add explicit binding (#735)

* add explicit binding

* fixup building on windows

* reactivate unit test

---------

Co-authored-by: Enrice <erich.mauerboeck@ergo-versicherung.at>
This commit is contained in:
Erich Mauerböck 2023-11-10 20:58:11 +01:00 committed by GitHub
parent 80454afc0d
commit 45e00ac93d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 187 additions and 144 deletions

View File

@ -119,7 +119,12 @@
<dependency> <dependency>
<groupId>org.apache.directory.api</groupId> <groupId>org.apache.directory.api</groupId>
<artifactId>api-all</artifactId> <artifactId>api-ldap-client-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-codec-standalone</artifactId>
</dependency> </dependency>
<!-- Only there to read old index and rebuild them --> <!-- Only there to read old index and rebuild them -->

View File

@ -62,6 +62,7 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
if (ldapConnection == null) { if (ldapConnection == null) {
return null; return null;
} }
ldapConnection.bind();
EntryCursor cursor = ldapConnection.search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN), EntryCursor cursor = ldapConnection.search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
ConfigUtil.getConfigStringValue(ConfigType.LDAP_FILTER).replace("USERNAME", username), SearchScope.SUBTREE); ConfigUtil.getConfigStringValue(ConfigType.LDAP_FILTER).replace("USERNAME", username), SearchScope.SUBTREE);

View File

@ -129,6 +129,12 @@
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-all</artifactId>
<scope>test</scope>
</dependency>
</dependencies> </dependencies>
<build> <build>
@ -182,7 +188,7 @@
</systemProperties> </systemProperties>
<webApp> <webApp>
<contextPath>/docs-web</contextPath> <contextPath>/docs-web</contextPath>
<overrideDescriptor>src/dev/main/webapp/web-override.xml</overrideDescriptor> <overrideDescriptor>${project.basedir}/src/dev/main/webapp/web-override.xml</overrideDescriptor>
</webApp> </webApp>
</configuration> </configuration>
</plugin> </plugin>
@ -260,8 +266,8 @@
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId> <artifactId>maven-war-plugin</artifactId>
<configuration> <configuration>
<warSourceDirectory>${basedir}/src/main/webapp/dist</warSourceDirectory> <warSourceDirectory>${project.basedir}/src/main/webapp/dist</warSourceDirectory>
<webXml>src\main\webapp\WEB-INF\web.xml</webXml> <webXml>src/main/webapp/WEB-INF/web.xml</webXml>
</configuration> </configuration>
</plugin> </plugin>
</plugins> </plugins>

