From 5f8bbc5ebae241c780e2aad7dbb8fdd0ec5b939d Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Sun, 29 Aug 2010 05:06:07 +0000 Subject: [PATCH] use as tester an identity that needs to be proxedauthz'ed (more representative and stressful) --- tests/data/slapd-glue-ldap.conf | 11 +++++++++-- tests/data/slapd-meta-target1.conf | 3 +++ tests/data/slapd-meta-target2.conf | 4 ++++ tests/data/slapd-meta.conf | 11 +++++++++-- tests/scripts/test036-meta-concurrency | 4 +++- tests/scripts/test039-glue-ldap-concurrency | 12 +++++++++--- 6 files changed, 37 insertions(+), 8 deletions(-) diff --git a/tests/data/slapd-glue-ldap.conf b/tests/data/slapd-glue-ldap.conf index 3f90c968af..cfeae8c02f 100644 --- a/tests/data/slapd-glue-ldap.conf +++ b/tests/data/slapd-glue-ldap.conf @@ -54,7 +54,7 @@ idassert-bind bindmethod=simple credentials="secret" mode=self flags=non-prescriptive -idassert-authzfrom "dn.exact:cn=Manager,dc=example,dc=com" +idassert-authzfrom "dn.exact:cn=Manager,o=Local" # local database ldap @@ -68,8 +68,15 @@ idassert-bind bindmethod=simple credentials="secret" mode=self flags=non-prescriptive -idassert-authzfrom "dn.exact:cn=Manager,dc=example,dc=com" +idassert-authzfrom "dn.exact:cn=Manager,o=Local" limits dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" time=1 size=8 +# This is only for binding as the rootdn +database ldap +suffix "o=Local" +rootdn "cn=Manager,o=Local" +rootpw secret +uri "@URI6@" + #monitor#database monitor diff --git a/tests/data/slapd-meta-target1.conf b/tests/data/slapd-meta-target1.conf index 278cc8936c..37d2f5d1df 100644 --- a/tests/data/slapd-meta-target1.conf +++ b/tests/data/slapd-meta-target1.conf @@ -52,12 +52,15 @@ rootpw secret # ITS#5154: force mixed success/failure of binds using same connection access to dn="cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,dc=example,dc=com" attrs=userPassword + by dn="cn=Manager,o=Local" write by * =r access to attrs=userPassword + by dn="cn=Manager,o=Local" write by * =xr access to * + by dn="cn=Manager,o=Local" write by * read #monitor#database monitor diff --git a/tests/data/slapd-meta-target2.conf b/tests/data/slapd-meta-target2.conf index bd590c9207..9df9bfcfee 100644 --- a/tests/data/slapd-meta-target2.conf +++ b/tests/data/slapd-meta-target2.conf @@ -54,4 +54,8 @@ rootpw secret #ndb#dbname db_2 #ndb#include @DATADIR@/ndb.conf +access to * + by dn="cn=Manager,o=Local" write + by * read + #monitor#database monitor diff --git a/tests/data/slapd-meta.conf b/tests/data/slapd-meta.conf index 528eaf5afc..1cb56ced64 100644 --- a/tests/data/slapd-meta.conf +++ b/tests/data/slapd-meta.conf @@ -58,7 +58,7 @@ idassert-bind bindmethod=simple credentials="secret" mode=self flags=non-prescriptive -idassert-authzFrom "dn.exact:cn=Manager,o=Example,c=US" +idassert-authzFrom "dn.exact:cn=Manager,o=Local" # remote uri "@URI1@o=Example,c=US" @@ -70,8 +70,15 @@ idassert-bind bindmethod=simple credentials="secret" mode=self flags=non-prescriptive -idassert-authzFrom "dn.exact:cn=Manager,o=Example,c=US" +idassert-authzFrom "dn.exact:cn=Manager,o=Local" limits dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,o=Example,c=US" time=1 size=8 +# This is only for binding as the rootdn +database meta +suffix "o=Local" +rootdn "cn=Manager,o=Local" +rootpw secret +uri "@URI6@o=Local" + #monitor#database monitor diff --git a/tests/scripts/test036-meta-concurrency b/tests/scripts/test036-meta-concurrency index 413f191228..f8bc1d636e 100755 --- a/tests/scripts/test036-meta-concurrency +++ b/tests/scripts/test036-meta-concurrency @@ -197,9 +197,11 @@ done # NOTE: copies do_* files from $TESTDIR/$DATADIR to $TESTDIR $MONITORDATA "$MONITORDB" "$TESTDIR/$DATADIR" "$TESTDIR" +BINDDN="cn=Manager,o=Local" +PASSWD="secret" echo "Using tester for concurrent server access..." $SLAPDTESTER -P "$PROGDIR" -d "$TESTDIR" -h $LOCALHOST -p $PORT3 \ - -D "cn=Manager,$METABASEDN" -w $PASSWD -l $TESTLOOPS -j $TESTCHILDREN \ + -D "$BINDDN" -w $PASSWD -l $TESTLOOPS -j $TESTCHILDREN \ -r 20 -i '!REFERRAL' -i '*INVALID_CREDENTIALS' -SS RC=$? diff --git a/tests/scripts/test039-glue-ldap-concurrency b/tests/scripts/test039-glue-ldap-concurrency index b441d2b1fc..2437cc57c5 100755 --- a/tests/scripts/test039-glue-ldap-concurrency +++ b/tests/scripts/test039-glue-ldap-concurrency @@ -36,6 +36,10 @@ if test x$TESTOLOOPS = x ; then TESTOLOOPS=1 fi +if test x$TESTCHILDREN = x ; then + TESTCHILDREN=20 +fi + rm -rf $TESTDIR mkdir -p $TESTDIR $DBDIR1 $DBDIR2 @@ -182,10 +186,12 @@ done $MONITORDATA "$MONITORDB" "$TESTDIR/$DATADIR" "$TESTDIR" echo "Using tester for concurrent server access..." +BINDDN="cn=Manager,o=Local" +PASSWD="secret" $SLAPDTESTER -P "$PROGDIR" -d "$TESTDIR" -h $LOCALHOST -p $PORT3 \ - -D "cn=Manager,$METABASEDN" -w $PASSWD \ - -l $TESTLOOPS -L $TESTOLOOPS -r 20 \ - -i '!REFERRAL' -i '*INVALID_CREDENTIALS' + -D "$BINDDN" -w $PASSWD \ + -l $TESTLOOPS -L $TESTOLOOPS -j $TESTCHILDREN -r 20 \ + -i '!REFERRAL' -i '*INVALID_CREDENTIALS' -SS RC=$? if test $RC != 0 ; then -- 2.39.5