Skip to content
Snippets Groups Projects
Commit ca3a1499 authored by Dustin Jenkins's avatar Dustin Jenkins
Browse files

Story 1711: Fix for TLS.

parent d4eb2bf3
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 200 additions and 176 deletions
projects/cadcAccessControl-Server/build.xml
+ 2
1
View file @ ca3a1499
......@@ -93,6 +93,7 @@
<property name="cadcRegistry" value="${lib}/cadcRegistryClient.jar" />
<property name="cadcUtil" value="${lib}/cadcUtil.jar" />
<property name="cadcUWS" value="${lib}/cadcUWS.jar" />
<property name="wsUtil" value="${lib}/wsUtil.jar" />
<property name="javacsv" value="${ext.lib}/javacsv.jar" />
<property name="jdom2" value="${ext.lib}/jdom2.jar" />
......@@ -101,7 +102,7 @@
<property name="unboundid" value="${ext.lib}/unboundid-ldapsdk-se.jar" />
<property name="xerces" value="${ext.lib}/xerces.jar" />
<property name="jars" value="${cadcAccessControl}:${cadcLog}:${cadcRegistry}:${cadcUtil}:${cadcUWS}:${javacsv}:${jdom2}:${log4j}:${servlet}:${unboundid}:${xerces}" />
<property name="jars" value="${javacsv}:${jdom2}:${log4j}:${servlet}:${unboundid}:${xerces}:${cadcAccessControl}:${cadcLog}:${cadcRegistry}:${cadcUtil}:${cadcUWS}:${wsUtil}" />
<target name="build" depends="compile">
<jar jarfile="${build}/lib/${project}.jar"
......
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapConfig.java
+ 7
0
View file @ ca3a1499
......@@ -93,6 +93,8 @@ public class LdapConfig
public static final String LDAP_AVAIL_TEST_GROUP = "availabilityTestGroup";
public static final String LDAP_AVAIL_TEST_CALLING_USER_DN = "availabilityTestCallingUserDN";
private final static int SECURE_PORT = 636;
private String usersDN;
private String groupsDN;
private String adminGroupsDN;
......@@ -271,6 +273,11 @@ public class LdapConfig
return this.port;
}
public boolean isSecure()
{
return getPort() == SECURE_PORT;
}
public String getAdminUserDN()
{
return this.adminUserDN;
......
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java
+ 63
35
View file @ ca3a1499
......@@ -68,31 +68,28 @@
*/
package ca.nrc.cadc.ac.server.ldap;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.Principal;
import java.util.Set;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import java.io.File;
import java.net.MalformedURLException;
import java.security.*;
import java.security.cert.CertificateException;
import java.util.Set;
import com.unboundid.ldap.sdk.*;
import com.unboundid.util.ssl.*;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.NumericPrincipal;
import ca.nrc.cadc.auth.OpenIdPrincipal;
import ca.nrc.cadc.auth.*;
import ca.nrc.cadc.net.TransientException;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
public abstract class LdapDAO
{
private LDAPConnection conn;
LdapConfig config;
DN subjDN = null;
......@@ -114,34 +111,64 @@ public abstract class LdapDAO
}
protected LDAPConnection getConnection()
throws LDAPException, AccessControlException
throws LDAPException, AccessControlException
{
if (conn == null)
{
conn = new LDAPConnection(config.getServer(), config.getPort());
conn = new LDAPConnection(getSocketFactory(), config.getServer(),
config.getPort());
conn.bind(config.getAdminUserDN(), config.getAdminPasswd());
}
return conn;
}
private SocketFactory getSocketFactory()
{
final SocketFactory socketFactory;
if (config.isSecure())
{
socketFactory = createSSLSocketFactory();
}
else
{
socketFactory = SocketFactory.getDefault();
}
return socketFactory;
}
private SSLSocketFactory createSSLSocketFactory()
{
try
{
return new com.unboundid.util.ssl.SSLUtil().
