Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using spring embedded ldap to simulate active directory for integration tests

Tags:

spring-boot

active-directory

spring-security

spring-security-ldap

ldif

I am using the Spring Security ActiveDirectoryLdapAuthenticationProvider with Spring Boot (annotation based config) to authenticate with Active Directory and generate tokens. All works fine.

I wish to add some integration tests that simulate the whole process, and I was thinking of maybe using the Spring embedded LDAP server for that.

I added this ldif file that I got from another example I found online. 

#Actual test data

dn: dc=test,dc=com
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: local

# Organizational Units
dn: ou=groups,dc=test,dc=com
objectclass: top
objectclass: organizationalUnit
ou: groups

dn: ou=people,dc=test,dc=com
objectclass: top
objectclass: organizationalUnit
ou: people

# Create People
dn: uid=testuser,ou=people,dc=test,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Test
sn: User
uid: testuser
password: secret

# Create Groups
dn: cn=developers,ou=groups,dc=test,dc=com
objectclass: top
objectclass: groupOfUniqueNames
cn: developers
ou: developer
uniqueMember: uid=testuser,ou=people,dc=test,dc=com

dn: cn=managers,ou=groups,dc=test,dc=com
objectclass: top
objectclass: groupOfUniqueNames
cn: managers
ou: manager
uniqueMember: uid=testuser,ou=people,dc=test,dc=com

But this of course does not include any of the Active Directory schema stuff. Each user needs to have a sAMAccountName and needs to have the memberOf attribute to determine which groups it is in.

Is there any way to make this behave similar to active directory so that the Spring ActiveDirectoryLdapAuthenticationProvider binds to it with the user's username and password and gets its group membership to populate its authorities?

Otherwise if this is not viable, is there any other way to mock this and have a proper test?

like image 244
jbx Avatar asked Oct 09 '17 08:10

jbx

People also ask

How do I populate the embedded LDAP server using Spring Boot?

We can populate the embedded LDAP server using a .ldif file. The following file populates the embedded LDAP server with organizational units, persons and groups. We use spring boot to bootstrap our application. Spring boot configures the embedded ldap server and populates it with corresponding entries found in the .ldif file.

What is ldapcontextsource and ldaptemplate in Spring Boot?

LdapTemplate is used for creation and modification of LDAP entries: When we are working on a Spring Boot project, we can use Spring Boot Starter Data Ldap dependency that will automatically instrument LdapContextSource and LdapTemplate for us.

How to implement LDAP authentication in Active Directory Spring Security?

LDAP Authentication in Active Directory Spring Security There are two ways to implement active directory authentication using LDAP protocol in spring security, the first way is a programmatic and declarative way which requires some coding and some configuration.

How to populate LDAP test data for testing purposes?

For testing purposes, we create an embedded LDAP server and populate it test data, located in the test-schema.ldif file. The embedded LDAP server is created on startup, before our integration tests are executed. The LDAP servers gets populated using the following test-schema.ldif file. We are using this Person object to map our LDAP entries to.

1 Answers

You could use spring ldap-testing dependency which provides an Apache DS to setup an embedded ldap server. See

article: https://www.baeldung.com/spring-ldap#testing

sources: https://github.com/eugenp/tutorials/blob/master/spring-ldap/src/test/java/com/baeldung/ldap/javaconfig/TestConfig.java

Other in Memory LDAP Java implementation that you can use are: https://docs.ldap.com/ldap-sdk/docs/in-memory-directory-server.html

// Create the configuration to use for the server.
InMemoryDirectoryServerConfig config =
     new InMemoryDirectoryServerConfig("dc=example,dc=com");
config.addAdditionalBindCredentials("cn=Directory Manager", "password");

// Create the directory server instance, populate it with data from the
// "test-data.ldif" file, and start listening for client connections.
InMemoryDirectoryServer ds = new InMemoryDirectoryServer(config);
ds.importFromLDIF(true, "test-data.ldif");
ds.startListening();

Or: https://github.com/inbloom/ldap-in-memory

You could also use a full blown ldap server inside a testcontainer if you prefer a more production like scenario.

like image 121
Andi Avatar answered Oct 02 '22 12:10

Andi
Sign in to Comment

Related questions

java.lang.ClassCastException: javax.xml.bind.JAXBElement cannot be cast to
Spring Boot - Test for controller fails with 404 code
nested exception is java.lang.IllegalArgumentException: Not a managed type: class
actuator /refresh is not being provided in SpringBoot 2.0.1
Creating Pagination in Spring Data JPA
Spring Boot: ClassNotFoundException when configuring maxUploadSize of CommonMultipartResolver
Gradle 5 JUnit BOM and Spring Boot Incorrect Versions
How to pass JVM arguments in SpringBOOT
Spring Boot: use of Maven properties configured in yaml
Mutation not killed when it should be with a method with an auto-injected field
Enable hibernate filter globally with spring-boot & spring-data
How do I configure the IntelliJ HQL Console to work with Spring Boot
Activiti + Spring Boot + Gradle build hangs while gradle clean test
Spring Boot Configuration Processor, Duplicate @ConfigurationProperties definition for prefix

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!