KEYCLOAK-2988 - Fix kerberos tests - able to run with Windows and RHIDM.
This commit is contained in:
Pavel Drozd
parent
0ec23fd40b
commit
43ab806f8d
4 changed files with 23 additions and 9 deletions
|
|
@ -45,6 +45,7 @@ public class LDAPTestConfiguration {
|
||||||
|
|
||||||
private int sleepTime;
|
private int sleepTime;
|
||||||
private boolean startEmbeddedLdapServer = true;
|
private boolean startEmbeddedLdapServer = true;
|
||||||
|
private boolean caseSensitiveLogin = true;
|
||||||
private Map<String, String> config;
|
private Map<String, String> config;
|
||||||
|
|
||||||
protected static final Map<String, String> PROP_MAPPINGS = new HashMap<String, String>();
|
protected static final Map<String, String> PROP_MAPPINGS = new HashMap<String, String>();
|
||||||
|
|
@ -150,6 +151,7 @@ public class LDAPTestConfiguration {
|
||||||
|
|
||||||
startEmbeddedLdapServer = p.getBoolean("idm.test.ldap.start.embedded.ldap.server", true);
|
startEmbeddedLdapServer = p.getBoolean("idm.test.ldap.start.embedded.ldap.server", true);
|
||||||
sleepTime = p.getInteger("idm.test.ldap.sleepTime", 1000);
|
sleepTime = p.getInteger("idm.test.ldap.sleepTime", 1000);
|
||||||
|
caseSensitiveLogin = p.getBoolean("idm.test.kerberos.caseSensitiveLogin", true);
|
||||||
log.info("Start embedded server: " + startEmbeddedLdapServer);
|
log.info("Start embedded server: " + startEmbeddedLdapServer);
|
||||||
log.info("Read config: " + config);
|
log.info("Read config: " + config);
|
||||||
}
|
}
|
||||||
|
|
@ -166,4 +168,8 @@ public class LDAPTestConfiguration {
|
||||||
return sleepTime;
|
return sleepTime;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public boolean isCaseSensitiveLogin() {
|
||||||
|
return caseSensitiveLogin;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,7 @@
|
||||||
|
|
||||||
package org.keycloak.testsuite.adapter.federation;
|
package org.keycloak.testsuite.adapter.federation;
|
||||||
|
|
||||||
|
import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO;
|
||||||
import static org.keycloak.testsuite.util.IOUtil.loadRealm;
|
import static org.keycloak.testsuite.util.IOUtil.loadRealm;
|
||||||
|
|
||||||
import java.security.Principal;
|
import java.security.Principal;
|
||||||
|
|
@ -107,16 +108,16 @@ public abstract class AbstractKerberosAdapterTest extends AbstractServletsAdapte
|
||||||
public void before() throws Exception {
|
public void before() throws Exception {
|
||||||
testRealmPage.setAuthRealm(AuthRealm.TEST);
|
testRealmPage.setAuthRealm(AuthRealm.TEST);
|
||||||
changePasswordPage.setAuthRealm(testRealmPage);
|
changePasswordPage.setAuthRealm(testRealmPage);
|
||||||
|
// Global kerberos configuration
|
||||||
ldapTestConfiguration = LDAPTestConfiguration.readConfiguration(getConnectionPropertiesLocation());
|
ldapTestConfiguration = LDAPTestConfiguration.readConfiguration(getConnectionPropertiesLocation());
|
||||||
|
String krb5ConfPath = LDAPTestConfiguration.getResource("test-krb5.conf");
|
||||||
|
log.info("Krb5.conf file location is: " + krb5ConfPath);
|
||||||
|
System.setProperty("java.security.krb5.conf", krb5ConfPath);
|
||||||
if (ldapTestConfiguration.isStartEmbeddedLdapServer() && ldapEmbeddedServer == null) {
|
if (ldapTestConfiguration.isStartEmbeddedLdapServer() && ldapEmbeddedServer == null) {
|
||||||
ldapEmbeddedServer = createServer();
|
ldapEmbeddedServer = createServer();
|
||||||
ldapEmbeddedServer.init();
|
ldapEmbeddedServer.init();
|
||||||
ldapEmbeddedServer.start();
|
ldapEmbeddedServer.start();
|
||||||
}
|
}
|
||||||
// Global kerberos configuration
|
|
||||||
String krb5ConfPath = LDAPTestConfiguration.getResource("test-krb5.conf");
|
|
||||||
log.info("Krb5.conf file location is: " + krb5ConfPath);
|
|
||||||
System.setProperty("java.security.krb5.conf", krb5ConfPath);
|
|
||||||
UserFederationProviderModel model = new UserFederationProviderModel();
|
UserFederationProviderModel model = new UserFederationProviderModel();
|
||||||
model.setConfig(ldapTestConfiguration.getLDAPConfig());
|
model.setConfig(ldapTestConfiguration.getLDAPConfig());
|
||||||
spnegoSchemeFactory = new KeycloakSPNegoSchemeFactory(getKerberosConfig(model));
|
spnegoSchemeFactory = new KeycloakSPNegoSchemeFactory(getKerberosConfig(model));
|
||||||
|
|
@ -136,8 +137,8 @@ public abstract class AbstractKerberosAdapterTest extends AbstractServletsAdapte
|
||||||
if (ldapEmbeddedServer != null) {
|
if (ldapEmbeddedServer != null) {
|
||||||
ldapEmbeddedServer.stop();
|
ldapEmbeddedServer.stop();
|
||||||
ldapEmbeddedServer = null;
|
ldapEmbeddedServer = null;
|
||||||
ldapTestConfiguration = null;
|
|
||||||
}
|
}
|
||||||
|
ldapTestConfiguration = null;
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new RuntimeException("Error tearDown Embedded LDAP server.", e);
|
throw new RuntimeException("Error tearDown Embedded LDAP server.", e);
|
||||||
}
|
}
|
||||||
|
|
@ -185,7 +186,7 @@ public abstract class AbstractKerberosAdapterTest extends AbstractServletsAdapte
|
||||||
// KEYCLOAK-2102
|
// KEYCLOAK-2102
|
||||||
@Test
|
@Test
|
||||||
public void spnegoCaseInsensitiveTest() throws Exception {
|
public void spnegoCaseInsensitiveTest() throws Exception {
|
||||||
Response spnegoResponse = spnegoLogin("MyDuke", "theduke");
|
Response spnegoResponse = spnegoLogin(ldapTestConfiguration.isCaseSensitiveLogin() ? "MyDuke" : "myduke", "theduke");
|
||||||
Assert.assertEquals(302, spnegoResponse.getStatus());
|
Assert.assertEquals(302, spnegoResponse.getStatus());
|
||||||
List<UserRepresentation> users = testRealmResource().users().search("myduke", 0, 1);
|
List<UserRepresentation> users = testRealmResource().users().search("myduke", 0, 1);
|
||||||
String userId = users.get(0).getId();
|
String userId = users.get(0).getId();
|
||||||
|
|
@ -364,4 +365,10 @@ public abstract class AbstractKerberosAdapterTest extends AbstractServletsAdapte
|
||||||
defaultProperties.setProperty(LDAPEmbeddedServer.PROPERTY_LDIF_FILE, "classpath:kerberos/users-kerberos.ldif");
|
defaultProperties.setProperty(LDAPEmbeddedServer.PROPERTY_LDIF_FILE, "classpath:kerberos/users-kerberos.ldif");
|
||||||
return new KerberosEmbeddedServer(defaultProperties);
|
return new KerberosEmbeddedServer(defaultProperties);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void setDefaultPageUriParameters() {
|
||||||
|
super.setDefaultPageUriParameters();
|
||||||
|
testRealmPage.setAuthRealm(AuthRealm.TEST);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -76,7 +76,7 @@ public abstract class AbstractKerberosStandaloneAdapterTest extends AbstractKerb
|
||||||
public void spnegoLoginTest() throws Exception {
|
public void spnegoLoginTest() throws Exception {
|
||||||
spnegoLoginTestImpl();
|
spnegoLoginTestImpl();
|
||||||
// Assert user was imported and hasn't any required action on him
|
// Assert user was imported and hasn't any required action on him
|
||||||
assertUser("hnelson", "hnelson@keycloak.org", null, null, false);
|
assertUser("hnelson", "hnelson@" + getConfig().get(KerberosConstants.KERBEROS_REALM).toLowerCase(), null, null, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
@ -98,11 +98,11 @@ public abstract class AbstractKerberosStandaloneAdapterTest extends AbstractKerb
|
||||||
Assert.assertEquals(200, spnegoResponse.getStatus());
|
Assert.assertEquals(200, spnegoResponse.getStatus());
|
||||||
String responseText = spnegoResponse.readEntity(String.class);
|
String responseText = spnegoResponse.readEntity(String.class);
|
||||||
Assert.assertTrue(responseText.contains("You need to update your user profile to activate your account."));
|
Assert.assertTrue(responseText.contains("You need to update your user profile to activate your account."));
|
||||||
Assert.assertTrue(responseText.contains("hnelson@keycloak.org"));
|
Assert.assertTrue(responseText.contains("hnelson@" + getConfig().get(KerberosConstants.KERBEROS_REALM).toLowerCase()));
|
||||||
spnegoResponse.close();
|
spnegoResponse.close();
|
||||||
|
|
||||||
// Assert user was imported and has required action on him
|
// Assert user was imported and has required action on him
|
||||||
assertUser("hnelson", "hnelson@keycloak.org", null, null, true);
|
assertUser("hnelson", "hnelson@" + getConfig().get(KerberosConstants.KERBEROS_REALM).toLowerCase(), null, null, true);
|
||||||
|
|
||||||
// Switch updateProfileOnFirstLogin to off
|
// Switch updateProfileOnFirstLogin to off
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -59,6 +59,7 @@
|
||||||
-Dapp.server.ssl.base.url=https://localhost:${app.server.https.port}
|
-Dapp.server.ssl.base.url=https://localhost:${app.server.https.port}
|
||||||
-Dapp.server.ssl.required=${app.server.ssl.required}
|
-Dapp.server.ssl.required=${app.server.ssl.required}
|
||||||
-Dmy.host.name=localhost
|
-Dmy.host.name=localhost
|
||||||
|
-Djava.security.krb5.conf=${project.build.directory}/dependency/kerberos/test-krb5.conf
|
||||||
</adapter.test.props>
|
</adapter.test.props>
|
||||||
|
|
||||||
<app.server.home>${containers.home}/app-server-${app.server}</app.server.home>
|
<app.server.home>${containers.home}/app-server-${app.server}</app.server.home>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue