mindol1004/spring-boot-rest
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #11408 from synaptrec/BAEL-4451_LDAP_Authentication_using_Pure_Java

Browse Source 
For 3rd PR (POM fixed) - [BAEL-4451] LDAP Authentication using Pure Java
This commit is contained in:
doodoroma
2021-11-04 17:18:52 +01:00
committed by GitHub
parent af10e5a4f6 1ae5a533b4
commit 90ec13be53
4 changed files with 211 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
core-java-modules/core-java-jndi/pom.xml
View File

@@ -41,6 +41,18 @@
<artifactId>h2</artifactId>
<version>${h2.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-test-framework</artifactId>
<version>${apacheds.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
<version>3.21.0</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
@@ -59,6 +71,7 @@
<properties>
<spring.version>5.0.9.RELEASE</spring.version>
<h2.version>1.4.199</h2.version>
<apacheds.version>2.0.0.AM26</apacheds.version>
<source.version>1.8</source.version>
<target.version>1.8</target.version>
</properties>

165
core-java-modules/core-java-jndi/src/test/java/com/baeldung/jndi/ldap/auth/JndiLdapAuthManualTest.java Normal file
View File

@@ -0,0 +1,165 @@
package com.baeldung.jndi.ldap.auth;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatCode;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifFiles;
import org.apache.directory.server.core.annotations.CreateDS;
import org.apache.directory.server.core.annotations.CreatePartition;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.junit.Test;
import org.junit.runner.RunWith;
@RunWith(FrameworkRunner.class)
@CreateLdapServer(transports = { @CreateTransport(protocol = "LDAP", address = "localhost", port = 10390)})
@CreateDS(
allowAnonAccess = false, partitions = {@CreatePartition(name = "TestPartition", suffix = "dc=baeldung,dc=com")})
@ApplyLdifFiles({"users.ldif"})
// class marked as manual test, as it has to run independently from the other unit tests in the module
public class JndiLdapAuthManualTest extends AbstractLdapTestUnit {
private static void authenticateUser(Hashtable<String, String> environment) throws Exception {
DirContext context = new InitialDirContext(environment);
context.close();
}
@Test
public void givenPreloadedLDAPUserJoe_whenAuthUserWithCorrectPW_thenAuthSucceeds() throws Exception {
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, "ldap://localhost:10390");
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, "cn=Joe Simms,ou=Users,dc=baeldung,dc=com");
environment.put(Context.SECURITY_CREDENTIALS, "12345");
assertThatCode(() -> authenticateUser(environment)).doesNotThrowAnyException();
}
@Test
public void givenPreloadedLDAPUserJoe_whenAuthUserWithWrongPW_thenAuthFails() throws Exception {
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, "ldap://localhost:10390");
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, "cn=Joe Simms,ou=Users,dc=baeldung,dc=com");
environment.put(Context.SECURITY_CREDENTIALS, "wronguserpw");
assertThatExceptionOfType(AuthenticationException.class).isThrownBy(() -> authenticateUser(environment));
}
@Test
public void givenPreloadedLDAPUserJoe_whenSearchAndAuthUserWithCorrectPW_thenAuthSucceeds() throws Exception {
// first authenticate against LDAP as admin to search up DN of user : Joe Simms
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, "ldap://localhost:10390");
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
environment.put(Context.SECURITY_CREDENTIALS, "secret");
DirContext adminContext = new InitialDirContext(environment);
// define the search filter to find the person with CN : Joe Simms
String filter = "(&(objectClass=person)(cn=Joe Simms))";
// declare the attributes we want returned for the object being searched
String[] attrIDs = { "cn" };
// define the search controls
SearchControls searchControls = new SearchControls();
searchControls.setReturningAttributes(attrIDs);
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// search for User with filter cn=Joe Simms
NamingEnumeration<SearchResult> searchResults = adminContext.search("dc=baeldung,dc=com", filter, searchControls);
if (searchResults.hasMore()) {
SearchResult result = (SearchResult) searchResults.next();
Attributes attrs = result.getAttributes();
String distinguishedName = result.getNameInNamespace();
assertThat(distinguishedName).isEqualTo("cn=Joe Simms,ou=Users,dc=baeldung,dc=com");
String commonName = attrs.get("cn").toString();
assertThat(commonName).isEqualTo("cn: Joe Simms");
// authenticate new context with DN for user Joe Simms, using correct password
environment.put(Context.SECURITY_PRINCIPAL, distinguishedName);
environment.put(Context.SECURITY_CREDENTIALS, "12345");
assertThatCode(() -> authenticateUser(environment)).doesNotThrowAnyException();
}
adminContext.close();
}
@Test
public void givenPreloadedLDAPUserJoe_whenSearchAndAuthUserWithWrongPW_thenAuthFails() throws Exception {
// first authenticate against LDAP as admin to search up DN of user : Joe Simms
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, "ldap://localhost:10390");
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
environment.put(Context.SECURITY_CREDENTIALS, "secret");
DirContext adminContext = new InitialDirContext(environment);
// define the search filter to find the person with CN : Joe Simms
String filter = "(&(objectClass=person)(cn=Joe Simms))";
// declare the attributes we want returned for the object being searched
String[] attrIDs = { "cn" };
// define the search controls
SearchControls searchControls = new SearchControls();
searchControls.setReturningAttributes(attrIDs);
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// search for User with filter cn=Joe Simms
NamingEnumeration<SearchResult> searchResults = adminContext.search("dc=baeldung,dc=com", filter, searchControls);
if (searchResults.hasMore()) {
SearchResult result = (SearchResult) searchResults.next();
Attributes attrs = result.getAttributes();
String distinguishedName = result.getNameInNamespace();
assertThat(distinguishedName).isEqualTo("cn=Joe Simms,ou=Users,dc=baeldung,dc=com");
String commonName = attrs.get("cn").toString();
assertThat(commonName).isEqualTo("cn: Joe Simms");
// authenticate new context with DN for user Joe Simms, using wrong password
environment.put(Context.SECURITY_PRINCIPAL, distinguishedName);
environment.put(Context.SECURITY_CREDENTIALS, "wronguserpassword");
assertThatExceptionOfType(AuthenticationException.class).isThrownBy(() -> authenticateUser(environment));
}
adminContext.close();
}
}

13
core-java-modules/core-java-jndi/src/test/resources/logback.xml Normal file
View File

@@ -0,0 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
</pattern>
</encoder>
</appender>
<root level="WARN">
<appender-ref ref="STDOUT" />
</root>
</configuration>

20
core-java-modules/core-java-jndi/src/test/resources/users.ldif Normal file
View File

@@ -0,0 +1,20 @@
version: 1
dn: dc=baeldung,dc=com
objectClass: domain
objectClass: top
dc: baeldung
dn: ou=Users,dc=baeldung,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Users
dn: cn=Joe Simms,ou=Users,dc=baeldung,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Joe Simms
sn: Simms
uid: user1
userPassword: 12345