add explicit binding (#735)

* add explicit binding

* fixup building on windows

* reactivate unit test

---------

Co-authored-by: Enrice <erich.mauerboeck@ergo-versicherung.at>
This commit is contained in:
Erich Mauerböck 2023-11-10 20:58:11 +01:00 committed by GitHub
parent 80454afc0d
commit 45e00ac93d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 187 additions and 144 deletions

View File

@ -8,7 +8,7 @@
<version>1.12-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>docs-core</artifactId>
<packaging>jar</packaging>
@ -20,7 +20,7 @@
<groupId>org.hibernate.orm</groupId>
<artifactId>hibernate-core</artifactId>
</dependency>
<!-- Other external dependencies -->
<dependency>
<groupId>joda-time</groupId>
@ -31,12 +31,12 @@
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
@ -46,7 +46,7 @@
<groupId>org.apache.commons</groupId>
<artifactId>commons-email</artifactId>
</dependency>
<dependency>
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
@ -66,17 +66,17 @@
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
@ -86,17 +86,17 @@
<groupId>at.favre.lib</groupId>
<artifactId>bcrypt</artifactId>
</dependency>
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-core</artifactId>
</dependency>
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-analyzers-common</artifactId>
</dependency>
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-queryparser</artifactId>
@ -119,7 +119,12 @@
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-all</artifactId>
<artifactId>api-ldap-client-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-codec-standalone</artifactId>
</dependency>
<!-- Only there to read old index and rebuild them -->
@ -127,22 +132,22 @@
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-backward-codecs</artifactId>
</dependency>
<dependency>
<groupId>org.imgscalr</groupId>
<artifactId>imgscalr-lib</artifactId>
</dependency>
<dependency>
<groupId>org.apache.pdfbox</groupId>
<artifactId>pdfbox</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>fr.opensagres.xdocreport</groupId>
<artifactId>fr.opensagres.odfdom.converter.pdf</artifactId>
@ -186,14 +191,14 @@
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<profiles>
<!-- Development profile (active by default) -->
<profile>
@ -205,7 +210,7 @@
<value>dev</value>
</property>
</activation>
<build>
<resources>
<resource>
@ -221,7 +226,7 @@
<id>prod</id>
</profile>
</profiles>
<build>
<resources>
<resource>

View File

@ -62,6 +62,7 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
if (ldapConnection == null) {
return null;
}
ldapConnection.bind();
EntryCursor cursor = ldapConnection.search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
ConfigUtil.getConfigStringValue(ConfigType.LDAP_FILTER).replace("USERNAME", username), SearchScope.SUBTREE);

View File

@ -129,6 +129,12 @@
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-all</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
@ -182,7 +188,7 @@
</systemProperties>
<webApp>
<contextPath>/docs-web</contextPath>
<overrideDescriptor>src/dev/main/webapp/web-override.xml</overrideDescriptor>
<overrideDescriptor>${project.basedir}/src/dev/main/webapp/web-override.xml</overrideDescriptor>
</webApp>
</configuration>
</plugin>
@ -260,8 +266,8 @@
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<warSourceDirectory>${basedir}/src/main/webapp/dist</warSourceDirectory>
<webXml>src\main\webapp\WEB-INF\web.xml</webXml>
<warSourceDirectory>${project.basedir}/src/main/webapp/dist</warSourceDirectory>
<webXml>src/main/webapp/WEB-INF/web.xml</webXml>
</configuration>
</plugin>
</plugins>

