Merge pull request wildfly#5848 from istudens/WFCORE-5169

[WFCORE-5169] upgraded to Apache Directory Server AM27 and Kerby
darranl · Feb 14, 2024 · 6f1d674 · 6f1d674
2 parents fc25777 + 5ae443f
commit 6f1d674
Show file tree

Hide file tree

Showing 17 changed files with 129 additions and 1,915 deletions.
diff --git a/elytron/pom.xml b/elytron/pom.xml
@@ -124,7 +124,7 @@
         <dependency>
             <groupId>org.apache.directory.api</groupId>
             <artifactId>api-ldap-codec-core</artifactId>
-            <version>1.0.0</version>
+            <version>${version.org.apache.directory.api}</version>
             <scope>test</scope>
             <exclusions>
                 <exclusion>
@@ -137,7 +137,7 @@
         <dependency>
             <groupId>org.apache.directory.api</groupId>
             <artifactId>api-ldap-codec-standalone</artifactId>
-            <version>1.0.3</version>
+            <version>${version.org.apache.directory.api}</version>
             <scope>test</scope>
             <exclusions>
                 <exclusion>
@@ -150,7 +150,7 @@
         <dependency>
             <groupId>org.apache.directory.api</groupId>
             <artifactId>api-ldap-net-mina</artifactId>
-            <version>1.0.3</version>
+            <version>${version.org.apache.directory.api}</version>
             <scope>test</scope>
             <exclusions>
                 <exclusion>
@@ -163,7 +163,7 @@
         <dependency>
             <groupId>org.apache.directory.server</groupId>
             <artifactId>apacheds-core-annotations</artifactId>
-            <version>2.0.0-M24</version>
+            <version>${version.org.apache.ds}</version>
             <scope>test</scope>
             <exclusions>
                 <exclusion>
@@ -178,13 +178,17 @@
                     <groupId>org.bouncycastle</groupId>
                     <artifactId>bcprov-jdk15on</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcpkix-jdk15on</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
         <dependency>
             <groupId>org.apache.directory.server</groupId>
             <artifactId>apacheds-core-api</artifactId>
-            <version>2.0.0-M24</version>
+            <version>${version.org.apache.ds}</version>
             <scope>test</scope>
             <exclusions>
                 <exclusion>
@@ -197,7 +201,7 @@
         <dependency>
             <groupId>org.apache.directory.server</groupId>
             <artifactId>apacheds-protocol-ldap</artifactId>
-            <version>2.0.0-M24</version>
+            <version>${version.org.apache.ds}</version>
             <scope>test</scope>
             <exclusions>
                 <exclusion>

diff --git a/elytron/src/test/java/org/wildfly/extension/elytron/LdapService.java b/elytron/src/test/java/org/wildfly/extension/elytron/LdapService.java
@@ -130,7 +130,6 @@ public Builder addPartition(final String id, final String partitionName, final i
             for (String current : indexes) {
                 partitionFactory.addIndex(partition, current, indexSize);
             }
-            partition.setCacheService(directoryService.getCacheService());
             partition.initialize();
             directoryService.addPartition(partition);
 

diff --git a/elytron/src/test/java/org/wildfly/extension/elytron/TestEnvironment.java b/elytron/src/test/java/org/wildfly/extension/elytron/TestEnvironment.java
@@ -77,7 +77,6 @@ private static KeyStore createLocalhostKeyStore(SelfSignedX509CertificateAndSign
         KeyStore localhostKeyStore = loadKeyStore();
 
         X509Certificate issuerCertificate = issuerSelfSignedX509CertificateAndSigningKey.getSelfSignedCertificate();
-        localhostKeyStore.setCertificateEntry("ca", issuerCertificate);
 
