keycloak-uncached
Changes
testsuite/integration/pom.xml 22(+22 -0)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java 28(+14 -14)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java 6(+3 -3)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java 8(+4 -4)
testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java 6(+3 -3)
Details
testsuite/integration/pom.xml 22(+22 -0)
diff --git a/testsuite/integration/pom.xml b/testsuite/integration/pom.xml
index db31b7f..15ca2d3 100755
--- a/testsuite/integration/pom.xml
+++ b/testsuite/integration/pom.xml
@@ -511,5 +511,27 @@
</plugins>
</build>
</profile>
+
+ <!-- Ldap profiles -->
+ <profile>
+ <id>msad</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <includes>
+ <include>org/keycloak/testsuite/federation/ldap/base/**</include>
+ </includes>
+ <excludes>
+ <exclude>**/LDAPMultipleAttributesTest.java</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+
</profiles>
</project>
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java
index b07e23d..0192bbc 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/FederationProvidersIntegrationTest.java
@@ -79,7 +79,7 @@ public class FederationProvidersIntegrationTest {
FederationTestUtils.removeAllLDAPUsers(ldapFedProvider, appRealm);
LDAPObject john = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnkeycloak", "John", "Doe", "john@email.org", null, "1234");
- ldapFedProvider.getLdapIdentityStore().updatePassword(john, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, john, "Password1");
LDAPObject existing = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "existing", "Existing", "Foo", "existing@email.org", null, "5678");
@@ -132,9 +132,9 @@ public class FederationProvidersIntegrationTest {
RealmModel appRealm = manager.getRealm("test");
LDAPFederationProvider ldapFedProvider = FederationTestUtils.getLdapProvider(session, ldapModel);
LDAPObject jbrown2 = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "JBrown2", "John", "Brown2", "jbrown2@email.org", null, "1234");
- ldapFedProvider.getLdapIdentityStore().updatePassword(jbrown2, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, jbrown2, "Password1");
LDAPObject jbrown3 = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jbrown3", "John", "Brown3", "JBrown3@email.org", null, "1234");
- ldapFedProvider.getLdapIdentityStore().updatePassword(jbrown3, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, jbrown3, "Password1");
} finally {
keycloakRule.stopSession(session, true);
}
@@ -165,10 +165,10 @@ public class FederationProvidersIntegrationTest {
RealmManager manager = new RealmManager(session);
RealmModel appRealm = manager.getRealm("test");
LDAPFederationProvider ldapFedProvider = FederationTestUtils.getLdapProvider(session, ldapModel);
- LDAPObject jbrown2 = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "JBrown4", "John", "Brown4", "jbrown4@email.org", null, "1234");
- ldapFedProvider.getLdapIdentityStore().updatePassword(jbrown2, "Password1");
- LDAPObject jbrown3 = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jbrown5", "John", "Brown5", "JBrown5@Email.org", null, "1234");
- ldapFedProvider.getLdapIdentityStore().updatePassword(jbrown3, "Password1");
+ LDAPObject jbrown4 = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "JBrown4", "John", "Brown4", "jbrown4@email.org", null, "1234");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, jbrown4, "Password1");
+ LDAPObject jbrown5 = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jbrown5", "John", "Brown5", "JBrown5@Email.org", null, "1234");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, jbrown5, "Password1");
} finally {
keycloakRule.stopSession(session, true);
}
@@ -371,7 +371,7 @@ public class FederationProvidersIntegrationTest {
}
@Test
- public void testDotInUsername() {
+ public void testCommaInUsername() {
KeycloakSession session = keycloakRule.startSession();
boolean skip = false;
@@ -379,23 +379,23 @@ public class FederationProvidersIntegrationTest {
RealmModel appRealm = new RealmManager(session).getRealmByName("test");
LDAPFederationProvider ldapFedProvider = FederationTestUtils.getLdapProvider(session, ldapModel);
- // Workaround as dot is not allowed in sAMAccountName on active directory. So we will skip the test for this configuration
+ // Workaround as comma is not allowed in sAMAccountName on active directory. So we will skip the test for this configuration
LDAPConfig config = ldapFedProvider.getLdapIdentityStore().getConfig();
if (config.isActiveDirectory() && config.getUsernameLdapAttribute().equals(LDAPConstants.SAM_ACCOUNT_NAME)) {
skip = true;
}
if (!skip) {
- LDAPObject johnDot = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "john,dot", "John", "Dot", "johndot@email.org", null, "12387");
- ldapFedProvider.getLdapIdentityStore().updatePassword(johnDot, "Password1");
+ LDAPObject johnComma = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "john,comma", "John", "Comma", "johncomma@email.org", null, "12387");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, johnComma, "Password1");
}
} finally {
keycloakRule.stopSession(session, false);
}
if (!skip) {
- // Try to import the user with dot in username into Keycloak
- loginSuccessAndLogout("john,dot", "Password1");
+ // Try to import the user with comma in username into Keycloak
+ loginSuccessAndLogout("john,comma", "Password1");
}
}
@@ -583,7 +583,7 @@ public class FederationProvidersIntegrationTest {
FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "marykeycloak", "Mary1", "Kelly1", "mary1@email.org", null, "123");
FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "mary-duplicatemail", "Mary2", "Kelly2", "mary@test.com", null, "123");
LDAPObject marynoemail = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "marynoemail", "Mary1", "Kelly1", null, null, "123");
- ldapFedProvider.getLdapIdentityStore().updatePassword(marynoemail, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, marynoemail, "Password1");
}
});
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java
index 8778735..de7508f 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPGroupMapperTest.java
