Original file line number Diff line number Diff line change
Expand Up @@ -84,9 +84,6 @@ public class AuthenticationParameterPage extends AbstractConnectionParameterPage
/** The URL simple constant */
private static final String X_AUTH_METHOD_SIMPLE = "Simple"; //$NON-NLS-1$

/** The URL PLAIN constant */
private static final String X_AUTH_METHOD_PLAIN = "PLAIN"; //$NON-NLS-1$

/** The URL DIGEST-MD5 constant */
private static final String X_AUTH_METHOD_DIGEST_MD5 = "DIGEST-MD5"; //$NON-NLS-1$

Expand Down Expand Up @@ -145,9 +142,6 @@ public class AuthenticationParameterPage extends AbstractConnectionParameterPage
/** The text widget to input bind password */
private Text bindPasswordText;

/** The text widget to input the SASL PLAIN autzid (if selected) */
private Text authzidText;

/** The checkbox to choose if the bind password should be saved on disk */
private Button saveBindPasswordButton;

Expand All @@ -173,7 +167,6 @@ public class AuthenticationParameterPage extends AbstractConnectionParameterPage
private Text krb5ConfigManualHostText;
private Text krb5ConfigManualPortText;


/**
* Gets the authentication method.
*
Expand Down Expand Up @@ -223,17 +216,6 @@ private String getBindPassword()
}


/**
* Gets the bind authzid.
*
* @return the authzid
*/
private String getAuthzid()
{
return authzidText.getText();
}


private String getSaslRealm()
{
return saslRealmText.getText();
Expand Down Expand Up @@ -378,10 +360,6 @@ protected void createComposite( Composite parent )
ConnectionUIConstants.DIALOGSETTING_KEY_PRINCIPAL_HISTORY );
bindPrincipalCombo = BaseWidgetUtils.createCombo( composite, dnHistory, -1, 2 );

BaseWidgetUtils.createLabel( composite, Messages.getString( "AuthenticationParameterPage.Authzid" ), 1 ); //$NON-NLS-1$
authzidText = BaseWidgetUtils.createText( composite, "SASL PLAIN only", 2 ); //$NON-NLS-1$
authzidText.setEnabled( false );

BaseWidgetUtils.createLabel( composite, Messages.getString( "AuthenticationParameterPage.BindPassword" ), 1 ); //$NON-NLS-1$
bindPasswordText = BaseWidgetUtils.createPasswordText( composite, StringUtils.EMPTY, 2 ); //$NON-NLS-1$

Expand Down Expand Up @@ -1031,10 +1009,6 @@ public void mergeParametersToLdapURL( ConnectionParameter parameter, LdapUrl lda
{
switch ( parameter.getAuthMethod() )
{
case SASL_PLAIN :
ldapUrl.getExtensions().add( new Extension( false, X_AUTH_METHOD, X_AUTH_METHOD_PLAIN ) );
break;

case SASL_CRAM_MD5:
ldapUrl.getExtensions().add( new Extension( false, X_AUTH_METHOD, X_AUTH_METHOD_CRAM_MD5 ) );
break;
Expand Down Expand Up @@ -1078,7 +1052,6 @@ public void mergeParametersToLdapURL( ConnectionParameter parameter, LdapUrl lda

switch ( parameter.getAuthMethod() )
{
case SASL_PLAIN:
case SASL_CRAM_MD5:
case SASL_DIGEST_MD5:
case SASL_GSSAPI:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -59,13 +59,17 @@ public String getText( Object obj )
{
Connection conn = ( Connection ) obj;

boolean isConnected = conn.getConnectionWrapper().isConnected();
boolean isSecured = conn.getConnectionWrapper().isSecured();
String unsecuredWarning = isConnected && !isSecured ? " UNSECURED! " : ""; //$NON-NLS-1$ //$NON-NLS-2$

if ( conn.getEncryptionMethod() == EncryptionMethod.LDAPS )
{
return conn.getName() + " (LDAPS)"; //$NON-NLS-1$
return conn.getName() + unsecuredWarning + " (LDAPS)"; //$NON-NLS-1$
}
else if ( conn.getEncryptionMethod() == EncryptionMethod.START_TLS )
{
return conn.getName() + " (StartTLS)"; //$NON-NLS-1$
return conn.getName() + unsecuredWarning + " (StartTLS)"; //$NON-NLS-1$
}
else
{
Expand Down Expand Up @@ -99,18 +103,21 @@ else if ( obj instanceof Connection )
{
Connection conn = ( Connection ) obj;

if ( ( conn.getEncryptionMethod() == EncryptionMethod.LDAPS )
|| ( conn.getEncryptionMethod() == EncryptionMethod.START_TLS ) )
boolean isConnected = conn.getConnectionWrapper().isConnected();
boolean isSecured = conn.getConnectionWrapper().isSecured();
boolean isEncryptionConfigured = conn.getEncryptionMethod().isEncrytped();

