diff options
author | Stefan Seelmann <mail@stefan-seelmann.de> | 2021-05-02 19:11:00 +0300 |
---|---|---|
committer | Stefan Seelmann <mail@stefan-seelmann.de> | 2021-05-02 19:11:00 +0300 |
commit | 5cffff7f4744eaa67c3a985ccc1837583652d320 (patch) | |
tree | 08a400f0380fbc1df48d8d2bcf8fc4420086abed | |
parent | f70a4151e91cc540c555754874b01a1da5f42ac6 (diff) |
Migrate certification validation tests
6 files changed, 170 insertions, 129 deletions
diff --git a/Jenkinsfile b/Jenkinsfile index 0f1c2fa7a..775f5b0e3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -37,9 +37,9 @@ pipeline { } steps { script { - docker.image('osixia/openldap:1.3.0').withRun() { openldap -> + docker.image('osixia/openldap:1.3.0').withRun('-e LDAP_TLS_VERIFY_CLIENT=never') { openldap -> docker.image('389ds/dirsrv').withRun('-e DS_DM_PASSWORD=admin', 'bash -c "set -m; /usr/lib/dirsrv/dscontainer -r & while ! /usr/lib/dirsrv/dscontainer -H; do sleep 5; done; sleep 5; /usr/sbin/dsconf localhost backend create --suffix dc=example,dc=org --be-name example; fg"') { fedora389ds -> - docker.image('apachedirectory/maven-build:jdk-8').inside("--link=${openldap.id}:openldap -e OPENLDAP_HOST=openldap -e OPENLDAP_PORT=389 --link=${fedora389ds.id}:fedora389ds -e FEDORA_389DS_HOST=fedora389ds -e FEDORA_389DS_PORT=3389") { + docker.image('apachedirectory/maven-build:jdk-8').inside("--link=${openldap.id}:openldap -e OPENLDAP_HOST=openldap -e OPENLDAP_PORT=389 -e OPENLDAP_PORT_SSL=636 --link=${fedora389ds.id}:fedora389ds -e FEDORA_389DS_HOST=fedora389ds -e FEDORA_389DS_PORT=3389 -e FEDORA_389DS_PORT=3636") { sh 'export DISPLAY=:99; env; ps aux' } } diff --git a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/ApacheDirectoryServer.java b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/ApacheDirectoryServer.java index cc7896fc7..d9f94e5da 100644 --- a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/ApacheDirectoryServer.java +++ b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/ApacheDirectoryServer.java @@ -28,8 +28,10 @@ import java.io.File; import org.apache.directory.server.core.api.DirectoryService; import org.apache.directory.server.core.api.partition.Partition; import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory; +import org.apache.directory.server.core.security.CertificateUtil; import org.apache.directory.server.ldap.LdapServer; import org.apache.directory.server.ldap.handlers.extended.PwdModifyHandler; +import org.apache.directory.server.ldap.handlers.extended.StartTlsHandler; import org.apache.directory.server.ldap.handlers.extended.WhoAmIHandler; import org.apache.directory.server.protocol.shared.transport.TcpTransport; import org.apache.directory.server.protocol.shared.transport.Transport; @@ -48,13 +50,15 @@ public class ApacheDirectoryServer extends TestLdapServer private DirectoryService service; private LdapServer server; + private String defaultKeyStoreFile; public static synchronized ApacheDirectoryServer getInstance() { if ( instance == null ) { int port = AvailablePortFinder.getNextAvailable( 1024 ); - instance = new ApacheDirectoryServer( port ); + int portSSL = AvailablePortFinder.getNextAvailable( port + 1 ); + instance = new ApacheDirectoryServer( port, portSSL ); instance.startServer(); } return instance; @@ -77,12 +81,20 @@ public class ApacheDirectoryServer extends TestLdapServer server = new LdapServer(); server.setDirectoryService( service ); - int port = AvailablePortFinder.getNextAvailable( 1024 ); Transport ldap = new TcpTransport( port ); server.addTransports( ldap ); + Transport ldaps = new TcpTransport( portSSL ); + ldaps.setEnableSSL( true ); + server.addTransports( ldaps ); + server.addExtendedOperationHandler( new StartTlsHandler() ); server.addExtendedOperationHandler( new PwdModifyHandler() ); server.addExtendedOperationHandler( new WhoAmIHandler() ); + defaultKeyStoreFile = CertificateUtil.createTempKeyStore( "testStore", "changeit".toCharArray() ) + .getAbsolutePath(); + server.setKeystoreFile( defaultKeyStoreFile ); + server.setCertificatePassword( "changeit" ); + server.start(); } catch ( Exception e ) @@ -92,15 +104,42 @@ public class ApacheDirectoryServer extends TestLdapServer } + @Override + public void prepare() + { + super.prepare(); + + try + { + if ( !defaultKeyStoreFile.equals( server.getKeystoreFile() ) ) + { + server.setKeystoreFile( defaultKeyStoreFile ); + server.reloadSslContext(); + } + } + catch ( Exception e ) + { + throw new RuntimeException( e ); + } + } + + + public void setKeystore( String keystorePath ) throws Exception + { + server.setKeystoreFile( keystorePath ); + server.reloadSslContext(); + } + + public DirectoryService getService() { return service; } - private ApacheDirectoryServer( int port ) + private ApacheDirectoryServer( int port, int portSSL ) { - super( LdapServerType.ApacheDS, LOCALHOST, port, "uid=admin,ou=system", "secret" ); + super( LdapServerType.ApacheDS, LOCALHOST, port, portSSL, "uid=admin,ou=system", "secret" ); } } diff --git a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/Fedora389dsLdapServer.java b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/Fedora389dsLdapServer.java index fedca3c61..b856ee563 100644 --- a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/Fedora389dsLdapServer.java +++ b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/Fedora389dsLdapServer.java @@ -34,6 +34,8 @@ public class Fedora389dsLdapServer extends TestLdapServer { private static final String FEDORA_389DS_HOST = getEnvOrDefault( "FEDORA_389DS_HOST", LOCALHOST ); private static final int FEDORA_389DS_PORT = Integer.parseInt( getEnvOrDefault( "FEDORA_389DS_PORT", "21389" ) ); + private static final int FEDORA_389DS_PORT_SSL = Integer + .parseInt( getEnvOrDefault( "FEDORA_389DS_PORT_SSL", "21636" ) ); private static final String FEDORA_389DS_ADMIN_DN = getEnvOrDefault( "FEDORA_389DS_ADMIN_DN", "cn=Directory Manager" ); private static final String FEDORA_389DS_ADMIN_PASSWORD = getEnvOrDefault( "FEDORA_389DS_ADMIN_PASSWORD", "admin" ); @@ -46,8 +48,8 @@ public class Fedora389dsLdapServer extends TestLdapServer private Fedora389dsLdapServer() { - super( LdapServerType.Fedora389ds, FEDORA_389DS_HOST, FEDORA_389DS_PORT, FEDORA_389DS_ADMIN_DN, - FEDORA_389DS_ADMIN_PASSWORD ); + super( LdapServerType.Fedora389ds, FEDORA_389DS_HOST, FEDORA_389DS_PORT, FEDORA_389DS_PORT_SSL, + FEDORA_389DS_ADMIN_DN, FEDORA_389DS_ADMIN_PASSWORD ); } } diff --git a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/OpenLdapServer.java b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/OpenLdapServer.java index 0ee22926c..23c64951a 100644 --- a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/OpenLdapServer.java +++ b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/OpenLdapServer.java @@ -39,6 +39,7 @@ public class OpenLdapServer extends TestLdapServer { private static final String OPENLDAP_HOST = getEnvOrDefault( "OPENLDAP_HOST", LOCALHOST ); private static final int OPENLDAP_PORT = Integer.parseInt( getEnvOrDefault( "OPENLDAP_PORT", "20389" ) ); + private static final int OPENLDAP_PORT_SSL = Integer.parseInt( getEnvOrDefault( "OPENLDAP_PORT_SSL", "20636" ) ); private static final String OPENLDAP_ADMIN_DN = getEnvOrDefault( "OPENLDAP_ADMIN_DN", "cn=admin,dc=example,dc=org" ); private static final String OPENLDAP_ADMIN_PASSWORD = getEnvOrDefault( "OPENLDAP_ADMIN_PASSWORD", "admin" ); @@ -53,7 +54,8 @@ public class OpenLdapServer extends TestLdapServer private OpenLdapServer() { - super( LdapServerType.OpenLdap, OPENLDAP_HOST, OPENLDAP_PORT, OPENLDAP_ADMIN_DN, OPENLDAP_ADMIN_PASSWORD ); + super( LdapServerType.OpenLdap, OPENLDAP_HOST, OPENLDAP_PORT, OPENLDAP_PORT_SSL, OPENLDAP_ADMIN_DN, + OPENLDAP_ADMIN_PASSWORD ); } diff --git