//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void groupComparisonShouldBeCaseInsensitive()
public virtual void GroupComparisonShouldBeCaseInsensitive()
{
when(Config.get(SecuritySettings.ldap_authorization_group_to_role_mapping)).thenReturn("GrouP=role1,role2,role3");
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
assertThat(realm.GroupToRoleMapping["group"], equalTo(asList("role1", "role2", "role3")));
assertThat(realm.GroupToRoleMapping.Count, equalTo(1));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void groupToRoleMappingShouldBeAbleToHaveNoRoles()
public virtual void GroupToRoleMappingShouldBeAbleToHaveNoRoles()
{
when(Config.get(SecuritySettings.ldap_authorization_group_to_role_mapping)).thenReturn("group=,");
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
assertThat(realm.GroupToRoleMapping["group"].Count, equalTo(0));
assertThat(realm.GroupToRoleMapping.Count, equalTo(1));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void groupToRoleMappingShouldBeAbleToHaveTrailingSemicolons()
public virtual void GroupToRoleMappingShouldBeAbleToHaveTrailingSemicolons()
{
when(Config.get(SecuritySettings.ldap_authorization_group_to_role_mapping)).thenReturn("group=role;;");
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
assertThat(realm.GroupToRoleMapping["group"], equalTo(singletonList("role")));
assertThat(realm.GroupToRoleMapping.Count, equalTo(1));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void groupToRoleMappingShouldBeAbleToHaveTrailingCommas()
public virtual void GroupToRoleMappingShouldBeAbleToHaveTrailingCommas()
{
when(Config.get(SecuritySettings.ldap_authorization_group_to_role_mapping)).thenReturn("group=role1,role2,role3,,,");
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
assertThat(realm.GroupToRoleMapping.Keys, equalTo(Stream.of("group").collect(Collectors.toSet())));
assertThat(realm.GroupToRoleMapping["group"], equalTo(asList("role1", "role2", "role3")));
assertThat(realm.GroupToRoleMapping.Count, equalTo(1));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void groupToRoleMappingShouldBeAbleToHaveMultipleGroups()
public virtual void GroupToRoleMappingShouldBeAbleToHaveMultipleGroups()
{
when(Config.get(SecuritySettings.ldap_authorization_group_to_role_mapping)).thenReturn("group1=role1;group2=role2,role3;group3=role4");
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
assertThat(realm.GroupToRoleMapping.Keys, equalTo(new SortedSet <>(asList("group1", "group2", "group3"))));
assertThat(realm.GroupToRoleMapping["group1"], equalTo(singletonList("role1")));
assertThat(realm.GroupToRoleMapping["group2"], equalTo(asList("role2", "role3")));
assertThat(realm.GroupToRoleMapping["group3"], equalTo(singletonList("role4")));
assertThat(realm.GroupToRoleMapping.Count, equalTo(3));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldAllowMultipleGroupMembershipAttributes() throws javax.naming.NamingException
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldAllowMultipleGroupMembershipAttributes()
{
when(Config.get(SecuritySettings.ldap_authorization_user_search_filter)).thenReturn("{0}");
when(Config.get(SecuritySettings.ldap_authorization_group_membership_attribute_names)).thenReturn(asList("attr0", "attr1", "attr2"));
when(Config.get(SecuritySettings.ldap_authorization_group_to_role_mapping)).thenReturn("group1=role1;group2=role2,role3");
LdapContext ldapContext = mock(typeof(LdapContext));
NamingEnumeration result = mock(typeof(NamingEnumeration));
SearchResult searchResult = mock(typeof(SearchResult));
Attributes attributes = mock(typeof(Attributes));
Attribute attribute1 = mock(typeof(Attribute));
Attribute attribute2 = mock(typeof(Attribute));
Attribute attribute3 = mock(typeof(Attribute));
NamingEnumeration attributeEnumeration = mock(typeof(NamingEnumeration));
NamingEnumeration groupEnumeration1 = mock(typeof(NamingEnumeration));
NamingEnumeration groupEnumeration2 = mock(typeof(NamingEnumeration));
NamingEnumeration groupEnumeration3 = mock(typeof(NamingEnumeration));
// Mock ldap search result "attr1" contains "group1" and "attr2" contains "group2" (a bit brittle...)