createSSLSocketFactory();
}
catch (GeneralSecurityException e)
{
throw new RuntimeException("Unexpected error.", e);
}
}
protected DN getSubjectDN() throws LDAPException
{
if (subjDN == null)
{
Subject callerSubject =
Subject callerSubject =
Subject.getSubject(AccessController.getContext());
if (callerSubject == null)
{
throw new AccessControlException("Caller not authenticated.");
}
Set<Principal> principals = callerSubject.getPrincipals();
if (principals.isEmpty())
{
throw new AccessControlException("Caller not authenticated.");
}
String ldapField = null;
for (Principal p : principals)
{
......@@ -172,31 +199,31 @@ public abstract class LdapDAO
throw new AccessControlException("Identity of caller unknown.");
}
SearchResult searchResult =
getConnection().search(config.getUsersDN(), SearchScope.ONE,
ldapField, new String[] {"entrydn"});
SearchResult searchResult =
getConnection().search(config.getUsersDN(), SearchScope.ONE,
ldapField, "entrydn");
if (searchResult.getEntryCount() < 1)
{
throw new AccessControlException(
"No LDAP account when search with rule " + ldapField);
}
subjDN = ((SearchResultEntry) searchResult.getSearchEntries()
.get(0)).getAttributeValueAsDN("entrydn");
subjDN = (searchResult.getSearchEntries().get(0))
.getAttributeValueAsDN("entrydn");
}
return subjDN;
}
/**
* Checks the Ldap result code, and if the result is not SUCCESS,
* throws an appropriate exception. This is the place to decide on
* throws an appropriate exception. This is the place to decide on
* mapping between ldap errors and exception types
* @param code
* @param errorMsg
* @throws TransientException
*
* @param code The code returned from an LDAP request.
* @throws TransientException
*/
protected static void checkLdapResult(ResultCode code)
protected static void checkLdapResult(ResultCode code)
throws TransientException
{
if (code == ResultCode.INSUFFICIENT_ACCESS_RIGHTS)
......@@ -207,7 +234,8 @@ public abstract class LdapDAO
{
throw new AccessControlException("Invalid credentials ");
}
else if ((code == ResultCode.SUCCESS) || (code == ResultCode.NO_SUCH_OBJECT) )
else if ((code == ResultCode.SUCCESS) || (code
== ResultCode.NO_SUCH_OBJECT))
{
// all good. nothing to do
}
......@@ -216,7 +244,7 @@ public abstract class LdapDAO
throw new IllegalArgumentException("Error in Ldap parameters ");
}
else if (code == ResultCode.BUSY ||
code == ResultCode.CONNECT_ERROR )
code == ResultCode.CONNECT_ERROR)
{
throw new TransientException("Connection problems ");
}
......
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+ 103
103
View file @ ca3a1499
......@@ -68,6 +68,7 @@
*/
package ca.nrc.cadc.ac.server.ldap;
import javax.security.auth.x500.X500Principal;
import java.security.AccessControlException;
import java.security.Principal;
import java.util.Collection;
......@@ -75,32 +76,25 @@ import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import javax.security.auth.x500.X500Principal;
import com.unboundid.ldap.sdk.*;
import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl;
import org.apache.log4j.Logger;
import ca.nrc.cadc.ac.PersonalDetails;
import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.ac.UserNotFoundException;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.net.TransientException;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.SearchRequest;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl;
public class LdapUserDAO<T extends Principal> extends LdapDAO
{
private static final Logger logger = Logger.getLogger(LdapUserDAO.class);
// Map of identity type to LDAP attribute
private Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>();
private Map<Class<?>, String> userLdapAttrib =
new HashMap<Class<?>, String>();
// User attributes returned to the GMS
private static final String LDAP_FNAME = "givenname";
private static final String LDAP_LNAME = "sn";
......@@ -113,54 +107,60 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
super(config);
this.userLdapAttrib.put(HttpPrincipal.class, "uid");
this.userLdapAttrib.put(X500Principal.class, "distinguishedname");
// add the id attributes to user and member attributes
String[] princs = userLdapAttrib.values().toArray(new String[userLdapAttrib.values().size()]);
String[] princs = userLdapAttrib.values()
.toArray(new String[userLdapAttrib.values().size()]);
String[] tmp = new String[userAttribs.length + princs.length];
System.arraycopy(princs, 0, tmp, 0, princs.length);
System.arraycopy(userAttribs, 0, tmp, princs.length, userAttribs.length);
System.arraycopy(userAttribs, 0, tmp, princs.length,
userAttribs.length);
userAttribs = tmp;
tmp = new String[memberAttribs.length + princs.length];
System.arraycopy(princs, 0, tmp, 0, princs.length);
System.arraycopy(memberAttribs, 0, tmp, princs.length, memberAttribs.length);
System.arraycopy(memberAttribs, 0, tmp, princs.length,
memberAttribs.length);
memberAttribs = tmp;
}
/**
* Get the user specified by userID.
*
* @param userID The userID.
*
* @return User instance.
*
* @throws UserNotFoundException when the user is not found.
* @throws TransientException If an temporary, unexpected problem occurred.
* @throws UserNotFoundException when the user is not found.
* @throws TransientException If an temporary, unexpected problem occurred.
* @throws AccessControlException If the operation is not permitted.
