public void testAuthenticateWithUsernameBasedOnCNAndDC() throws Exception
{
X500Principal principal;
SaslServer saslServer;
AuthenticationResult result;
UsernamePrincipal expectedPrincipal;
// DN contains only CN
principal = new X500Principal("CN=person");
expectedPrincipal = new UsernamePrincipal("person");
saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);
result = _manager.authenticate(saslServer, new byte[0]);
assertNotNull(result);
assertEquals("Expected authentication to be successful",
AuthenticationResult.AuthenticationStatus.SUCCESS,
result.getStatus());
assertOnlyContainsWrapped(expectedPrincipal, result.getPrincipals());
// Null princial
saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", null);
result = _manager.authenticate(saslServer, new byte[0]);
assertNotNull(result);
assertEquals("Expected authentication to be unsuccessful",
AuthenticationResult.AuthenticationStatus.ERROR,
result.getStatus());
// DN doesn't contain CN
principal = new X500Principal("DC=example, DC=com, O=My Company Ltd, L=Newbury, ST=Berkshire, C=GB");
saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);
result = _manager.authenticate(saslServer, new byte[0]);
assertNotNull(result);
assertEquals("Expected authentication to be unsuccessful",
AuthenticationResult.AuthenticationStatus.ERROR,
result.getStatus());
// DN contains empty CN
principal = new X500Principal("CN=, DC=example, DC=com, O=My Company Ltd, L=Newbury, ST=Berkshire, C=GB");
saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);
result = _manager.authenticate(saslServer, new byte[0]);
assertNotNull(result);
assertEquals("Expected authentication to be unsuccessful",
AuthenticationResult.AuthenticationStatus.ERROR,
result.getStatus());
// DN contains CN and DC
principal = new X500Principal("CN=person, DC=example, DC=com");
expectedPrincipal = new UsernamePrincipal("person@example.com");
saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);
result = _manager.authenticate(saslServer, new byte[0]);
assertNotNull(result);
assertEquals("Expected authentication to be successful",
AuthenticationResult.AuthenticationStatus.SUCCESS,
result.getStatus());
assertOnlyContainsWrapped(expectedPrincipal, result.getPrincipals());
// DN contains CN and DC and other components
principal = new X500Principal("CN=person, DC=example, DC=com, O=My Company Ltd, L=Newbury, ST=Berkshire, C=GB");
expectedPrincipal = new UsernamePrincipal("person@example.com");
saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);
result = _manager.authenticate(saslServer, new byte[0]);
assertNotNull(result);
assertEquals("Expected authentication to be successful",
AuthenticationResult.AuthenticationStatus.SUCCESS,
result.getStatus());
assertOnlyContainsWrapped(expectedPrincipal, result.getPrincipals());
// DN contains CN and DC and other components
principal = new X500Principal("CN=person, O=My Company Ltd, L=Newbury, ST=Berkshire, C=GB");
expectedPrincipal = new UsernamePrincipal("person");
saslServer = _manager.createSaslServer("EXTERNAL", "example.example.com", principal);
result = _manager.authenticate(saslServer, new byte[0]);
assertNotNull(result);
assertEquals("Expected authentication to be successful",