List of usage examples for junit.framework Assert assertNull
static public void assertNull(Object object)
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@TestOrderAnnotation(order = 15) @Test/* ww w. j a va 2 s . co m*/ public void testAddIdentityStoreNullAlias() throws Exception, IDMException { CasIdmClient idmClient = getIdmClient(); Properties props = getTestProperties(); String tenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(tenantName); Tenant tenant = IdmClientTestUtil.ensureTenantExists(idmClient, tenantName); Assert.assertNotNull(tenant); // Add Active Directory IDP with null alias final String adProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(adProviderName); IIdentityStoreData store = idmClient.getProvider(tenantName, adProviderName); if (store != null) { idmClient.deleteProvider(tenantName, adProviderName); store = idmClient.getProvider(tenantName, adProviderName); Assert.assertNull(store); } IdentityStoreData adStore = IdmClientTestUtil.prepareADIdentityStore(idmClient, false); // check before create if (store == null) { idmClient.addProvider(tenantName, adStore); } Set<Group> groups = idmClient.findGroupsInGroup(tenantName, new PrincipalId("Group1", "ssolabs.eng.vmware.com"), "", -1); Assert.assertEquals(1, groups.size()); Set<PersonUser> users = idmClient.findPersonUsersInGroup(tenantName, new PrincipalId("grpFgPwdPolicy_A", "ssolabs.eng.vmware.com"), "", -1); Assert.assertEquals(2, users.size()); users = idmClient.findPersonUsersInGroup(tenantName, new PrincipalId("grpFgPwdPolicy_A", "ssolabs.eng.vmware.com"), "", 1); Assert.assertEquals(1, users.size()); testAddRemoveADFsptestUserInternal(); // exercise AD provider API when alias is null for AD IDP testAddRemoveADFsptestGroupInternal(); // exercise AD provider API when alias is null for AD IDP // clean up AD provider store = idmClient.getProvider(tenantName, adProviderName); if (store != null) { idmClient.deleteProvider(tenantName, adProviderName); store = idmClient.getProvider(tenantName, adProviderName); Assert.assertNull(store); } final String olProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(olProviderName); store = idmClient.getProvider(tenantName, olProviderName); if (store != null) { idmClient.deleteProvider(tenantName, olProviderName); store = idmClient.getProvider(tenantName, olProviderName); Assert.assertNull(store); } ensureOpenLdapIdentityStoreExistForTenant(tenantName, true); testAddRemoveOLFspTestUserInternal(); // exercise OL provider API when alias is null for OL IDP testAddRemoveOLFstTestGroupInternal(); // exercise OL provider API when alias is null for OL IDP // clean up OL provider store = idmClient.getProvider(tenantName, olProviderName); if (store != null) { idmClient.deleteProvider(tenantName, olProviderName); store = idmClient.getProvider(tenantName, olProviderName); Assert.assertNull(store); } // clean up Tenant IdmClientTestUtil.ensureTenantDoesNotExist(idmClient, tenantName); }
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@TestOrderAnnotation(order = 17) @Test/*from w w w .j ava 2s. c o m*/ public void testAddADIdentityStoreAgain() throws Exception, IDMException { CasIdmClient idmClient = getIdmClient(); Properties props = getTestProperties(); String tenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(tenantName); Tenant tenant = IdmClientTestUtil.ensureTenantExists(idmClient, tenantName); Assert.assertNotNull(tenant); final String adProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(adProviderName); // Prepare adStore with alias IdentityStoreData adStore = IdmClientTestUtil.prepareADIdentityStore(idmClient, true); IIdentityStoreData store = idmClient.getProvider(tenantName, adProviderName); if (store != null) { idmClient.deleteProvider(tenantName, adProviderName); store = idmClient.getProvider(tenantName, adProviderName); Assert.assertNull(store); } try { idmClient.addProvider(tenantName, adStore); idmClient.addProvider(tenantName, adStore); } catch (DuplicateProviderException ex) { idmClient.deleteProvider(tenantName, adProviderName); adStore = IdmClientTestUtil.prepareADIdentityStore(idmClient, false); store = idmClient.getProvider(tenantName, adProviderName); Assert.assertNull(store); try { idmClient.addProvider(tenantName, adStore); idmClient.addProvider(tenantName, adStore); } catch (DuplicateProviderException subEx) { idmClient.deleteProvider(tenantName, adProviderName); } } }
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@TestOrderAnnotation(order = 18) @Test//from ww w.ja va 2 s. c o m public void testAddProviderWithInvalidAuth() throws Exception, IDMException { CasIdmClient idmClient = getIdmClient(); Properties props = getTestProperties(); String tenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(tenantName); Tenant tenant = IdmClientTestUtil.ensureTenantExists(idmClient, tenantName); Assert.assertNotNull(tenant); // Add invalid ldap IDP, probe will fail final String ldapProviderName = "bar.com"; final String ldapProviderAlias = "foo.com"; final String ldapHost = "INVALIDLDAP://bar.com"; final String ldapUserName = "CN=Administrator,DC=BAR,DC=COM"; final String ldapPwd = "password"; final ArrayList<String> ldapHosts = new ArrayList<String>(); ldapHosts.add(ldapHost); IdentityStoreData ldapStore = IdentityStoreData.CreateExternalIdentityStoreData(ldapProviderName, ldapProviderAlias, IdentityStoreType.IDENTITY_STORE_TYPE_LDAP, AuthenticationType.PASSWORD, null, 0, ldapUserName, ldapPwd, "dc=bar,dc=com", "dc=bar,dc=com", ldapHosts, null); try { idmClient.addProvider(tenantName, ldapStore); Assert.fail("failed probeConnectivity() provider successfully finished addProvider()!"); } catch (com.vmware.identity.idm.InvalidArgumentException ex) { Assert.assertNull(idmClient.getProvider(tenantName, ldapProviderName)); } }
From source file:com.amazonaws.services.kinesis.clientlibrary.lib.worker.ShardSyncerTest.java
/** *///from w ww .j a v a 2 s . c o m @Test public final void testNewLease() { Shard shard = new Shard(); String shardId = "shardId-95"; shard.setShardId(shardId); String parentShardId = "shardId-parent"; String adjacentParentShardId = "shardId-adjacentParent"; shard.setParentShardId(parentShardId); shard.setAdjacentParentShardId(adjacentParentShardId); KinesisClientLease lease = ShardSyncer.newKCLLease(shard); Assert.assertEquals(shardId, lease.getLeaseKey()); Assert.assertNull(lease.getCheckpoint()); Set<String> parentIds = lease.getParentShardIds(); Assert.assertEquals(2, parentIds.size()); Assert.assertTrue(parentIds.contains(parentShardId)); Assert.assertTrue(parentIds.contains(adjacentParentShardId)); }
From source file:com.amazonaws.services.kinesis.clientlibrary.lib.worker.ShardSyncerTest.java
/** * Test cleanup of lease for a shard that has been fully processed (and processing of child shards has begun). * /* w w w .j a v a2s. co m*/ * @throws DependencyException * @throws InvalidStateException * @throws ProvisionedThroughputException */ @Test public final void testCleanupLeaseForClosedShard() throws DependencyException, InvalidStateException, ProvisionedThroughputException { String closedShardId = "shardId-2"; KinesisClientLease leaseForClosedShard = newLease(closedShardId); leaseForClosedShard.setCheckpoint(new ExtendedSequenceNumber("1234")); leaseManager.createLeaseIfNotExists(leaseForClosedShard); Set<String> childShardIds = new HashSet<>(); List<KinesisClientLease> trackedLeases = new ArrayList<>(); Set<String> parentShardIds = new HashSet<>(); parentShardIds.add(closedShardId); String childShardId1 = "shardId-5"; KinesisClientLease childLease1 = newLease(childShardId1); childLease1.setParentShardIds(parentShardIds); childLease1.setCheckpoint(ExtendedSequenceNumber.TRIM_HORIZON); String childShardId2 = "shardId-7"; KinesisClientLease childLease2 = newLease(childShardId2); childLease2.setParentShardIds(parentShardIds); childLease2.setCheckpoint(ExtendedSequenceNumber.TRIM_HORIZON); Map<String, KinesisClientLease> trackedLeaseMap = ShardSyncer.constructShardIdToKCLLeaseMap(trackedLeases); // empty list of leases ShardSyncer.cleanupLeaseForClosedShard(closedShardId, childShardIds, trackedLeaseMap, leaseManager); Assert.assertNotNull(leaseManager.getLease(closedShardId)); // closed shard has not been fully processed yet (checkpoint != SHARD_END) trackedLeases.add(leaseForClosedShard); trackedLeaseMap = ShardSyncer.constructShardIdToKCLLeaseMap(trackedLeases); ShardSyncer.cleanupLeaseForClosedShard(closedShardId, childShardIds, trackedLeaseMap, leaseManager); Assert.assertNotNull(leaseManager.getLease(closedShardId)); // closed shard has been fully processed yet (checkpoint == SHARD_END) leaseForClosedShard.setCheckpoint(ExtendedSequenceNumber.SHARD_END); leaseManager.updateLease(leaseForClosedShard); ShardSyncer.cleanupLeaseForClosedShard(closedShardId, childShardIds, trackedLeaseMap, leaseManager); Assert.assertNull(leaseManager.getLease(closedShardId)); // lease for only one child exists childShardIds.add(childShardId1); childShardIds.add(childShardId2); leaseManager.createLeaseIfNotExists(leaseForClosedShard); leaseManager.createLeaseIfNotExists(childLease1); trackedLeases.add(childLease1); trackedLeaseMap = ShardSyncer.constructShardIdToKCLLeaseMap(trackedLeases); ShardSyncer.cleanupLeaseForClosedShard(closedShardId, childShardIds, trackedLeaseMap, leaseManager); Assert.assertNotNull(leaseManager.getLease(closedShardId)); // leases for both children exists, but they are both at TRIM_HORIZON leaseManager.createLeaseIfNotExists(childLease2); trackedLeases.add(childLease2); trackedLeaseMap = ShardSyncer.constructShardIdToKCLLeaseMap(trackedLeases); ShardSyncer.cleanupLeaseForClosedShard(closedShardId, childShardIds, trackedLeaseMap, leaseManager); Assert.assertNotNull(leaseManager.getLease(closedShardId)); // leases for both children exists, one is at TRIM_HORIZON childLease1.setCheckpoint(new ExtendedSequenceNumber("34890")); leaseManager.updateLease(childLease1); ShardSyncer.cleanupLeaseForClosedShard(closedShardId, childShardIds, trackedLeaseMap, leaseManager); Assert.assertNotNull(leaseManager.getLease(closedShardId)); // leases for both children exists, NONE of them are at TRIM_HORIZON childLease2.setCheckpoint(new ExtendedSequenceNumber("43789")); leaseManager.updateLease(childLease2); ShardSyncer.cleanupLeaseForClosedShard(closedShardId, childShardIds, trackedLeaseMap, leaseManager); Assert.assertNull(leaseManager.getLease(closedShardId)); }
