2
# $OpenLDAP: pkg/ldap/tests/scripts/test014-whoami,v 1.23.2.4 2008/02/11 23:44:27 quanah Exp $
3
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5
## Copyright 1998-2008 The OpenLDAP Foundation.
6
## All rights reserved.
8
## Redistribution and use in source and binary forms, with or without
9
## modification, are permitted only as authorized by the OpenLDAP
12
## A copy of this license is available in the file LICENSE in the
13
## top-level directory of the distribution or, alternatively, at
14
## <http://www.OpenLDAP.org/license.html>.
16
echo "running defines.sh"
17
. $SRCDIR/scripts/defines.sh
19
mkdir -p $TESTDIR $DBDIR1
21
echo "Running slapadd to build slapd database..."
22
. $CONFFILTER $BACKEND $MONITORDB < $WHOAMICONF > $ADDCONF
23
$SLAPADD -f $ADDCONF -l $LDIFWHOAMI
25
if test $RC != 0 ; then
26
echo "slapadd failed ($RC)!"
30
echo "Starting slapd on TCP/IP port $PORT..."
31
. $CONFFILTER $BACKEND $MONITORDB < $WHOAMICONF > $CONF1
32
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
34
if test $WAIT != 0 ; then
42
echo "Using ldapsearch to check that slapd is running..."
43
for i in 0 1 2 3 4 5; do
44
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
45
'objectclass=*' > /dev/null 2>&1
47
if test $RC = 0 ; then
50
echo "Waiting 5 seconds for slapd to start..."
54
echo "Testing ldapwhoami as anonymous..."
55
$LDAPWHOAMI -h $LOCALHOST -p $PORT1
58
if test $RC != 0 ; then
59
echo "ldapwhoami failed ($RC)!"
60
test $KILLSERVERS != no && kill -HUP $KILLPIDS
64
echo "Testing ldapwhoami as ${MANAGERDN}..."
65
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD
68
if test $RC != 0 ; then
69
echo "ldapwhoami failed ($RC)!"
70
test $KILLSERVERS != no && kill -HUP $KILLPIDS
74
echo "Testing ldapwhoami as ${MANAGERDN} for anonymous..."
75
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \
79
if test $RC != 0 ; then
80
echo "ldapwhoami failed ($RC)!"
81
test $KILLSERVERS != no && kill -HUP $KILLPIDS
85
echo "Testing ldapwhoami as ${MANAGERDN} for dn:$BABSDN..."
86
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \
87
-e \!authzid="dn:$BABSDN"
90
if test $RC != 0 ; then
91
echo "ldapwhoami failed ($RC)!"
92
test $KILLSERVERS != no && kill -HUP $KILLPIDS
96
echo "Testing ldapwhoami as ${MANAGERDN} for u:uham..."
97
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \
101
if test $RC != 0 ; then
102
echo "ldapwhoami failed ($RC)!"
103
test $KILLSERVERS != no && kill -HUP $KILLPIDS
107
# authzFrom: someone else => bjorn
108
echo "Testing authzFrom..."
110
BINDDN="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
113
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..."
114
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
115
-e \!authzid="$AUTHZID"
118
if test $RC != 0 ; then
119
echo "ldapwhoami failed ($RC)!"
120
test $KILLSERVERS != no && kill -HUP $KILLPIDS
124
BINDDN="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com"
127
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..."
128
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
129
-e \!authzid="$AUTHZID"
132
if test $RC != 0 ; then
133
echo "ldapwhoami failed ($RC)!"
134
test $KILLSERVERS != no && kill -HUP $KILLPIDS
138
BINDDN="cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com"
141
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..."
142
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
143
-e \!authzid="$AUTHZID"
146
if test $RC != 0 ; then
147
echo "ldapwhoami failed ($RC)!"
148
test $KILLSERVERS != no && kill -HUP $KILLPIDS
152
BINDDN="cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=example,dc=com"
155
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..."
156
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
157
-e \!authzid="$AUTHZID"
160
if test $RC != 0 ; then
161
echo "ldapwhoami failed ($RC)!"
162
test $KILLSERVERS != no && kill -HUP $KILLPIDS
166
BINDDN="cn=No One,ou=Information Technology Division,ou=People,dc=example,dc=com"
169
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..."
170
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
171
-e \!authzid="$AUTHZID"
174
if test $RC != 0 ; then
175
echo "ldapwhoami failed ($RC)!"
176
test $KILLSERVERS != no && kill -HUP $KILLPIDS
180
BINDDN="cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com"
183
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..."
184
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
185
-e \!authzid="$AUTHZID"
188
if test $RC != 0 ; then
189
echo "ldapwhoami failed ($RC)!"
190
test $KILLSERVERS != no && kill -HUP $KILLPIDS
194
BINDDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
197
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..."
198
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
199
-e \!authzid="$AUTHZID"
202
if test $RC != 0 ; then
203
echo "ldapwhoami failed ($RC)!"
204
test $KILLSERVERS != no && kill -HUP $KILLPIDS
208
BINDDN="cn=ITD Staff,ou=Groups,dc=example,dc=com"
211
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..."
