protocols/ldap/TestLDAPConnectionHandler.java

	TestLDAPConnectionHandler.java revision 306
306N/A/*
306N/A * CDDL HEADER START
306N/A *
306N/A * The contents of this file are subject to the terms of the
306N/A * Common Development and Distribution License, Version 1.0 only
306N/A * (the "License").  You may not use this file except in compliance
306N/A * with the License.
306N/A *
306N/A * You can obtain a copy of the license at
306N/A * trunk/opends/resource/legal-notices/OpenDS.LICENSE
306N/A * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
306N/A * See the License for the specific language governing permissions
306N/A * and limitations under the License.
306N/A *
306N/A * When distributing Covered Code, include this CDDL HEADER in each
306N/A * file and include the License file at
306N/A * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
306N/A * add the following below this CDDL HEADER, with the fields enclosed
306N/A * by brackets "[]" replaced with your own identifying * information:
306N/A *      Portions Copyright [yyyy] [name of copyright owner]
306N/A *
306N/A * CDDL HEADER END
306N/A *
306N/A *
306N/A *      Portions Copyright 2006 Sun Microsystems, Inc.
306N/A */
306N/A
306N/Apackage org.opends.server.protocols.ldap;
306N/A
306N/Aimport java.util.LinkedHashMap;
306N/Aimport java.util.LinkedList;
306N/Aimport java.util.List;
306N/Aimport java.util.Collection;
306N/A
306N/Aimport static org.opends.server.config.ConfigConstants.*;
306N/A
306N/Aimport org.opends.server.api.ClientConnection;
306N/Aimport org.opends.server.TestCaseUtils;
306N/Aimport org.opends.server.types.*;
306N/Aimport org.opends.server.config.ConfigAttribute;
306N/Aimport org.opends.server.config.ConfigEntry;
306N/Aimport org.opends.server.core.DirectoryServer;
306N/Aimport org.opends.server.types.Attribute;
306N/Aimport org.opends.server.types.Entry;
306N/Aimport static org.testng.Assert.*;
306N/A
306N/Aimport org.testng.annotations.BeforeClass;
306N/Aimport org.testng.annotations.Test;
306N/A
306N/A/**
306N/A * @author Administrator
306N/A *
306N/A */
306N/Apublic class TestLDAPConnectionHandler extends LdapTestCase {
306N/A
306N/A    private static String reasonMsg="Don't need a reason.";
306N/A
306N/A    /**
306N/A     * Once-only initialization.
306N/A     *
306N/A     * @throws Exception
306N/A     *           If an unexpected error occurred.
306N/A     */
306N/A    @BeforeClass
306N/A    public void setUp() throws Exception {
306N/A        // This test suite depends on having the schema available, so we'll
306N/A        // start the server.
306N/A        TestCaseUtils.startServer();
306N/A    }
306N/A
306N/A    @Test()
306N/A    /**
306N/A     *  Creates two handlers, one which is SSL type. Then change some values via the setter
306N/A     *  methods.
306N/A     *
306N/A     * @throws Exception if the handler cannot be instantiated.
306N/A     */
306N/A    public void testLDAPConnectionHandler() throws Exception {
306N/A        Entry LDAPHandlerEntry=null;
306N/A
306N/A        LDAPHandlerEntry=TestCaseUtils.makeEntry(
306N/A                "dn: cn=LDAP Connection Handler,cn=Connection Handlers,cn=config",
306N/A                "objectClass: top",
306N/A                "objectClass: ds-cfg-connection-handler",
306N/A                "objectClass: ds-cfg-ldap-connection-handler",
306N/A                "cn: LDAP Connection Handler",
306N/A                "ds-cfg-connection-handler-class: org.opends.server.protocols.ldap.LDAPConnectionHandler",
306N/A                "ds-cfg-connection-handler-enabled: true",
