdapSpecialCharsInPasswordTest.java | 69 ++++++++++++++++++++ .../ldap_special_char_in_password.properties | 36 ++++++++++ 3 files changed, 105 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/karaf/blob/645d1a22/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapLoginModuleTest.java ---------------------------------------------------------------------- diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapLoginModuleTest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapLoginModuleTest.java index 40604d0..01135b0 100644 --- a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapLoginModuleTest.java +++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapLoginModuleTest.java @@ -35,7 +35,6 @@ import javax.security.auth.callback.*; import java.io.File; import java.io.IOException; import java.security.Principal; - import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertEquals; http://git-wip-us.apache.org/repos/asf/karaf/blob/645d1a22/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapSpecialCharsInPasswordTest.java ---------------------------------------------------------------------- diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapSpecialCharsInPasswordTest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapSpecialCharsInPasswordTest.java new file mode 100644 index 0000000..d286ea1 --- /dev/null +++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapSpecialCharsInPasswordTest.java @@ -0,0 +1,69 @@ +/* + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * under the License. + */ +package org.apache.karaf.jaas.modules.ldap; + +import java.io.File; +import java.io.IOException; +import org.apache.directory.api.ldap.model.constants.SchemaConstants; +import org.apache.directory.api.ldap.model.message.ModifyRequest; +import org.apache.directory.api.ldap.model.message.ModifyRequestImpl; +import org.apache.directory.api.ldap.model.name.Dn; +import org.apache.directory.ldap.client.api.LdapConnection; +import org.apache.directory.ldap.client.api.LdapNetworkConnection; +import org.apache.directory.server.core.integ.FrameworkRunner; +import org.apache.directory.server.annotations.CreateLdapServer; +import org.apache.directory.server.annotations.CreateTransport; +import org.apache.directory.server.core.annotations.ApplyLdifFiles; +import org.apache.directory.server.core.annotations.CreateDS; +import org.apache.directory.server.core.annotations.CreatePartition; +import org.apache.felix.utils.properties.Properties; +import org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest; +import org.junit.Before; +import org.junit.runner.RunWith; + +@RunWith ( FrameworkRunner.class ) +@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP", port=9999)}) +@CreateDS(name = "LdapSpecialCharsInPasswordTest-class", + partitions = { @CreatePartition(name = "example", suffix = "dc=example,dc=com") }) +@ApplyLdifFiles( + "org/apache/karaf/jaas/modules/ldap/example.com.ldif" +) +public class LdapSpecialCharsInPasswordTest extends LdapLoginModuleTest { + + private static final String NEW_CONNECTION_PASSWORD = "#a&b{>c=<12~d%"; + + protected Properties ldapLoginModuleOptions() throws IOException { + return new Properties(new File("src/test/resources/org/apache/karaf/jaas/modules/ldap/ldap_special_char_in_password.properties")); + } + + @Before + public void changeAdminPassword() throws Exception { + LdapConnection connection = new LdapNetworkConnection( "localhost", 9999 ); + connection.bind( "uid=admin,ou=system", "secret"); + Dn adminDn = new Dn( "uid=admin,ou=system" ); + ModifyRequest modReq = new ModifyRequestImpl(); + modReq.setName( adminDn ); + modReq.replace( SchemaConstants.USER_PASSWORD_AT, NEW_CONNECTION_PASSWORD ); + connection.modify( modReq ); + connection.close(); + + // check that we actually changed the admin connection password + connection = new LdapNetworkConnection( "localhost", 9999 ); + connection.bind( "uid=admin,ou=system", NEW_CONNECTION_PASSWORD); + connection.close(); + } +} + \ No newline at end of file http://git-wip-us.apache.org/repos/asf/karaf/blob/645d1a22/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/ldap/ldap_special_char_in_password.properties ---------------------------------------------------------------------- diff --git a/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/ldap/ldap_special_char_in_password.properties b/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/ldap/ldap_special_char_in_password.properties new file mode 100644 index 0000000..858bba0 --- /dev/null +++ b/jaas/modules/src/test/resources/org/apache/karaf/jaas/modules/ldap/ldap_special_char_in_password.properties @@ -0,0 +1,36 @@ +################################################################################ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +debug=true +connection.url=ldap://127.0.0.1:9999 +connection.username=uid=admin,ou=system +connection.password=#a&b{>c=<12~d% +connection.protocol= +authentication=simple + +user.base.dn=ou=people,dc=example,dc=com +user.filter=(uid=%u) +user.search.subtree=true + +role.base.dn=ou=groups,dc=example,dc=com +role.name.attribute=cn +role.filter=(member=%fqdn) +role.search.subtree=true + +initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