a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/TestLdapServer.java b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/TestLdapServer.java index 50bc9f620..9caa587f3 100644 --- a/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/TestLdapServer.java +++ b/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/junit5/TestLdapServer.java @@ -44,14 +44,17 @@ public abstract class TestLdapServer protected final LdapServerType type; protected final String host; protected final int port; + protected final int portSSL; protected final String adminDn; protected final String adminPassword; - protected TestLdapServer( LdapServerType type, String host, int port, String adminDn, String adminPassword ) + protected TestLdapServer( LdapServerType type, String host, int port, int portSSL, String adminDn, + String adminPassword ) { this.type = type; this.host = host; this.port = port; + this.portSSL = portSSL; this.adminDn = adminDn; this.adminPassword = adminPassword; } @@ -173,6 +176,12 @@ public abstract class TestLdapServer } + public int getPortSSL() + { + return portSSL; + } + + public String getLdapUrl() { return "ldap://" + host + ":" + port; diff --git a/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java b/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java index 305f4ad35..e599e2da5 100644 --- a/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java +++ b/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java @@ -31,6 +31,7 @@ import static org.junit.Assert.assertTrue; import java.io.File; import java.io.FileOutputStream; +import java.lang.reflect.Method; import java.math.BigInteger; import java.security.KeyPair; import java.security.KeyPairGenerator; @@ -50,35 +51,29 @@ import org.apache.directory.api.ldap.model.entry.Attribute; import org.apache.directory.api.ldap.model.entry.DefaultEntry; import org.apache.directory.api.ldap.model.entry.Entry; import org.apache.directory.api.ldap.model.exception.LdapException; -import org.apache.directory.server.annotations.CreateLdapServer; -import org.apache.directory.server.annotations.CreateTransport; -import org.apache.directory.server.core.integ.AbstractLdapTestUnit; import org.apache.directory.server.core.security.TlsKeyGenerator; -import org.apache.directory.server.ldap.handlers.extended.StartTlsHandler; import org.apache.directory.studio.connection.core.ConnectionCorePlugin; +import org.apache.directory.studio.test.integration.junit5.ApacheDirectoryServer; +import org.apache.directory.studio.test.integration.junit5.LdapServerType; +import org.apache.directory.studio.test.integration.junit5.LdapServersSource; +import org.apache.directory.studio.test.integration.junit5.TestLdapServer; import org.apache.directory.studio.test.integration.ui.bots.CertificateTrustDialogBot; import org.apache.directory.studio.test.integration.ui.bots.CertificateValidationPreferencePageBot; import org.apache.directory.studio.test.integration.ui.bots.CheckAuthenticationDialogBot; -import org.apache.directory.studio.test.integration.ui.bots.ConnectionsViewBot; import org.apache.directory.studio.test.integration.ui.bots.ErrorDialogBot; import org.apache.directory.studio.test.integration.ui.bots.NewConnectionWizardBot; import org.apache.directory.studio.test.integration.ui.bots.PreferencesBot; -import org.apache.directory.studio.test.integration.ui.bots.StudioBot; -import org.apache.directory.studio.test.integration.ui.bots.utils.Assertions; -import org.apache.directory.studio.test.integration.ui.bots.utils.FrameworkRunnerWithScreenshotCaptureListener; import org.bouncycastle.asn1.x509.BasicConstraints; import org.bouncycastle.asn1.x509.ExtendedKeyUsage; import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.KeyPurposeId; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.x509.X509V3CertificateGenerator; -import org.junit.After; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Rule; -import