FilterBasedLdapUserSearchTests.java

/*
 * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.security.ldap.search;

import static org.assertj.core.api.Assertions.assertThat;

import javax.naming.ldap.LdapName;

import org.junit.Test;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.ldap.AbstractLdapIntegrationTests;

/**
 * Tests for FilterBasedLdapUserSearch.
 *
 * @author Luke Taylor
 */
public class FilterBasedLdapUserSearchTests extends AbstractLdapIntegrationTests {

	@Test
	public void basicSearchSucceeds() throws Exception {
		FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
				"(uid={0})", getContextSource());
		locator.setSearchSubtree(false);
		locator.setSearchTimeLimit(0);
		locator.setDerefLinkFlag(false);

		DirContextOperations bob = locator.searchForUser("bob");
		assertThat(bob.getStringAttribute("uid")).isEqualTo("bob");

		assertThat(bob.getDn()).isEqualTo(new LdapName("uid=bob,ou=people"));
	}

	@Test
	public void searchForNameWithCommaSucceeds() throws Exception {
		FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
				"(uid={0})", getContextSource());
		locator.setSearchSubtree(false);

		DirContextOperations jerry = locator.searchForUser("jerry");
		assertThat(jerry.getStringAttribute("uid")).isEqualTo("jerry");

		assertThat(jerry.getDn()).isEqualTo(new LdapName("cn=mouse\\, jerry,ou=people"));
	}

	// Try some funny business with filters.
	@Test
	public void extraFilterPartToExcludeBob() throws Exception {
		FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch(
				"ou=people",
				"(&(cn=*)(!(|(uid={0})(uid=rod)(uid=jerry)(uid=slashguy)(uid=javadude)(uid=groovydude)(uid=closuredude)(uid=scaladude))))",
				getContextSource());

		// Search for bob, get back ben...
		DirContextOperations ben = locator.searchForUser("bob");
		assertThat(ben.getStringAttribute("cn")).isEqualTo("Ben Alex");
	}

	@Test(expected = IncorrectResultSizeDataAccessException.class)
	public void searchFailsOnMultipleMatches() {
		FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
				"(cn=*)", getContextSource());
		locator.searchForUser("Ignored");
	}

	@Test(expected = UsernameNotFoundException.class)
	public void searchForInvalidUserFails() {
		FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people",
				"(uid={0})", getContextSource());
		locator.searchForUser("Joe");
	}

	@Test
	public void subTreeSearchSucceeds() throws Exception {
		// Don't set the searchBase, so search from the root.
		FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("", "(cn={0})",
				getContextSource());
		locator.setSearchSubtree(true);

		DirContextOperations ben = locator.searchForUser("Ben Alex");
		assertThat(ben.getStringAttribute("uid")).isEqualTo("ben");

		assertThat(ben.getDn()).isEqualTo(new LdapName("uid=ben,ou=people"));
	}

	@Test
	public void searchWithDifferentSearchBaseIsSuccessful() throws Exception {
		FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch(
				"ou=otherpeople", "(cn={0})", getContextSource());
		DirContextOperations joe = locator.searchForUser("Joe Smeth");
		assertThat(joe.getStringAttribute("cn")).isEqualTo("Joe Smeth");
	}

}