在我的应用程序中,我使用Java UnboundID LDAP SDK库(https://ldap.com/unboundid-ldap-sdk-for-java/)。
我正在尝试编写一个测试,该测试将准确检查已经正确配置的证书的LDAPS / StartTLS连接的行为,但是当完成对LDAP服务器的查询时,它们不再有效(例如,密钥已被泄露)我们已将其替换为另一个)。
我想使用UnboundID LDAP SDK-InMemoryDirectoryServer(https://docs.ldap.com/ldap-sdk/docs/javadoc/com/unboundid/ldap/listener/InMemoryDirectoryServer.html)中的内存服务器使用集成测试来测试此行为
我将尝试分步描述产品的外观:
$ cf create-route team-1 cfapps.io --hostname my-super-cool-app --path foo
Creating route my-super-cool-app.cfapps.io/foo for org dmikusa / space team-1 as dmikusa@pivotal.io...
Route my-super-cool-app.cfapps.io/foo has been created.
OK
$ cf create-route team-2 cfapps.io --hostname my-super-cool-app --path foo
Creating route my-super-cool-app.cfapps.io/foo for org dmikusa / space team-2 as dmikusa@pivotal.io...
The path is taken: /foo
FAILED
对象(https://docs.ldap.com/ldap-sdk/docs/javadoc/com/unboundid/ldap/sdk/LDAPConnectionPool.html)。
使用LDAPS协议在端口636上进行连接,或者使用StartTLS协议在端口389上进行连接。LDAPConnectionPool
中进行简单搜索时,我们应该收到ldapConnectionPool.search(someSearchRequest());
,通知我们连接无效。假设不考虑LDAPConnectionPool模拟选项。
我的内存服务器的配置如下:
LDAPSearchException
我的想法是使用class InMemoryLDAPServer {
private final static String LDAPS_LISTENER_NAME = "LDAPS";
private final static String TLS_LISTENER_NAME = "TLS";
private final static String BASE_DN = "dc=example,dc=com";
private final static String LDIF_FILENAME = "ldap.ldif";
private final InMemoryDirectoryServer directoryServer;
private InMemoryLDAPServer(InMemoryDirectoryServer directoryServer) {
this.directoryServer = directoryServer;
}
static InMemoryLDAPServer newSecureServer(final InMemoryOperationInterceptor interceptor) throws Exception {
InMemoryDirectoryServerConfig config = createServerConfig(interceptor);
return getEmbeddedLdapServer(config);
}
private static InMemoryLDAPServer getEmbeddedLdapServer(final InMemoryDirectoryServerConfig config) throws LDAPException {
InMemoryDirectoryServer directoryServer = new InMemoryDirectoryServer(config);
directoryServer.importFromLDIF(true, ldifFilename());
directoryServer.startListening();
return new InMemoryLDAPServer(directoryServer);
}
private static InMemoryDirectoryServerConfig createServerConfig(final InMemoryOperationInterceptor interceptor) throws LDAPException, GeneralSecurityException {
final SSLUtil serverSSLUtil = new SSLUtil(KeyStoreStub.keyStores(), KeyStoreStub.trustStores());
final SSLUtil clientSSLUtil = new SSLUtil(KeyStoreStub.trustStores());
InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig(BASE_DN);
config.setSchema(null);
config.setListenerConfigs(InMemoryListenerConfig.createLDAPSConfig(LDAPS_LISTENER_NAME,
InetAddress.getLoopbackAddress(), 0, serverSSLUtil.createSSLServerSocketFactory(),
clientSSLUtil.createSSLSocketFactory()), InMemoryListenerConfig.createLDAPConfig(TLS_LISTENER_NAME, InetAddress.getLoopbackAddress(), 0, serverSSLUtil.createSSLSocketFactory()));
config.addInMemoryOperationInterceptor(interceptor);
return config;
}
private static String ldifFilename() {
return getPath(LDIF_FILENAME);
}
private static String getPath(final String relativePath) {
File resourcesDirectory = new File(PATH_NAME + relativePath);
return resourcesDirectory.getAbsolutePath();
}
}
(https://docs.ldap.com/ldap-sdk/docs/javadoc/com/unboundid/ldap/listener/interceptor/InMemoryOperationInterceptor.html)更改返回的结果。不幸的是,这不太有效。
样本测试:
InMemoryOperationInterceptor
样本拦截器:
@Test
void shouldReturnEmptyResultWhenConfigurationIsBroken() throws Exception {
//given
TestOperationInterceptor testOperationInterceptor = new TestOperationInterceptor();
InMemoryLDAPServer.newSecureServer(testOperationInterceptor);
final LdapTestConfiguration testConfiguration = createTestLDAPConfiguration();
//when
final List<UserResult> results = ldapSearchService.searchByUsername(testConfiguration.getUsername());
//then
assertTrue(results.isEmpty());
}
您还有其他解决方法吗?