org.junit.Test; -import org.junit.rules.TestName; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.TestInfo; +import org.junit.jupiter.params.ParameterizedTest; /** @@ -87,34 +82,18 @@ import org.junit.runner.RunWith; * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> * @version $Rev$, $Date$ */ -@RunWith(FrameworkRunnerWithScreenshotCaptureListener.class) -//@CreateDS(allowAnonAccess = true, name = "KeyStoreIT-class") -public class CertificateValidationTest extends AbstractLdapTestUnit +public class CertificateValidationTest extends AbstractTestBase { static final long YEAR_MILLIS = 365L * 24L * 3600L * 1000L; - @Rule - public TestName name = new TestName(); + private TestInfo testInfo; - private static StudioBot studioBot; - private static ConnectionsViewBot connectionsViewBot; private static NewConnectionWizardBot wizardBot; - - @BeforeClass - public static void setUpClass() throws Exception - { - studioBot = new StudioBot(); - studioBot.resetLdapPerspective(); - connectionsViewBot = studioBot.getConnectionView(); - // ErrorDialog.AUTOMATED_MODE = false; - } - - - @Before - public void setUp() throws Exception + @BeforeEach + public void setUp( TestInfo testInfo ) throws Exception { - studioBot.resetLdapPerspective(); + this.testInfo = testInfo; // let Java use the key store System.setProperty( "javax.net.ssl.trustStore", ROOT_CA_KEYSTORE_PATH ); @@ -124,11 +103,9 @@ public class CertificateValidationTest extends AbstractLdapTestUnit } - @After + @AfterEach public void tearDown() throws Exception { - connectionsViewBot.deleteTestConnections(); - // delete custom trust stores X509Certificate[] permanentCertificates = ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager() .getCertificates(); @@ -148,8 +125,6 @@ public class CertificateValidationTest extends AbstractLdapTestUnit System.clearProperty( "javax.net.ssl.trustStorePassword" ); System.clearProperty( "javax.net.ssl.keyStore" ); System.clearProperty( "javax.net.ssl.keyStorePassword" ); - - Assertions.genericTearDownAssertions(); } private static final String KEYSTORE_PW = "changeit"; @@ -175,8 +150,7 @@ public class CertificateValidationTest extends AbstractLdapTestUnit private static final String MULTIPLE_ISSUES_KEYSTORE_PATH = "target/classes/multiple-issues-keystore.ks"; - - @BeforeClass + @BeforeAll public static void installKeyStoreWithCertificate() throws Exception { String issuerDn = "CN=trusted-root-ca"; @@ -227,7 +201,8 @@ public class CertificateValidationTest extends AbstractLdapTestUnit UNTRUSTED_ROOT_CA_KEYSTORE_PATH ); PrivateKey untrustedRootCaPrivateKey = ( PrivateKey ) ROOT_CA_KEYSTORE.getKey( "apacheds", KEYSTORE_PW.toCharArray() ); - createKeyStore( subjectDn, untrustedRootCaIssuerDn, startDate, expiryDate, keyAlgo, keySize, untrustedRootCaPrivateKey, + createKeyStore( subjectDn, untrustedRootCaIssuerDn, startDate, expiryDate, keyAlgo, keySize, + untrustedRootCaPrivateKey, UNTRUSTED_KEYSTORE_PATH ); // generate a certificate with multiple issues: expired, wrong hostname, self-signed @@ -345,18 +320,20 @@ public class CertificateValidationTest extends AbstractLdapTestUnit private String getConnectionName() { - return "NewConnectionWizardTest." + name.getMethodName(); + return testInfo.getTestMethod().map( Method::getName ).orElse( "null" ) + " " + + testInfo.getDisplayName(); } /** * Tests ldaps:// with a valid certificate. */ - @CreateLdapServer(keyStore = VALID_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testLdapsCertificateValidationOK() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testLdapsCertificateValidationOK( ApacheDirectoryServer server ) throws Exception { - wizardBotWithLdaps(); + server.setKeystore( VALID_KEYSTORE_PATH ); + wizardBotWithLdaps( server ); // check the certificate, should be OK String result = wizardBot.clickCheckAuthenticationButton(); @@ -369,11 +346,12 @@ public class CertificateValidationTest extends AbstractLdapTestUnit /** * Tests ldaps:// with an expired certificate. */ - @CreateLdapServer(keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testLdapsCertificateValidationExpired() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testLdapsCertificateValidationExpired( ApacheDirectoryServer server ) throws Exception { - wizardBotWithLdaps(); + server.setKeystore( EXPIRED_KEYSTORE_PATH ); + wizardBotWithLdaps( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -396,11 +374,11 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests that when selecting "Don't trust" the certificate is not trusted * and not added to any key store. */ - @CreateLdapServer(keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testLdapsCertificateDoNotTrust() throws Exception + @ParameterizedTest + @LdapServersSource + public void testLdapsCertificateDoNotTrust( TestLdapServer server ) throws Exception { - wizardBotWithLdaps(); + wizardBotWithLdaps( server ); // check trust, expect trust dialog, select don't trust CertificateTrustDialogBot trustDialogBot = wizardBot @@ -441,11 +419,11 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests that when selecting "Trust temporary" the certificate is trusted * and added to the session key store. */ - @CreateLdapServer(keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testLdapsCertificateTrustTemporary() throws Exception + @ParameterizedTest + @LdapServersSource + public void testLdapsCertificateTrustTemporary( TestLdapServer server ) throws Exception { - wizardBotWithLdaps(); + wizardBotWithLdaps( server ); // check trust, expect trust dialog, select trust temporary CertificateTrustDialogBot trustDialogBot = wizardBot @@ -474,11 +452,11 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests that when selecting "Trust permanent" the certificate is trusted * and added to the permanent key store. */ - @CreateLdapServer(keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testLdapsCertificateTrustPermanent() throws Exception + @ParameterizedTest + @LdapServersSource + public void testLdapsCertificateTrustPermanent( TestLdapServer server ) throws Exception { - wizardBotWithLdaps(); + wizardBotWithLdaps( server ); // check trust, expect trust dialog, select trust temporary CertificateTrustDialogBot trustDialogBot = wizardBot @@ -507,15 +485,17 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests StartTLS with an valid certificate. This is simulated * by putting the root certificate into a temporary key store. */ - @Test - @CreateLdapServer(keyStore = VALID_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW, extendedOpHandlers = StartTlsHandler.class) - public void testStartTlsCertificateValidationOK() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationOK( ApacheDirectoryServer server ) throws Exception { + server.setKeystore( VALID_KEYSTORE_PATH ); + // enter connection parameter wizardBot = connectionsViewBot.openNewConnectionWizard(); wizardBot.typeConnectionName( getConnectionName() ); wizardBot.typeHost( LOCALHOST ); - wizardBot.typePort( ldapServer.getPort() ); + wizardBot.typePort( server.getPort() ); wizardBot.selectStartTlsEncryption(); // check the certificate, should be OK @@ -538,11 +518,12 @@ public class CertificateValidationTest extends AbstractLdapTestUnit /** * DIRSTUDIO-1205: SSL/TLS with small key size is not working. */ - @CreateLdapServer(keyStore = SMALL_KEYSIZE_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW, extendedOpHandlers = StartTlsHandler.class) - @Test - public void testStartTlsCertificateValidationSmallKeysizeError() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationSmallKeysizeError( ApacheDirectoryServer server ) throws Exception { - wizardBotWithStartTls(); + server.setKeystore( SMALL_KEYSIZE_KEYSTORE_PATH ); + wizardBotWithStartTls( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -564,11 +545,12 @@ public class CertificateValidationTest extends AbstractLdapTestUnit /** * Tests StartTLS with an expired certificate. */ - @CreateLdapServer(keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW, extendedOpHandlers = StartTlsHandler.class) - @Test - public void testStartTlsCertificateValidationExpired() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationExpired( ApacheDirectoryServer server ) throws Exception { - wizardBotWithStartTls(); + server.setKeystore( EXPIRED_KEYSTORE_PATH ); + wizardBotWithStartTls( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -588,11 +570,12 @@ public class CertificateValidationTest extends AbstractLdapTestUnit /** * Tests StartTLS with an not yet valid certificate. */ - @CreateLdapServer(keyStore = NOT_YET_VALID_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW, extendedOpHandlers = StartTlsHandler.class) - @Test - public void testStartTlsCertificateValidationNotYetValid() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationNotYetValid( ApacheDirectoryServer server ) throws Exception { - wizardBotWithStartTls(); + server.setKeystore( NOT_YET_VALID_KEYSTORE_PATH ); + wizardBotWithStartTls( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -613,11 +596,12 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests StartTLS with a certificate where the certificate's host name * doesn't match the server's host name (localhost) */ - @CreateLdapServer(keyStore = WRONG_HOSTNAME_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW, extendedOpHandlers = StartTlsHandler.class) - @Test - public void testStartTlsCertificateValidationHostnameMismatch() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationHostnameMismatch( ApacheDirectoryServer server ) throws Exception { - wizardBotWithStartTls(); + server.setKeystore( WRONG_HOSTNAME_KEYSTORE_PATH ); + wizardBotWithStartTls( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -637,11 +621,13 @@ public class CertificateValidationTest extends AbstractLdapTestUnit /** * Tests StartTLS with a certificate without valid certification path. */ - @CreateLdapServer(keyStore = UNTRUSTED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW, extendedOpHandlers = StartTlsHandler.class) - @Test - public void testStartTlsCertificateValidationNoValidCertificationPath() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationNoValidCertificationPath( ApacheDirectoryServer server ) + throws Exception { - wizardBotWithStartTls(); + server.setKeystore( UNTRUSTED_KEYSTORE_PATH ); + wizardBotWithStartTls( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -662,11 +648,12 @@ public class CertificateValidationTest extends AbstractLdapTestUnit /** * Tests StartTLS with a self-signed certificate. */ - @CreateLdapServer(extendedOpHandlers = StartTlsHandler.class, keyStore = SELF_SIGNED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testStartTlsCertificateValidationSelfSigned() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationSelfSigned( ApacheDirectoryServer server ) throws Exception { - wizardBotWithStartTls(); + server.setKeystore( SELF_SIGNED_KEYSTORE_PATH ); + wizardBotWithStartTls( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -687,11 +674,13 @@ public class CertificateValidationTest extends AbstractLdapTestUnit /** * Tests StartTLS with a certificate with multiple issues. */ - @CreateLdapServer(extendedOpHandlers = StartTlsHandler.class, keyStore = MULTIPLE_ISSUES_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testStartTlsCertificateValidationExpiredAndWrongHostnameAndSelfSigned() throws Exception + @ParameterizedTest + @LdapServersSource(types = LdapServerType.ApacheDS) + public void testStartTlsCertificateValidationExpiredAndWrongHostnameAndSelfSigned( ApacheDirectoryServer server ) + throws Exception { - wizardBotWithStartTls(); + server.setKeystore( MULTIPLE_ISSUES_KEYSTORE_PATH ); + wizardBotWithStartTls( server ); // check the certificate, expecting the trust dialog CertificateTrustDialogBot trustDialogBot = wizardBot @@ -712,11 +701,11 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests that when selecting "Don't trust" the certificate is not trusted * and not added to any key store. */ - @CreateLdapServer(transports = @CreateTransport(protocol = "LDAP"), extendedOpHandlers = StartTlsHandler.class, keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testStartTlsCertificateDoNotTrust() throws Exception + @ParameterizedTest + @LdapServersSource + public void testStartTlsCertificateDoNotTrust( TestLdapServer server ) throws Exception { - wizardBotWithStartTls(); + wizardBotWithStartTls( server ); // check trust, expect trust dialog, select don't trust CertificateTrustDialogBot trustDialogBot = wizardBot @@ -767,11 +756,11 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests that when selecting "Trust temporary" the certificate is trusted * and added to the session key store. */ - @CreateLdapServer(transports = @CreateTransport(protocol = "LDAP"), extendedOpHandlers = StartTlsHandler.class, keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testStartTlsCertificateTrustTemporary() throws Exception + @ParameterizedTest + @LdapServersSource + public void testStartTlsCertificateTrustTemporary( TestLdapServer server ) throws Exception { - wizardBotWithStartTls(); + wizardBotWithStartTls( server ); // check trust, expect trust dialog, select trust temporary CertificateTrustDialogBot trustDialogBot = wizardBot @@ -809,11 +798,11 @@ public class CertificateValidationTest extends AbstractLdapTestUnit * Tests that when selecting "Trust permanent" the certificate is trusted * and added to the permanent key store. */ - @CreateLdapServer(transports = @CreateTransport(protocol = "LDAP"), extendedOpHandlers = StartTlsHandler.class, keyStore = EXPIRED_KEYSTORE_PATH, certificatePassword = KEYSTORE_PW) - @Test - public void testStartTlsCertificateTrustPermanent() throws Exception + @ParameterizedTest + @LdapServersSource + public void testStartTlsCertificateTrustPermanent( TestLdapServer server ) throws Exception { - wizardBotWithStartTls(); + wizardBotWithStartTls( server ); // check trust, expect trust dialog, select trust temporary CertificateTrustDialogBot trustDialogBot = wizardBot @@ -847,31 +836,31 @@ public class CertificateValidationTest extends AbstractLdapTestUnit } - private void wizardBotWithLdaps() + private void wizardBotWithLdaps( TestLdapServer server ) { // enter connection parameter and authentication parameter wizardBot = connectionsViewBot.openNewConnectionWizard(); wizardBot.typeConnectionName( getConnectionName() ); - wizardBot.typeHost( LOCALHOST ); - wizardBot.typePort( ldapServer.getPortSSL() ); + wizardBot.typeHost( server.getHost() ); + wizardBot.typePort( server.getPortSSL() ); wizardBot.selectLdapsEncryption(); wizardBot.clickNextButton(); - wizardBot.typeUser( "uid=admin,ou=system" ); - wizardBot.typePassword( "secret" ); + wizardBot.typeUser( server.getAdminDn() ); + wizardBot.typePassword( server.getAdminPassword() ); } - private void wizardBotWithStartTls() + private void wizardBotWithStartTls( TestLdapServer server ) { // enter connection parameter and authentication parameter wizardBot = connectionsViewBot.openNewConnectionWizard(); wizardBot.typeConnectionName( getConnectionName() ); - wizardBot.typeHost( LOCALHOST ); - wizardBot.typePort( ldapServer.getPort() ); + wizardBot.typeHost( server.getHost() ); + wizardBot.typePort( server.getPort() ); wizardBot.selectStartTlsEncryption(); wizardBot.clickNextButton(); - wizardBot.typeUser( "uid=admin,ou=system" ); - wizardBot.typePassword( "secret" ); + wizardBot.typeUser( server.getAdminDn() ); + wizardBot.typePassword( server.getAdminPassword() ); } |