if ( isConnected )
{
return conn.getConnectionWrapper().isConnected() ? ConnectionUIPlugin.getDefault().getImage(
return isSecured ? ConnectionUIPlugin.getDefault().getImage(
ConnectionUIConstants.IMG_CONNECTION_SSL_CONNECTED )
: ConnectionUIPlugin.getDefault().getImage(
ConnectionUIConstants.IMG_CONNECTION_SSL_DISCONNECTED );
ConnectionUIConstants.IMG_CONNECTION_CONNECTED );
}
else
{
return conn.getConnectionWrapper().isConnected() ? ConnectionUIPlugin.getDefault().getImage(
ConnectionUIConstants.IMG_CONNECTION_CONNECTED )
return isEncryptionConfigured ? ConnectionUIPlugin.getDefault().getImage(
ConnectionUIConstants.IMG_CONNECTION_SSL_DISCONNECTED )
: ConnectionUIPlugin.getDefault().getImage(
ConnectionUIConstants.IMG_CONNECTION_DISCONNECTED );
}
Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ private void startServer()
service.setInterceptors( service.getInterceptors().stream()
.filter( i -> !i.getName().equals( "ConfigurableHashingInterceptor" ) )
.collect( Collectors.toList() ) );
System.out.println( service.getInterceptors() );
service.setAllowAnonymousAccess( true );

server = new LdapServer();
server.setDirectoryService( service );
Expand All @@ -97,6 +97,7 @@ private void startServer()
server.addTransports( ldaps );

server.addSaslMechanismHandler( "SIMPLE", new SimpleMechanismHandler() );
server.addSaslMechanismHandler( "CRAM-MD5", new CramMd5MechanismHandler() );
server.addSaslMechanismHandler( "DIGEST-MD5", new DigestMd5MechanismHandler() );
server.setSaslRealms( Collections.singletonList( "EXAMPLE.ORG" ) );
server.setSaslHost( getHost() );
Expand Down Expand Up @@ -153,6 +154,13 @@ public DirectoryService getService()
}


@Override
public void setConfidentialityRequired( boolean confidentialityRequired )
{
server.setConfidentialityRequired( confidentialityRequired );
}


private ApacheDirectoryServer( int port, int portSSL )
{
super( LdapServerType.ApacheDS, LOCALHOST, port, portSSL, "uid=admin,ou=system", "secret" );
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@

import static org.apache.directory.studio.test.integration.junit5.Constants.LOCALHOST;

import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Modification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;


/**
* An 389ds implementation of a test LDAP server.
Expand Down Expand Up @@ -52,4 +56,15 @@ private Fedora389dsLdapServer()
FEDORA_389DS_ADMIN_DN, FEDORA_389DS_ADMIN_PASSWORD );
}


@Override
public void setConfidentialityRequired( boolean confidentialityRequired )
{
withAdminConnection( connection -> {
Modification modification = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
"nsslapd-require-secure-binds", confidentialityRequired ? "on" : "off" );
connection.modify( "cn=config", modification );
} );

}
}
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,13 @@

import static org.apache.directory.studio.test.integration.junit5.Constants.LOCALHOST;

import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Modification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException;
import org.apache.directory.api.ldap.model.ldif.LdifEntry;
import org.apache.directory.api.ldap.model.ldif.LdifReader;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.ldap.client.api.LdapConnection;


/**
Expand Down Expand Up @@ -63,7 +66,7 @@ public void prepare()
{
super.prepare();

try ( LdapNetworkConnection connection = new LdapNetworkConnection( OPENLDAP_HOST, OPENLDAP_PORT );
try ( LdapConnection connection = openConnection();
LdifReader ldifReader = new LdifReader( TestFixture.class.getResourceAsStream( "OpenLdapConfig.ldif" ) ) )
{
connection.bind( OPENLDAP_CONFIG_DN, OPENLDAP_CONFIG_PASSWORD );
Expand All @@ -81,4 +84,25 @@ public void prepare()
}
}


@Override
public void setConfidentialityRequired( boolean confidentialityRequired )
{
try ( LdapConnection connection = openConnection() )
{
connection.bind( OPENLDAP_CONFIG_DN, OPENLDAP_CONFIG_PASSWORD );
Modification modification = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
"olcSecurity", confidentialityRequired ? "ssf=256 tls=256" : "ssf=0 tls=0" );
connection.modify( "cn=config", modification );
}
catch ( LdapNoSuchAttributeException e )
{
// ignore
}
catch ( Exception e )
{
throw new RuntimeException( "Unexpected exception: " + e, e );
}
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@
import org.apache.directory.api.ldap.model.ldif.LdifEntry;
import org.apache.directory.api.ldap.model.ldif.LdifReader;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.ldap.client.api.NoVerificationTrustManager;
import org.apache.directory.ldap.client.api.exception.InvalidConnectionException;


