AmbariLdapAuthenticationProviderForDuplicateUserTest.java example

Explorer
ambari-master
- ambari-trunk
/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.ambari.server.security.authorization;

import java.util.Properties;

import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.orm.dao.UserDAO;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifFiles;
import org.apache.directory.server.core.annotations.ContextEntry;
import org.apache.directory.server.core.annotations.CreateDS;
import org.apache.directory.server.core.annotations.CreatePartition;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.easymock.EasyMockRule;
import org.easymock.Mock;
import org.easymock.MockType;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;

@RunWith(FrameworkRunner.class)
@CreateDS(allowAnonAccess = true,
  name = "AmbariLdapAuthenticationProviderForDuplicateUserTest",
  partitions = {
    @CreatePartition(name = "Root",
      suffix = "dc=apache,dc=org",
      contextEntry = @ContextEntry(
        entryLdif =
            "dn: dc=apache,dc=org\n" +
            "dc: apache\n" +
            "objectClass: top\n" +
            "objectClass: domain\n\n" +
            "dn: dc=ambari,dc=apache,dc=org\n" +
            "dc: ambari\n" +
            "objectClass: top\n" +
            "objectClass: domain\n\n"))
  })
@CreateLdapServer(allowAnonymousAccess = true,
  transports = {@CreateTransport(protocol = "LDAP")})
@ApplyLdifFiles("users_with_duplicate_uid.ldif")
public class AmbariLdapAuthenticationProviderForDuplicateUserTest extends AmbariLdapAuthenticationProviderBaseTest {

  @Rule
  public EasyMockRule mocks = new EasyMockRule(this);

  @Rule
  public ExpectedException expectedException = ExpectedException.none();

  @Mock(type = MockType.NICE)
  private AmbariLdapAuthoritiesPopulator authoritiesPopulator;

  @Mock(type = MockType.NICE)
  private UserDAO userDAO;

  private AmbariLdapAuthenticationProvider authenticationProvider;

  @Before
  public void setUp() {
    Properties properties = new Properties();
    properties.setProperty(Configuration.CLIENT_SECURITY.getKey(), "ldap");
    properties.setProperty(Configuration.SERVER_PERSISTENCE_TYPE.getKey(), "in-memory");
    properties.setProperty(Configuration.METADATA_DIR_PATH.getKey(),"src/test/resources/stacks");
    properties.setProperty(Configuration.SERVER_VERSION_FILE.getKey(),"src/test/resources/version");
    properties.setProperty(Configuration.OS_VERSION.getKey(),"centos5");
    properties.setProperty(Configuration.SHARED_RESOURCES_DIR.getKey(), "src/test/resources/");
    properties.setProperty(Configuration.LDAP_BASE_DN.getKey(), "dc=apache,dc=org");
    properties.setProperty(Configuration.LDAP_PRIMARY_URL.getKey(), "localhost:" + getLdapServer().getPort());

    Configuration configuration = new Configuration(properties);

    authenticationProvider = new AmbariLdapAuthenticationProvider(configuration, authoritiesPopulator, userDAO);
  }

  @Test
  public void testAuthenticateDuplicateUserAltUserSearchDisabled() throws Exception {
    // Given
    Authentication authentication = new UsernamePasswordAuthenticationToken("user_dup", "password");
    authenticationProvider.configuration.setProperty(Configuration.LDAP_ALT_USER_SEARCH_ENABLED.getKey(), "false");

    expectedException.expect(DuplicateLdapUserFoundAuthenticationException.class);
    expectedException.expectMessage("Login Failed: More than one user with that username found, please work with your Ambari Administrator to adjust your LDAP configuration");

    // When
    authenticationProvider.authenticate(authentication);

    // Then
    // DuplicateLdapUserFoundAuthenticationException should be thrown


  }

  @Test
  public void testAuthenticateDuplicateUserAltUserSearchEnabled() throws Exception {
    // Given
    Authentication authentication = new UsernamePasswordAuthenticationToken("user_dup", "password");
    authenticationProvider.configuration.setProperty(Configuration.LDAP_ALT_USER_SEARCH_ENABLED.getKey(), "true");

    expectedException.expect(DuplicateLdapUserFoundAuthenticationException.class);
    expectedException.expectMessage("Login Failed: Please append your domain to your username and try again.  Example: user_dup@domain");

    // When
    authenticationProvider.authenticate(authentication);

    // Then
    // DuplicateLdapUserFoundAuthenticationException should be thrown


  }
}