package com.ibm.ws.security.wim.adapter.ldap.fat;

import com.ibm.websphere.simplicity.config.ServerConfiguration;
import com.ibm.websphere.simplicity.config.wim.Attribute;
import com.ibm.websphere.simplicity.config.wim.AttributeConfiguration;
import com.ibm.websphere.simplicity.config.wim.AttributesCache;
import com.ibm.websphere.simplicity.config.wim.ContextPool;
import com.ibm.websphere.simplicity.config.wim.ExternalIdAttribute;
import com.ibm.websphere.simplicity.config.wim.FailoverServers;
import com.ibm.websphere.simplicity.config.wim.FederatedRepository;
import com.ibm.websphere.simplicity.config.wim.LdapCache;
import com.ibm.websphere.simplicity.config.wim.LdapEntityType;
import com.ibm.websphere.simplicity.config.wim.LdapFilters;
import com.ibm.websphere.simplicity.config.wim.LdapRegistry;
import com.ibm.websphere.simplicity.config.wim.RealmPropertyMapping;
import com.ibm.websphere.simplicity.config.wim.SearchResultsCache;
import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.security.registry.test.UserRegistryServletConnection;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import componenttest.topology.utils.LDAPFatUtils;
import componenttest.topology.utils.LDAPUtils;
import java.util.List;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;

@RunWith(FATRunner.class)
@Mode(Mode.TestMode.LITE)
/* loaded from: input_file:com/ibm/ws/security/wim/adapter/ldap/fat/LDAPRegistryDynamicUpdateTest.class */
public class LDAPRegistryDynamicUpdateTest {
    private static UserRegistryServletConnection servlet;
    private static final String USERNAME = "vmmtestuser";
    private static final String USER_PASSWORD = "vmmtestuserpwd";
    private static LibertyServer server = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.wim.adapter.ldap.fat.dynamic");
    private static final Class<?> c = LDAPRegistryDynamicUpdateTest.class;
    private static ServerConfiguration emptyConfiguration = null;

    @BeforeClass
    public static void setUp() throws Exception {
        LDAPUtils.addLDAPVariables(server);
        Log.info(c, "setUp", "Starting the server... (will wait for userRegistry servlet to start)");
        server.copyFileToLibertyInstallRoot("lib/features", "internalfeatures/securitylibertyinternals-1.0.mf");
        server.addInstalledAppForValidation("userRegistry");
        server.startServer(c.getName() + ".log");
        Assert.assertNotNull("Application userRegistry does not appear to have started.", server.waitForStringInLog("CWWKZ0001I:.*userRegistry"));
        Assert.assertNotNull("Security service did not report it was ready", server.waitForStringInLog("CWWKS0008I"));
        Assert.assertNotNull("Server did not came up", server.waitForStringInLog("CWWKF0011I"));
        Log.info(c, "setUp", "Creating servlet connection the server");
        servlet = new UserRegistryServletConnection(server.getHostname(), server.getHttpDefaultPort());
        servlet.getRealm();
        Thread.sleep(5000L);
        servlet.getRealm();
        emptyConfiguration = server.getServerConfiguration();
    }

    @AfterClass
    public static void tearDown() throws Exception {
        Log.info(c, "tearDown", "Stopping the server...");
        try {
            server.stopServer(new String[]{"CWIMK0004E", "CWIML4537E", "CWIML4538E"});
            server.deleteFileFromLibertyInstallRoot("lib/features/internalfeatures/securitylibertyinternals-1.0.mf");
        } catch (Throwable th) {
            server.deleteFileFromLibertyInstallRoot("lib/features/internalfeatures/securitylibertyinternals-1.0.mf");
            throw th;
        }
    }

