You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The default UnboundID instance provided by Spring Boot can be partially configured, but unfortunately it lacks the ability to addAdditionalBindCredentials() and import multiple LDIF files (you can define only one via spring.ldap.embedded.ldif).
Not being able to configure additional bind credentials causes conflicting configuration issues:
UnboundID instance provided with Spring Boot uses manager DN uid=admin,ou=system (without base dn) and a hard-coded password - secret.
OpenLDAP via docker container uses cn=admin,dc=carlspring,dc=com (including the base dn) and whatever password you define. You cannot change the managerDn since it will break startup scripts in the image and OpenLDAP won't start.
This becomes an inconvenience when having to test manually, because you are constantly going to be spending time on replacing configuration values via the UI which get lost upon every Strongbox restart (i.e. mvn spring-boot:run, ctrl + c, mvn spring-boot:run).
Using one big LDIF file is not very easy to read and making changes to it would require a full mvn clean install -Dintegration.tests to ensure all tests in all modules are working right. Separating things into one base file and additional LDIF files per test case would improve the reliability since changes would be affecting only certain test cases.
Tasks
Implement a new configuration class which can:
Set additional binding credentials via InMemoryDirectoryServerConfig.addAdditionalBindCredentials().
Note: it's complicated to add dynamic manager credentials (i.e. the property must be a string, but also a collection, and furthermore must allow for DN:password format) which is why this is going to be hardcoded for now and improved if this ever becomes a necessity.
Import multiple LDIF files.
Check org.springframework.security.ldap.server.UnboundIdContainer and org.springframework.boot.autoconfigure.ldap.embedded.EmbeddedLdapAutoConfiguration which can be used as base for this new class.
Go over existing test cases and convert them to use the new configuration class - remove whatever is obsolete.
Align the docker-compose.yml configuration for OpenLDAP so it works agian.
Write a guide regarding how to test this in the README.md files for the related modules.
Task Description
The default
UnboundID
instance provided by Spring Boot can be partially configured, but unfortunately it lacks the ability toaddAdditionalBindCredentials()
and import multiple LDIF files (you can define only one viaspring.ldap.embedded.ldif
).Not being able to configure additional bind credentials causes conflicting configuration issues:
UnboundID
instance provided with Spring Boot uses manager DNuid=admin,ou=system
(withoutbase dn
) and a hard-coded password -secret
.OpenLDAP
via docker container usescn=admin,dc=carlspring,dc=com
(including thebase dn
) and whatever password you define. You cannot change themanagerDn
since it will break startup scripts in the image and OpenLDAP won't start.This becomes an inconvenience when having to test manually, because you are constantly going to be spending time on replacing configuration values via the UI which get lost upon every Strongbox restart (i.e.
mvn spring-boot:run
,ctrl + c
,mvn spring-boot:run
).Using one big LDIF file is not very easy to read and making changes to it would require a full
mvn clean install -Dintegration.tests
to ensure all tests in all modules are working right. Separating things into onebase
file and additional LDIF files per test case would improve the reliability since changes would be affecting only certain test cases.Tasks
InMemoryDirectoryServerConfig.addAdditionalBindCredentials()
.Note: it's complicated to add dynamic manager credentials (i.e. the property must be a string, but also a collection, and furthermore must allow for
DN:password
format) which is why this is going to be hardcoded for now and improved if this ever becomes a necessity.LDIF
files.org.springframework.security.ldap.server.UnboundIdContainer
andorg.springframework.boot.autoconfigure.ldap.embedded.EmbeddedLdapAutoConfiguration
which can be used as base for this new class.docker-compose.yml
configuration for OpenLDAP so it works agian.README.md
files for the related modules.Task Relationships
This task:
Help
The text was updated successfully, but these errors were encountered: