diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/ApacheDSServerIntegrationTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/ApacheDSServerIntegrationTests.java index 55c8b642cf..14cce12bff 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/ApacheDSServerIntegrationTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/ApacheDSServerIntegrationTests.java @@ -21,7 +21,7 @@ import org.springframework.security.ldap.userdetails.LdapUserDetailsManagerTests DefaultLdapAuthoritiesPopulatorTests.class, LdapUserDetailsManagerTests.class, DefaultSpringSecurityContextSourceTests.class, - SpringSecurityLdapTemplateTests.class + SpringSecurityLdapTemplateITests.class } ) public final class ApacheDSServerIntegrationTests { diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java similarity index 98% rename from ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateTests.java rename to ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java index 151c0b044e..97f858435a 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java @@ -33,7 +33,7 @@ import org.springframework.security.crypto.codec.Utf8; /** * @author Luke Taylor */ -public class SpringSecurityLdapTemplateTests extends AbstractLdapIntegrationTests { +public class SpringSecurityLdapTemplateITests extends AbstractLdapIntegrationTests { //~ Instance fields ================================================================================================ private SpringSecurityLdapTemplate template; diff --git a/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateTests.java b/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateTests.java new file mode 100644 index 0000000000..384fb24495 --- /dev/null +++ b/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateTests.java @@ -0,0 +1,68 @@ +/* + * Copyright 2002-2013 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ldap; + +import static org.fest.assertions.Assertions.assertThat; +import static org.mockito.Matchers.*; +import static org.mockito.Mockito.*; + +import javax.naming.NamingEnumeration; +import javax.naming.directory.DirContext; +import javax.naming.directory.SearchControls; +import javax.naming.directory.SearchResult; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.ArgumentCaptor; +import org.mockito.Captor; +import org.mockito.Mock; +import org.mockito.runners.MockitoJUnitRunner; +import org.springframework.ldap.core.DirContextAdapter; +import org.springframework.ldap.core.DistinguishedName; + +@RunWith(MockitoJUnitRunner.class) +public class SpringSecurityLdapTemplateTests { + + @Mock + private DirContext ctx; + @Captor + private ArgumentCaptor searchControls; + @Mock + private NamingEnumeration resultsEnum; + @Mock + private SearchResult searchResult; + + // SEC-2405 + @Test + public void searchForSingleEntryInternalAllowsReferrals() throws Exception { + String base = ""; + String filter = ""; + String searchResultName = "ldap://example.com/dc=springframework,dc=org"; + Object[] params = new Object[] {}; + DirContextAdapter searchResultObject = mock(DirContextAdapter.class); + + when(ctx.search(any(DistinguishedName.class), eq(filter), eq(params), searchControls.capture())).thenReturn(resultsEnum); + when(resultsEnum.hasMore()).thenReturn(true, false); + when(resultsEnum.next()).thenReturn(searchResult); + when(searchResult.getName()).thenReturn(searchResultName); + when(searchResult.getObject()).thenReturn(searchResultObject); + + SpringSecurityLdapTemplate.searchForSingleEntryInternal(ctx, mock(SearchControls.class), base, filter, params); + + assertThat(searchControls.getValue().getReturningObjFlag()).isTrue(); + } + +}