         X509Certificate localhostCertificate = new X509CertificateBuilder()
                 .setIssuerDn(ISSUER_DN)

diff --git a/elytron/src/test/resources/org/wildfly/extension/elytron/ldap.xml b/elytron/src/test/resources/org/wildfly/extension/elytron/ldap.xml
@@ -26,9 +26,9 @@
                <attribute from="cn" to="firstName"/>
                <attribute from="sn"/>
                <attribute from="telephoneNumber" to="phones"/>
-               <attribute filter="(&amp;(objectClass=groupOfNames)(member={1}))" filter-base-dn="dc=elytron,dc=wildfly,dc=org" to="rolesDn"/>
+               <attribute filter="(&amp;(objectClass=groupOfNames)(member={1}))" filter-base-dn="ou=Finance,dc=groups,dc=elytron,dc=wildfly,dc=org" to="rolesDn"/>
                <attribute filter="(&amp;(objectClass=groupOfNames)(member={1}))" filter-base-dn="dc=elytron,dc=wildfly,dc=org" to="rolesRecRdnCn" role-recursion="2" extract-rdn="CN"/>
-               <attribute filter="(&amp;(objectClass=groupOfNames)(member={1}))" filter-base-dn="dc=elytron,dc=wildfly,dc=org" to="rolesCn" extract-rdn="CN"/>
+               <attribute filter="(&amp;(objectClass=groupOfNames)(member={1}))" filter-base-dn="ou=Finance,dc=groups,dc=elytron,dc=wildfly,dc=org" to="rolesCn" extract-rdn="CN"/>
                <attribute filter="(&amp;(objectClass=groupOfNames)(member={1}))" filter-base-dn="dc=elytron,dc=wildfly,dc=org" from="description" to="rolesDescription" role-recursion="2"/>
                <attribute filter="(&amp;(objectClass=organizationalRole)(description={0}))" filter-base-dn="dc=elytron,dc=wildfly,dc=org" from="street" to="rolesByName" role-recursion="2" role-recursion-name="postalCode"/>
                <attribute reference="memberOf" from="description" to="memberOfDescription" role-recursion="5"/>
@@ -87,7 +87,7 @@
                <attribute name="objectClass" value="top inetOrgPerson"/>
                <attribute name="sn" value="NewKeyStoreItem"/>
             </new-item-template>
-            <search path="dc=elytron,dc=wildfly,dc=org" recursive="true" time-limit="1000" filter-alias="(&amp;(objectClass=inetOrgPerson)(sn={0}))"
+            <search path="ou=keystore,dc=elytron,dc=wildfly,dc=org" recursive="true" time-limit="1000" filter-alias="(&amp;(objectClass=inetOrgPerson)(sn={0}))"
                     filter-certificate="(&amp;(objectClass=inetOrgPerson)(usercertificate={0}))" filter-iterate="(sn=serenity*)"/>
             <attribute-mapping alias-attribute="sn" certificate-attribute="usercertificate" certificate-chain-attribute="userSMIMECertificate" certificate-chain-encoding="PKCS7" certificate-type="X.509"/>
          </ldap-key-store>

diff --git a/pom.xml b/pom.xml
@@ -185,12 +185,9 @@
         <version.org.aesh>2.4</version.org.aesh>
         <version.org.aesh-extensions>1.8</version.org.aesh-extensions>
         <version.org.aesh-readline>2.2</version.org.aesh-readline>
-        <version.org.apache.ds>2.0.0-M15</version.org.apache.ds>
-        <!-- TODO Elytron - Bump to AM26+ after AM26 is released.
-             Cannot bump to M24 due to https://issues.apache.org/jira/browse/DIRSERVER-2231
-             (the current workaround causes test failures in domain-management tests).
-             Cannot bump to AM25 due to https://issues.apache.org/jira/browse/DIRSERVER-2247.
-        -->
+        <version.org.apache.ds>2.0.0.AM27</version.org.apache.ds>
+        <version.org.apache.directory.api>2.1.5</version.org.apache.directory.api>
+        <version.org.apache.kerby>2.0.3</version.org.apache.kerby>
         <version.org.apache.httpcomponents.httpclient>4.5.14</version.org.apache.httpcomponents.httpclient>
         <version.org.apache.httpcomponents.httpcore>4.4.16</version.org.apache.httpcomponents.httpcore>
         <version.org.apache.logging.log4j>2.22.1</version.org.apache.logging.log4j>