public void RadiusClient_Interop_AD_IAS() { if (EnvironmentVars.Get("LT_TESTBIN") == null) { Assert.Inconclusive("[LT_TESTBIN] environment variable does not exist."); } if (EnvironmentVars.Get("LT_TEST_AD") == null) { Assert.Inconclusive("[LT_TEST_AD] environment variable does not exist."); } var ad = new ADTestSettings(); if (ad.NasSecret == string.Empty) { Assert.Inconclusive("AD/IAS Testing is disabled"); return; } // Verify that RADIUS client works against AD/IAS. This requires that // the LT_TEST_AD environment variable be set properly as described // in the LillTek DevInstall.doc document. The IAS server must also // be manually configured with the NAS shared secret for this client. RadiusClient client = new RadiusClient(); NetworkBinding serverEP = new NetworkBinding(EnhancedDns.GetHostByName(ad.Servers[0]).AddressList.IPv4Only()[0], NetworkPort.RADIUS); RadiusClientSettings clientSettings = new RadiusClientSettings(serverEP, ad.NasSecret); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; try { client.Open(clientSettings); Assert.IsTrue(client.Authenticate(ad.Domain, ad.Account, ad.Password)); Assert.IsFalse(client.Authenticate(ad.Domain + "x", ad.Account, ad.Password)); Assert.IsFalse(client.Authenticate(ad.Domain, ad.Account + "x", ad.Password)); Assert.IsFalse(client.Authenticate(ad.Domain, ad.Account, ad.Password + "x")); } finally { client.Close(); } }
public void Initialize() { Helper.InitializeApp(Assembly.GetExecutingAssembly()); this.ADSettings = new ADTestSettings(); this.DB = SqlTestDatabase.Create(); this.AuthFilePath = Path.GetTempFileName(); //------------------------------------------------------------- // Initialize file authentication Helper.WriteToFile(this.AuthFilePath, @" file.com;file1;file-password1 file.com;file2;file-password2 "); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.File, "file.com", "file1", "file-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.File, "file.com", "file2", "file-password2")); //------------------------------------------------------------- // Initialize RADIUS authentication RadiusServerSettings radiusSettings = new RadiusServerSettings(); radiusSettings.NetworkBinding = NetworkBinding.Parse("ANY:52111"); radiusSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, this.RadiusSecret)); radiusSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), this.RadiusSecret)); this.RadiusServer = new RadiusServer(); this.RadiusServer.Start(radiusSettings); this.RadiusServer.LoadAccountsFromString(@" radius.com;radius1;radius-password1 radius.com;radius2;radius-password2 "); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Radius, "radius.com", "radius1", "radius-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Radius, "radius.com", "radius2", "radius-password2")); //------------------------------------------------------------- // Initialize config authentication Config.SetConfig(@" Accounts[0] = config.com;config1;config-password1 Accounts[1] = config.com;config2;config-password2 "); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Config, "config.com", "config1", "config-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Config, "config.com", "config2", "config-password2")); #if TEST_AD //------------------------------------------------------------- // Initialize active directory authentication #if !TEST_AD_LDAP if (ADSettings.NasSecret != string.Empty) // Disable the test if the NAS secret is blank #endif this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Ldap, ADSettings.Domain, ADSettings.Account, ADSettings.Password)); #endif //------------------------------------------------------------- // Initalize ODBC authentication SqlConnection sqlCon = null; SqlScriptRunner scriptRunner; MacroProcessor processor; string initScript = @" create table Accounts ( Realm varchar(64), Account varchar(64), Password varchar(64), MD5 varbinary(128), SHA1 varbinary(128), SHA256 varbinary(128), SHA512 varbinary(128) ) go insert into Accounts(Realm,Account,Password,MD5,SHA1,SHA256,SHA512) values ('odbc.com','odbc1','odbc-password1',$(md5-1),$(sha1-1),$(sha256-1),$(sha512-1)) insert into Accounts(Realm,Account,Password,MD5,SHA1,SHA256,SHA512) values ('odbc.com','odbc2','odbc-password2',$(md5-2),$(sha1-2),$(sha256-2),$(sha512-2)) go "; try { processor = new MacroProcessor(); processor.Add("md5-1", SqlHelper.Literal(MD5Hasher.Compute("odbc-password1"))); processor.Add("sha1-1", SqlHelper.Literal(SHA1Hasher.Compute("odbc-password1"))); processor.Add("sha256-1", SqlHelper.Literal(SHA256Hasher.Compute("odbc-password1"))); processor.Add("sha512-1", SqlHelper.Literal(SHA512Hasher.Compute("odbc-password1"))); processor.Add("md5-2", SqlHelper.Literal(MD5Hasher.Compute("odbc-password2"))); processor.Add("sha1-2", SqlHelper.Literal(SHA1Hasher.Compute("odbc-password2"))); processor.Add("sha256-2", SqlHelper.Literal(SHA256Hasher.Compute("odbc-password2"))); processor.Add("sha512-2", SqlHelper.Literal(SHA512Hasher.Compute("odbc-password2"))); initScript = processor.Expand(initScript); sqlCon = DB.OpenConnection(); scriptRunner = new SqlScriptRunner(initScript); scriptRunner.Run(sqlCon); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Odbc, "odbc.com", "odbc1", "odbc-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Odbc, "odbc.com", "odbc2", "odbc-password2")); } finally { if (sqlCon != null) { sqlCon.Close(); } } }