Skip to content
Permalink
Browse files

Merge branch 'JENKINS-45431' of https://github.com/fcojfernandez/ldap…

…-plugin into JENKINS-45431
  • Loading branch information...
rsandell committed Sep 11, 2017
2 parents fae415f + 5588390 commit 93e23f72d987c6f38639d20cbc8aaca1206c79f4
@@ -24,19 +24,19 @@

package hudson.security;

import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import hudson.model.User;
import hudson.tasks.MailAddressResolver;
import hudson.tasks.Mailer;
import hudson.util.FormValidation;
import hudson.util.Secret;

import java.util.ArrayList;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import jenkins.model.IdStrategy;
import jenkins.security.plugins.ldap.FromGroupSearchLDAPGroupMembershipStrategy;
import jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy;
import jenkins.security.plugins.ldap.LDAPTestConfiguration;
import jenkins.security.plugins.ldap.LDAPRule;
import jenkins.security.plugins.ldap.LDAPSchema;
import jenkins.security.plugins.ldap.*;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.ldap.LdapUserDetails;
@@ -55,6 +55,7 @@
import static org.hamcrest.Matchers.not;
import static org.hamcrest.Matchers.nullValue;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.fail;

@LDAPTestConfiguration
public class LDAPEmbeddedTest {
@@ -488,4 +489,34 @@ public void validate() throws Exception {
assertThat("Always report outer kind as OK", validation.kind, is(FormValidation.Kind.OK));
}

@Test
@LDAPSchema(ldif = "planetexpress", id = "planetexpress", dn = "dc=planetexpress,dc=com")
public void usingEnvironmentProperties() throws Exception {
LDAPConfiguration c = new LDAPConfiguration(ads.getUrl(), "", false, "uid=admin,ou=system", Secret.fromString("pass"));

LDAPSecurityRealm.EnvironmentProperty[] environmentProperties = {new LDAPSecurityRealm.EnvironmentProperty("java.naming.ldap.typesOnly", "true")};
c.setEnvironmentProperties(environmentProperties);

List<LDAPConfiguration> configurations = new ArrayList<LDAPConfiguration>();
configurations.add(c);
LDAPSecurityRealm realm = new LDAPSecurityRealm(
configurations,
false,
new LDAPSecurityRealm.CacheConfiguration(100, 1000),
IdStrategy.CASE_INSENSITIVE,
IdStrategy.CASE_INSENSITIVE
);

r.jenkins.setSecurityRealm(realm);
r.submit(r.createWebClient().goTo("configureSecurity").getFormByName("config"));

try {
r.createWebClient().login("fry", "fry");
fail("Should not be able to login");
} catch (FailingHttpStatusCodeException e) {
System.out.println("Got a bad login==good");
}
}


}
@@ -433,6 +433,53 @@ public void customBeanBindingHindersMultiServerConfig() throws IOException, SAXE

}

@Test
public void configRoundTripEnvironmentProperties() throws Exception {
final String server = "ldap.itd.umich.edu";
final String rootDN = "ou=umich,ou.edu";
final String userSearchBase = "cn=users,ou=umich,ou.edu";
final String managerDN = "cn=admin,ou=umich,ou.edu";
final String managerSecret = "secret";

LDAPConfiguration c = new LDAPConfiguration(server, rootDN, false, managerDN, Secret.fromString(managerSecret));

LDAPSecurityRealm.EnvironmentProperty[] environmentProperties = {new LDAPSecurityRealm.EnvironmentProperty("java.naming.ldap.typesOnly", "true")};
c.setEnvironmentProperties(environmentProperties);
c.setUserSearchBase(userSearchBase);

List<LDAPConfiguration> configurations = new ArrayList<LDAPConfiguration>();
configurations.add(c);
LDAPSecurityRealm realm = new LDAPSecurityRealm(
configurations,
false,
null,
IdStrategy.CASE_INSENSITIVE,
IdStrategy.CASE_INSENSITIVE
);

r.jenkins.setSecurityRealm(realm);

final JenkinsRule.WebClient client = r.createWebClient();
r.submit(client.goTo("configureSecurity").getFormByName("config"));

LDAPSecurityRealm newRealm = (LDAPSecurityRealm) r.jenkins.getSecurityRealm();
assertNotSame(realm, newRealm);
LDAPConfiguration newConfig = newRealm.getConfigurations().get(0);
assertEquals(server, newConfig.getServer());
assertEquals(rootDN, newConfig.getRootDN());
assertEquals(userSearchBase, newConfig.getUserSearchBase());
assertEquals(managerDN, newConfig.getManagerDN());
assertEquals(managerSecret, newConfig.getManagerPassword());
assertThat(newRealm.getUserIdStrategy(), instanceOf(IdStrategy.CaseInsensitive.class));
assertEquals(LDAPSecurityRealm.DescriptorImpl.DEFAULT_USER_SEARCH, newConfig.getUserSearch());
assertEquals(LDAPSecurityRealm.DescriptorImpl.DEFAULT_DISPLAYNAME_ATTRIBUTE_NAME, newConfig.getDisplayNameAttributeName());
assertEquals(LDAPSecurityRealm.DescriptorImpl.DEFAULT_MAILADDRESS_ATTRIBUTE_NAME, newConfig.getMailAddressAttributeName());
assertTrue(newConfig.getEnvironmentProperties().length > 0);
assertEquals(newConfig.getEnvironmentProperties()[0].getName(), c.getEnvironmentProperties()[0].getName());
assertEquals(newConfig.getEnvironmentProperties()[0].getValue(), c.getEnvironmentProperties()[0].getValue());
}


private static class AddServerButtonMatcher extends BaseButtonMatcher {
protected AddServerButtonMatcher() {
super("Add Server");

0 comments on commit 93e23f7

Please sign in to comment.
You can’t perform that action at this time.