View File

@ -1,19 +1,30 @@
package com.sismics.docs.rest;
import java.io.File;
import com.google.common.io.Resources;
import com.icegreen.greenmail.util.GreenMail;
import com.icegreen.greenmail.util.GreenMailUtil;
import com.icegreen.greenmail.util.ServerSetup;
import com.sismics.docs.core.model.context.AppContext;
import com.sismics.util.filter.TokenBasedSecurityFilter;
import org.junit.Assert;
import org.junit.Test;
import jakarta.json.JsonArray;
import jakarta.json.JsonObject;
import jakarta.ws.rs.client.Entity;
import jakarta.ws.rs.core.Form;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.Response.Status;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.server.core.api.DirectoryService;
import org.apache.directory.server.core.api.partition.Partition;
import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory;
import org.apache.directory.server.core.factory.DirectoryServiceFactory;
import org.apache.directory.server.core.partition.impl.avl.AvlPartition;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
import org.junit.Assert;
import org.junit.Test;
/**
@ -340,89 +351,90 @@ public class TestAppResource extends BaseJerseyTest {
*/
@Test
public void testLdapAuthentication() throws Exception {
// // Start LDAP server
// final DirectoryServiceFactory factory = new DefaultDirectoryServiceFactory();
// factory.init("Test");
//
// final DirectoryService directoryService = factory.getDirectoryService();
// directoryService.getChangeLog().setEnabled(false);
// directoryService.setShutdownHookEnabled(true);
//
// final Partition partition = new AvlPartition(directoryService.getSchemaManager());
// partition.setId("Test");
// partition.setSuffixDn(new Dn(directoryService.getSchemaManager(), "o=TEST"));
// partition.initialize();
// directoryService.addPartition(partition);
//
// final LdapServer ldapServer = new LdapServer();
// ldapServer.setTransports(new TcpTransport("localhost", 11389));
// ldapServer.setDirectoryService(directoryService);
//
// directoryService.startup();
// ldapServer.start();
//
// // Load test data in LDAP
// new LdifFileLoader(directoryService.getAdminSession(), new File(Resources.getResource("test.ldif").getFile()), null).execute();
//
// // Login admin
// String adminToken = adminToken();
//
// // Get the LDAP configuration
// JsonObject json = target().path("/app/config_ldap").request()
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
// .get(JsonObject.class);
// Assert.assertFalse(json.getBoolean("enabled"));
//
// // Change LDAP configuration
// target().path("/app/config_ldap").request()
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
// .post(Entity.form(new Form()
// .param("enabled", "true")
// .param("host", "localhost")
// .param("port", "11389")
// .param("admin_dn", "uid=admin,ou=system")
// .param("admin_password", "secret")
// .param("base_dn", "o=TEST")
// .param("filter", "(&(objectclass=inetOrgPerson)(uid=USERNAME))")
// .param("default_email", "devnull@teedy.io")
// .param("default_storage", "100000000")
// ), JsonObject.class);
//
// // Get the LDAP configuration
// json = target().path("/app/config_ldap").request()
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
// .get(JsonObject.class);
// Assert.assertTrue(json.getBoolean("enabled"));
// Assert.assertEquals("localhost", json.getString("host"));
// Assert.assertEquals(11389, json.getJsonNumber("port").intValue());
// Assert.assertEquals("uid=admin,ou=system", json.getString("admin_dn"));
// Assert.assertEquals("secret", json.getString("admin_password"));
// Assert.assertEquals("o=TEST", json.getString("base_dn"));
// Assert.assertEquals("(&(objectclass=inetOrgPerson)(uid=USERNAME))", json.getString("filter"));
// Assert.assertEquals("devnull@teedy.io", json.getString("default_email"));