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@TestOrderAnnotation(order = 19) @Test//w w w . j a v a 2s . c o m public void testAddIdentityStore() throws Exception, IDMException { CasIdmClient idmClient = getIdmClient(); Properties props = getTestProperties(); String tenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(tenantName); Tenant tenant = IdmClientTestUtil.ensureTenantExists(idmClient, tenantName); Assert.assertNotNull(tenant); // Add Active Directory IDP with LDAPS connection final String adLdapsProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_DOMAIN_NAME_LDAPS); Assert.assertNotNull(adLdapsProviderName); final String adLdapsAlias = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_ALIAS_LDAPS); Assert.assertNotNull(adLdapsAlias); final String ldapskdc = props.getProperty(CFG_KEY_IDM_TENANT_1_KDC_LDAPS); Assert.assertNotNull(ldapskdc); final ArrayList<String> ldapskdcList = new ArrayList<String>(); ldapskdcList.add(ldapskdc); final String adLdapsUserName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_BIND_DN_LDAPS); Assert.assertNotNull(adLdapsUserName); final String adLdapsPwd = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_PASSWORD_LDAPS); Assert.assertNotNull(adLdapsPwd); final Map<String, String> attrMap = new HashMap<String, String>(); attrMap.put(SAMLATTR_GIVEN_NAME, "givenName"); attrMap.put(SAMLATTR_SUR_NAME, "sn"); attrMap.put(SAMLATTR_GROUP_IDENTITY, "memberof"); attrMap.put(SAMLATTR_EMAIL_ADDRESS, "mail"); attrMap.put(SAMLATTR_UPN, "userPrincipalName"); List<X509Certificate> certs = null; X509Certificate certificate = getCertificate( props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_CERT_ALIAS_LDAPS)); if (certificate != null) certs = java.util.Collections.singletonList(certificate); final String userSearchBaseDn = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_USER_BASE_DN_LDAPS); final String groupSearchBaseDn = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_GROUP_BASE_DN_LDAPS); IdentityStoreData adLdapsStore = IdentityStoreData.CreateExternalIdentityStoreData(adLdapsProviderName, adLdapsAlias, IdentityStoreType.IDENTITY_STORE_TYPE_LDAP_WITH_AD_MAPPING, AuthenticationType.PASSWORD, null, 0, adLdapsUserName, false, null, adLdapsPwd, userSearchBaseDn, groupSearchBaseDn, ldapskdcList, attrMap, null, null, certs, null); IIdentityStoreData ldapsStore = idmClient.getProvider(tenantName, adLdapsProviderName); // check before create if (ldapsStore == null) { idmClient.addProvider(tenantName, adLdapsStore); } ldapsStore = idmClient.getProvider(tenantName, adLdapsProviderName); Assert.assertNotNull(ldapsStore); Assert.assertEquals(adLdapsProviderName, ldapsStore.getName()); Assert.assertEquals(DomainType.EXTERNAL_DOMAIN, ldapsStore.getDomainType()); Assert.assertNotNull(ldapsStore.getExtendedIdentityStoreData()); Assert.assertEquals(IdentityStoreType.IDENTITY_STORE_TYPE_LDAP_WITH_AD_MAPPING, ldapsStore.getExtendedIdentityStoreData().getProviderType()); Assert.assertEquals(adLdapsUserName.toLowerCase(), ldapsStore.getExtendedIdentityStoreData().getUserName().toLowerCase()); Assert.assertEquals(adLdapsPwd, ldapsStore.getExtendedIdentityStoreData().getPassword()); Assert.assertNotNull(ldapsStore.getExtendedIdentityStoreData().getConnectionStrings()); Assert.assertEquals(ldapskdcList.size(), ldapsStore.getExtendedIdentityStoreData().getConnectionStrings().size()); int i = 0; for (String str : ldapsStore.getExtendedIdentityStoreData().getConnectionStrings()) { Assert.assertEquals(ldapskdcList.get(i), str); i++; } i = 0; if (certs != null) { Assert.assertNotNull(ldapsStore.getExtendedIdentityStoreData().getCertificates()); for (X509Certificate cert : ldapsStore.getExtendedIdentityStoreData().getCertificates()) { Assert.assertEquals(certs.get(i), cert); i++; } } //clean up ldaps store idmClient.deleteProvider(tenantName, adLdapsProviderName); // Add Active Directory IDP final String adProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(adProviderName); final String alias = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_ALIAS); Assert.assertNotNull(alias); final String kdc = props.getProperty(CFG_KEY_IDM_TENANT_1_KDC); Assert.assertNotNull(kdc); final ArrayList<String> kdcList = new