def testConnectSSL(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://ldap.dnscherry.org:636'
cfg2['checkcert'] = 'on'
inv = Auth(cfg2, cherrypy.log)
ldap = inv._connect()
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
def testConnectSSL(self):
cfg2 = cfg.copy()
cfg2["uri"] = "ldaps://ldap.dnscherry.org:636"
cfg2["checkcert"] = "on"
inv = Auth(cfg2, cherrypy.log)
ldap = inv._connect()
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
def testConnectStartTLS(self):
cfg2 = cfg.copy()
cfg2["uri"] = "ldap://ldap.dnscherry.org:390"
cfg2["checkcert"] = "off"
cfg2["starttls"] = "on"
cfg2["ca"] = "./test/cfg/ca.crt"
inv = Auth(cfg2, cherrypy.log)
ldapc = inv._connect()
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
def testConnectStartTLS(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldap://ldap.dnscherry.org:390'
cfg2['checkcert'] = 'off'
cfg2['starttls'] = 'on'
cfg2['ca'] = './test/cfg/ca.crt'
inv = Auth(cfg2, cherrypy.log)
ldapc = inv._connect()
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
def testConnectSSLWrongCA(self):
cfg2 = cfg.copy()
cfg2["uri"] = "ldaps://ldap.dnscherry.org:636"
cfg2["checkcert"] = "on"
inv = Auth(cfg2, cherrypy.log)
ldapc = inv._connect()
try:
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
except ldap.SERVER_DOWN as e:
assert e[0]["info"] == "TLS: hostname does not match CN in peer certificate"
def testMissingCA(self):
cfg2 = cfg.copy()
cfg2["uri"] = "ldaps://ldap.dnscherry.org:636"
cfg2["checkcert"] = "on"
cfg2["ca"] = "./test/cfg/not_a_ca.crt"
try:
inv = Auth(cfg2, cherrypy.log)
ldapc = inv._connect()
except CaFileDontExist as e:
return
def testMissingCA(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://ldap.dnscherry.org:636'
cfg2['checkcert'] = 'on'
cfg2['ca'] = './test/cfg/not_a_ca.crt'
try:
inv = Auth(cfg2, cherrypy.log)
ldapc = inv._connect()
except CaFileDontExist as e:
return
def testLdapUnavaible(self):
cfg2 = cfg.copy()
cfg2["uri"] = "ldaps://notaldap:636"
cfg2["checkcert"] = "on"
inv = Auth(cfg2, cherrypy.log)
try:
ldapc = inv._connect()
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
except ldap.SERVER_DOWN as e:
return
def testLdapUnavaible(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://notaldap:636'
cfg2['checkcert'] = 'on'
inv = Auth(cfg2, cherrypy.log)
try:
ldapc = inv._connect()
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
except ldap.SERVER_DOWN as e:
return
def testConnectSSLWrongCA(self):
cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://ldap.dnscherry.org:636'
cfg2['checkcert'] = 'on'
inv = Auth(cfg2, cherrypy.log)
ldapc = inv._connect()
try:
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
except ldap.SERVER_DOWN as e:
assert e[0][
'info'] == 'TLS: hostname does not match CN in peer certificate'
def testMissingParam(self):
cfg2 = {}
return True
try:
inv = Auth(cfg2, cherrypy.log)
except MissingKey:
return
def testAuthFailure(self):
inv = Auth(cfg, cherrypy.log)
res = inv.check_credentials('notauser',
'password') or inv.check_credentials(
'jwatson', 'notapassword')
assert res == False
def testConnect(self):
inv = Auth(cfg, cherrypy.log)
ldap = inv._connect()
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
return True
def testAuthFailure(self):
inv = Auth(cfg, cherrypy.log)
res = inv.check_credentials("notauser", "password") or inv.check_credentials("jwatson", "notapassword")
assert res == False
def testAuthSuccess(self):
inv = Auth(cfg, cherrypy.log)
ret = inv.check_credentials("jwatson", "passwordwatson")
assert ret == True
def testAuthSuccess(self):
inv = Auth(cfg, cherrypy.log)
ret = inv.check_credentials('jwatson', 'passwordwatson')
assert ret == True
def testNominal(self):
inv = Auth(cfg, cherrypy.log)
return True
def testConnect(self):
inv = Auth(cfg, cherrypy.log)
ldap = inv._connect()
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
return True
