@Test public void testMultipleRoleAttributeValuesAreMappedToAuthorities() throws Exception { LdapUserDetailsMapper mapper = new LdapUserDetailsMapper(); mapper.setConvertToUpperCase(false); mapper.setRolePrefix(""); mapper.setRoleAttributes(new String[] { "userRole" }); DirContextAdapter ctx = new DirContextAdapter(); ctx.setAttributeValues("userRole", new String[] { "X", "Y", "Z" }); ctx.setAttributeValue("uid", "ani"); LdapUserDetailsImpl user = (LdapUserDetailsImpl) mapper.mapUserFromContext(ctx, "ani", AuthorityUtils.NO_AUTHORITIES); assertThat(user.getAuthorities()).hasSize(3); }
essence.setPassword(mapPassword(passwordValue)); GrantedAuthority authority = createAuthority(role);
@Test public void testPasswordAttributeIsMappedCorrectly() throws Exception { LdapUserDetailsMapper mapper = new LdapUserDetailsMapper(); mapper.setPasswordAttributeName("myappsPassword"); BasicAttributes attrs = new BasicAttributes(); attrs.put(new BasicAttribute("myappsPassword", "mypassword".getBytes())); DirContextAdapter ctx = new DirContextAdapter(attrs, new DistinguishedName("cn=someName")); ctx.setAttributeValue("uid", "ani"); LdapUserDetails user = (LdapUserDetailsImpl) mapper.mapUserFromContext(ctx, "ani", AuthorityUtils.NO_AUTHORITIES); assertThat(user.getPassword()).isEqualTo("mypassword"); }
@Test public void useWithNullAuthoritiesPopulatorReturnsCorrectRole() { LdapAuthenticationProvider ldapProvider = new LdapAuthenticationProvider( new MockAuthenticator()); LdapUserDetailsMapper userMapper = new LdapUserDetailsMapper(); userMapper.setRoleAttributes(new String[] { "ou" }); ldapProvider.setUserDetailsContextMapper(userMapper); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( "ben", "benspassword"); UserDetails user = (UserDetails) ldapProvider.authenticate(authRequest) .getPrincipal(); assertThat(user.getAuthorities()).hasSize(1); assertThat(AuthorityUtils.authorityListToSet(user.getAuthorities())) .contains("ROLE_FROM_ENTRY"); }
if (useEmailAddressAsUsername) { if (email != null) { userDetails = super.mapUserFromContext(ctx, email, newAuthorities); userDetails = super.mapUserFromContext(ctx, username, newAuthorities);
/** * SEC-303. Non-retrieved role attribute causes NullPointerException */ @Test public void testNonRetrievedRoleAttributeIsIgnored() throws Exception { LdapUserDetailsMapper mapper = new LdapUserDetailsMapper(); mapper.setRoleAttributes(new String[] { "userRole", "nonRetrievedAttribute" }); BasicAttributes attrs = new BasicAttributes(); attrs.put(new BasicAttribute("userRole", "x")); DirContextAdapter ctx = new DirContextAdapter(attrs, new DistinguishedName("cn=someName")); ctx.setAttributeValue("uid", "ani"); LdapUserDetailsImpl user = (LdapUserDetailsImpl) mapper.mapUserFromContext(ctx, "ani", AuthorityUtils.NO_AUTHORITIES); assertThat(user.getAuthorities()).hasSize(1); assertThat(AuthorityUtils.authorityListToSet(user.getAuthorities())).contains("ROLE_X"); }
@Test public void correctAuthoritiesAreReturned() { DirContextAdapter userData = new DirContextAdapter(new DistinguishedName( "uid=joe")); LdapUserDetailsService service = new LdapUserDetailsService(new MockUserSearch( userData), new MockAuthoritiesPopulator()); service.setUserDetailsMapper(new LdapUserDetailsMapper()); UserDetails user = service.loadUserByUsername("doesntmatterwegetjoeanyway"); Set<String> authorities = AuthorityUtils .authorityListToSet(user.getAuthorities()); assertThat(authorities).hasSize(1); assertThat(authorities.contains("ROLE_FROM_POPULATOR")).isTrue(); }
@Override public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) { LdapUserDetails ldapUserDetails = (LdapUserDetails) super.mapUserFromContext(ctx, username, authorities);
@Test public void normalUsage() { MockAuthoritiesPopulator populator = new MockAuthoritiesPopulator(); LdapAuthenticationProvider ldapProvider = new LdapAuthenticationProvider( new MockAuthenticator(), populator); LdapUserDetailsMapper userMapper = new LdapUserDetailsMapper(); userMapper.setRoleAttributes(new String[] { "ou" }); ldapProvider.setUserDetailsContextMapper(userMapper); assertThat(ldapProvider.getAuthoritiesPopulator()).isNotNull(); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( "ben", "benspassword"); Object authDetails = new Object(); authRequest.setDetails(authDetails); Authentication authResult = ldapProvider.authenticate(authRequest); assertThat(authResult.getCredentials()).isEqualTo("benspassword"); assertThat(authResult.getDetails()).isSameAs(authDetails); UserDetails user = (UserDetails) authResult.getPrincipal(); assertThat(user.getAuthorities()).hasSize(2); assertThat(user.getPassword()).isEqualTo("{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ="); assertThat(user.getUsername()).isEqualTo("ben"); assertThat(populator.getRequestedUsername()).isEqualTo("ben"); assertThat(AuthorityUtils.authorityListToSet(user.getAuthorities())) .contains("ROLE_FROM_ENTRY"); assertThat(AuthorityUtils.authorityListToSet(user.getAuthorities())) .contains("ROLE_FROM_POPULATOR"); }
@Override public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) { // Default details LdapUserDetails userDetails = (LdapUserDetails) super.mapUserFromContext(ctx, username, authorities); return extendUserDetails(ctx, userDetails, username); }
essence.setPassword(mapPassword(passwordValue)); GrantedAuthority authority = createAuthority(rolesForAttribute[j]);
@Override public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) { LdapUserDetails details = (LdapUserDetails)super.mapUserFromContext(ctx, username, authorities); LdapUserDetailsWithAttributes detailsWithAttributes = new LdapUserDetailsWithAttributes(details); for(String attributeName : attributeMappings.keySet()) { detailsWithAttributes.setAttribute(attributeName, ctx.getStringAttribute(attributeMappings.get(attributeName))); } return detailsWithAttributes; }
essence.setPassword(mapPassword(passwordValue)); GrantedAuthority authority = createAuthority(role);
@Override public UserDetails mapUserFromContext( DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities ) { String usernameAttributeValue = ctx.getStringAttribute( getLdapUsernameAttribute() ); if ( usernameAttributeValue == null ) { throw new IllegalStateException( Messages.getInstance().getErrorString( "UseridAttributeLdapContextMapper.ERROR_0001_ATTRIBUTE_NOT_FOUND", getLdapUsernameAttribute() ) ); } // Pass along the attribute value, not the typed in value UserDetails rtn = super.mapUserFromContext( ctx, usernameAttributeValue, authorities ); return rtn; }