Added some tests for the LDAP authentication.
Includes an export of an LDAP database to use in testing. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3438 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
49bfee0535
commit
7b6b147761
|
@ -22,3 +22,14 @@ To test the support, a test repository needs to be created for each of those.
|
||||||
Run `rake --tasks test:scm:setup` for a list of available test-repositories or
|
Run `rake --tasks test:scm:setup` for a list of available test-repositories or
|
||||||
run `rake test:scm:setup:all` to set up all of them
|
run `rake test:scm:setup:all` to set up all of them
|
||||||
|
|
||||||
|
Creating a test ldap database
|
||||||
|
=============================
|
||||||
|
|
||||||
|
Redmine supports using LDAP for user authentications. To test LDAP
|
||||||
|
with Redmine, load the LDAP export from test/fixtures/ldap/test-ldap.ldif
|
||||||
|
into a testing LDAP server. Test that the ldap server can be accessed
|
||||||
|
at 127.0.0.1 on port 389.
|
||||||
|
|
||||||
|
Setting up the test ldap server is beyond the scope of this documentation.
|
||||||
|
The OpenLDAP project provides a simple LDAP implementation that should work
|
||||||
|
good as a test server.
|
||||||
|
|
|
@ -0,0 +1,82 @@
|
||||||
|
dn: dc=redmine,dc=org
|
||||||
|
objectClass: top
|
||||||
|
objectClass: dcObject
|
||||||
|
objectClass: organization
|
||||||
|
o: redmine.org
|
||||||
|
dc: redmine
|
||||||
|
structuralObjectClass: organization
|
||||||
|
entryUUID: 886f5fca-0a87-102e-8d06-67c361d9bd2d
|
||||||
|
creatorsName:
|
||||||
|
createTimestamp: 20090721211642Z
|
||||||
|
entryCSN: 20090721211642.955188Z#000000#000#000000
|
||||||
|
modifiersName:
|
||||||
|
modifyTimestamp: 20090721211642Z
|
||||||
|
|
||||||
|
dn: cn=admin,dc=redmine,dc=org
|
||||||
|
objectClass: simpleSecurityObject
|
||||||
|
objectClass: organizationalRole
|
||||||
|
cn: admin
|
||||||
|
description: LDAP administrator
|
||||||
|
userPassword:: e2NyeXB0fWlWTU9DcUt6WWxXRDI=
|
||||||
|
structuralObjectClass: organizationalRole
|
||||||
|
entryUUID: 88704e44-0a87-102e-8d07-67c361d9bd2d
|
||||||
|
creatorsName:
|
||||||
|
createTimestamp: 20090721211642Z
|
||||||
|
entryCSN: 20090721211642.961418Z#000000#000#000000
|
||||||
|
modifiersName:
|
||||||
|
modifyTimestamp: 20090721211642Z
|
||||||
|
|
||||||
|
dn: ou=Person,dc=redmine,dc=org
|
||||||
|
ou: Person
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: d39dd388-0c84-102e-82fa-dff86c63a7d6
|
||||||
|
creatorsName: cn=admin,dc=redmine,dc=org
|
||||||
|
createTimestamp: 20090724100222Z
|
||||||
|
entryCSN: 20090724100222.924226Z#000000#000#000000
|
||||||
|
modifiersName: cn=admin,dc=redmine,dc=org
|
||||||
|
modifyTimestamp: 20090724100222Z
|
||||||
|
|
||||||
|
dn: uid=example1,ou=Person,dc=redmine,dc=org
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: top
|
||||||
|
objectClass: inetOrgPerson
|
||||||
|
gidNumber: 0
|
||||||
|
givenName: Example
|
||||||
|
sn: One
|
||||||
|
uid: example1
|
||||||
|
homeDirectory: /home/example1
|
||||||
|
cn: Example One
|
||||||
|
structuralObjectClass: inetOrgPerson
|
||||||
|
entryUUID: 285d304e-0c8a-102e-82fc-dff86c63a7d6
|
||||||
|
creatorsName: cn=admin,dc=redmine,dc=org
|
||||||
|
createTimestamp: 20090724104032Z
|
||||||
|
uidNumber: 0
|
||||||
|
mail: example1@redmine.org
|
||||||
|
userPassword:: e1NIQX1mRXFOQ2NvM1lxOWg1WlVnbEQzQ1pKVDRsQnM9
|
||||||
|
entryCSN: 20090724105945.375801Z#000000#000#000000
|
||||||
|
modifiersName: cn=admin,dc=redmine,dc=org
|
||||||
|
modifyTimestamp: 20090724105945Z
|
||||||
|
|
||||||
|
dn: uid=edavis,ou=Person,dc=redmine,dc=org
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: top
|
||||||
|
objectClass: inetOrgPerson
|
||||||
|
gidNumber: 0
|
||||||
|
givenName: Eric
|
||||||
|
sn: Davis
|
||||||
|
uid: edavis
|
||||||
|
mail: edavis@littlestreamsoftware.com
|
||||||
|
structuralObjectClass: inetOrgPerson
|
||||||
|
entryUUID: 9c5f0502-0c8b-102e-82fe-dff86c63a7d6
|
||||||
|
creatorsName: cn=admin,dc=redmine,dc=org
|
||||||
|
createTimestamp: 20090724105056Z
|
||||||
|
homeDirectory: /home/edavis
|
||||||
|
cn: Eric Davis
|
||||||
|
uidNumber: 0
|
||||||
|
userPassword:: e1NIQX1mRXFOQ2NvM1lxOWg1WlVnbEQzQ1pKVDRsQnM9
|
||||||
|
entryCSN: 20090724105937.734480Z#000000#000#000000
|
||||||
|
modifiersName: cn=admin,dc=redmine,dc=org
|
||||||
|
modifyTimestamp: 20090724105937Z
|
||||||
|
|
|
@ -76,6 +76,11 @@ class ActiveSupport::TestCase
|
||||||
saved_settings.each {|k, v| Setting[k] = v}
|
saved_settings.each {|k, v| Setting[k] = v}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def self.ldap_configured?
|
||||||
|
@test_ldap = Net::LDAP.new(:host => '127.0.0.1', :port => 389)
|
||||||
|
return @test_ldap.bind
|
||||||
|
end
|
||||||
|
|
||||||
# Shoulda macros
|
# Shoulda macros
|
||||||
def self.should_render_404
|
def self.should_render_404
|
||||||
should_respond_with :not_found
|
should_respond_with :not_found
|
||||||
|
|
|
@ -33,4 +33,62 @@ class AuthSourceLdapTest < ActiveSupport::TestCase
|
||||||
assert a.save
|
assert a.save
|
||||||
assert_equal 'givenName', a.reload.attr_firstname
|
assert_equal 'givenName', a.reload.attr_firstname
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if ldap_configured?
|
||||||
|
context '#authenticate' do
|
||||||
|
setup do
|
||||||
|
@auth = AuthSourceLdap.generate!(:name => 'on the fly',
|
||||||
|
:host => '127.0.0.1',
|
||||||
|
:port => 389,
|
||||||
|
:base_dn => 'OU=Person,DC=redmine,DC=org',
|
||||||
|
:attr_login => 'uid',
|
||||||
|
:attr_firstname => 'givenName',
|
||||||
|
:attr_lastname => 'sn',
|
||||||
|
:attr_mail => 'mail',
|
||||||
|
:onthefly_register => true)
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with a valid LDAP user' do
|
||||||
|
should 'return the firstname user attributes' do
|
||||||
|
response = @auth.authenticate('example1','123456')
|
||||||
|
assert response
|
||||||
|
assert_equal 'Example', response.first[:firstname]
|
||||||
|
end
|
||||||
|
|
||||||
|
should 'return the lastname user attributes' do
|
||||||
|
response = @auth.authenticate('example1','123456')
|
||||||
|
assert response
|
||||||
|
assert_equal 'One', response.first[:lastname]
|
||||||
|
end
|
||||||
|
|
||||||
|
should 'return mail user attributes' do
|
||||||
|
response = @auth.authenticate('example1','123456')
|
||||||
|
assert response
|
||||||
|
assert_equal 'example1@redmine.org', response.first[:mail]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with an invalid LDAP user' do
|
||||||
|
should 'return nil' do
|
||||||
|
assert_equal nil, @auth.authenticate('nouser','123456')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'without a login' do
|
||||||
|
should 'return nil' do
|
||||||
|
assert_equal nil, @auth.authenticate('','123456')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'without a password' do
|
||||||
|
should 'return nil' do
|
||||||
|
assert_equal nil, @auth.authenticate('edavis','')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
else
|
||||||
|
puts '(Test LDAP server not configured)'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue