AbstractAuthorizationITest

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.directory.server.core.authz
Class AbstractAuthorizationITest

java.lang.Object
  TestCase
      org.apache.directory.server.core.unit.AbstractTestCase
          org.apache.directory.server.core.authz.AbstractAuthorizationITest

Direct Known Subclasses:: AddAuthorizationITest, AdministratorsGroupITest, AuthzAuthnITest, CompareAuthorizationITest, DeleteAuthorizationITest, ModifyAuthorizationITest, MoveRenameAuthorizationITest, SearchAuthorizationITest

public abstract class AbstractAuthorizationITest
extends org.apache.directory.server.core.unit.AbstractTestCase
extends org.apache.directory.server.core.unit.AbstractTestCase

A base class used for authorization tests. It has some extra utility methods added to it which are required by all authorization tests. Note that we use the admin test case otherwise failures will result without browse permission when setting up the test case for non-admin users. Anyway we do not use the context created for the non-admin user since it is anonymous, we get our own contexts.

Field Summary

Fields inherited from class org.apache.directory.server.core.unit.AbstractTestCase
`configuration, doDelete, LDIF, password, sysRoot, testEntries, username`

Constructor Summary
`AbstractAuthorizationITest()` Creates an abstract authorization test case which enables the authorization subsystem of the server.

Method Summary
`void`	`addEntryACI(javax.naming.Name rdn, java.lang.String aciItem)` Adds and entryACI attribute to an entry specified by a relative name with respect to ou=system
`void`	`addSubentryACI(java.lang.String aciItem)` Adds and subentryACI attribute to ou=system
`void`	`addUserToGroup(java.lang.String userUid, java.lang.String groupCn)` Adds an existing user under ou=users,ou=system to an existing group under the ou=groups,ou=system container.
`void`	`createAccessControlSubentry(java.lang.String cn, java.lang.String aciItem)` Creates an access control subentry under ou=system whose subtree covers the entire naming context.
`void`	`createAccessControlSubentry(java.lang.String cn, java.lang.String subtree, java.lang.String aciItem)` Creates an access control subentry under ou=system whose subtree covers the entire naming context.
`javax.naming.Name`	`createGroup(java.lang.String groupName)` Creates a simple groupOfUniqueNames under the ou=groups,ou=system container.
`javax.naming.Name`	`createGroup(java.lang.String cn, java.lang.String firstMemberDn)` Creates a group using the groupOfUniqueNames objectClass under the ou=groups,ou=sytem container with an initial member.
`javax.naming.Name`	`createUser(java.lang.String uid, java.lang.String password)` Creates a simple user as an inetOrgPerson under the ou=users,ou=system container.
`void`	`deleteAccessControlSubentry(java.lang.String cn)`
`void`	`deleteUser(java.lang.String uid)` Deletes a user with a specific UID under ou=users,ou=system.
`javax.naming.directory.DirContext`	`getContextAs(javax.naming.Name user, java.lang.String password)` Gets the context at ou=system as a specific user.
`javax.naming.directory.DirContext`	`getContextAs(javax.naming.Name user, java.lang.String password, java.lang.String dn)` Gets the context at any DN under ou=system as a specific user.
`javax.naming.directory.DirContext`	`getContextAsAdmin()` Gets a context at ou=system as the admin user.
`javax.naming.directory.DirContext`	`getContextAsAdmin(java.lang.String dn)` Gets a context at some dn within the directory as the admin user.
`void`	`removeUserFromGroup(java.lang.String userUid, java.lang.String groupCn)` Removes a user from a group.

Methods inherited from class org.apache.directory.server.core.unit.AbstractTestCase
`doDelete, getOverriddenEnvironment, overrideEnvironment, setLdifPath, setLdifPath, setLoadClass, setSysRoot, setSysRoot, setUp, tearDown`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

AbstractAuthorizationITest

public AbstractAuthorizationITest()

Creates an abstract authorization test case which enables the authorization subsystem of the server.

Method Detail

getContextAsAdmin

public javax.naming.directory.DirContext getContextAsAdmin()
                                                    throws javax.naming.NamingException

Gets a context at ou=system as the admin user.

Returns:: the admin context at ou=system
Throws:: javax.naming.NamingException - if there are problems creating the context

getContextAsAdmin

public javax.naming.directory.DirContext getContextAsAdmin(java.lang.String dn)
                                                    throws javax.naming.NamingException

Gets a context at some dn within the directory as the admin user. Should be a dn of an entry under ou=system since no other partitions are enabled.

Parameters:: dn - the DN of the context to get
Returns:: the context for the DN as the admin user
Throws:: javax.naming.NamingException - if is a problem initializing or getting the context

createGroup

public javax.naming.Name createGroup(java.lang.String cn,
                                     java.lang.String firstMemberDn)
                              throws javax.naming.NamingException

Creates a group using the groupOfUniqueNames objectClass under the ou=groups,ou=sytem container with an initial member.

Parameters:: cn - the common name of the group used as the RDN attribute; firstMemberDn - the DN of the first member of this group
Returns:: the distinguished name of the group entry
Throws:: javax.naming.NamingException - if there are problems creating the new group like it exists already

deleteUser

public void deleteUser(java.lang.String uid)
                throws javax.naming.NamingException

Deletes a user with a specific UID under ou=users,ou=system.

Parameters:: uid - the RDN value for the user to delete
Throws:: javax.naming.NamingException - if there are problems removing the user i.e. user does not exist

createUser

public javax.naming.Name createUser(java.lang.String uid,
                                    java.lang.String password)
                             throws javax.naming.NamingException

Creates a simple user as an inetOrgPerson under the ou=users,ou=system container. The user's RDN attribute is the uid argument. This argument is also used as the value of the two MUST attributes: sn and cn.

Parameters:: uid - the value of the RDN attriubte (uid), the sn and cn attributes; password - the password to use to create the user
Returns:: the dn of the newly created user entry
Throws:: javax.naming.NamingException - if there are problems creating the user entry

createGroup

public javax.naming.Name createGroup(java.lang.String groupName)
                              throws javax.naming.NamingException

Creates a simple groupOfUniqueNames under the ou=groups,ou=system container. The admin user is always a member of this newly created group.

Throws:: javax.naming.NamingException

addUserToGroup

public void addUserToGroup(java.lang.String userUid,
                           java.lang.String groupCn)
                    throws javax.naming.NamingException

Adds an existing user under ou=users,ou=system to an existing group under the ou=groups,ou=system container.

Parameters:: userUid - the uid of the user to add to the group; groupCn - the cn of the group to add the user to
Throws:: javax.naming.NamingException - if the group does not exist

removeUserFromGroup

public void removeUserFromGroup(java.lang.String userUid,
                                java.lang.String groupCn)
                         throws javax.naming.NamingException

Removes a user from a group.

Parameters:: userUid - the RDN attribute value of the user to remove from the group; groupCn - the RDN attribute value of the group to have user removed from
Throws:: javax.naming.NamingException - if there are problems accessing the group

getContextAs

public javax.naming.directory.DirContext getContextAs(javax.naming.Name user,
                                                      java.lang.String password)
                                               throws javax.naming.NamingException

Gets the context at ou=system as a specific user.

Parameters:: user - the DN of the user to get the context as; password - the password of the user
Returns:: the context as the user
Throws:: javax.naming.NamingException - if the user does not exist or authx fails

getContextAs

public javax.naming.directory.DirContext getContextAs(javax.naming.Name user,
                                                      java.lang.String password,
                                                      java.lang.String dn)
                                               throws javax.naming.NamingException

Gets the context at any DN under ou=system as a specific user.

Parameters:: user - the DN of the user to get the context as; password - the password of the user; dn - the distinguished name of the entry to get the context for
Returns:: the context representing the entry at the dn as a specific user
Throws:: javax.naming.NamingException - if the does not exist or authx fails

deleteAccessControlSubentry

public void deleteAccessControlSubentry(java.lang.String cn)
                                 throws javax.naming.NamingException

Throws:: javax.naming.NamingException

createAccessControlSubentry

public void createAccessControlSubentry(java.lang.String cn,
                                        java.lang.String aciItem)
                                 throws javax.naming.NamingException

Creates an access control subentry under ou=system whose subtree covers the entire naming context.

Parameters:: cn - the common name and rdn for the subentry; aciItem - the prescriptive ACI attribute value
Throws:: javax.naming.NamingException - if there is a problem creating the subentry

createAccessControlSubentry

public void createAccessControlSubentry(java.lang.String cn,
                                        java.lang.String subtree,
                                        java.lang.String aciItem)
                                 throws javax.naming.NamingException

Creates an access control subentry under ou=system whose subtree covers the entire naming context.

Parameters:: cn - the common name and rdn for the subentry; subtree - the subtreeSpecification for the subentry; aciItem - the prescriptive ACI attribute value
Throws:: javax.naming.NamingException - if there is a problem creating the subentry

addEntryACI

public void addEntryACI(javax.naming.Name rdn,
                        java.lang.String aciItem)
                 throws javax.naming.NamingException

Adds and entryACI attribute to an entry specified by a relative name with respect to ou=system

Parameters:: rdn - a name relative to ou=system; aciItem - the entryACI attribute value
Throws:: javax.naming.NamingException - if there is a problem adding the attribute

addSubentryACI

public void addSubentryACI(java.lang.String aciItem)
                    throws javax.naming.NamingException

Adds and subentryACI attribute to ou=system

Parameters:: aciItem - the subentryACI attribute value
Throws:: javax.naming.NamingException - if there is a problem adding the attribute

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.directory.server.core.authz Class AbstractAuthorizationITest

AbstractAuthorizationITest

getContextAsAdmin

getContextAsAdmin

createGroup

deleteUser

createUser

createGroup

addUserToGroup

removeUserFromGroup

getContextAs

getContextAs

deleteAccessControlSubentry

createAccessControlSubentry

createAccessControlSubentry

addEntryACI

addSubentryACI

org.apache.directory.server.core.authz
Class AbstractAuthorizationITest