ArrayList<String>(); kdcList.add(kdc); final String adUserName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_BIND_DN); Assert.assertNotNull(adUserName); final String adPwd = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_PASSWORD); Assert.assertNotNull(adPwd); IdentityStoreData adStore = IdmClientTestUtil.prepareADIdentityStore(idmClient, true); IIdentityStoreData store = idmClient.getProvider(tenantName, adProviderName); // check before create if (store == null) { idmClient.addProvider(tenantName, adStore); } store = idmClient.getProvider(tenantName, adProviderName); Assert.assertNotNull(store); Assert.assertEquals(adProviderName, store.getName()); Assert.assertEquals(DomainType.EXTERNAL_DOMAIN, store.getDomainType()); Assert.assertNotNull(store.getExtendedIdentityStoreData()); Assert.assertEquals(IdentityStoreType.IDENTITY_STORE_TYPE_LDAP_WITH_AD_MAPPING, store.getExtendedIdentityStoreData().getProviderType()); Assert.assertEquals(adUserName.toLowerCase(), store.getExtendedIdentityStoreData().getUserName().toLowerCase()); Assert.assertEquals(adPwd, store.getExtendedIdentityStoreData().getPassword()); Assert.assertNotNull(store.getExtendedIdentityStoreData().getConnectionStrings()); Assert.assertEquals(kdcList.size(), store.getExtendedIdentityStoreData().getConnectionStrings().size()); i = 0; for (String str : store.getExtendedIdentityStoreData().getConnectionStrings()) { Assert.assertEquals(kdcList.get(i), str); i++; } // Cleanup, Add OpenLdap IDP with ldaps and verify final String oldapsProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(oldapsProviderName); if (null != idmClient.getProvider(tenantName, oldapsProviderName)) { idmClient.deleteProvider(tenantName, oldapsProviderName); } final String oldapsProviderAlias = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_ALIAS); Assert.assertNotNull(oldapsProviderAlias); final String oldapsHost = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_SSL_HOST_NAME); Assert.assertNotNull(oldapsHost); final String oldapsUserName = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_BIND_DN); Assert.assertNotNull(oldapsUserName); final String oldapsPwd = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_PASSWORD); Assert.assertNotNull(oldapsPwd); final ArrayList<String> oldapsHosts = new ArrayList<String>(); oldapsHosts.add(oldapsHost); List<X509Certificate> openldapsCerts = null; X509Certificate openLdapCertificate = getCertificate( props.getProperty(CFG_KEY_IDM_TENANT_1_OL_SSL_CERT_ALIAS)); if (openLdapCertificate != null) openldapsCerts = java.util.Collections.singletonList(openLdapCertificate); ensureOpenLdapIdentityStoreExistForTenant(props.getProperty(CFG_KEY_IDM_TENANT_1_NAME), true, CFG_KEY_IDM_TENANT_1_OL_SSL_HOST_NAME, openldapsCerts); store = idmClient.getProvider(tenantName, oldapsProviderName); Assert.assertNotNull(store); Assert.assertEquals(oldapsProviderName, store.getName()); Assert.assertEquals(DomainType.EXTERNAL_DOMAIN, store.getDomainType()); Assert.assertNotNull(store.getExtendedIdentityStoreData()); Assert.assertEquals(IdentityStoreType.IDENTITY_STORE_TYPE_LDAP, store.getExtendedIdentityStoreData().getProviderType()); Assert.assertEquals(oldapsUserName, store.getExtendedIdentityStoreData().getUserName()); Assert.assertEquals(oldapsPwd, store.getExtendedIdentityStoreData().getPassword()); Assert.assertEquals(oldapsProviderAlias, store.getExtendedIdentityStoreData().getAlias()); i = 0; for (String str : store.getExtendedIdentityStoreData().getConnectionStrings()) { Assert.assertEquals(oldapsHosts.get(i), str); i++; } i = 0; if (openldapsCerts != null) { Assert.assertNotNull(store.getExtendedIdentityStoreData().getCertificates()); for (X509Certificate cert : store.getExtendedIdentityStoreData().getCertificates()) { Assert.assertEquals(openldapsCerts.get(i), cert); i++; } } store = idmClient.getProvider(tenantName, oldapsProviderAlias); Assert.assertNotNull(store); Assert.assertEquals(oldapsProviderName, store.getName()); Assert.assertEquals(oldapsProviderAlias, store.getExtendedIdentityStoreData().getAlias()); // Cleanup, Add OpenLdap IDP and verify final String olProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(olProviderName); if (null != idmClient.getProvider(tenantName, olProviderName)) { idmClient.deleteProvider(tenantName, olProviderName); } final String olProviderAlias = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_ALIAS); Assert.assertNotNull(olProviderAlias); final String olHost = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_HOST_NAME); Assert.assertNotNull(olHost); final String olUserName = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_BIND_DN); Assert.assertNotNull(olUserName); final String olPwd = props.getProperty(CFG_KEY_IDM_TENANT_1_OL_PROVIDER_PASSWORD); Assert.assertNotNull(olPwd); final ArrayList<String> olHosts = new