306N/A                "ds-cfg-listen-address: 0.0.0.0",
306N/A                "ds-cfg-accept-backlog: 128",
306N/A                "ds-cfg-allow-ldapv2: false",
306N/A                "ds-cfg-keep-stats: false",
306N/A                "ds-cfg-use-tcp-keepalive: true",
306N/A                "ds-cfg-use-tcp-nodelay: true",
306N/A                "ds-cfg-allow-tcp-reuse-address: true",
306N/A                "ds-cfg-send-rejection-notice: true",
306N/A                "ds-cfg-max-request-size: 5 megabytes",
306N/A                "ds-cfg-num-request-handlers: 2",
306N/A                "ds-cfg-allow-start-tls: false",
306N/A                "ds-cfg-use-ssl: false",
306N/A                "ds-cfg-ssl-client-auth-policy: optional",
306N/A        "ds-cfg-ssl-cert-nickname: server-cert");
306N/A        LDAPConnectionHandler LDAPConnHandler=getLDAPHandlerInstance(LDAPHandlerEntry);
306N/A        LDAPConnHandler.allowLDAPv2();
306N/A        LDAPConnHandler.allowStartTLS();
306N/A        LDAPConnHandler.setKeepStats(false);
306N/A        LDAPConnHandler.keepStats();
306N/A        LDAPConnHandler.toString(new StringBuilder());
306N/A        LDAPConnHandler.toString();
306N/A        LDAPStatistics tracker=LDAPConnHandler.getStatTracker();
306N/A        LinkedHashMap<String,String> alerts = LDAPConnHandler.getAlerts();
306N/A        String c=LDAPConnHandler.getClassName();
306N/A        DN dn = LDAPConnHandler.getComponentEntryDN();
306N/A        DN dn1 = LDAPConnHandler.getConfigurableComponentEntryDN();
306N/A        List<ConfigAttribute> atts = LDAPConnHandler.getConfigurationAttributes();
306N/A        String[] cips = LDAPConnHandler.getEnabledSSLCipherSuites();
306N/A        String[] protos = LDAPConnHandler.getEnabledSSLProtocols();
306N/A        int maxReqSize = LDAPConnHandler.getMaxRequestSize();
306N/A        String shutListName=LDAPConnHandler.getShutdownListenerName();
306N/A        SSLClientAuthPolicy policy = LDAPConnHandler.getSSLClientAuthPolicy();
306N/A        Collection<ClientConnection> cons=LDAPConnHandler.getClientConnections();
306N/A        LDAPConnHandler.processServerShutdown(reasonMsg);
306N/A        //Reset some things for the SSL handler
306N/A        Attribute useSSL=new Attribute(ATTR_USE_SSL, String.valueOf(false));
306N/A        //MPD fix this in ConfigConstants
306N/A        Attribute startTls=new Attribute(ATTR_ALLOW_STARTTLS, String.valueOf(false));
306N/A        AttributeType attrType=DirectoryServer.getAttributeType(ATTR_LISTEN_PORT, true);
306N/A        Attribute a=new Attribute(attrType);
306N/A        LDAPHandlerEntry.removeAttribute(a, null);
306N/A        LDAPHandlerEntry.removeAttribute(useSSL, null);
306N/A        LDAPHandlerEntry.removeAttribute(startTls, null);
306N/A        Attribute useSSL1=new Attribute(ATTR_USE_SSL, String.valueOf(true));
306N/A        Attribute startTls1=new Attribute(ATTR_ALLOW_STARTTLS, String.valueOf(true));
306N/A        LDAPHandlerEntry.addAttribute(useSSL1,null);
306N/A        LDAPHandlerEntry.addAttribute(startTls1,null);
306N/A        LDAPConnectionHandler LDAPSConnHandler = getLDAPHandlerInstance(LDAPHandlerEntry);
306N/A        LDAPSConnHandler.finalizeConnectionHandler(reasonMsg, true);
306N/A        LDAPConnHandler.processServerShutdown(reasonMsg);
306N/A    }
306N/A
306N/A    @Test()
306N/A    /**
306N/A     *  Start a handler an then give its hasAcceptableConfiguration a ConfigEntry with
306N/A     *  numerous invalid cases.
306N/A     *
306N/A     * @throws Exception if handler cannot be instantiated or the configuration is
306N/A     *                   accepted.