*/
public User<T> getUser(T userID)
throws UserNotFoundException, TransientException, AccessControlException
throws UserNotFoundException, TransientException,
AccessControlException
{
String searchField = (String) userLdapAttrib.get(userID.getClass());
String searchField = userLdapAttrib.get(userID.getClass());
if (searchField == null)
{
throw new IllegalArgumentException(
"Unsupported principal type " + userID.getClass());
}
searchField = "(&(objectclass=cadcaccount)(" + searchField + "=" + userID.getName() + "))";
searchField =
"(&(objectclass=cadcaccount)(" + searchField + "=" + userID
.getName() + "))";
SearchResultEntry searchResult = null;
try
{
SearchRequest searchRequest = new SearchRequest(config.getUsersDN(),
SearchScope.SUB, searchField, userAttribs);
SearchRequest searchRequest = new SearchRequest(config.getUsersDN(),
SearchScope.SUB,
searchField,
userAttribs);
searchRequest.addControl(
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN().toNormalizedString()));
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN()
.toNormalizedString()));
searchResult = getConnection().searchForEntry(searchRequest);
}
......@@ -178,57 +178,57 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
User<T> user = new User<T>(userID);
user.getIdentities().add(
new HttpPrincipal(searchResult.getAttributeValue(userLdapAttrib
.get(HttpPrincipal.class))));
.get(HttpPrincipal.class))));
String fname = searchResult.getAttributeValue(LDAP_FNAME);
String lname = searchResult.getAttributeValue(LDAP_LNAME);
user.details.add(new PersonalDetails(fname, lname));
//TODO populate user with the other returned personal or posix attributes
return user;
}
}
/**
* Get all groups the user specified by userID belongs to.
*
* @param userID The userID.
*
* @param userID The userID.
* @param isAdmin
*
* @return Collection of Group instances.
*
* @throws UserNotFoundException when the user is not found.
* @throws TransientException If an temporary, unexpected problem occurred., e.getMessage(
* @throws TransientException If an temporary, unexpected problem occurred., e.getMessage(
* @throws AccessControlException If the operation is not permitted.
*/
public Collection<DN> getUserGroups(final T userID, final boolean isAdmin)
throws UserNotFoundException, TransientException, AccessControlException
throws UserNotFoundException, TransientException,
AccessControlException
{
Collection<DN> groupDNs = new HashSet<DN>();
try
{
String searchField = (String) userLdapAttrib.get(userID.getClass());
String searchField = userLdapAttrib.get(userID.getClass());
if (searchField == null)
{
throw new IllegalArgumentException(
"Unsupported principal type " + userID.getClass());
}
User<T> user = getUser(userID);
User<T> user = getUser(userID);
Filter filter = Filter.createANDFilter(
Filter.createEqualityFilter(searchField,
user.getUserID().getName()),
Filter.createPresenceFilter("memberOf"));
Filter.createEqualityFilter(searchField,
user.getUserID().getName()),
Filter.createPresenceFilter("memberOf"));
SearchRequest searchRequest =
new SearchRequest(config.getUsersDN(), SearchScope.SUB,
SearchRequest searchRequest =
new SearchRequest(config.getUsersDN(), SearchScope.SUB,
filter, "memberOf");
searchRequest.addControl(
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN().toNormalizedString()));
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN()
.toNormalizedString()));
SearchResultEntry searchResult =
SearchResultEntry searchResult =
getConnection().searchForEntry(searchRequest);
DN parentDN;
if (isAdmin)
{
......@@ -238,7 +238,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
{
parentDN = new DN(config.getGroupsDN());
}
if (searchResult != null)
{
String[] members = searchResult.getAttributeValues("memberOf");
......@@ -253,7 +253,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
}
}
}
}
}
}
catch (LDAPException e)
{
......@@ -261,26 +261,24 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
}
return groupDNs;
}
/**
* Check whether the user is a member of the group.
*
* @param userID The userID.
* @param userID The userID.
* @param groupID The groupID.
*
* @return true or false
*
* @throws UserNotFoundException If the user is not found.
* @throws TransientException If an temporary, unexpected problem occurred.
* @throws UserNotFoundException If the user is not found.
* @throws TransientException If an temporary, unexpected problem occurred.
* @throws AccessControlException If the operation is not permitted.
