mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-server-legacy/src/test/java/org/opends/server/tools/LDAPAuthenticationHandlerTestCase.java
@@ -31,7 +31,6 @@ import java.util.Map; import java.util.concurrent.atomic.AtomicInteger; import org.forgerock.i18n.LocalizableMessage; import org.forgerock.opendj.ldap.ByteString; import org.opends.server.TestCaseUtils; import org.opends.server.api.SASLMechanismHandler; @@ -46,9 +45,7 @@ import com.forgerock.opendj.cli.ClientException; /** * A set of test cases for the LDAP authentication handler. */ /** A set of test cases for the LDAP authentication handler. */ public class LDAPAuthenticationHandlerTestCase extends ToolsTestCase { @@ -67,8 +64,6 @@ getFQDN(); } /** * Retrieves the names of the supported SASL mechanisms. * @@ -88,8 +83,6 @@ }; } /** * Tests the <CODE>getSupportedSASLMechanisms</CODE> method. * @@ -114,29 +107,16 @@ @Test(dataProvider = "saslMechanisms") public void testGetSASLProperties(String saslMechanismName) { LinkedHashMap<String, LocalizableMessage> properties = LDAPAuthenticationHandler.getSASLProperties(saslMechanismName); assertNotNull(properties); assertNotNull(LDAPAuthenticationHandler.getSASLProperties(saslMechanismName)); } /** * Tests the <CODE>getSASLProperties</CODE> method with an unsupported * mechanism name. */ /** Tests the <CODE>getSASLProperties</CODE> method with an unsupported mechanism name. */ @Test public void testGetSASLPropertiesInvlaid() public void testGetSASLPropertiesInvalid() { LinkedHashMap<String,LocalizableMessage> properties = LDAPAuthenticationHandler.getSASLProperties("unsupportedMechanism"); assertNull(properties); assertNull(LDAPAuthenticationHandler.getSASLProperties("unsupportedMechanism")); } /** * Tests the <CODE>doSimpleBind</CODE> method with a valid DN and password and * with no request controls. @@ -147,8 +127,8 @@ public void testDoSimpleBindWithValidDNAndPWNoControls() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -157,8 +137,6 @@ } } /** * Tests the <CODE>doSimpleBind</CODE> method with a null DN and password and * no request controls. @@ -169,8 +147,8 @@ public void testDoSimpleBindWithNullDNAndPWNoControls() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -178,8 +156,6 @@ } } /** * Tests the <CODE>doSimpleBind</CODE> method with an empty DN and password * and no request controls. @@ -190,8 +166,8 @@ public void testDoSimpleBindWithEmptyDNAndPWNoControls() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -199,20 +175,18 @@ } } /** * Tests the <CODE>doSimpleBind</CODE> method with an valid DN but no * password. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSimpleBindWithDNButNoPassword() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { @@ -223,20 +197,18 @@ } } /** * Tests the <CODE>doSimpleBind</CODE> method with an valid DN but an invalid * password. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSimpleBindWithDNButInvalidPassword() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { @@ -247,8 +219,6 @@ } } /** * Tests the <CODE>doSimpleBind</CODE> method with the password policy * request control. @@ -259,8 +229,8 @@ public void testDoSimpleBindWithPasswordPolicyControl() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); requestControls.add(new PasswordPolicyRequestControl()); try (Socket s = newSocket()) { @@ -270,20 +240,18 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method with a null mechanism. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindNullMechanism() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); try (Socket s = newSocket()) { @@ -292,20 +260,18 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method with an empty mechanism. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindEmptyMechanism() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); try (Socket s = newSocket()) { @@ -314,20 +280,18 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method with an invalid mechanism. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindInvalidMechanism() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); try (Socket s = newSocket()) { @@ -337,19 +301,17 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which ANONYMOUS * authentication is disabled in the server. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindAnonymousDisabled() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("trace", newArrayList("testDoSASLBindAnonymousDisabled")); try (Socket s = newSocket()) @@ -359,8 +321,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which ANONYMOUS * authentication is enabled in the server. @@ -374,7 +334,7 @@ AnonymousSASLMechanismHandler handler = new AnonymousSASLMechanismHandler(); handler.initializeSASLMechanismHandler(null); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("trace", newArrayList("testDoSASLBindAnonymous")); try (Socket s = newSocket()) @@ -399,7 +359,7 @@ AnonymousSASLMechanismHandler handler = new AnonymousSASLMechanismHandler(); handler.initializeSASLMechanismHandler(null); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); try (Socket s = newSocket()) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -408,8 +368,6 @@ handler.finalizeSASLMechanismHandler(); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which ANONYMOUS * authentication is enabled in the server and multiple trace values are @@ -417,14 +375,14 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindAnonymousMultivaluedTrace() throws Exception { AnonymousSASLMechanismHandler handler = new AnonymousSASLMechanismHandler(); handler.initializeSASLMechanismHandler(null); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("trace", newArrayList("testDoSASLBindAnonymousMultivaluedTrace", "aSecondTraceStringWhichIsInvalid")); @@ -439,8 +397,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which ANONYMOUS * authentication is enabled in the server and an invalid SASL property is @@ -448,14 +404,14 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindAnonymousInvalidProperty() throws Exception { AnonymousSASLMechanismHandler handler = new AnonymousSASLMechanismHandler(); handler.initializeSASLMechanismHandler(null); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("invalid", newArrayList("testDoSASLBindAnonymousInvalidProperty")); try (Socket s = newSocket()) @@ -469,8 +425,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which ANONYMOUS * authentication is enabled in the server and the request includes the @@ -485,10 +439,10 @@ AnonymousSASLMechanismHandler handler = new AnonymousSASLMechanismHandler(); handler.initializeSASLMechanismHandler(null); ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); requestControls.add(new PasswordPolicyRequestControl()); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("trace", newArrayList("testDoSASLBindAnonymous")); try (Socket s = newSocket()) { @@ -499,15 +453,13 @@ handler.finalizeSASLMechanismHandler(); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which CRAM-MD5 * authentication is disabled in the server. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindCRAMMD5Disabled() throws Exception { @@ -530,8 +482,7 @@ DirectoryServer.getSASLMechanismHandler("CRAM-MD5"); DirectoryServer.deregisterSASLMechanismHandler("CRAM-MD5"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try @@ -544,8 +495,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which CRAM-MD5 * authentication is enabled in the server. @@ -571,61 +520,54 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); cramMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method using CRAM-MD5 for the case in * which an authID was provided that doesn't map to any user. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindCRAMMD5InvalidAuthID() throws Exception { TestCaseUtils.initializeTestBackend(true); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); cramMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method using CRAM-MD5 for the case in * which an empty authID was provided. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindCRAMMD5EmptyAuthID() throws Exception { TestCaseUtils.initializeTestBackend(true); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("")); cramMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method using CRAM-MD5 for the case in * which the provided password was incorrect. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindCRAMMD5InvalidPassword() throws Exception { @@ -644,8 +586,7 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) @@ -655,15 +596,13 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method using CRAM-MD5 for the case in * which the specified user doesn't have a reversible password. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindCRAMMD5NoReversiblePassword() throws Exception { @@ -680,61 +619,55 @@ "cn: Test User", "userPassword: password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); cramMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method using CRAM-MD5 for the case in * which the provided SASL properties were null. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindCRAMMD5NullProperties() throws Exception { LinkedHashMap<String,List<String>> saslProperties = null; Map<String, List<String>> saslProperties = null; cramMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method using CRAM-MD5 for the case in * which the provided SASL properties were empty. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindCRAMMD5EmptyProperties() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); cramMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method using CRAM-MD5 for the case in * which multiple authID values were provided * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindCRAMMD5MultipleAuthIDs() throws Exception { TestCaseUtils.initializeTestBackend(true); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test", "u:test.user")); cramMd5SaslBind(saslProperties); @@ -746,21 +679,19 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindCRAMMD5InvalidSASLProperty() throws Exception { TestCaseUtils.initializeTestBackend(true); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("invalid", newArrayList("foo")); cramMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which CRAM-MD5 * authentication is enabled in the server and the password policy request @@ -787,11 +718,10 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); requestControls.add(new PasswordPolicyRequestControl()); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) { @@ -802,15 +732,13 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which DIGEST-MD5 * authentication is disabled in the server. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindDigestMD5Disabled() throws Exception { @@ -829,13 +757,11 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); SASLMechanismHandler<?> digestMD5Handler = DirectoryServer.getSASLMechanismHandler("DIGEST-MD5"); DirectoryServer.deregisterSASLMechanismHandler("DIGEST-MD5"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test")); @@ -850,8 +776,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which DIGEST-MD5 * authentication is enabled in the server. @@ -877,8 +801,7 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) @@ -888,8 +811,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which DIGEST-MD5 * authentication is enabled in the server and an authz ID was provided. @@ -915,8 +836,7 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) @@ -926,119 +846,104 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties are <CODE>null</CODE>. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5NullProperties() throws Exception { LinkedHashMap<String,List<String>> saslProperties = null; Map<String, List<String>> saslProperties = null; digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties are empty. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5EmptyProperties() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain an invalid property. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5InvalidProperty() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("invalid", newArrayList("foo")); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain multiple values for the authID property. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5MultipleAuthIDs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); ArrayList<String> propList = newArrayList("dn:uid=test.user,o=test"); List<String> propList = newArrayList("dn:uid=test.user,o=test"); propList.add("u:test.user"); saslProperties.put("authid", propList); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain an empty authID. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5MEmptyAuthID() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("")); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain multiple values for the realm property. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5MultipleRealms() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test", "dc=example,dc=com")); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain a valid quality of protection. @@ -1064,8 +969,7 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("qop", newArrayList("auth")); @@ -1083,11 +987,11 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5UnsupportedQoPAuthInt() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test")); saslProperties.put("qop", newArrayList("auth-int")); @@ -1095,8 +999,6 @@ digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain the unsupported confidentiality quality @@ -1104,11 +1006,11 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5UnsupportedQoPAuthConf() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test")); saslProperties.put("qop", newArrayList("auth-conf")); @@ -1116,19 +1018,17 @@ digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain an invalid quality of protection. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5InvalidQoP() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test")); saslProperties.put("qop", newArrayList("invalid")); @@ -1136,18 +1036,17 @@ digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain multiple quality of protection values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5MultipleQoPs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test")); saslProperties.put("qop", newArrayList("auth", "auth-int", "auth-conf")); @@ -1155,19 +1054,17 @@ digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain multiple digest URIs. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5MultipleDigestURIs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test")); saslProperties.put("digest-uri", newArrayList("ldap/value1", "ldap/value2")); @@ -1175,18 +1072,17 @@ digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain multiple authorization IDs. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindDigestMD5MultipleAuthzIDs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("realm", newArrayList("o=test")); saslProperties.put("authzid", newArrayList("dn:uid=test.user,o=test", "u:test.user")); @@ -1194,55 +1090,49 @@ digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain an invalid auth ID in the DN form. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindDigestMD5InvalidAuthDN() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:invalid")); saslProperties.put("realm", newArrayList("o=test")); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the * DIGEST-MD5 SASL properties contain an auth ID that doesn't map to any user. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindDigestMD5NonExistentAuthID() throws Exception { TestCaseUtils.initializeTestBackend(true); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:nosuchuser")); saslProperties.put("realm", newArrayList("o=test")); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which an invalid * password was provided. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindDigestMD5InvalidPassword() throws Exception { @@ -1261,8 +1151,7 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:nosuchuser")); saslProperties.put("realm", newArrayList("o=test")); @@ -1273,15 +1162,13 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the target * user does not have a reversible password. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindDigestMD5NoReversiblePassword() throws Exception { @@ -1298,16 +1185,13 @@ "cn: Test User", "userPassword: password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:nosuchuser")); saslProperties.put("realm", newArrayList("o=test")); digestMd5SaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which DIGEST-MD5 * authentication is enabled in the server and the password policy request @@ -1334,11 +1218,10 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); requestControls.add(new PasswordPolicyRequestControl()); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) @@ -1349,15 +1232,13 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which EXTERNAL * authentication is not enabled in the server. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindExternalDisabled() throws Exception { @@ -1373,24 +1254,20 @@ "sn: User", "cn: Test User"); SASLMechanismHandler<?> externalHandler = DirectoryServer.getSASLMechanismHandler("EXTERNAL"); DirectoryServer.deregisterSASLMechanismHandler("EXTERNAL"); String keyStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.keystore"; String trustStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.truststore"; SSLConnectionFactory factory = new SSLConnectionFactory(); factory.init(false, keyStorePath, "password", "client-cert", trustStorePath, "password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); try (Socket s = factory.createSocket("127.0.0.1", TestCaseUtils.getServerLdapsPort())) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -1402,8 +1279,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which EXTERNAL * authentication is enabled in the server. @@ -1426,35 +1301,30 @@ "sn: User", "cn: Test User"); String keyStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.keystore"; String trustStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.truststore"; SSLConnectionFactory factory = new SSLConnectionFactory(); factory.init(false, keyStorePath, "password", "client-cert", trustStorePath, "password"); try (Socket s = factory.createSocket("127.0.0.1", TestCaseUtils.getServerLdapsPort())) { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); doSASLBind("EXTERNAL", null, authHandler, saslProperties); } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in the EXTERNAL SASL * properties were not empty. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindExternalInvalidProperties() throws Exception { @@ -1470,27 +1340,23 @@ "sn: User", "cn: Test User"); SASLMechanismHandler<?