@@ -84,13 +84,13 @@ public class LDAPGroupMapperTest {
// Add some LDAP users for testing
LDAPObject john = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnkeycloak", "John", "Doe", "john@email.org", null, "1234");
- ldapFedProvider.getLdapIdentityStore().updatePassword(john, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, john, "Password1");
LDAPObject mary = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "marykeycloak", "Mary", "Kelly", "mary@email.org", null, "5678");
- ldapFedProvider.getLdapIdentityStore().updatePassword(mary, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, mary, "Password1");
LDAPObject rob = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "robkeycloak", "Rob", "Brown", "rob@email.org", null, "8910");
- ldapFedProvider.getLdapIdentityStore().updatePassword(rob, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, rob, "Password1");
}
});
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java
index 6bca1ee..67e8447 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.java
@@ -70,13 +70,13 @@ public class LDAPMultipleAttributesTest {
FederationTestUtils.removeAllLDAPUsers(ldapFedProvider, appRealm);
LDAPObject james = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", null, "88441");
- ldapFedProvider.getLdapIdentityStore().updatePassword(james, "password");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, james, "Password1");
// User for testing duplicating surname and postalCode
LDAPObject bruce = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "bwilson", "Bruce", "Wilson", "bwilson@keycloak.org", "Elm 5", "88441", "77332");
bruce.setAttribute("sn", new LinkedHashSet<>(Arrays.asList("Wilson", "Schneider")));
ldapFedProvider.getLdapIdentityStore().update(bruce);
- ldapFedProvider.getLdapIdentityStore().updatePassword(bruce, "password");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, bruce, "Password1");
// Create ldap-portal client
ClientModel ldapClient = KeycloakModelUtils.createClient(appRealm, "ldap-portal");
@@ -174,7 +174,7 @@ public class LDAPMultipleAttributesTest {
// Login as bwilson
driver.navigate().to(APP_SERVER_BASE_URL + "/ldap-portal");
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
- loginPage.login("bwilson", "password");
+ loginPage.login("bwilson", "Password1");
Assert.assertTrue(driver.getCurrentUrl().startsWith(APP_SERVER_BASE_URL + "/ldap-portal"));
String pageSource = driver.getPageSource();
System.out.println(pageSource);
@@ -190,7 +190,7 @@ public class LDAPMultipleAttributesTest {
// Login as jbrown
driver.navigate().to(APP_SERVER_BASE_URL + "/ldap-portal");
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
- loginPage.login("jbrown", "password");
+ loginPage.login("jbrown", "Password1");
Assert.assertTrue(driver.getCurrentUrl().startsWith(APP_SERVER_BASE_URL + "/ldap-portal"));
pageSource = driver.getPageSource();
System.out.println(pageSource);
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java
index 50cc6d2..8aa4e49 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/LDAPRoleMappingsTest.java
@@ -75,13 +75,13 @@ public class LDAPRoleMappingsTest {
// Add some users for testing
LDAPObject john = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnkeycloak", "John", "Doe", "john@email.org", null, "1234");
- ldapFedProvider.getLdapIdentityStore().updatePassword(john, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, john, "Password1");
LDAPObject mary = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "marykeycloak", "Mary", "Kelly", "mary@email.org", null, "5678");
- ldapFedProvider.getLdapIdentityStore().updatePassword(mary, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, mary, "Password1");
LDAPObject rob = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "robkeycloak", "Rob", "Brown", "rob@email.org", null, "8910");
- ldapFedProvider.getLdapIdentityStore().updatePassword(rob, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, rob, "Password1");
// Add some roles for testing
FederationTestUtils.createLDAPRole(manager.getSession(), appRealm, ldapModel, "realmRolesMapper", "realmRole1");
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/SyncProvidersTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/SyncProvidersTest.java
index 39ef19e..a46475e 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/SyncProvidersTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/base/SyncProvidersTest.java
@@ -65,7 +65,7 @@ public class SyncProvidersTest {
for (int i=1 ; i<=5 ; i++) {
LDAPObject ldapUser = FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "user" + i, "User" + i + "FN", "User" + i + "LN", "user" + i + "@email.org", null, "12" + i);
- ldapFedProvider.getLdapIdentityStore().updatePassword(ldapUser, "Password1");
+ FederationTestUtils.updateLDAPPassword(ldapFedProvider, ldapUser, "Password1");
}
// Add dummy provider
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/FederationTestUtils.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/FederationTestUtils.java
index f189e20..0f357d3 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/FederationTestUtils.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/ldap/FederationTestUtils.java
@@ -93,6 +93,16 @@ public class FederationTestUtils {
return LDAPUtils.addUserToLDAP(ldapProvider, realm, helperUser);
}
+ public static void updateLDAPPassword(LDAPFederationProvider ldapProvider, LDAPObject ldapUser, String password) {
+ ldapProvider.getLdapIdentityStore().updatePassword(ldapUser, password);
+
+ // Enable MSAD user through userAccountControls
+ if (ldapProvider.getLdapIdentityStore().getConfig().isActiveDirectory()) {
+ ldapUser.setSingleAttribute(LDAPConstants.USER_ACCOUNT_CONTROL, "512");
+ ldapProvider.getLdapIdentityStore().update(ldapUser);
+ }
+ }
+
public static LDAPFederationProvider getLdapProvider(KeycloakSession keycloakSession, UserFederationProviderModel ldapFedModel) {
LDAPFederationProviderFactory ldapProviderFactory = (LDAPFederationProviderFactory) keycloakSession.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, ldapFedModel.getProviderName());
return ldapProviderFactory.getInstance(keycloakSession, ldapFedModel);