Expand Down Expand Up @@ -83,13 +85,25 @@ public boolean isAvailable()

public LdapConnection openAdminConnection() throws LdapException
{
LdapConnection connection = new LdapNetworkConnection( host, port );
connection.connect();
LdapConnection connection = openConnection();
connection.bind( adminDn, adminPassword );
return connection;
}


public LdapConnection openConnection() throws LdapException
{
LdapConnectionConfig config = new LdapConnectionConfig();
config.setLdapHost( host );
config.setLdapPort( port );
config.setUseTls( true );
config.setTrustManagers( new NoVerificationTrustManager() );
LdapConnection connection = new LdapNetworkConnection( config );
connection.connect();
return connection;
}


public void withAdminConnection( LdapConnectionConsumer consumer )
{
try ( LdapConnection connection = openAdminConnection() )
Expand Down Expand Up @@ -129,6 +143,7 @@ public void prepare()
TestFixture.createContextEntry( this );
TestFixture.cleanup( this );
TestFixture.importData( this );
setConfidentialityRequired( false );

String serverSpecificLdif = getType().name() + ".ldif";
if ( TestFixture.class.getResource( serverSpecificLdif ) != null )
Expand Down Expand Up @@ -200,6 +215,9 @@ public String getAdminPassword()
}


public abstract void setConfidentialityRequired( boolean confidentialityRequired );


@Override
public String toString()
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,9 @@ dn: cn=config
changetype: modify
replace: olcAuthzRegexp
olcAuthzRegexp: uid=([^,]*),cn=digest-md5,cn=auth uid=$1,ou=users,dc=example,dc=org
olcAuthzRegexp: uid=([^,]*),cn=cram-md5,cn=auth uid=$1,ou=users,dc=example,dc=org
-
replace: olcSaslSecProps
olcSaslSecProps: noplain,noanonymous,minssf=128
olcSaslSecProps: noplain,noanonymous,minssf=0
-

Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,15 @@
import static org.apache.directory.studio.test.integration.junit5.TestFixture.CONTEXT_DN;
import static org.apache.directory.studio.test.integration.junit5.TestFixture.REFERRALS_DN;

import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import org.apache.commons.lang3.ArrayUtils;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.name.Rdn;
import org.apache.directory.studio.connection.core.ConnectionCorePlugin;
import org.apache.directory.studio.test.integration.junit5.SkipTestIfLdapServerIsNotAvailableInterceptor;
import org.apache.directory.studio.test.integration.junit5.TestLdapServer;
import org.apache.directory.studio.test.integration.ui.bots.ApacheDSServersViewBot;
Expand Down Expand Up @@ -76,6 +78,20 @@ final void setUpBase() throws Exception
@AfterEach
final void tearDownBase() throws Exception
{
// clear custom trust stores
X509Certificate[] permanentCertificates = ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager()
.getCertificates();
for ( X509Certificate certificate : permanentCertificates )
{
ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().removeCertificate( certificate );
}
X509Certificate[] temporaryCertificates = ConnectionCorePlugin.getDefault().getSessionTrustStoreManager()
.getCertificates();
for ( X509Certificate certificate : temporaryCertificates )
{
ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().removeCertificate( certificate );
}

connectionsViewBot.deleteTestConnections();
serversViewBot.deleteTestServers();
Assertions.genericTearDownAssertions();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -107,20 +107,6 @@ public void setUp( TestInfo testInfo ) throws Exception
@AfterEach
public void tearDown() throws Exception
{
// delete custom trust stores
X509Certificate[] permanentCertificates = ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager()
.getCertificates();
for ( X509Certificate certificate : permanentCertificates )
{
ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().removeCertificate( certificate );
}
X509Certificate[] temporaryCertificates = ConnectionCorePlugin.getDefault().getSessionTrustStoreManager()
.getCertificates();
for ( X509Certificate certificate : temporaryCertificates )
{
ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().removeCertificate( certificate );
}

// delete custom Java key store settings
System.clearProperty( "javax.net.ssl.trustStore" );
System.clearProperty( "javax.net.ssl.trustStorePassword" );
Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,13 @@ public void clickFinishButton()
}


public ErrorDialogBot clickFinishButtonExpectingError()
{
String shellText = BotUtils.shell( () -> clickFinishButton(), "Error", "Problem Occurred" ).getText();
return new ErrorDialogBot( shellText );
}


public boolean existsCategory( String category )
{
TreeBot treeBot = new TreeBot( bot.tree() );
Expand Down