View File

@ -1,19 +1,30 @@
package com.sismics.docs.rest; package com.sismics.docs.rest;
import java.io.File;
import com.google.common.io.Resources;
import com.icegreen.greenmail.util.GreenMail; import com.icegreen.greenmail.util.GreenMail;
import com.icegreen.greenmail.util.GreenMailUtil; import com.icegreen.greenmail.util.GreenMailUtil;
import com.icegreen.greenmail.util.ServerSetup; import com.icegreen.greenmail.util.ServerSetup;
import com.sismics.docs.core.model.context.AppContext; import com.sismics.docs.core.model.context.AppContext;
import com.sismics.util.filter.TokenBasedSecurityFilter; import com.sismics.util.filter.TokenBasedSecurityFilter;
import org.junit.Assert;
import org.junit.Test;
import jakarta.json.JsonArray; import jakarta.json.JsonArray;
import jakarta.json.JsonObject; import jakarta.json.JsonObject;
import jakarta.ws.rs.client.Entity; import jakarta.ws.rs.client.Entity;
import jakarta.ws.rs.core.Form; import jakarta.ws.rs.core.Form;
import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.Response.Status; import jakarta.ws.rs.core.Response.Status;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.server.core.api.DirectoryService;
import org.apache.directory.server.core.api.partition.Partition;
import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory;
import org.apache.directory.server.core.factory.DirectoryServiceFactory;
import org.apache.directory.server.core.partition.impl.avl.AvlPartition;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
import org.junit.Assert;
import org.junit.Test;
/** /**
@ -340,89 +351,90 @@ public class TestAppResource extends BaseJerseyTest {
*/ */
@Test @Test
public void testLdapAuthentication() throws Exception { public void testLdapAuthentication() throws Exception {
// // Start LDAP server // Start LDAP server
// final DirectoryServiceFactory factory = new DefaultDirectoryServiceFactory(); final DirectoryServiceFactory factory = new DefaultDirectoryServiceFactory();
// factory.init("Test"); factory.init("Test");
//
// final DirectoryService directoryService = factory.getDirectoryService(); final DirectoryService directoryService = factory.getDirectoryService();
// directoryService.getChangeLog().setEnabled(false); directoryService.getChangeLog().setEnabled(false);
// directoryService.setShutdownHookEnabled(true); directoryService.setShutdownHookEnabled(true);
//
// final Partition partition = new AvlPartition(directoryService.getSchemaManager()); final Partition partition = new AvlPartition(directoryService.getSchemaManager());
// partition.setId("Test"); partition.setId("Test");
// partition.setSuffixDn(new Dn(directoryService.getSchemaManager(), "o=TEST")); partition.setSuffixDn(new Dn(directoryService.getSchemaManager(), "o=TEST"));
// partition.initialize(); partition.initialize();
// directoryService.addPartition(partition); directoryService.addPartition(partition);
//
// final LdapServer ldapServer = new LdapServer(); final LdapServer ldapServer = new LdapServer();
// ldapServer.setTransports(new TcpTransport("localhost", 11389)); ldapServer.setTransports(new TcpTransport("localhost", 11389));
// ldapServer.setDirectoryService(directoryService); ldapServer.setDirectoryService(directoryService);
//
// directoryService.startup(); directoryService.startup();
// ldapServer.start(); ldapServer.start();
//
// // Load test data in LDAP // Load test data in LDAP
// new LdifFileLoader(directoryService.getAdminSession(), new File(Resources.getResource("test.ldif").getFile()), null).execute(); new LdifFileLoader(directoryService.getAdminSession(), new File(Resources.getResource("test.ldif").getFile()), null).execute();
//
// // Login admin // Login admin
// String adminToken = adminToken(); String adminToken = adminToken();
//
// // Get the LDAP configuration // Get the LDAP configuration
// JsonObject json = target().path("/app/config_ldap").request() JsonObject json = target().path("/app/config_ldap").request()
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
// .get(JsonObject.class); .get(JsonObject.class);
// Assert.assertFalse(json.getBoolean("enabled")); Assert.assertFalse(json.getBoolean("enabled"));
//
// // Change LDAP configuration // Change LDAP configuration
// target().path("/app/config_ldap").request() target().path("/app/config_ldap").request()
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
// .post(Entity.form(new Form() .post(Entity.form(new Form()
// .param("enabled", "true") .param("enabled", "true")
// .param("host", "localhost") .param("host", "localhost")
// .param("port", "11389") .param("port", "11389")
// .param("admin_dn", "uid=admin,ou=system") .param("usessl", "false")
// .param("admin_password", "secret") .param("admin_dn", "uid=admin,ou=system")
// .param("base_dn", "o=TEST") .param("admin_password", "secret")
// .param("filter", "(&(objectclass=inetOrgPerson)(uid=USERNAME))") .param("base_dn", "o=TEST")
// .param("default_email", "devnull@teedy.io") .param("filter", "(&(objectclass=inetOrgPerson)(uid=USERNAME))")
// .param("default_storage", "100000000") .param("default_email", "devnull@teedy.io")
// ), JsonObject.class); .param("default_storage", "100000000")
// ), JsonObject.class);
// // Get the LDAP configuration
// json = target().path("/app/config_ldap").request() // Get the LDAP configuration
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken) json = target().path("/app/config_ldap").request()
// .get(JsonObject.class); .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
// Assert.assertTrue(json.getBoolean("enabled")); .get(JsonObject.class);
// Assert.assertEquals("localhost", json.getString("host")); Assert.assertTrue(json.getBoolean("enabled"));
// Assert.assertEquals(11389, json.getJsonNumber("port").intValue()); Assert.assertEquals("localhost", json.getString("host"));
// Assert.assertEquals("uid=admin,ou=system", json.getString("admin_dn")); Assert.assertEquals(11389, json.getJsonNumber("port").intValue());
// Assert.assertEquals("secret", json.getString("admin_password")); Assert.assertEquals("uid=admin,ou=system", json.getString("admin_dn"));
// Assert.assertEquals("o=TEST", json.getString("base_dn")); Assert.assertEquals("secret", json.getString("admin_password"));
// Assert.assertEquals("(&(objectclass=inetOrgPerson)(uid=USERNAME))", json.getString("filter")); Assert.assertEquals("o=TEST", json.getString("base_dn"));
// Assert.assertEquals("devnull@teedy.io", json.getString("default_email")); Assert.assertEquals("(&(objectclass=inetOrgPerson)(uid=USERNAME))", json.getString("filter"));
// Assert.assertEquals(100000000L, json.getJsonNumber("default_storage").longValue()); Assert.assertEquals("devnull@teedy.io", json.getString("default_email"));
// Assert.assertEquals(100000000L, json.getJsonNumber("default_storage").longValue());
// // Login with a LDAP user
// String ldapTopen = clientUtil.login("ldap1", "secret", false); // Login with a LDAP user
// String ldapTopen = clientUtil.login("ldap1", "secret", false);
// // Check user informations
// json = target().path("/user").request() // Check user informations
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen) json = target().path("/user").request()
// .get(JsonObject.class); .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
// Assert.assertEquals("ldap1@teedy.io", json.getString("email")); .get(JsonObject.class);
// Assert.assertEquals("ldap1@teedy.io", json.getString("email"));
// // List all documents
// json = target().path("/document/list") // List all documents
// .queryParam("sort_column", 3) json = target().path("/document/list")
// .queryParam("asc", true) .queryParam("sort_column", 3)
// .request() .queryParam("asc", true)
// .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen) .request()
// .get(JsonObject.class); .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
// JsonArray documents = json.getJsonArray("documents"); .get(JsonObject.class);
// Assert.assertEquals(0, documents.size()); JsonArray documents = json.getJsonArray("documents");
// Assert.assertEquals(0, documents.size());
// // Stop LDAP server
// ldapServer.stop(); // Stop LDAP server
// directoryService.shutdown(); ldapServer.stop();
directoryService.shutdown();
} }
} }

25
pom.xml
View File

@ -46,7 +46,8 @@
<com.icegreen.greenmail.version>1.6.14</com.icegreen.greenmail.version> <com.icegreen.greenmail.version>1.6.14</com.icegreen.greenmail.version>
<org.jsoup.jsoup.version>1.15.4</org.jsoup.jsoup.version> <org.jsoup.jsoup.version>1.15.4</org.jsoup.jsoup.version>
<com.squareup.okhttp3.okhttp.version>4.10.0</com.squareup.okhttp3.okhttp.version> <com.squareup.okhttp3.okhttp.version>4.10.0</com.squareup.okhttp3.okhttp.version>
<org.apache.directory.api.api-all.version>2.1.3</org.apache.directory.api.api-all.version> <org.apache.directory.api.version>2.1.3</org.apache.directory.api.version>
<org.apache.directory.server.apacheds-all.version>2.0.0.AM27</org.apache.directory.server.apacheds-all.version>
<org.glassfish.jersey.version>3.0.10</org.glassfish.jersey.version> <org.glassfish.jersey.version>3.0.10</org.glassfish.jersey.version>
<jakarta.servlet.jakarta.servlet-api.version>5.0.0</jakarta.servlet.jakarta.servlet-api.version> <jakarta.servlet.jakarta.servlet-api.version>5.0.0</jakarta.servlet.jakarta.servlet-api.version>
@ -436,8 +437,26 @@
<dependency> <dependency>
<groupId>org.apache.directory.api</groupId> <groupId>org.apache.directory.api</groupId>
<artifactId>api-all</artifactId> <artifactId>api-ldap-client-api</artifactId>
<version>${org.apache.directory.api.api-all.version}</version> <version>${org.apache.directory.api.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-schema-data</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-codec-standalone</artifactId>
<version>${org.apache.directory.api.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-all</artifactId>
<version>${org.apache.directory.server.apacheds-all.version}</version>
</dependency> </dependency>
<!-- ImageIO plugins --> <!-- ImageIO plugins -->