// Assert.assertEquals(100000000L, json.getJsonNumber("default_storage").longValue());
//
// // Login with a LDAP user
// String ldapTopen = clientUtil.login("ldap1", "secret", false);
//
// // Check user informations
// json = target().path("/user").request()
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
// .get(JsonObject.class);
// Assert.assertEquals("ldap1@teedy.io", json.getString("email"));
//
// // List all documents
// json = target().path("/document/list")
// .queryParam("sort_column", 3)
// .queryParam("asc", true)
// .request()
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
// .get(JsonObject.class);
// JsonArray documents = json.getJsonArray("documents");
// Assert.assertEquals(0, documents.size());
//
// // Stop LDAP server
// ldapServer.stop();
// directoryService.shutdown();
// Start LDAP server
final DirectoryServiceFactory factory = new DefaultDirectoryServiceFactory();
factory.init("Test");
final DirectoryService directoryService = factory.getDirectoryService();
directoryService.getChangeLog().setEnabled(false);
directoryService.setShutdownHookEnabled(true);
final Partition partition = new AvlPartition(directoryService.getSchemaManager());
partition.setId("Test");
partition.setSuffixDn(new Dn(directoryService.getSchemaManager(), "o=TEST"));
partition.initialize();
directoryService.addPartition(partition);
final LdapServer ldapServer = new LdapServer();
ldapServer.setTransports(new TcpTransport("localhost", 11389));
ldapServer.setDirectoryService(directoryService);
directoryService.startup();
ldapServer.start();
// Load test data in LDAP
new LdifFileLoader(directoryService.getAdminSession(), new File(Resources.getResource("test.ldif").getFile()), null).execute();
// Login admin
String adminToken = adminToken();
// Get the LDAP configuration
JsonObject json = target().path("/app/config_ldap").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
Assert.assertFalse(json.getBoolean("enabled"));
// Change LDAP configuration
target().path("/app/config_ldap").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()
.param("enabled", "true")
.param("host", "localhost")
.param("port", "11389")
.param("usessl", "false")
.param("admin_dn", "uid=admin,ou=system")
.param("admin_password", "secret")
.param("base_dn", "o=TEST")
.param("filter", "(&(objectclass=inetOrgPerson)(uid=USERNAME))")
.param("default_email", "devnull@teedy.io")
.param("default_storage", "100000000")
), JsonObject.class);
// Get the LDAP configuration
json = target().path("/app/config_ldap").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
Assert.assertTrue(json.getBoolean("enabled"));
Assert.assertEquals("localhost", json.getString("host"));
Assert.assertEquals(11389, json.getJsonNumber("port").intValue());
Assert.assertEquals("uid=admin,ou=system", json.getString("admin_dn"));
Assert.assertEquals("secret", json.getString("admin_password"));
Assert.assertEquals("o=TEST", json.getString("base_dn"));
Assert.assertEquals("(&(objectclass=inetOrgPerson)(uid=USERNAME))", json.getString("filter"));
Assert.assertEquals("devnull@teedy.io", json.getString("default_email"));
Assert.assertEquals(100000000L, json.getJsonNumber("default_storage").longValue());
// Login with a LDAP user
String ldapTopen = clientUtil.login("ldap1", "secret", false);
// Check user informations
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
.get(JsonObject.class);
Assert.assertEquals("ldap1@teedy.io", json.getString("email"));
// List all documents
json = target().path("/document/list")
.queryParam("sort_column", 3)
.queryParam("asc", true)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
.get(JsonObject.class);
JsonArray documents = json.getJsonArray("documents");
Assert.assertEquals(0, documents.size());
// Stop LDAP server
ldapServer.stop();
directoryService.shutdown();
}
}

