如何在 spring 中测试 LDAP 安全配置?
[英]How to test LDAP security configuration in spring?
问题描述
How can I write a test for an ldap security configuration in spring-boot ?
如何为spring-boot中的ldap安全配置编写测试?
The authentication manager validates first that the user initials are present in ldap, and that the found user is memberOf any group set for the user filter.身份验证管理器首先验证用户姓名首字母是否存在于memberOf中,并且找到的用户是为用户过滤器设置的任何组的成员。
Question: How could I mock the ldap response at all?问题:我怎么能模拟 ldap 响应? Eg I want to return a user with memberOf=CN=Team-INVALID that should not be authentication in the scope of a test.例如,我想返回一个不应该在测试的 scope 中进行身份验证的memberOf=CN=Team-INVALID的用户。 And I want to return a user that matches the userSearchFilter of course.我当然想返回一个与userSearchFilter匹配的用户。
But which class do I have to mock for this test?但是我必须为这个测试模拟哪个 class ?
@Configuration
@Order(1)
@EnableWebSecurity
public class LdapSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userSearchFilter("(&(initials={0})(|" +
"(memberOf=CN=TEAM-1,OU=Intern,DC=my-company)" +
"(memberOf=CN=TEAM-2,OU=Intern,DC=my-company)" +
"))")
.contextSource()
.url(ldapUrl + ldapBase)
.managerDn(ldapUsername)
.managerPassword(ldapPassword);
}
}
1 个解决方案
解决方案1
1 已采纳 2021-06-02 13:18:21
You can define an embedded LDAP server with an LDIF file for your tests, like this:您可以使用 LDIF 文件为您的测试定义嵌入式 LDAP 服务器,如下所示:
spring.ldap.embedded.ldif=classpath:test-server.ldif
spring.ldap.embedded.base-dn=dc=springframework,dc=org
spring.ldap.embedded.port=8389
And in your tests you can try to authenticate that specific user like you would do in a normal flow:在您的测试中,您可以尝试像在正常流程中那样对特定用户进行身份验证:
@SpringBootTest
@AutoConfigureMockMvc
@TestPropertySource(properties = {
"spring.ldap.embedded.ldif=classpath:test-server.ldif",
"spring.ldap.embedded.base-dn=${spring.ldap.base}",
"spring.ldap.embedded.port=8389",
"spring.ldap.embedded.url=ldap://localhost:8389/",
"spring.ldap.embedded.credential.username=uid=admin",
"spring.ldap.embedded.credential.password=secret",
"spring.ldap.embedded.validation.enabled=false",
"spring.ldap.urls=ldap://localhost:8389/",
"spring.ldap.username=uid=admin",
"spring.ldap.password=secret"})
public class AuthenticatingLdapApplicationTests {
@Autowired
private MockMvc mockMvc;
@Test
public void loginWithValidUserThenAuthenticated() throws Exception {
FormLoginRequestBuilder login = formLogin()
.user("user")
.password("userpassword");
mockMvc.perform(login)
.andExpect(authenticated().withUsername("user"));
}
@Test
public void loginWithInvalidUserThenUnauthenticated() throws Exception {
FormLoginRequestBuilder login = formLogin()
.user("invalid")
.password("invalidpassword");
mockMvc.perform(login)
.andExpect(unauthenticated());
}
}
I found this example in the Authenticating with LDAP Guide .我在Authenticating with LDAP Guide中找到了这个示例。 You can refer to it for more details您可以参考它以获取更多详细信息
Required dependency:所需依赖项:
<dependency>
<groupId>com.unboundid</groupId>
<artifactId>unboundid-ldapsdk</artifactId>
<version>5.1.4</version>
<scope>test</scope>
</dependency>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.