*/
public boolean isMember(T userID, String groupID)
throws UserNotFoundException, TransientException,
AccessControlException
throws UserNotFoundException, TransientException,
AccessControlException
{
try
{
String searchField = (String) userLdapAttrib.get(userID.getClass());
String searchField = userLdapAttrib.get(userID.getClass());
if (searchField == null)
{
throw new IllegalArgumentException(
......@@ -289,26 +287,23 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
User<T> user = getUser(userID);
Filter filter = Filter.createANDFilter(
Filter.createEqualityFilter(searchField,
user.getUserID().getName()),
Filter.createEqualityFilter("memberOf", groupID));
Filter.createEqualityFilter(searchField,
user.getUserID().getName()),
Filter.createEqualityFilter("memberOf", groupID));
SearchRequest searchRequest =
new SearchRequest(config.getUsersDN(), SearchScope.SUB,
filter, new String[] {"cn"});
SearchRequest searchRequest =
new SearchRequest(config.getUsersDN(), SearchScope.SUB,
filter, "cn");
searchRequest.addControl(
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN().toNormalizedString()));
SearchResultEntry searchResults =
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN()
.toNormalizedString()));
SearchResultEntry searchResults =
getConnection().searchForEntry(searchRequest);
if (searchResults == null)
{
return false;
}
return true;
return (searchResults != null);
}
catch (LDAPException e)
{
......@@ -316,7 +311,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
}
return false;
}
// public boolean isMember(T userID, String groupID)
// throws UserNotFoundException, TransientException,
// AccessControlException
......@@ -351,29 +346,30 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
// throw new RuntimeException("Unexpected LDAP exception", e);
// }
// }
/**
* Returns a member user identified by the X500Principal only. The
* returned object has the fields required by the GMS.
* Note that this method binds as a proxy user and not as the
* Note that this method binds as a proxy user and not as the
* subject.
*
* @param userDN
* @return
* @throws UserNotFoundException
* @throws LDAPException
*/
User<X500Principal> getMember(DN userDN)
throws UserNotFoundException, LDAPException
throws UserNotFoundException, LDAPException
{
Filter filter =
Filter.createEqualityFilter("entrydn",
userDN.toNormalizedString());
SearchRequest searchRequest =
new SearchRequest(this.config.getUsersDN(), SearchScope.SUB,
Filter filter =
Filter.createEqualityFilter("entrydn",
userDN.toNormalizedString());
SearchRequest searchRequest =
new SearchRequest(this.config.getUsersDN(), SearchScope.SUB,
filter, memberAttribs);
SearchResultEntry searchResult =
SearchResultEntry searchResult =
getConnection().searchForEntry(searchRequest);
if (searchResult == null)
......@@ -384,9 +380,9 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
}
User<X500Principal> user = new User<X500Principal>(
new X500Principal(searchResult.getAttributeValue(
(String) userLdapAttrib.get(X500Principal.class))));
userLdapAttrib.get(X500Principal.class))));
String princ = searchResult.getAttributeValue(
(String) userLdapAttrib.get(HttpPrincipal.class));
userLdapAttrib.get(HttpPrincipal.class));
if (princ != null)
{
user.getIdentities().add(new HttpPrincipal(princ));
......@@ -396,32 +392,36 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
user.details.add(new PersonalDetails(fname, lname));
return user;
}
DN getUserDN(User<? extends Principal> user)
throws UserNotFoundException, TransientException
throws UserNotFoundException, TransientException
{
String searchField = (String) userLdapAttrib.get(user.getUserID().getClass());
String searchField =
userLdapAttrib.get(user.getUserID().getClass());
if (searchField == null)
{
throw new IllegalArgumentException(
"Unsupported principal type " + user.getUserID().getClass());
"Unsupported principal type " + user.getUserID()
.getClass());
}
searchField = "(" + searchField + "=" +
user.getUserID().getName() + ")";
searchField = "(" + searchField + "=" +
user.getUserID().getName() + ")";
SearchResultEntry searchResult = null;
try
{
SearchRequest searchRequest = new SearchRequest(this.config.getUsersDN(), SearchScope.SUB,
searchField, new String[] {"entrydn"});
SearchRequest searchRequest =
new SearchRequest(this.config.getUsersDN(), SearchScope.SUB,
searchField, "entrydn");
searchResult =
getConnection().searchForEntry(searchRequest);
} catch (LDAPException e)
searchResult =
getConnection().searchForEntry(searchRequest);
}
catch (LDAPException e)
{
LdapDAO.checkLdapResult(e.getResultCode());
}
......