// "attr0" is non-existing and should have no effect
when(ldapContext.search(anyString(), anyString(), any(), any())).thenReturn(result);
when(result.hasMoreElements()).thenReturn(true, false);
when(result.next()).thenReturn(searchResult);
when(searchResult.Attributes).thenReturn(attributes);
when(attributes.All).thenReturn(attributeEnumeration);
when(attributeEnumeration.hasMore()).thenReturn(true, true, false);
when(attributeEnumeration.next()).thenReturn(attribute1, attribute2, attribute3);
when(attribute1.ID).thenReturn("attr1"); // This attribute should yield role1
when(attribute1.All).thenReturn(groupEnumeration1);
when(groupEnumeration1.hasMore()).thenReturn(true, false);
when(groupEnumeration1.next()).thenReturn("group1");
when(attribute2.ID).thenReturn("attr2"); // This attribute should yield role2 and role3
when(attribute2.All).thenReturn(groupEnumeration2);
when(groupEnumeration2.hasMore()).thenReturn(true, false);
when(groupEnumeration2.next()).thenReturn("group2");
when(attribute3.ID).thenReturn("attr3"); // This attribute should have no effect
when(attribute3.All).thenReturn(groupEnumeration3);
when(groupEnumeration3.hasMore()).thenReturn(true, false);
when(groupEnumeration3.next()).thenReturn("groupWithNoRole");
// When
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
ISet <string> roles = realm.FindRoleNamesForUser("username", ldapContext);
// Then
assertThat(roles, hasItems("role1", "role2", "role3"));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void groupToRoleMappingShouldBeAbleToHaveQuotedKeysAndWhitespaces()
public virtual void GroupToRoleMappingShouldBeAbleToHaveQuotedKeysAndWhitespaces()
{
when(Config.get(SecuritySettings.ldap_authorization_group_to_role_mapping)).thenReturn("'group1' = role1;\t \"group2\"\n=\t role2,role3 ; gr oup3= role4\n ;'group4 '= ; g =r");
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
assertThat(realm.GroupToRoleMapping.Keys, equalTo(new SortedSet <>(asList("group1", "group2", "gr oup3", "group4 ", "g"))));
assertThat(realm.GroupToRoleMapping["group1"], equalTo(singletonList("role1")));
assertThat(realm.GroupToRoleMapping["group2"], equalTo(asList("role2", "role3")));
assertThat(realm.GroupToRoleMapping["gr oup3"], equalTo(singletonList("role4")));
assertThat(realm.GroupToRoleMapping["group4 "], equalTo(Collections.emptyList()));
assertThat(realm.GroupToRoleMapping["g"], equalTo(singletonList("r")));
assertThat(realm.GroupToRoleMapping.Count, equalTo(5));
}
private void MakeAndInit()
{
try
{
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
realm.Initialize();
}
catch (Exception e)
{
throw e;
}
catch (Exception t)
{
throw new Exception(t);
}
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldWarnAboutAmbiguousUserSearch() throws javax.naming.NamingException
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldWarnAboutAmbiguousUserSearch()
{
when(Config.get(SecuritySettings.ldap_authorization_user_search_filter)).thenReturn("{0}");
LdapContext ldapContext = mock(typeof(LdapContext));
NamingEnumeration result = mock(typeof(NamingEnumeration));
SearchResult searchResult = mock(typeof(SearchResult));
when(ldapContext.search(anyString(), anyString(), any(), any())).thenReturn(result);
when(result.hasMoreElements()).thenReturn(true);
when(result.next()).thenReturn(searchResult);
when(searchResult.ToString()).thenReturn("<ldap search result>");
LdapRealm realm = new LdapRealm(Config, _securityLog, _secureHasher);
realm.FindRoleNamesForUser("username", ldapContext);
verify(_securityLog).warn(contains("LDAP user search for user principal 'username' is ambiguous"));
}
