From 883d58d8ec62af2c4436e4d894458acd3da709c4 Mon Sep 17 00:00:00 2001 From: Tim Vernum Date: Wed, 27 Oct 2021 19:26:05 +1100 Subject: [PATCH] Miscellaneous fixes for LDAP SDK v6 upgrade This commit makes a few changes to LDAP testing to improve the stability of tests on UnboudID LDAP SDK v6 --- .../xpack/security/authc/ldap/LdapRealmTests.java | 11 +++++++---- .../authc/ldap/SearchGroupsResolverInMemoryTests.java | 2 +- .../authc/ldap/support/LdapServerDebugLogging.java | 1 + .../security/authc/ldap/support/LdapTestCase.java | 2 +- 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java index ca403cb9892f2..a69e8717066aa 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java @@ -419,10 +419,11 @@ public void testLdapRealmMapsUserDNToRole() throws Exception { PlainActionFuture> future = new PlainActionFuture<>(); ldap.authenticate(new UsernamePasswordToken("Horatio Hornblower", new SecureString(PASSWORD)), future); final AuthenticationResult result = future.actionGet(); - assertThat(result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); + assertThat(result, notNullValue()); + assertThat(result.toString(), result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); User user = result.getValue(); assertThat(user, notNullValue()); - assertThat(user.roles(), arrayContaining("avenger")); + assertThat(user.toString(), user.roles(), arrayContaining("avenger")); } /** @@ -488,7 +489,8 @@ protected void loadMappings(ActionListener> listener PlainActionFuture> future = new PlainActionFuture<>(); ldap.authenticate(new UsernamePasswordToken("Horatio Hornblower", new SecureString(PASSWORD)), future); final AuthenticationResult result = future.actionGet(); - assertThat(result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); + assertThat(result, notNullValue()); + assertThat(result.toString(), result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); User user = result.getValue(); assertThat(user, notNullValue()); assertThat(user.roles(), arrayContainingInAnyOrder("_user_hhornblo", "sales_admin")); @@ -519,7 +521,8 @@ public void testLdapConnectionFailureIsTreatedAsAuthenticationFailure() throws E PlainActionFuture> future = new PlainActionFuture<>(); ldap.authenticate(new UsernamePasswordToken(VALID_USERNAME, new SecureString(PASSWORD)), future); final AuthenticationResult result = future.actionGet(); - assertThat(result.getStatus(), is(AuthenticationResult.Status.CONTINUE)); + assertThat(result, notNullValue()); + assertThat(result.toString(), result.getStatus(), is(AuthenticationResult.Status.CONTINUE)); assertThat(result.getValue(), nullValue()); assertThat(result.getMessage(), is("authenticate failed")); assertThat(result.getException(), notNullValue()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java index 9378a7f5a31b4..790cfb9a99747 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java @@ -46,7 +46,7 @@ public class SearchGroupsResolverInMemoryTests extends LdapTestCase { @After public void closeConnection() { if (connection != null) { - connection.close(); + connection.closeWithoutUnbind(); } } diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java index f76e47327a0cf..babf058d0207e 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java @@ -52,6 +52,7 @@ protected void failed(Throwable e, Description description) { } public void configure(InMemoryDirectoryServerConfig config) { + targetLogger.info("Configuring debug logging for LDAP server [{}]", config); config.setLDAPDebugLogHandler(logHandler); } diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java index e0f9ee73250dd..0c3f680097ead 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java @@ -147,7 +147,7 @@ void tryConnect(InMemoryDirectoryServer ds) { AccessController.doPrivileged((PrivilegedExceptionAction) () -> { try (var c = ds.getConnection()) { assertThat("Failed to connect to " + ds + " - ", c.isConnected(), is(true)); - logger.info("Test connection to [{}] was successful ({})", ds, c); + logger.info("Test connection to [{}](port {}) was successful ({})", ds, ds.getListenPort(), c); } catch (LDAPException e) { throw new AssertionError("Failed to connect to " + ds, e); }