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java
+ 19
23
View file @ ca3a1499
......@@ -68,38 +68,32 @@
package ca.nrc.cadc.ac.server.ldap;
import static ca.nrc.cadc.ac.server.ldap.LdapGroupDAOTest.config;
import static org.junit.Assert.assertTrue;
import java.security.PrivilegedExceptionAction;
import javax.net.ssl.SSLSocketFactory;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import org.junit.Test;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.NumericPrincipal;
import com.unboundid.ldap.sdk.LDAPConnection;
import org.junit.Test;
import static org.junit.Assert.*;
public class LdapDAOTest
{
static String server = "mach275.cadc.dao.nrc.ca";
static int port = 389;
static String adminDN = "uid=webproxy,ou=WebProxy,ou=topologymanagement,o=netscaperoot";
static String adminPW = "go4it";
static String usersDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
static String groupsDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=canfartest,dc=net";
LdapConfig config = new LdapConfig(server, port, adminDN, adminPW, usersDN, groupsDN, adminGroupsDN);
final LdapConfig config = new TestLDAPConfig();
@Test
public void testLdapBindConnection() throws Exception
{
//TODO use a test user to test with. To be done when addUser available.
//LdapUserDAO<X500Principal> userDAO = new LdapUserDAO<X500Principal>();
final X500Principal subjPrincipal = new X500Principal(
"cn=cadcdaotest1,ou=cadc,o=hia,c=ca");
// User authenticated with HttpPrincipal
HttpPrincipal httpPrincipal = new HttpPrincipal("CadcDaoTest1");
......@@ -115,8 +109,7 @@ public class LdapDAOTest
{
try
{
LDAPConnection ldapCon = ldapDao.getConnection();
assertTrue(ldapCon.isConnected());
testConnection(ldapDao.getConnection());
return null;
}
catch (Exception e)
......@@ -126,9 +119,7 @@ public class LdapDAOTest
}
});
X500Principal subjPrincipal = new X500Principal(
"cn=cadcdaotest1,ou=cadc,o=hia,c=ca");
subject = new Subject();
subject.getPrincipals().add(subjPrincipal);
......@@ -138,8 +129,7 @@ public class LdapDAOTest
{
try
{
LDAPConnection ldapCon = ldapDao.getConnection();
assertTrue(ldapCon.isConnected());
testConnection(ldapDao.getConnection());
return null;
}
catch (Exception e)
......@@ -160,8 +150,7 @@ public class LdapDAOTest
try
{
LDAPConnection ldapCon = ldapDao.getConnection();
assertTrue(ldapCon.isConnected());
testConnection(ldapDao.getConnection());
return null;
}
catch (Exception e)
......@@ -172,4 +161,11 @@ public class LdapDAOTest
});
}
private void testConnection(final LDAPConnection ldapCon)
{
assertTrue("Not connected but should be.", ldapCon.isConnected());
assertFalse("Should be SSLSocketFactory.",
(ldapCon.getSocketFactory() instanceof SSLSocketFactory));
}
}
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTestImpl.java
+ 3
3
View file @ ca3a1499
......@@ -66,7 +66,6 @@
*/
package ca.nrc.cadc.ac.server.ldap;
import java.security.AccessControlException;
......@@ -74,16 +73,17 @@ import java.security.AccessControlException;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPException;
public class LdapDAOTestImpl extends LdapDAO
{
public LdapDAOTestImpl(LdapConfig config)
{
super(config);
}
@Override
public LDAPConnection getConnection() throws LDAPException,
AccessControlException
AccessControlException
{
return super.getConnection();
}
......
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
+ 3
11
View file @ ca3a1499
......@@ -65,13 +65,7 @@ public class LdapGroupDAOTest
{
private static final Logger log = Logger.getLogger(LdapGroupDAOTest.class);
static String server = "mach275.cadc.dao.nrc.ca";
static int port = 389;
static String adminDN = "uid=webproxy,ou=webproxy,ou=topologymanagement,o=netscaperoot";
static String adminPW = "go4it";
static String usersDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
static String groupsDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=canfartest,dc=net";
static String adminDN = "uid=webproxy,ou=SpecialUsers,dc=canfar,dc=net";
// static String usersDN = "ou=Users,ou=ds,dc=canfar,dc=net";
// static String groupsDN = "ou=Groups,ou=ds,dc=canfar,dc=net";
......@@ -95,8 +89,8 @@ public class LdapGroupDAOTest
static Subject daoTestUser1Subject;
static Subject daoTestUser2Subject;
static Subject anonSubject;
static LdapConfig config;
final LdapConfig config = new TestLDAPConfig();
@BeforeClass
public static void setUpBeforeClass()
......@@ -124,8 +118,6 @@ public class LdapGroupDAOTest
anonSubject = new Subject();
anonSubject.getPrincipals().add(unknownUser.getUserID());
config = new LdapConfig(server, port, adminDN, adminPW, usersDN, groupsDN, adminGroupsDN);
}
LdapGroupDAO<X500Principal> getGroupDAO()
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment