[英]How to test LDAP security configuration in spring?
How can I write a test for an ldap
security configuration in spring-boot
?如何为spring-boot
中的ldap
安全配置编写测试?
The authentication manager validates first that the user initials are present in ldap, and that the found user is memberOf
any group set for the user filter.身份验证管理器首先验证用户姓名首字母是否存在于memberOf
中,并且找到的用户是为用户过滤器设置的任何组的成员。
Question: How could I mock the ldap response at all?问题:我怎么能模拟 ldap 响应? Eg I want to return a user with memberOf=CN=Team-INVALID
that should not be authentication in the scope of a test.例如,我想返回一个不应该在测试的 scope 中进行身份验证的memberOf=CN=Team-INVALID
的用户。 And I want to return a user that matches the userSearchFilter
of course.我当然想返回一个与userSearchFilter
匹配的用户。
But which class do I have to mock for this test?但是我必须为这个测试模拟哪个 class ?
@Configuration
@Order(1)
@EnableWebSecurity
public class LdapSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userSearchFilter("(&(initials={0})(|" +
"(memberOf=CN=TEAM-1,OU=Intern,DC=my-company)" +
"(memberOf=CN=TEAM-2,OU=Intern,DC=my-company)" +
"))")
.contextSource()
.url(ldapUrl + ldapBase)
.managerDn(ldapUsername)
.managerPassword(ldapPassword);
}
}
You can define an embedded LDAP server with an LDIF file for your tests, like this:您可以使用 LDIF 文件为您的测试定义嵌入式 LDAP 服务器,如下所示:
spring.ldap.embedded.ldif=classpath:test-server.ldif
spring.ldap.embedded.base-dn=dc=springframework,dc=org
spring.ldap.embedded.port=8389
And in your tests you can try to authenticate that specific user like you would do in a normal flow:在您的测试中,您可以尝试像在正常流程中那样对特定用户进行身份验证:
@SpringBootTest
@AutoConfigureMockMvc
@TestPropertySource(properties = {
"spring.ldap.embedded.ldif=classpath:test-server.ldif",
"spring.ldap.embedded.base-dn=${spring.ldap.base}",
"spring.ldap.embedded.port=8389",
"spring.ldap.embedded.url=ldap://localhost:8389/",
"spring.ldap.embedded.credential.username=uid=admin",
"spring.ldap.embedded.credential.password=secret",
"spring.ldap.embedded.validation.enabled=false",
"spring.ldap.urls=ldap://localhost:8389/",
"spring.ldap.username=uid=admin",
"spring.ldap.password=secret"})
public class AuthenticatingLdapApplicationTests {
@Autowired
private MockMvc mockMvc;
@Test
public void loginWithValidUserThenAuthenticated() throws Exception {
FormLoginRequestBuilder login = formLogin()
.user("user")
.password("userpassword");
mockMvc.perform(login)
.andExpect(authenticated().withUsername("user"));
}
@Test
public void loginWithInvalidUserThenUnauthenticated() throws Exception {
FormLoginRequestBuilder login = formLogin()
.user("invalid")
.password("invalidpassword");
mockMvc.perform(login)
.andExpect(unauthenticated());
}
}
I found this example in the Authenticating with LDAP Guide .我在Authenticating with LDAP Guide中找到了这个示例。 You can refer to it for more details您可以参考它以获取更多详细信息
Required dependency:所需依赖项:
<dependency>
<groupId>com.unboundid</groupId>
<artifactId>unboundid-ldapsdk</artifactId>
<version>5.1.4</version>
<scope>test</scope>
</dependency>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.