ArrayList<String>(); olHosts.add(olHost); ensureOpenLdapIdentityStoreExistForTenant(props.getProperty(CFG_KEY_IDM_TENANT_1_NAME), true); store = idmClient.getProvider(tenantName, olProviderName); Assert.assertNotNull(store); Assert.assertEquals(olProviderName, store.getName()); Assert.assertEquals(DomainType.EXTERNAL_DOMAIN, store.getDomainType()); Assert.assertNotNull(store.getExtendedIdentityStoreData()); Assert.assertEquals(IdentityStoreType.IDENTITY_STORE_TYPE_LDAP, store.getExtendedIdentityStoreData().getProviderType()); Assert.assertEquals(olUserName, store.getExtendedIdentityStoreData().getUserName()); Assert.assertEquals(olPwd, store.getExtendedIdentityStoreData().getPassword()); Assert.assertEquals(olProviderAlias, store.getExtendedIdentityStoreData().getAlias()); i = 0; for (String str : store.getExtendedIdentityStoreData().getConnectionStrings()) { Assert.assertEquals(olHosts.get(i), str); i++; } store = idmClient.getProvider(tenantName, olProviderAlias); Assert.assertNotNull(store); Assert.assertEquals(olProviderName, store.getName()); Assert.assertEquals(olProviderAlias, store.getExtendedIdentityStoreData().getAlias()); // Add ldap IDP (inactive IDP, probe will fail and be removed) final String ldapProviderName = "bar.com"; final String ldapProviderAlias = "foo.com"; final String ldapHost = "LDAP://bar.com"; final String ldapUserName = "CN=Administrator,DC=BAR,DC=COM"; final String ldapPwd = "password"; final ArrayList<String> ldapHosts = new ArrayList<String>(); ldapHosts.add(ldapHost); IdentityStoreData ldapStore = IdentityStoreData.CreateExternalIdentityStoreData(ldapProviderName, ldapProviderAlias, IdentityStoreType.IDENTITY_STORE_TYPE_LDAP, AuthenticationType.PASSWORD, null, 0, ldapUserName, ldapPwd, "dc=bar,dc=com", "dc=bar,dc=com", ldapHosts, null); try { idmClient.addProvider(tenantName, ldapStore); } catch (Exception ex) { // ignore (addProvder validates IDP before adding it now) Assert.assertNull(idmClient.getProvider(tenantName, ldapProviderName)); } // Add VM directory IDP (inactive IDP, probe will fail and be removed) final String vmStorename = "baz.com"; final String vmHostname = "LDAP://bar.com"; final String vmUsername = "CN=Administrator,DC=BAR,DC=COM"; final String vmPassword = "password"; final ArrayList<String> vmHosts = new ArrayList<String>(); vmHosts.add(vmHostname); IdentityStoreData vmwstore = IdentityStoreData.CreateExternalIdentityStoreData(vmStorename, null, IdentityStoreType.IDENTITY_STORE_TYPE_VMWARE_DIRECTORY, AuthenticationType.PASSWORD, null, 0, vmUsername, vmPassword, "dc=bar,dc=com", "dc=bar,dc=com", vmHosts, null); try { idmClient.addProvider(tenantName, vmwstore); } catch (Exception ex) { // ignore (addProvder validates IDP before adding it now) Assert.assertNull(idmClient.getProvider(tenantName, vmStorename)); } //test illegal userName detection final String badVMUsername = "Administrator@BAR.COM"; try { IdentityStoreData badvmwstore = IdentityStoreData.CreateExternalIdentityStoreData(vmStorename, null, IdentityStoreType.IDENTITY_STORE_TYPE_VMWARE_DIRECTORY, AuthenticationType.PASSWORD, null, 0, badVMUsername, vmPassword, "dc=bar,dc=com", "dc=bar,dc=com", vmHosts, null); idmClient.addProvider(tenantName, badvmwstore); Assert.fail("should not reach here"); } catch (Exception e) { } //test adding local OS provider final String localOsDomainName = "localOsDomain"; IIdentityStoreData localOsProvider = IdentityStoreData.CreateLocalOSIdentityStoreData(localOsDomainName); String defaultTenant = idmClient.getDefaultTenant(); if ((defaultTenant == null) || (defaultTenant.isEmpty() == true) || (tenantName.equalsIgnoreCase(defaultTenant) == false)) { try { idmClient.addProvider(tenantName, localOsProvider); Assert.fail("Expected to not be able to add local OS provider to non-default tenant."); } catch (Exception ex) { } } idmClient.setDefaultTenant(tenantName); idmClient.addProvider(tenantName, localOsProvider); store = idmClient.getProvider(tenantName, localOsDomainName); Assert.assertNotNull(store); Assert.assertEquals(localOsDomainName, store.getName()); Assert.assertEquals(DomainType.LOCAL_OS_DOMAIN, store.getDomainType()); Assert.assertNull(store.getExtendedIdentityStoreData()); // authenticate non-existent user TestNonExistentUserAuthenticate(idmClient, tenantName, "non-existentuser@" + localOsDomainName, "my pwd"); Collection<IIdentityStoreData> stores = idmClient.getProviders(tenantName, EnumSet.of(DomainType.EXTERNAL_DOMAIN)); Assert.assertNotNull(stores); Assert.assertEquals(2, stores.size()); for (IIdentityStoreData data : stores) { Assert.assertNotNull(data); Assert.assertTrue(data.getDomainType() == DomainType.EXTERNAL_DOMAIN); Assert.assertNotNull(data.getExtendedIdentityStoreData()); } stores = idmClient.getProviders(tenantName, EnumSet.of(DomainType.SYSTEM_DOMAIN)); Assert.assertNotNull(stores); Assert.assertEquals(1, stores.size()); for (IIdentityStoreData data : stores) { Assert.assertNotNull(data); Assert.assertTrue(data.getDomainType() == DomainType.SYSTEM_DOMAIN); Assert.assertNotNull(data.getExtendedIdentityStoreData()); Assert.assertNull(data.getExtendedIdentityStoreData().getAlias()); Assert.assertNull(data.getExtendedIdentityStoreData().getFriendlyName()); Assert.assertNull(data.getExtendedIdentityStoreData().getGroupBaseDn()); Assert.assertNull(data.getExtendedIdentityStoreData().getPassword()); Assert.assertNull(data.getExtendedIdentityStoreData().getServicePrincipalName()); Assert.assertNull(data.getExtendedIdentityStoreData().getUserBaseDn()); Assert.assertNull(data.getExtendedIdentityStoreData().getUserName()); Assert.assertNull(data.getExtendedIdentityStoreData().getAttributeMap()); Assert.assertTrue(data.getExtendedIdentityStoreData().getConnectionStrings().isEmpty()); Assert.assertNull(data.getExtendedIdentityStoreData().getIdentityStoreSchemaMapping()); Assert.assertEquals(-1, data.getExtendedIdentityStoreData().getSearchTimeoutSeconds()); Assert.assertNull(data.getExtendedIdentityStoreData().getProviderType()); } stores = idmClient.getProviders(tenantName); Assert.assertNotNull(stores); Assert.assertEquals(4, stores.size()); idmClient.deleteProvider(tenantName, localOsDomainName); // re-set default tenant to original value if ((defaultTenant != null) && (defaultTenant.isEmpty() == false)) { idmClient.setDefaultTenant(defaultTenant); } }
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@TestOrderAnnotation(order = 21) @Test// w w w . ja va 2s.com @Ignore("Bugzilla#1324293") public void testGetPasswordExpirationInfo() throws Exception, IDMException { Properties props = getTestProperties(); CasIdmClient idmClient = getIdmClient(); String tenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(tenantName); IdmClientTestUtil.ensureTenantExists(idmClient, tenantName); // For AD provider as external domain String adProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(adProviderName); //save the original store before deleting, will be used for restoration later IIdentityStoreData origStore = idmClient.getProvider(tenantName, adProviderName); if (origStore != null) { idmClient.deleteProvider(tenantName, adProviderName); } // Add Active Directory IDP from config IdentityStoreData newADStore = IdmClientTestUtil.prepareADIdentityStore(idmClient, true); Assert.assertNull(idmClient.getProvider(tenantName, adProviderName)); idmClient.addProvider(tenantName, newADStore); // Verify pwdLastSet and pwdLifeTime is retrieved correctly // For user with FGPP setup String adUserId = props.getProperty(CFG_KEY_IDM_TENANT_1_ADPROVIDER_USER_LOOKUP_ID); PersonUser adUser = idmClient.findPersonUser(tenantName, new PrincipalId(adUserId, adProviderName)); Assert.assertTrue(adUser.getDetail().getPwdLastSet() > 0); Assert.assertTrue(adUser.getDetail().getPwdLifeTime() > 0); // For user with just Default Domain Policy setup adUserId = props.getProperty(CFG_KEY_IDM_TENANT_1_ADPROVIDER_DEFAULT_DOMAIN_POLICY_TEST_USER); adUser = idmClient.findPersonUser(tenantName, new PrincipalId(adUserId, adProviderName)); Assert.assertTrue(adUser.getDetail().getPwdLastSet() > 0); Assert.assertTrue(adUser.getDetail().getPwdLifeTime() > 0); // cleanup and restore the original provider idmClient.deleteProvider(tenantName, newADStore.getName()); if (origStore != null) { idmClient.addProvider(tenantName, origStore); } // For VmDir provider as system domain String pwdExpirationTestUser = "__test_user_pwd_expiration"; // Add the new user to system domain PrincipalId principalPwdExpirationTestUser = idmClient.addPersonUser(tenantName, pwdExpirationTestUser, new PersonDetail.Builder().firstName("firstname").lastName("lastname") .emailAddress("example@vmware.com") .description("Person created to test pwd expiration information").build(), "myPasword#123".toCharArray()); PersonUser personUser = idmClient.findPersonUser(tenantName, principalPwdExpirationTestUser); Assert.assertTrue(personUser.getDetail().getPwdLastSet() > 0); Assert.assertTrue(personUser.getDetail().getPwdLifeTime() > 0); // clean up the new user added idmClient.deletePrincipal(tenantName, pwdExpirationTestUser); }
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@Ignore("bugzilla#1173915 - looks like requires native Ad?") @TestOrderAnnotation(order = 22)/*from w w w. ja va 2s. c o m*/ @Test public void testAuthenticateUserAccountControlExceptionsADProvider() throws Exception, IDMException { Properties props = getTestProperties(); CasIdmClient idmClient = getIdmClient(); String tenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(tenantName); IdmClientTestUtil.ensureTenantExists(idmClient, tenantName); // For AD provider as external domain String adProviderName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(adProviderName); //save the original store before deleting, will be used for restoration later IIdentityStoreData origStore = idmClient.getProvider(tenantName, adProviderName); IdentityStoreData newADStore = null; try { if (origStore != null) { idmClient.deleteProvider(tenantName, adProviderName); } // Add Active Directory IDP from config newADStore = IdmClientTestUtil.prepareADIdentityStore(idmClient, true); Assert.assertNull(idmClient.getProvider(tenantName, adProviderName)); idmClient.addProvider(tenantName, newADStore); // Verify PasswordExpiredException is returned if user password is expired String adExpiredPassUser = props.getProperty(CFG_KEY_IDM_ACCTFLAGS_PWDEXPIRED_USERNAME); String adExpiredPassUserPid = String.format("%s@%s", adExpiredPassUser, adProviderName); String adExpiredPassUserPwd = props.getProperty(CFG_KEY_IDM_ACCTFLAGS_PWDEXPIRED_PASSWORD); try { idmClient.authenticate(tenantName, adExpiredPassUserPid, adExpiredPassUserPwd); } catch (PasswordExpiredException ex) { Assert.assertTrue("unexpected message received", ex.getMessage().contains("(23)")); //KDC_ERR_KEY_EXPIRED } catch (Exception ex) { Assert.fail(String.format("Unexpected exception: %s", ex.getMessage())); } // Verify Non-ExistentUser authenticate fails with expected error(s) String adNonExistentUserPid = String.format("%s_NonExistent@%s", adExpiredPassUser, adProviderName); TestNonExistentUserAuthenticate(idmClient, tenantName, adNonExistentUserPid, adExpiredPassUserPwd); // Verify UserAccountLockedException is returned if user account is disabled / locked / expired String adLockedUserId = props.getProperty(CFG_KEY_IDM_ACCTFLAGS_LOCKEDUSER_USERNAME); String adLockedUserPid = String.format("%s@%s", adLockedUserId, adProviderName); String adLockedUserPwd = props.getProperty(CFG_KEY_IDM_ACCTFLAGS_LOCKEDUSER_PASSWORD); String adLockedUserWrongPwd = "wrong" + adLockedUserPwd; int i = 0; final int lockThreshold = 10; // lock threshold set for the ssolabs domain PSO settings boolean accountLocked = false; //setup locked state by bad logins up to the threshold. //verify that Kerberos response to locked account authentication is mapped correctly while (i++ <= lockThreshold) { try { idmClient.authenticate(tenantName, adLockedUserPid, adLockedUserWrongPwd); } catch (UserAccountLockedException ex) { //account now is in locked state. accountLocked = true; break; } catch (IDMLoginException ex) { // expected response for bad login attempt before account is locked Assert.assertTrue("", i <= lockThreshold); } } Assert.assertTrue("account should be locked but isn't", accountLocked); } finally { // cleanup and restore the original provider idmClient.deleteProvider(tenantName, newADStore.getName()); if (origStore != null) { idmClient.addProvider(tenantName, origStore); } } }
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@TestOrderAnnotation(order = 23) @Test/*from w w w.j a v a 2 s.c om*/ public void testAddUserDetail() throws Exception, IDMException { CasIdmClient idmClient = getIdmClient(); Properties props = getTestProperties(); String userTenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(userTenantName); String password = "myPasword#123"; // Add user w/o lastname should be allowed PrincipalId principalNoLastName = idmClient.addPersonUser(userTenantName, "usernolastname", new PersonDetail.Builder().firstName("firstname").lastName(null) .emailAddress("usernolastname@vmware.com") .description("Person created to test user without lastname can be added to sp").build(), password.toCharArray()); PersonUser userWithoutLastname = idmClient.findPersonUser(userTenantName, principalNoLastName); Assert.assertNotNull(userWithoutLastname); Assert.assertEquals(userWithoutLastname.getDetail().getFirstName(), "firstname"); Assert.assertNull(userWithoutLastname.getDetail().getLastName()); idmClient.deletePrincipal(userTenantName, "usernolastname"); userWithoutLastname = idmClient.findPersonUser(userTenantName, principalNoLastName); Assert.assertNull(userWithoutLastname); // add user w/o firstname should be allowed PrincipalId principalNoFirstName = idmClient.addPersonUser(userTenantName, "usernofirstname", new PersonDetail.Builder().firstName(null).lastName("lastname") .emailAddress("usernofirstname@vmware.com") .description("Person created to test user without firstname can be added to sp").build(), password.toCharArray()); PersonUser userWithoutFirstname = idmClient.findPersonUser(userTenantName, principalNoFirstName); Assert.assertNotNull(userWithoutFirstname); Assert.assertEquals(userWithoutFirstname.getDetail().getLastName(), "lastname"); Assert.assertNull(userWithoutFirstname.getDetail().getFirstName()); idmClient.deletePrincipal(userTenantName, "usernofirstname"); userWithoutFirstname = idmClient.findPersonUser(userTenantName, principalNoFirstName); Assert.assertNull(userWithoutFirstname); // add user with empty user detail should be allowed PrincipalId principalEmptydetails = idmClient.addPersonUser(userTenantName, "useremptydetail", new PersonDetail.Builder().firstName("").lastName("").emailAddress("").description("").build(), password.toCharArray()); PersonUser userWithEmptydetails = idmClient.findPersonUser(userTenantName, principalEmptydetails); Assert.assertNotNull(userWithEmptydetails); Assert.assertNull(userWithEmptydetails.getDetail().getFirstName()); idmClient.deletePrincipal(userTenantName, "useremptydetail"); userWithEmptydetails = idmClient.findPersonUser(userTenantName, principalEmptydetails); Assert.assertNull(userWithEmptydetails); // Modify a user originally with firstname and lastname to both null firstname and lastname PrincipalId principal = idmClient.addPersonUser(userTenantName, "usermod", new PersonDetail.Builder().firstName("firstname").lastName("lastname") .emailAddress("usermod@vmware.com") .description("Person created to test modify user firstname/lastname to null").build(), password.toCharArray()); PersonUser user = idmClient.findPersonUser(userTenantName, principal); Assert.assertNotNull(user); Assert.assertEquals(user.getDetail().getFirstName(), "firstname"); Assert.assertEquals(user.getDetail().getLastName(), "lastname"); idmClient.updatePersonUserDetail(userTenantName, "usermod", new PersonDetail.Builder().firstName(null).lastName(null).emailAddress("usermodified@vmware.com") .description("Person created to test modify user firstname/lastname to null").build()); user = idmClient.findPersonUser(userTenantName, principal); Assert.assertNull(user.getDetail().getLastName()); Assert.assertNull(user.getDetail().getFirstName()); Assert.assertEquals(user.getDetail().getEmailAddress(), "usermodified@vmware.com"); idmClient.deletePrincipal(userTenantName, "usermod"); user = idmClient.findPersonUser(userTenantName, principal); Assert.assertNull(user); }
From source file:com.vmware.identity.idm.client.TenantManagementTest.java
@TestOrderAnnotation(order = 35) @Test/* w ww . j a va 2 s. c o m*/ public void testGetAttributeValues() throws Exception, IDMException { CasIdmClient idmClient = getIdmClient(); Properties props = getTestProperties(); String tenantName = props.getProperty(CFG_KEY_IDM_TENANT_1_NAME); Assert.assertNotNull(tenantName); Tenant tenant = IdmClientTestUtil.ensureTenantExists(idmClient, tenantName); Assert.assertNotNull(tenant); final String adUserName = props.getProperty(CFG_KEY_IDM_TENANT_1_ADPROVIDER_USER_LOOKUP_ID); Assert.assertNotNull(adUserName); final String adDomainName = props.getProperty(CFG_KEY_IDM_TENANT_1_AD_PROVIDER_DOMAIN_NAME); Assert.assertNotNull(adDomainName); PrincipalId principal = new PrincipalId(adUserName, adDomainName); PersonUser user = idmClient.findPersonUser(tenantName, principal); Assert.assertNotNull(user); // cannot retrieve user password hash from non-lotus provider // expected behavior: if such user exists, userPasswordHash is null // if such user does exist, return null as password byte[] userPasswordHash = idmClient.getUserHashedPassword(tenantName, principal); Assert.assertNull(userPasswordHash); // if such user does not exist, throw exception saying no such user try { userPasswordHash = idmClient.getUserHashedPassword(tenantName, new PrincipalId("nosuchuser", principal.getDomain())); } catch (InvalidPrincipalException ex) { // expected } Collection<Attribute> supportedAttributes = idmClient.getAttributeDefinitions(tenantName); Collection<AttributeValuePair> attributes = idmClient.getAttributeValues(tenantName, principal, supportedAttributes); Assert.assertNotNull(attributes); AttributeValuePair isSolutionAttr = IdmClientTestUtil.findAttribute(attributes, ATTR_NAME_IS_SOLUTION); Assert.assertNotNull(isSolutionAttr); List<String> values = isSolutionAttr.getValues(); Assert.assertNotNull(values); Assert.assertTrue(values.size() == 1); Assert.assertEquals("false", values.get(0)); // The following user has no first name or last name final String adNonameUserName = props.getProperty(CFG_KEY_IDM_TENANT_1_ADPROVIDER_USER_NONAME_ID); Assert.assertNotNull(adUserName); principal = new PrincipalId(adNonameUserName, adDomainName); user = idmClient.findPersonUser(tenantName, principal); Assert.assertNotNull(user); attributes = idmClient.getAttributeValues(tenantName, principal, supportedAttributes); Assert.assertNotNull(attributes); AttributeValuePair upnAttr = IdmClientTestUtil.findAttribute(attributes, ATTR_NAME_UPN); Assert.assertNotNull(upnAttr); values = upnAttr.getValues(); Assert.assertNotNull(values); Assert.assertTrue(values.size() == 1); Assert.assertTrue(values.get(0).length() > 0); AttributeValuePair groups = IdmClientTestUtil.findAttribute(attributes, ATTRIBUTE_GROUPS); Assert.assertNotNull(groups); values = groups.getValues(); Assert.assertNotNull(values); Assert.assertTrue(values.size() > 0); Pattern pattern = Pattern.compile("^([^\\\\])+\\\\([^\\\\])+$"); for (String value : values) { Matcher matcher = pattern.matcher(value); Assert.assertTrue(matcher.matches()); } }