> externalHandler = DirectoryServer.getSASLMechanismHandler("EXTERNAL"); DirectoryServer.deregisterSASLMechanismHandler("EXTERNAL"); String keyStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.keystore"; String trustStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.truststore"; SSLConnectionFactory factory = new SSLConnectionFactory(); factory.init(false, keyStorePath, "password", "client-cert", trustStorePath, "password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("invalid", newArrayList("foo")); try (Socket s = factory.createSocket("127.0.0.1", TestCaseUtils.getServerLdapsPort());) try (Socket s = factory.createSocket("127.0.0.1", TestCaseUtils.getServerLdapsPort())) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); doSASLBind("EXTERNAL", null, authHandler, saslProperties); @@ -1524,22 +1390,19 @@ "sn: User", "cn: Test User"); String keyStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.keystore"; String trustStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.truststore"; SSLConnectionFactory factory = new SSLConnectionFactory(); factory.init(false, keyStorePath, "password", "client-cert", trustStorePath, "password"); ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); requestControls.add(new PasswordPolicyRequestControl()); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); try (Socket s = factory.createSocket("127.0.0.1", TestCaseUtils.getServerLdapsPort())) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -1548,36 +1411,32 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties list was null. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPINullProperties() throws Exception { LinkedHashMap<String,List<String>> saslProperties = null; Map<String, List<String>> saslProperties = null; gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties list was empty. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIEmptyProperties() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); gssapiSaslBind(saslProperties); } @@ -1641,7 +1500,7 @@ } } private void cramMd5SaslBind(LinkedHashMap<String, List<String>> saslProperties) throws Exception private void cramMd5SaslBind(Map<String, List<String>> saslProperties) throws Exception { try (Socket s = newSocket()) { @@ -1649,7 +1508,7 @@ } } private void digestMd5SaslBind(LinkedHashMap<String, List<String>> saslProperties) throws Exception private void digestMd5SaslBind(Map<String, List<String>> saslProperties) throws Exception { try (Socket s = newSocket()) { @@ -1657,7 +1516,7 @@ } } private void gssapiSaslBind(LinkedHashMap<String, List<String>> saslProperties) throws Exception private void gssapiSaslBind(Map<String, List<String>> saslProperties) throws Exception { try (Socket s = newSocket()) { @@ -1671,93 +1530,83 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIEmptyAuthID() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has multiple authID values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIMultipleAuthIDs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user", "dn:uid=test.user,o=test")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has multiple authzID values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIMultipleAuthzIDs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("authzid", newArrayList("u:test.user", "dn:uid=test.user,o=test")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has multiple KDC values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIMultipleKDCs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("kdc", newArrayList("kdc1", "kdc2")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has multiple quality of protection values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIMultipleQoPs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("qop", newArrayList("auth", "auth-int", "auth-conf")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has an unsupported quality of protection value of @@ -1765,19 +1614,17 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIUnsupportedQoPAuthInt() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("qop", newArrayList("auth-int")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has an unsupported quality of protection value of @@ -1785,100 +1632,91 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIUnsupportedQoPAuthConf() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("qop", newArrayList("auth-conf")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has an invalid quality of protection value. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIInvalidQoP() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("qop", newArrayList("invalid")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has multiple realm values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIMultipleRealms() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("realm", newArrayList("realm1", "realm2")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties has an invalid property. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPIInvalidProperty() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("u:test.user")); saslProperties.put("invalid", newArrayList("foo")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for GSSAPI authentication when the * provided properties isn't empty but doesn't contain an auth ID. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindGSSAPINoAuthID() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("qop", newArrayList("auth")); gssapiSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which PLAIN * authentication is disabled in the server. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindPlainDisabled() throws Exception { @@ -1895,13 +1733,11 @@ "cn: Test User", "userPassword: password"); SASLMechanismHandler<?> plainHandler = DirectoryServer.getSASLMechanismHandler("PLAIN"); DirectoryServer.deregisterSASLMechanismHandler("PLAIN"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) @@ -1915,8 +1751,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which PLAIN * authentication is enabled in the server. @@ -1940,8 +1774,7 @@ "cn: Test User", "userPassword: password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) { @@ -1950,53 +1783,47 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the PLAIN * SASL properties are null. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindPlainNullProperties() throws Exception { LinkedHashMap<String,List<String>> saslProperties = null; Map<String, List<String>> saslProperties = null; plainSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the PLAIN * SASL properties are empty. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindPlainEmptyProperties() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); plainSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the PLAIN * SASL properties have multiple auth ID values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindPlainMultipleAuthIDs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test", "u:test.user")); plainSaslBind(saslProperties); @@ -2008,90 +1835,81 @@ * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindPlainZeroLengthAuthID() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("")); plainSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the PLAIN * SASL properties have multiple authzID values. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindPlainMultipleAuthzIDs() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("authzid", newArrayList("dn:uid=test.user,o=test", "u:test.user")); plainSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the PLAIN * SASL properties contains an invalid property. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindPlainInvalidProperty() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); saslProperties.put("invalid", newArrayList("foo")); plainSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which the PLAIN * SASL properties does not contain an auth ID. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { ClientException.class }) @Test(expectedExceptions = ClientException.class) public void testDoSASLBindPlainNoAuthID() throws Exception { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authzid", newArrayList("dn:uid=test.user,o=test")); plainSaslBind(saslProperties); } /** * Tests the <CODE>doSASLBind</CODE> method for PLAIN authentication in which * the target user does not exist in the server. * * @throws Exception If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindPlainNonExistentUser() throws Exception { TestCaseUtils.initializeTestBackend(true); try (Socket s = newSocket()) { LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=does.not.exist,o=test")); plain(newLDAPAuthenticationHandler(s, "localhost"), saslProperties); @@ -2105,7 +1923,7 @@ * @throws Exception * If an unexpected problem occurs. */ @Test(expectedExceptions = { LDAPException.class }) @Test(expectedExceptions = LDAPException.class) public void testDoSASLBindPlainWrongPassword() throws Exception { @@ -2122,8 +1940,7 @@ "cn: Test User", "userPassword: password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=does.not.exist,o=test")); try (Socket s = newSocket()) { @@ -2132,8 +1949,6 @@ } } /** * Tests the <CODE>doSASLBind</CODE> method for the case in which PLAIN * authentication is enabled in the server and the password policy request @@ -2158,11 +1973,10 @@ "cn: Test User", "userPassword: password"); ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); requestControls.add(new PasswordPolicyRequestControl()); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) { @@ -2172,8 +1986,6 @@ } } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for an * unauthenticated client connection. @@ -2191,8 +2003,6 @@ } } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for a a client * connection after a simple anonymous bind. @@ -2203,8 +2013,8 @@ public void testRequestAuthorizationIdentitySimpleAnonymous() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { @@ -2224,8 +2034,8 @@ public void testRequestAuthorizationIdentitySimpleRootUser() throws Exception { ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -2235,8 +2045,6 @@ } } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for a a client * connection after a simple bind as a normal user. @@ -2260,9 +2068,8 @@ "cn: Test User", "userPassword: password"); ArrayList<Control> requestControls = new ArrayList<>(); ArrayList<Control> responseControls = new ArrayList<>(); List<Control> requestControls = new ArrayList<>(); List<Control> responseControls = new ArrayList<>(); try (Socket s = newSocket()) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -2272,8 +2079,6 @@ } } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for a a client * connection after a SASL ANONYMOUS bind. @@ -2287,7 +2092,7 @@ AnonymousSASLMechanismHandler handler = new AnonymousSASLMechanismHandler(); handler.initializeSASLMechanismHandler(null); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("trace", newArrayList("testDoSASLBindAnonymous")); try (Socket s = newSocket()) { @@ -2298,8 +2103,6 @@ handler.finalizeSASLMechanismHandler(); } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for a a client * connection after a CRAM-MD5 bind. @@ -2325,8 +2128,7 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) { @@ -2336,8 +2138,6 @@ } } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for a a client * connection after a DIGEST-MD5 bind. @@ -2363,8 +2163,7 @@ "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," + "cn=Password Policies,cn=config"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) @@ -2375,8 +2174,6 @@ } } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for a a client * connection after an EXTERNAL bind. @@ -2399,19 +2196,16 @@ "sn: User", "cn: Test User"); String keyStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.keystore"; String trustStorePath = DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "client.truststore"; SSLConnectionFactory factory = new SSLConnectionFactory(); factory.init(false, keyStorePath, "password", "client-cert", trustStorePath, "password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); try (Socket s = factory.createSocket("127.0.0.1", TestCaseUtils.getServerLdapsPort())) { LDAPAuthenticationHandler authHandler = newLDAPAuthenticationHandler(s, "localhost"); @@ -2420,8 +2214,6 @@ } } /** * Tests the <CODE>requestAuthorizationIdentity</CODE> method for a a client * connection after a PLAIN bind. @@ -2445,8 +2237,7 @@ "cn: Test User", "userPassword: password"); LinkedHashMap<String, List<String>> saslProperties = new LinkedHashMap<>(); Map<String, List<String>> saslProperties = new LinkedHashMap<>(); saslProperties.put("authid", newArrayList("dn:uid=test.user,o=test")); try (Socket s = newSocket()) {
