@Test public void shouldAuthenticateUser() throws LDAPException { final boolean authenticated = testee.authenticate(someLdapConnectionReturning(SUCCESS), "user", "password"); assertThat(authenticated).isEqualTo(true); }
@Test public void shouldNotAuthenticateUser() throws LDAPException { final boolean authenticated = testee.authenticate(someLdapConnectionReturning(AUTHORIZATION_DENIED), "user", "password"); assertThat(authenticated).isEqualTo(false); }
@Test public void shouldApplyFilterToAuthenticatedUser() throws IOException, ServletException, GeneralSecurityException, LDAPException { final LdapProperties ldapProperties = ldapProperties("someHost", 389, singletonList("someBaseDn"), null, "someRdnIdentifier", singletonList("/internal"), StartTLS, WHITELISTED_PATH); final LdapConnectionFactory connectionFactory = mock(LdapConnectionFactory.class); final LDAPConnection ldapConnection = someLdapConnectionReturning(SUCCESS); when(connectionFactory.buildLdapConnection()).thenReturn(ldapConnection); testee = new LdapAuthenticationFilter(ldapProperties, connectionFactory); final HttpServletRequest request = requestWithAuthorizationHeader(); when(request.getServletPath()).thenReturn("/foo"); final FilterChain filterChain = mock(FilterChain.class); testee.doFilter(request, response, filterChain); verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class)); }
@Test public void shouldNotApplyFilterToNotAuthenticatedUser() throws IOException, ServletException, GeneralSecurityException, LDAPException { final LdapProperties ldapProperties = ldapProperties("someHost", 389, singletonList("someBaseDn"), null, "someRdnIdentifier", singletonList("/internal"), StartTLS, WHITELISTED_PATH); final LdapConnectionFactory connectionFactory = mock(LdapConnectionFactory.class); final LDAPConnection ldapConnection = someLdapConnectionReturning(AUTHORIZATION_DENIED); when(connectionFactory.buildLdapConnection()).thenReturn(ldapConnection); testee = new LdapAuthenticationFilter(ldapProperties, connectionFactory); final HttpServletRequest request = requestWithAuthorizationHeader(); when(request.getServletPath()).thenReturn("/foo"); final FilterChain filterChain = mock(FilterChain.class); testee.doFilter(request, response, filterChain); verify(filterChain, never()).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class)); }
@Test public void shouldBeUnauthenticatedIfLdapConnectionFails() throws Exception { final LDAPConnection ldapConnection = someLdapConnectionReturning(SERVER_DOWN); when(ldapConnectionFactory.buildLdapConnection()).thenReturn(ldapConnection); testee.doFilter(requestWithAuthorizationHeader(), response, mock(FilterChain.class)); assertUnauthorized(); }