Minimal mod_authnz_ldap test; requires special configuration of
an LDAP server on port 8389.
git-svn-id: https://svn.apache.org/repos/asf/httpd/test/framework/trunk@1878655 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/scripts/httpd.ldif b/scripts/httpd.ldif
new file mode 100644
index 0000000..a205e79
--- /dev/null
+++ b/scripts/httpd.ldif
@@ -0,0 +1,41 @@
+dn: uid=alpha,dc=example,dc=com
+objectClass: inetOrgPerson
+cn: Alpha Person
+givenName: Alpha
+sn: Person
+uid: alpha
+roomnumber: 42
+userPassword: Alpha
+
+dn: uid=beta,dc=example,dc=com
+objectClass: inetOrgPerson
+cn: Beta Person
+givenName: Beta
+sn: Person
+uid: beta
+roomnumber: 41
+userPassword: Beta
+
+dn: uid=gamma,dc=example,dc=com
+objectClass: inetOrgPerson
+cn: Gamma Person
+givenName: Gamma
+sn: Person
+uid: gamma
+roomnumber: 101
+userPassword: Gamma
+
+dn: uid=delta,dc=example,dc=com
+objectClass: inetOrgPerson
+cn: Delta Person
+givenName: Delta
+sn: Person
+uid: delta
+roomnumber: 43
+userPassword: Delta
+
+dn: cn=Group One, dc=example,dc=com
+objectClass: groupOfUniqueNames
+uniqueMember: uid=alpha,dc=example,dc=com
+uniqueMember: uid=beta,dc=example,dc=com
+uniqueMember: uid=delta,dc=example,dc=com
diff --git a/t/conf/extra.conf.in b/t/conf/extra.conf.in
index 6a341b8..6a33e8f 100644
--- a/t/conf/extra.conf.in
+++ b/t/conf/extra.conf.in
@@ -765,6 +765,29 @@
</IfModule>
</IfDefine>
+##
+## Configuration for t/modules/ldap.t.
+##
+<IfDefine LDAP>
+ Alias /modules/ldap/simple @DocumentRoot@
+ Alias /modules/ldap/group @DocumentRoot@
+ # Simple user lookup
+ <Location /modules/ldap/simple>
+ AuthType Basic
+ AuthName ldap-simple@httpd.apache.org
+ AuthBasicProvider ldap
+ AuthLDAPURL "ldap://localhost:8389/dc=example,dc=com?uid"
+ Require valid-user
+ </Location>
+ # Static group configuration
+ <Location /modules/ldap/group>
+ AuthType Basic
+ AuthName ldap-group@httpd.apache.org
+ AuthBasicProvider ldap
+ AuthLDAPURL "ldap://localhost:8389/dc=example,dc=com?uid"
+ Require ldap-group cn=Group One,dc=example,dc=com
+ </Location>
+</IfDefine>
##
## ErrorDocument handling
diff --git a/t/modules/ldap.t b/t/modules/ldap.t
new file mode 100644
index 0000000..bb46990
--- /dev/null
+++ b/t/modules/ldap.t
@@ -0,0 +1,50 @@
+use strict;
+use warnings FATAL => 'all';
+
+#
+# To run tests for mod_authnz_ldap:
+#
+# a) run an LDAP server with root DN of dc=example,dc=com on localhost port 8389
+# b) populate the directory with the LDIF from scripts/httpd.ldif
+# c) configure & run the test suite passing "--defines LDAP" to ./t/TEST
+#
+
+use Apache::Test;
+use Apache::TestRequest;
+use Apache::TestUtil;
+use Apache::TestConfig;
+
+my $defs = Apache::Test->vars('defines');
+my $ldap_defined = $defs =~ /LDAP/;
+
+# URL -> username, password, expected-status
+my @cases = (
+ ['/modules/ldap/simple/' => '', '', 401],
+ ['/modules/ldap/simple/' => 'alpha', 'badpass', 401],
+ ['/modules/ldap/simple/' => 'alpha', 'Alpha', 200],
+ ['/modules/ldap/simple/' => 'gamma', 'Gamma', 200],
+ ['/modules/ldap/group/' => 'gamma', 'Gamma', 401],
+ ['/modules/ldap/group/' => 'delta', 'Delta', 200],
+);
+
+plan tests => scalar @cases,
+ need need_module('authnz_ldap'), { "LDAP testing not configured" => $ldap_defined };
+
+foreach my $t (@cases) {
+ my $url = $t->[0];
+ my $username = $t->[1];
+ my $password = $t->[2];
+ my $response;
+ my $creds;
+
+ if ($username) {
+ $response = GET $url, username => $username, password => $password;
+ $creds = "$username/$password";
+ }
+ else {
+ $response = GET $url;
+ $creds = "no credentials";
+ }
+
+ ok t_cmp($response->code, $t->[3], "test for $url with $creds");
+}