fixed Username AD realm

added missing serail version uid to config service update shiro to 1.3.2
2016-09-27 22:21:59 +00:00
parent 2471221bda
commit 1a9c4ced6e
6 changed files with 150 additions and 15 deletions
--- a/account/src/test/java/de/muehlencord/shared/account/util/UserNameActiveDirectoryRealmTest.java
+++ b/account/src/test/java/de/muehlencord/shared/account/util/UserNameActiveDirectoryRealmTest.java
@ -0,0 +1,53 @@
+package de.muehlencord.shared.account.util;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.config.IniSecurityManagerFactory;
+import org.apache.shiro.subject.Subject;
+import org.junit.Test;
+import org.apache.shiro.mgt.SecurityManager;
+import static org.junit.Assume.assumeNotNull;
+
+/**
+ *
+ * @author Joern Muehlencord <joern at muehlencord.de>
+ */
+public class UserNameActiveDirectoryRealmTest {
+
+    @Test
+    public void testUsernameLogin() {
+        String userName = "user.name";
+        String password = "secret";
+        testLogin(userName, password);
+    }
+
+    @Test
+    public void testEmailaddressLogin() {
+        String userName = "user.name@domain.com";
+        String password = "secret";
+        testLogin(userName, password);
+    }
+
+    @Test(expected=AuthenticationException.class)
+    public void testWrongUserNamePassword() {
+        String userName = "test123";
+        String password = "secret";
+        testLogin(userName, password);
+    }
+
+    private void testLogin(String userName, String password) throws AuthenticationException {
+        assumeNotNull(UserNameActiveDirectoryRealmTest.class.getResource("/shiro.ini"));
+
+        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
+        SecurityManager securityManager = factory.getInstance();
+        SecurityUtils.setSecurityManager(securityManager);
+
+        UsernamePasswordToken token = new UsernamePasswordToken(userName, password);
+        Subject currentUser = SecurityUtils.getSubject();
+
+        currentUser.login(token);
+        System.out.println("Logged in");
+    }
+
+}
--- a/account/src/test/resources/log4j.xml
+++ b/account/src/test/resources/log4j.xml
@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>  
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">  
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"  
+                     debug="true">  
+        
+    <appender name="consoleAppender" class="org.apache.log4j.ConsoleAppender">
+        <layout class="org.apache.log4j.PatternLayout">           
+            <param name="ConversionPattern" value="%d{ISO8601} %-5p [%c] %m%n" />
+        </layout>
+    </appender>    
+    
+    <category name="de.muehlencord">
+        <priority value="DEBUG"/>
+    </category>   
+    
+    <category name="org.apache.shiro">
+        <priority value="DEBUG"/>
+    </category>       
+            
+    <category name="com.sun">
+        <priority value="WARN"/>
+    </category>        
+    
+    <category name="javax.xml">
+        <priority value="WARN"/>
+    </category>   
+    
+    <category name="org.apache.commons">
+        <priority value="WARN"/>
+    </category>   
+                       
+                      
+    <root>
+        <level value="INFO" />
+        <appender-ref ref="consoleAppender" />     
+    </root>
+</log4j:configuration>
--- a/account/src/test/resources/shiro.ini.dist
+++ b/account/src/test/resources/shiro.ini.dist
@ -0,0 +1,30 @@
+[main]
+contextFactory = org.apache.shiro.realm.ldap.JndiLdapContextFactory
+contextFactory.url = ldaps://ldap.domain.com:636
+contextFactory.systemUsername = user.name@domain.com
+contextFactory.systemPassword = secret
+contextFactory.environment[java.naming.security.protocol] = ssl
+
+cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
+securityManager.cacheManager = $cacheManager
+
+# HashService
+hashService = org.apache.shiro.crypto.hash.DefaultHashService
+hashService.hashIterations = 500000
+hashService.hashAlgorithmName = SHA-512
+hashService.generatePublicSalt = true
+
+# Password service
+passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
+passwordService.hashService = $hashService
+
+# LDAP Realm setup
+ldapRealm = de.muehlencord.shared.account.util.UserNameActiveDirectoryRealm
+ldapRealm.principalSuffix = @domain.com
+ldapRealm.ldapContextFactory = $contextFactory
+ldapRealm.searchBase = dc=domain,dc=com
+
+# LDAP (authentication) activation
+authcStrategy  = org.apache.shiro.authc.pam.AllSuccessfulStrategy
+securityManager.realms = $ldapRealm
+securityManager.authenticator.authenticationStrategy = $authcStrategy