-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-73825] ldap allows insecure configurations #299
Conversation
|
||
@LDAPTestConfiguration(ldapsProtocol = true) | ||
public class LDAPEmbeddedFIPSTest { | ||
public LDAPRule ads = new LDAPRule(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I doubt that you need an actual ldap server running in the background for the tests you are going to do, it will only take up unnecessary compute.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm just trying to login using the secure ldap url .
|
||
//@Test | ||
@LDAPSchema(ldif = "planetexpress", id = "planetexpress", dn = "dc=planetexpress,dc=com") | ||
public void login() throws Exception { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
none of the testing here looks relevant
null, "cn", "mail", null, null); | ||
r.jenkins.setSecurityRealm(realm); | ||
r.configRoundtrip(); | ||
String content = r.createWebClient().login("fry", "fry").goTo("whoAmI").getBody().getTextContent(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should fail when @BorisYaoA 's fix is merged as the password is too short.
And don't reference Cb internal tickets in the PR description/title. Create a cloned ticket on issues.jenkins.io and reference that instead. |
See JENKINS-73825
In FIPS mode, now LDAP don't allows the insecure configuration. Also it shows the error messages in case of insecure ldap url/ short password
Testing
Manually testing is done with below scenarios
Submitter checklist