212
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
213
-e \!authzid="$AUTHZID"
216
if test $RC != 0 ; then
217
echo "ldapwhoami failed ($RC)!"
218
test $KILLSERVERS != no && kill -HUP $KILLPIDS
222
BINDDN="cn=Should Fail,dc=example,dc=com"
225
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..."
226
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
227
-e \!authzid="$AUTHZID"
234
echo "ldapwhoami should have failed ($RC)!"
235
test $KILLSERVERS != no && kill -HUP $KILLPIDS
239
echo "ldapwhoami failed ($RC)!"
240
test $KILLSERVERS != no && kill -HUP $KILLPIDS
245
BINDDN="cn=Must Fail,dc=example,dc=com"
248
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..."
249
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
250
-e \!authzid="$AUTHZID"
257
echo "ldapwhoami should have failed ($RC)!"
258
test $KILLSERVERS != no && kill -HUP $KILLPIDS
262
echo "ldapwhoami failed ($RC)!"
263
test $KILLSERVERS != no && kill -HUP $KILLPIDS
268
# authzTo: bjorn => someone else
269
echo "Testing authzTo..."
271
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
274
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..."
275
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
276
-e \!authzid="$AUTHZID"
279
if test $RC != 0 ; then
280
echo "ldapwhoami failed ($RC)!"
281
test $KILLSERVERS != no && kill -HUP $KILLPIDS
285
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
288
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..."
289
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
290
-e \!authzid="$AUTHZID"
293
if test $RC != 0 ; then
294
echo "ldapwhoami failed ($RC)!"
295
test $KILLSERVERS != no && kill -HUP $KILLPIDS
299
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
302
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..."
303
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
304
-e \!authzid="$AUTHZID"
307
if test $RC != 0 ; then
308
echo "ldapwhoami failed ($RC)!"
309
test $KILLSERVERS != no && kill -HUP $KILLPIDS
313
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
316
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..."
317
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
318
-e \!authzid="$AUTHZID"
321
if test $RC != 0 ; then
322
echo "ldapwhoami failed ($RC)!"
323
test $KILLSERVERS != no && kill -HUP $KILLPIDS
327
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
330
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..."
331
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
332
-e \!authzid="$AUTHZID"
335
if test $RC != 0 ; then
336
echo "ldapwhoami failed ($RC)!"
337
test $KILLSERVERS != no && kill -HUP $KILLPIDS
341
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
344
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..."
345
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
346
-e \!authzid="$AUTHZID"
349
if test $RC != 0 ; then
350
echo "ldapwhoami failed ($RC)!"
351
test $KILLSERVERS != no && kill -HUP $KILLPIDS
355
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
358
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..."
359
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
360
-e \!authzid="$AUTHZID"
363
if test $RC != 0 ; then
364
echo "ldapwhoami failed ($RC)!"
365
test $KILLSERVERS != no && kill -HUP $KILLPIDS
369
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
371
AUTHZID="u:group/itd staff"
372
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..."
373
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
374
-e \!authzid="$AUTHZID"
377
if test $RC != 0 ; then
378
echo "ldapwhoami failed ($RC)!"
379
test $KILLSERVERS != no && kill -HUP $KILLPIDS
383
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
386
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..."
387
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
388
-e \!authzid="$AUTHZID"
395
echo "ldapwhoami should have failed ($RC)!"
396
test $KILLSERVERS != no && kill -HUP $KILLPIDS
400
echo "ldapwhoami failed ($RC)!"
401
test $KILLSERVERS != no && kill -HUP $KILLPIDS
406
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
408
AUTHZID="dn:cn=Should Fail,dc=example,dc=com"
409
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..."
410
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
411
-e \!authzid="$AUTHZID"
418
echo "ldapwhoami should have failed ($RC)!"
419
test $KILLSERVERS != no && kill -HUP $KILLPIDS
423
echo "ldapwhoami failed ($RC)!"
424
test $KILLSERVERS != no && kill -HUP $KILLPIDS
429
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
431
AUTHZID="dn:cn=don't!"
432
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (no authzTo; should fail)..."
433
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
434
-e \!authzid="$AUTHZID"
437
if test $RC != 1 ; then
438
echo "ldapwhoami failed ($RC)!"
439
test $KILLSERVERS != no && kill -HUP $KILLPIDS
443
BINDDN="dc=example,dc=com"
446
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID}\"\" (dn.exact; should succeed)..."
447
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
448
-e \!authzid="$AUTHZID"
451
if test $RC != 0 ; then
452
echo "ldapwhoami failed ($RC)!"
453
test $KILLSERVERS != no && kill -HUP $KILLPIDS
457
test $KILLSERVERS != no && kill -HUP $KILLPIDS
459
echo ">>>>> Test succeeded"
461
test $KILLSERVERS != no && wait
465
## Note to developers: when SLAPD_DEBUG=-1 the command
466
## awk '/^do_extended$/ {if (c) {print c} c=0} /<===slap_sasl_match:/ {c++} END {print c}' $TESTDIR/slapd.1.log
467
## must return the sequence 1 2 3 4 5 6 7 8 8 8 1 2 3 4 5 6 7 8 8 8 8 1
468
## to indicate that the authzFrom and authzTo rules applied in the right order.