306N/A     */
306N/A    public void testBadLDAPConnectionHandlerConfiguration() throws Exception
306N/A    {
306N/A        Entry BadHandlerEntry=TestCaseUtils.makeEntry(
306N/A                "dn: cn=LDAP Connection Handler,cn=Connection Handlers,cn=config",
306N/A                "objectClass: top",
306N/A                "objectClass: ds-cfg-connection-handler",
306N/A                "objectClass: ds-cfg-ldap-connection-handler",
306N/A                "cn: LDAP Connection Handler",
306N/A                "ds-cfg-connection-handler-class: org.opends.server.protocols.ldap.LDAPConnectionHandler",
306N/A                "ds-cfg-connection-handler-enabled: true",
306N/A                "ds-cfg-listen-address: 0.0.0.0",
306N/A                "ds-cfg-accept-backlog: 128",
306N/A                "ds-cfg-allow-ldapv2: false",
306N/A                "ds-cfg-keep-stats: false",
306N/A                "ds-cfg-use-tcp-keepalive: true",
306N/A                "ds-cfg-use-tcp-nodelay: true",
306N/A                "ds-cfg-allow-tcp-reuse-address: true",
306N/A                "ds-cfg-send-rejection-notice: true",
306N/A                "ds-cfg-max-request-size: 5 megabytes",
306N/A                "ds-cfg-num-request-handlers: 2",
306N/A                "ds-cfg-allow-start-tls: false",
306N/A                "ds-cfg-use-ssl: false",
306N/A                "ds-cfg-ssl-client-auth-policy: optional",
306N/A        "ds-cfg-ssl-cert-nickname: server-cert");
306N/A        LDAPConnectionHandler LDAPConnHandler=getLDAPHandlerInstance(BadHandlerEntry);
306N/A        //Add some invalid attrs and some duplicate attrs probably a better way but I feel
306N/A        //like typing
306N/A        Attribute a2=new Attribute(ATTR_LISTEN_PORT, String.valueOf(389));
306N/A        Attribute a2a=new Attribute(ATTR_LISTEN_PORT, String.valueOf(70000));
306N/A        Attribute a3=new Attribute(ATTR_LISTEN_ADDRESS, "localhost");
306N/A        Attribute a3a=new Attribute(ATTR_LISTEN_ADDRESS, "FAFASFSDFSADFASDFSDFSDAFAS");
306N/A        Attribute a4=new Attribute(ATTR_ACCEPT_BACKLOG, String.valueOf(Long.MAX_VALUE));
306N/A        Attribute a5=new Attribute(ATTR_ALLOWED_CLIENT, "129.800.990.45");
306N/A        Attribute a6=new Attribute(ATTR_DENIED_CLIENT, "129.");
306N/A        Attribute a7=new Attribute(ATTR_ALLOW_LDAPV2, "45");
306N/A        Attribute a8=new Attribute(ATTR_KEEP_LDAP_STATS, "45");
306N/A        Attribute a9=new Attribute(ATTR_SEND_REJECTION_NOTICE, "45");
306N/A        Attribute a10=new Attribute(ATTR_USE_TCP_KEEPALIVE, "45");
306N/A        Attribute a11=new Attribute(ATTR_USE_TCP_NODELAY, "45");
306N/A        Attribute a12=new Attribute(ATTR_ALLOW_REUSE_ADDRESS, "45");
306N/A        Attribute a13=new Attribute(ATTR_MAX_REQUEST_SIZE, "45 FLUBBERBYTES");
306N/A        Attribute a14=new Attribute(ATTR_USE_SSL, "45");
306N/A        Attribute a15=new Attribute(ATTR_ALLOW_STARTTLS, "45");
306N/A        BadHandlerEntry.addAttribute(a2, null);
306N/A        BadHandlerEntry.addAttribute(a3, null);
306N/A        BadHandlerEntry.addAttribute(a2a, null);
306N/A        BadHandlerEntry.addAttribute(a3a, null);
306N/A        BadHandlerEntry.addAttribute(a4, null);
306N/A        BadHandlerEntry.addAttribute(a5, null);
306N/A        BadHandlerEntry.addAttribute(a6, null);
306N/A        BadHandlerEntry.addAttribute(a7, null);
306N/A        BadHandlerEntry.addAttribute(a8, null);
306N/A        BadHandlerEntry.addAttribute(a9, null);
306N/A        BadHandlerEntry.addAttribute(a10, null);
306N/A        BadHandlerEntry.addAttribute(a11, null);
306N/A        BadHandlerEntry.addAttribute(a12, null);
306N/A        BadHandlerEntry.addAttribute(a13, null);
306N/A        BadHandlerEntry.addAttribute(a14, null);
306N/A        BadHandlerEntry.addAttribute(a15, null);
306N/A        LinkedList<String> reasons = new LinkedList<String>();
306N/A        ConfigEntry BadConfigEntry=new ConfigEntry(BadHandlerEntry, null );
306N/A        boolean ret=LDAPConnHandler.hasAcceptableConfiguration(BadConfigEntry, reasons);
306N/A        LDAPConnHandler.finalizeConnectionHandler(reasonMsg, true);
306N/A        LDAPConnHandler.processServerShutdown(reasonMsg);
306N/A        assertFalse(ret);
306N/A    }
306N/A
306N/A    /**
306N/A     * Create handler and then change most of its values and see if
306N/A     * it is acceptable and applied.
