From 323bae78b3e2c788ad66f1458b32f11fba02ff29 Mon Sep 17 00:00:00 2001 From: Tim Vernum Date: Thu, 28 Oct 2021 15:02:02 +1100 Subject: [PATCH] Miscellaneous fixes for LDAP SDK v6 upgrade (#79980) This commit makes a few changes to LDAP testing to improve the stability of tests on UnboudID LDAP SDK v6 Backport of: #79891 --- .../xpack/security/authc/ldap/LdapRealmTests.java | 11 +++++++---- .../authc/ldap/SearchGroupsResolverInMemoryTests.java | 2 +- .../authc/ldap/support/LdapServerDebugLogging.java | 1 + .../security/authc/ldap/support/LdapTestCase.java | 2 +- 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java index 7a7ec59a6ba22..bcebc32d50173 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java @@ -435,10 +435,11 @@ public void testLdapRealmMapsUserDNToRole() throws Exception { PlainActionFuture> future = new PlainActionFuture<>(); ldap.authenticate(new UsernamePasswordToken("Horatio Hornblower", new SecureString(PASSWORD)), future); final AuthenticationResult result = future.actionGet(); - assertThat(result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); + assertThat(result, notNullValue()); + assertThat(result.toString(), result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); User user = result.getValue(); assertThat(user, notNullValue()); - assertThat(user.roles(), arrayContaining("avenger")); + assertThat(user.toString(), user.roles(), arrayContaining("avenger")); } /** @@ -530,7 +531,8 @@ protected void loadMappings(ActionListener> listener PlainActionFuture> future = new PlainActionFuture<>(); ldap.authenticate(new UsernamePasswordToken("Horatio Hornblower", new SecureString(PASSWORD)), future); final AuthenticationResult result = future.actionGet(); - assertThat(result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); + assertThat(result, notNullValue()); + assertThat(result.toString(), result.getStatus(), is(AuthenticationResult.Status.SUCCESS)); User user = result.getValue(); assertThat(user, notNullValue()); assertThat(user.roles(), arrayContainingInAnyOrder("_user_hhornblo", "sales_admin")); @@ -560,7 +562,8 @@ public void testLdapConnectionFailureIsTreatedAsAuthenticationFailure() throws E PlainActionFuture> future = new PlainActionFuture<>(); ldap.authenticate(new UsernamePasswordToken(VALID_USERNAME, new SecureString(PASSWORD)), future); final AuthenticationResult result = future.actionGet(); - assertThat(result.getStatus(), is(AuthenticationResult.Status.CONTINUE)); + assertThat(result, notNullValue()); + assertThat(result.toString(), result.getStatus(), is(AuthenticationResult.Status.CONTINUE)); assertThat(result.getValue(), nullValue()); assertThat(result.getMessage(), is("authenticate failed")); assertThat(result.getException(), notNullValue()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java index 022ded23ce491..b839a4719d9e6 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/SearchGroupsResolverInMemoryTests.java @@ -47,7 +47,7 @@ public class SearchGroupsResolverInMemoryTests extends LdapTestCase { @After public void closeConnection() { if (connection != null) { - connection.close(); + connection.closeWithoutUnbind(); } } diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java index f76e47327a0cf..babf058d0207e 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapServerDebugLogging.java @@ -52,6 +52,7 @@ protected void failed(Throwable e, Description description) { } public void configure(InMemoryDirectoryServerConfig config) { + targetLogger.info("Configuring debug logging for LDAP server [{}]", config); config.setLDAPDebugLogHandler(logHandler); } diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java index 64422ad424a10..62d18df3084f1 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java @@ -156,7 +156,7 @@ void tryConnect(InMemoryDirectoryServer ds) { AccessController.doPrivileged((PrivilegedExceptionAction) () -> { try (var c = ds.getConnection()) { assertThat("Failed to connect to " + ds + " - ", c.isConnected(), is(true)); - logger.info("Test connection to [{}] was successful ({})", ds, c); + logger.info("Test connection to [{}](port {}) was successful ({})", ds, ds.getListenPort(), c); } catch (LDAPException e) { throw new AssertionError("Failed to connect to " + ds, e); }