diff --git a/projects/cadcAccessControl-Server/build.xml b/projects/cadcAccessControl-Server/build.xml
index 6f8dc7a662b3fc95e0a9a4c1c401868a507ccf83..13d624b3a918da1962e4f02a8224d1e3bfc798ff 100644
--- a/projects/cadcAccessControl-Server/build.xml
+++ b/projects/cadcAccessControl-Server/build.xml
@@ -113,16 +113,19 @@
</target>
<!-- JAR files needed to run the test suite -->
- <property name="json" value="${ext.lib}/json.jar"/>
- <property name="easyMock" value="${ext.dev}/easymock.jar"/>
- <property name="junit" value="${ext.dev}/junit.jar"/>
- <property name="xmlunit" value="${ext.dev}/xmlunit.jar"/>
- <property name="cglib" value="${ext.dev}/cglib.jar"/>
- <property name="objenesis" value="${ext.dev}/objenesis.jar"/>
- <property name="asm" value="${ext.dev}/asm.jar"/>
-
+ <property name="dev.junit" value="${ext.dev}/junit.jar"/>
+ <property name="dev.httpunit" value="${ext.dev}/httpunit.jar"/>
+ <property name="dev.easyMock" value="${ext.dev}/easymock.jar"/>
+ <property name="dev.objenesis" value="${ext.dev}/objenesis.jar"/>
+ <property name="dev.selenium.server"
+ value="${ext.dev}/selenium-server-standalone.jar" />
+ <property name="lib.js" value="${ext.lib}/js.jar"/>
+ <property name="lib.nekoHTML" value="${ext.lib}/nekohtml.jar"/>
+ <property name="lib.xerces" value="${ext.lib}/xerces.jar"/>
+ <property name="lib.commons-logging"
+ value="${ext.lib}/commons-logging.jar"/>
<property name="testingJars"
- value="${jars}:${json}:${easyMock}:${junit}:${xmlunit}:${cglib}:${asm}:${objenesis}"/>
+ value="${lib.commons-logging}:${dev.junit}:${dev.httpunit}:${dev.easyMock}:${dev.selenium.server}:${dev.objenesis}:${lib.js}:${lib.nekoHTML}:${lib.xerces}"/>
<target name="setup-test">
<echo>******************</echo>
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index 0d508a603479161aa3d3021484b4166877935eee..956661a42e45a71aa4b55e4fc1f3f3bfa2d2ebf0 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -268,7 +268,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
AddRequest addRequest = new AddRequest(userDN, attributes);
LDAPResult result = getConnection().add(addRequest);
LdapDAO.checkLdapResult(result.getResultCode());
-
+
// AD: Search results sometimes come incomplete if
// connection is not reset - not sure why.
getConnection().reconnect();
@@ -307,6 +307,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
return getUser(userID, config.getUsersDN());
}
+
+
/**
* Get the user specified by userID.
*
@@ -338,9 +340,12 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
new SearchRequest(usersDN, SearchScope.SUB,
searchField, userAttribs);
- searchRequest.addControl(
- new ProxiedAuthorizationV2RequestControl(
- "dn:" + getSubjectDN().toNormalizedString()));
+ if (isSecure(usersDN))
+ {
+ searchRequest.addControl(
+ new ProxiedAuthorizationV2RequestControl(
+ "dn:" + getSubjectDN().toNormalizedString()));
+ }
searchResult = getConnection().searchForEntry(searchRequest);
}
@@ -381,7 +386,18 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
return user;
}
-
+
+ /**
+ * Obtain whether the given DN tree requires authentication.
+ *
+ * @param usersDN The usersDN to check.
+ * @return True if requires authentication, False otherwise.
+ */
+ private boolean isSecure(final String usersDN)
+ {
+ return !usersDN.equals(config.getUserRequestsDN());
+ }
+
/**
* Get all group names.
*
diff --git a/projects/cadcAccessControl-Server/test/LdapConfig.test.properties b/projects/cadcAccessControl-Server/test/LdapConfig.test.properties
index 0d3bc21ab631c1065379ffda2e5f38f005ed90b4..2354a157763992f801c862d5d1945663edd9b055 100644
--- a/projects/cadcAccessControl-Server/test/LdapConfig.test.properties
+++ b/projects/cadcAccessControl-Server/test/LdapConfig.test.properties
@@ -3,7 +3,7 @@ server = proc5-03.cadc.dao.nrc.ca
port = 636
proxyUser = webproxy
usersDn = ou=Users,ou=ds,dc=canfar,dc=net
-userRequestsDN = ou=UserRequests,ou=ds,dc=canfar,dc=net
+userRequestsDN = ou=UserRequests,ou=ds,dc=testcanfar
newUsersDn = ou=NewUsers,ou=ds,dc=canfar,dc=net
groupsDn = ou=Groups,ou=ds,dc=canfar,dc=net
adminGroupsDn = ou=adminGroups,ou=ds,dc=canfar,dc=net
\ No newline at end of file
diff --git a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
index 596bee8035c2d95c3e90c39e9944bcdd1b595f4a..aa47a3091287bdbdb006f9876b389df026ce05d6 100644
--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
@@ -134,29 +134,14 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest
expected.getIdentities().add(new HttpPrincipal(getUserID()));
expected.details.add(new PersonalDetails("foo", "bar"));
- final UserRequest userRequest = new UserRequest(expected, "123456");
+ final UserRequest<HttpPrincipal> userRequest =
+ new UserRequest<HttpPrincipal>(expected, "123456");
Subject subject = new Subject();
subject.getPrincipals().add(testUser.getUserID());
- // do everything as owner
- Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
- {
- public Object run() throws Exception
- {
- try
- {
- User<? extends Principal> actual = getUserDAO().addUser(userRequest);
- check(expected, actual);
-
- return null;
- }
- catch (Exception e)
- {
- throw new Exception("Problems", e);
- }
- }
- });
+ User<HttpPrincipal> actual = getUserDAO().addUser(userRequest);
+ check(expected, actual);
}
/**
diff --git a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/AddGroupMemberActionTest.java b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/AddGroupMemberActionTest.java
index 56fa6154db4f7a2ed1629abfa28de4eef024e7ab..eb092c7f48d4e86880a3f9b2eafb2e840ecec592 100644
--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/AddGroupMemberActionTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/AddGroupMemberActionTest.java
@@ -75,7 +75,8 @@ import ca.nrc.cadc.util.Log4jInit;
import java.security.Principal;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
-import org.easymock.EasyMock;
+
+import static org.easymock.EasyMock.*;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
@@ -103,12 +104,12 @@ public class AddGroupMemberActionTest
Group member = new Group("member", null);
group.getGroupMembers().add(member);
- final GroupPersistence groupPersistence = EasyMock.createMock(GroupPersistence.class);
- EasyMock.expect(groupPersistence.getGroup("group")).andReturn(group);
- EasyMock.expect(groupPersistence.getGroup("member")).andReturn(member);
- EasyMock.replay(groupPersistence);
+ final GroupPersistence groupPersistence = createMock(GroupPersistence.class);
+ expect(groupPersistence.getGroup("group")).andReturn(group);
+ expect(groupPersistence.getGroup("member")).andReturn(member);
+ replay(groupPersistence);
- GroupLogInfo logInfo = EasyMock.createMock(GroupLogInfo.class);
+ GroupLogInfo logInfo = createMock(GroupLogInfo.class);
AddGroupMemberAction action = new AddGroupMemberAction(logInfo, "group", "member")
{
@@ -142,15 +143,17 @@ public class AddGroupMemberActionTest
Group member = new Group("member", null);
Group modified = new Group("group", null);
modified.getGroupMembers().add(member);
+
+ final GroupPersistence groupPersistence =
+ createMock(GroupPersistence.class);
+
+ expect(groupPersistence.getGroup("group")).andReturn(group);
+ expect(groupPersistence.getGroup("member")).andReturn(member);
+ expect(groupPersistence.modifyGroup(group)).andReturn(modified);
+
+ replay(groupPersistence);
-
- final GroupPersistence groupPersistence = EasyMock.createMock(GroupPersistence.class);
- EasyMock.expect(groupPersistence.getGroup("group")).andReturn(group);
- EasyMock.expect(groupPersistence.getGroup("member")).andReturn(member);
- EasyMock.expect(groupPersistence.modifyGroup(group)).andReturn(modified);
- EasyMock.replay(groupPersistence);
-
- GroupLogInfo logInfo = EasyMock.createMock(GroupLogInfo.class);
+ GroupLogInfo logInfo = createMock(GroupLogInfo.class);
AddGroupMemberAction action = new AddGroupMemberAction(logInfo, "group", "member")
{