306N/A     * @throws Exception if handler cannot be instantiated.
306N/A     */
306N/A    @Test()
306N/A    public void testGoodLDAPConnectionHandlerConfiguration() throws Exception
306N/A    {
306N/A        Entry GoodHandlerEntry=TestCaseUtils.makeEntry(
306N/A                "dn: cn=LDAP Connection Handler,cn=Connection Handlers,cn=config",
306N/A                "objectClass: top",
306N/A                "objectClass: ds-cfg-connection-handler",
306N/A                "objectClass: ds-cfg-ldap-connection-handler",
306N/A                "cn: LDAP Connection Handler",
306N/A                "ds-cfg-connection-handler-class: org.opends.server.protocols.ldap.LDAPConnectionHandler",
306N/A                "ds-cfg-connection-handler-enabled: true",
306N/A                "ds-cfg-listen-address: 0.0.0.0",
306N/A                "ds-cfg-accept-backlog: 128",
306N/A                "ds-cfg-allow-ldapv2: false",
306N/A                "ds-cfg-keep-stats: false",
306N/A                "ds-cfg-use-tcp-keepalive: true",
306N/A                "ds-cfg-use-tcp-nodelay: true",
306N/A                "ds-cfg-allow-tcp-reuse-address: true",
306N/A                "ds-cfg-send-rejection-notice: true",
306N/A                "ds-cfg-max-request-size: 5 megabytes",
306N/A                "ds-cfg-num-request-handlers: 2",
306N/A                "ds-cfg-allow-start-tls: false",
306N/A                "ds-cfg-use-ssl: true",
306N/A                "ds-cfg-ssl-client-auth-policy: optional",
306N/A        "ds-cfg-ssl-cert-nickname: server-cert");
306N/A        LDAPConnectionHandler LDAPConnHandler=getLDAPHandlerInstance(GoodHandlerEntry);
306N/A        //Make attrTypes to remove
306N/A        AttributeType at0=DirectoryServer.getAttributeType(ATTR_LISTEN_PORT, true);
306N/A        AttributeType at1=DirectoryServer.getAttributeType(ATTR_LISTEN_ADDRESS, true);
306N/A        AttributeType at2=DirectoryServer.getAttributeType(ATTR_ALLOW_LDAPV2, true);
306N/A        AttributeType at3=DirectoryServer.getAttributeType(ATTR_ALLOW_LDAPV2, true);
306N/A        AttributeType at4=DirectoryServer.getAttributeType(ATTR_KEEP_LDAP_STATS, true);
306N/A        AttributeType at5=DirectoryServer.getAttributeType(ATTR_SEND_REJECTION_NOTICE,true);
306N/A        AttributeType at6=DirectoryServer.getAttributeType(ATTR_USE_TCP_KEEPALIVE,true);
306N/A        AttributeType at7=DirectoryServer.getAttributeType(ATTR_USE_TCP_NODELAY,true);
306N/A        AttributeType at8=DirectoryServer.getAttributeType(ATTR_ALLOW_REUSE_ADDRESS,true);
306N/A        AttributeType at9=DirectoryServer.getAttributeType(ATTR_USE_SSL,true);
306N/A        AttributeType at10=DirectoryServer.getAttributeType(ATTR_ALLOW_STARTTLS,true);
306N/A        AttributeType at11=DirectoryServer.getAttributeType(ATTR_MAX_REQUEST_SIZE,true);
306N/A        AttributeType at12=DirectoryServer.getAttributeType(ATTR_ACCEPT_BACKLOG,true);
306N/A        //Remove them
306N/A        Attribute rAttr0=new Attribute(at0);
306N/A        GoodHandlerEntry.removeAttribute(rAttr0, null);
306N/A        Attribute rAttr1=new Attribute(at1);
306N/A        GoodHandlerEntry.removeAttribute(rAttr1, null);
306N/A        Attribute rAttr2=new Attribute(at2);
306N/A        GoodHandlerEntry.removeAttribute(rAttr2, null);
306N/A        Attribute rAttr3=new Attribute(at3);
306N/A        GoodHandlerEntry.removeAttribute(rAttr3, null);
306N/A        Attribute rAttr4=new Attribute(at4);