87
pom.xml
View File

@ -46,14 +46,15 @@
<com.icegreen.greenmail.version>1.6.14</com.icegreen.greenmail.version>
<org.jsoup.jsoup.version>1.15.4</org.jsoup.jsoup.version>
<com.squareup.okhttp3.okhttp.version>4.10.0</com.squareup.okhttp3.okhttp.version>
<org.apache.directory.api.api-all.version>2.1.3</org.apache.directory.api.api-all.version>
<org.apache.directory.api.version>2.1.3</org.apache.directory.api.version>
<org.apache.directory.server.apacheds-all.version>2.0.0.AM27</org.apache.directory.server.apacheds-all.version>
<org.glassfish.jersey.version>3.0.10</org.glassfish.jersey.version>
<jakarta.servlet.jakarta.servlet-api.version>5.0.0</jakarta.servlet.jakarta.servlet-api.version>
<org.eclipse.jetty.jetty-server.version>11.0.14</org.eclipse.jetty.jetty-server.version>
<org.eclipse.jetty.jetty-webapp.version>11.0.14</org.eclipse.jetty.jetty-webapp.version>
<org.eclipse.jetty.jetty-servlet.version>11.0.14</org.eclipse.jetty.jetty-servlet.version>
<!-- Plugins version -->
<org.apache.maven.plugins.maven-antrun-plugin.version>3.1.0</org.apache.maven.plugins.maven-antrun-plugin.version>
<org.apache.maven.plugins.maven-jar-plugin.version>3.3.0</org.apache.maven.plugins.maven-jar-plugin.version>
@ -61,7 +62,7 @@
<org.apache.maven.plugins.maven-surefire-plugin.version>3.0.0</org.apache.maven.plugins.maven-surefire-plugin.version>
<org.eclipse.jetty.jetty-maven-plugin.version>11.0.14</org.eclipse.jetty.jetty-maven-plugin.version>
</properties>
<scm>
<connection>scm:git:https://github.com/sismics/docs.git</connection>
<developerConnection>scm:git:https://github.com/docs/docs.git</developerConnection>
@ -93,7 +94,7 @@
<artifactId>maven-war-plugin</artifactId>
<version>${org.apache.maven.plugins.maven-war-plugin.version}</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
@ -109,7 +110,7 @@
<reuseForks>false</reuseForks>
</configuration>
</plugin>
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
@ -117,13 +118,13 @@
</plugin>
</plugins>
</build>
<modules>
<module>docs-core</module>
<module>docs-web-common</module>
<module>docs-web</module>
</modules>
<dependencyManagement>
<dependencies>
<dependency>
@ -131,38 +132,38 @@
<artifactId>docs-core</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>com.sismics.docs</groupId>
<artifactId>docs-web-common</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>com.sismics.docs</groupId>
<artifactId>docs-web-common</artifactId>
<type>test-jar</type>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>com.sismics.docs</groupId>
<artifactId>docs-web</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${org.eclipse.jetty.jetty-server.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-webapp</artifactId>
<version>${org.eclipse.jetty.jetty-webapp.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
@ -180,7 +181,7 @@
<artifactId>commons-compress</artifactId>
<version>${org.apache.commons.commons-compress.version}</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
@ -198,7 +199,7 @@
<artifactId>commons-email</artifactId>
<version>${org.apache.commons.commons-email.version}</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
@ -222,19 +223,19 @@
<artifactId>log4j</artifactId>
<version>${log4j.log4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${org.slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${org.slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
@ -264,7 +265,7 @@
<artifactId>jersey-container-servlet</artifactId>
<version>${org.glassfish.jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-json-processing</artifactId>
@ -276,7 +277,7 @@
<artifactId>jersey-media-multipart</artifactId>
<version>${org.glassfish.jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.inject</groupId>
<artifactId>jersey-hk2</artifactId>
@ -288,7 +289,7 @@
<artifactId>jersey-client</artifactId>
<version>${org.glassfish.jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.test-framework.providers</groupId>
<artifactId>jersey-test-framework-provider-bundle</artifactId>
@ -307,7 +308,7 @@
<artifactId>jersey-test-framework-provider-grizzly2</artifactId>
<version>${org.glassfish.jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-grizzly2-servlet</artifactId>
@ -331,7 +332,7 @@
<artifactId>hibernate-core</artifactId>
<version>${org.hibernate.hibernate.version}</version>
</dependency>
<dependency>
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
@ -349,25 +350,25 @@
<artifactId>lucene-core</artifactId>
<version>${org.apache.lucene.version}</version>
</dependency>
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-analyzers-common</artifactId>
<version>${org.apache.lucene.version}</version>
</dependency>
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-queryparser</artifactId>
<version>${org.apache.lucene.version}</version>
</dependency>
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-backward-codecs</artifactId>
<version>${org.apache.lucene.version}</version>
</dependency>
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-suggest</artifactId>
@ -385,25 +386,25 @@
<artifactId>imgscalr-lib</artifactId>
<version>${org.imgscalr.imgscalr-lib.version}</version>
</dependency>
<dependency>
<groupId>org.apache.pdfbox</groupId>
<artifactId>pdfbox</artifactId>
<version>${org.apache.pdfbox.pdfbox.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${org.bouncycastle.bcprov-jdk15on.version}</version>
</dependency>
<dependency>
<groupId>fr.opensagres.xdocreport</groupId>
<artifactId>fr.opensagres.odfdom.converter.pdf</artifactId>
<version>${fr.opensagres.xdocreport.version}</version>
</dependency>
<dependency>
<groupId>fr.opensagres.xdocreport</groupId>
<artifactId>fr.opensagres.poi.xwpf.converter.pdf</artifactId>
@ -436,8 +437,26 @@
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-all</artifactId>
<version>${org.apache.directory.api.api-all.version}</version>
<artifactId>api-ldap-client-api</artifactId>
<version>${org.apache.directory.api.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-schema-data</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-codec-standalone</artifactId>
<version>${org.apache.directory.api.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-all</artifactId>
<version>${org.apache.directory.server.apacheds-all.version}</version>
</dependency>
<!-- ImageIO plugins -->
@ -471,5 +490,5 @@
</dependencies>
</dependencyManagement>
</project>