306N/A        GoodHandlerEntry.removeAttribute(rAttr4, null);
306N/A        Attribute rAttr5=new Attribute(at5);
306N/A        GoodHandlerEntry.removeAttribute(rAttr5, null);
306N/A        Attribute rAttr6=new Attribute(at6);
306N/A        GoodHandlerEntry.removeAttribute(rAttr6, null);
306N/A        Attribute rAttr7=new Attribute(at7);
306N/A        GoodHandlerEntry.removeAttribute(rAttr7, null);
306N/A        Attribute rAttr8=new Attribute(at8);
306N/A        Attribute rAttr9=new Attribute(at9);
306N/A        Attribute rAttr10=new Attribute(at10);
306N/A        Attribute rAttr11=new Attribute(at11);
306N/A        Attribute rAttr12=new Attribute(at12);
306N/A        GoodHandlerEntry.removeAttribute(rAttr8, null);
306N/A        GoodHandlerEntry.removeAttribute(rAttr9, null);
306N/A        GoodHandlerEntry.removeAttribute(rAttr10, null);
306N/A        GoodHandlerEntry.removeAttribute(rAttr11, null);
306N/A        GoodHandlerEntry.removeAttribute(rAttr12, null);
306N/A        //Make new AttrTypes with different values
306N/A        long newPort=getFreePort();
306N/A        Attribute a2=new Attribute(ATTR_LISTEN_PORT, String.valueOf(newPort));
306N/A        Attribute a3=new Attribute(ATTR_LISTEN_ADDRESS, "localhost");
306N/A        Attribute a4=new Attribute(ATTR_ACCEPT_BACKLOG, String.valueOf(25));
306N/A        Attribute a5=new Attribute(ATTR_ALLOWED_CLIENT, "129.56.56.45");
306N/A        Attribute a6=new Attribute(ATTR_DENIED_CLIENT, "129.*.*.90");
306N/A        Attribute a7=new Attribute(ATTR_ALLOW_LDAPV2, "true");
306N/A        Attribute a8=new Attribute(ATTR_KEEP_LDAP_STATS, "true");
306N/A        Attribute a9=new Attribute(ATTR_SEND_REJECTION_NOTICE, "false");
306N/A        Attribute a10=new Attribute(ATTR_USE_TCP_KEEPALIVE, "false");
306N/A        Attribute a11=new Attribute(ATTR_USE_TCP_NODELAY, "false");
306N/A        Attribute a12=new Attribute(ATTR_ALLOW_REUSE_ADDRESS, "false");
306N/A        Attribute a13=new Attribute(ATTR_MAX_REQUEST_SIZE, "45 kb");
306N/A        Attribute a14=new Attribute(ATTR_USE_SSL, "false");
306N/A        Attribute a15=new Attribute(ATTR_ALLOW_STARTTLS, "true");
306N/A        //Add them
306N/A        GoodHandlerEntry.addAttribute(a2, null);
306N/A        GoodHandlerEntry.addAttribute(a3, null);
306N/A        GoodHandlerEntry.addAttribute(a4, null);
306N/A        GoodHandlerEntry.addAttribute(a5, null);
306N/A        GoodHandlerEntry.addAttribute(a6, null);
306N/A        GoodHandlerEntry.addAttribute(a7, null);
306N/A        GoodHandlerEntry.addAttribute(a8, null);
306N/A        GoodHandlerEntry.addAttribute(a9, null);
306N/A        GoodHandlerEntry.addAttribute(a10, null);
306N/A        GoodHandlerEntry.addAttribute(a11, null);
306N/A        GoodHandlerEntry.addAttribute(a12, null);
306N/A        GoodHandlerEntry.addAttribute(a13, null);
306N/A        GoodHandlerEntry.addAttribute(a14, null);
306N/A        GoodHandlerEntry.addAttribute(a15, null);
306N/A        LinkedList<String> reasons = new LinkedList<String>();
306N/A        ConfigEntry newConfigEntry=new ConfigEntry(GoodHandlerEntry, null );
306N/A        //see if we're ok
306N/A        boolean ret=LDAPConnHandler.hasAcceptableConfiguration(newConfigEntry, reasons);
306N/A        assertTrue(ret);
306N/A        LDAPConnHandler.applyNewConfiguration(newConfigEntry, true);
306N/A        LDAPConnHandler.finalizeConnectionHandler(reasonMsg, true);
306N/A
306N/A    }
306N/A}