    @Test
    public void configureTwoLDAPsThenOneLDAPDynamically() throws Exception {
        Log.info(c, "configureTwoLDAPsThenOneLDAPDynamically", "Entering test configureTwoLDAPsThenOneLDAPDynamically");
        ServerConfiguration clone = emptyConfiguration.clone();
        LDAPFatUtils.createFederatedRepository(clone, "TwoLDAPRealm", new String[]{LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP_TDS", "SampleLdapIDSRealm").getBaseDN(), LDAPFatUtils.createADLdapRegistry(clone, "LDAP_AD", "SampleLdapADRealm").getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertNull("Authentication should not succeed.", servlet.checkPassword(USERNAME, USER_PASSWORD));
        Assert.assertEquals("TwoLDAPRealm", servlet.getRealm());
        server.waitForStringInLog("CWIML4538E");
        ServerConfiguration clone2 = emptyConfiguration.clone();
        FederatedRepository createFederatedRepository = LDAPFatUtils.createFederatedRepository(clone2, "OneLDAPRealm", new String[]{LDAPFatUtils.createTDSLdapRegistry(clone2, "LDAP", "SampleLdapIDSRealm").getBaseDN()});
        createFederatedRepository.getPrimaryRealm().setUniqueUserIdMapping(new RealmPropertyMapping("uniqueName", "uniqueName"));
        createFederatedRepository.getPrimaryRealm().setUserSecurityNameMapping(new RealmPropertyMapping("principalName", "principalName"));
        createFederatedRepository.getPrimaryRealm().setUserDisplayNameMapping(new RealmPropertyMapping("principalName", "principalName"));
        createFederatedRepository.getPrimaryRealm().setUniqueGroupIdMapping(new RealmPropertyMapping("uniqueName", "uniqueName"));
        createFederatedRepository.getPrimaryRealm().setGroupSecurityNameMapping(new RealmPropertyMapping("cn", "cn"));
        createFederatedRepository.getPrimaryRealm().setGroupDisplayNameMapping(new RealmPropertyMapping("cn", "cn"));
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        Assert.assertEquals("Authentication should succeed.", USERNAME, servlet.checkPassword(USERNAME, USER_PASSWORD));
        Assert.assertEquals("OneLDAPRealm", servlet.getRealm());
        LDAPFatUtils.assertDNsEqual("Unique names should be equal ", "cn=vmmtestuser,o=ibm,c=us", servlet.getUniqueUserId(USERNAME));
    }

    @Test
    public void changeLDAPServerConfigDynamically() throws Exception {
        Log.info(c, "changeLDAPServerConfigDynamically", "Entering test changeLDAPServerConfigDynamically");
        ServerConfiguration clone = emptyConfiguration.clone();
        LDAPFatUtils.createFederatedRepository(clone, "TDSRealm", new String[]{LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm").getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "cn=vmmtestuser,o=ibm,c=us", servlet.checkPassword(USERNAME, USER_PASSWORD));
        Assert.assertEquals("TDSRealm", servlet.getRealm());
        ServerConfiguration clone2 = emptyConfiguration.clone();
        LDAPFatUtils.createFederatedRepository(clone2, "vmmldaprealm", new String[]{LDAPFatUtils.createSunLdapRegistry(clone2, "LDAP", (String) null, "o=vmm").getName()});
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "uid=vmmtestuser,ou=users,o=vmm", servlet.checkPassword(USERNAME, USER_PASSWORD));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "uid=persona1,ou=users,o=vmm", servlet.checkPassword("persona1", "ppersona1"));
        Assert.assertEquals("vmmldaprealm", servlet.getRealm());
    }

    /* JADX WARN: Type inference failed for: r4v10, types: [java.lang.String[], java.lang.String[][]] */
    @Test
    public void changeLDAPRegistryDetailedConfigDynamically() throws Exception {
        Log.info(c, "changeLDAPRegistryDetailedConfigDynamically", "Entering test changeLDAPRegistryDetailedConfigDynamically");
        ServerConfiguration clone = emptyConfiguration.clone();
        LdapRegistry createSunLdapRegistry = LDAPFatUtils.createSunLdapRegistry(clone, "LDAP", (String) null, "o=vmm");
        createSunLdapRegistry.getLdapEntityTypes().add(new LdapEntityType("group", "(ObjectClass=ldapsubentry)", new String[]{"ldapsubentry"}, (String[]) null));
        createSunLdapRegistry.getLdapEntityTypes().add(new LdapEntityType("personAccount", (String) null, new String[]{"inetOrgPerson"}, (String[]) null));
        createSunLdapRegistry.setAttributeConfiguration(new AttributeConfiguration());
        createSunLdapRegistry.getAttributeConfiguration().getAttributes().add(new Attribute("userPassword", "password", "PersonAccount", (String) null, (String) null));
        createSunLdapRegistry.getAttributeConfiguration().getAttributes().add(new Attribute("telephoneNumber", "cn", "PersonAccount", (String) null, (String) null));
        createSunLdapRegistry.getAttributeConfiguration().getAttributes().add(new Attribute("krbPrincipalName", "kerberosId", "PersonAccount", (String) null, (String) null));
        createSunLdapRegistry.setContextPool(new ContextPool(true, 1, 0, 3, "0s", "3000s"));
        createSunLdapRegistry.setLdapCache(new LdapCache(new AttributesCache(true, 4000, 2000, "1200s", (String) null), new SearchResultsCache(true, 2000, 1000, "600s")));
        createSunLdapRegistry.setFailoverServer(new FailoverServers("failoverLdapServers", (String[][]) new String[]{new String[]{"${ldap.server.3.name}", "${ldap.server.3.port}"}}));
        LDAPFatUtils.createFederatedRepository(clone, "vmmldaprealm", new String[]{createSunLdapRegistry.getName()}).getPrimaryRealm().setUserDisplayNameMapping(new RealmPropertyMapping("principalName", "cn"));
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "uid=vmmtestuser,ou=users,o=vmm", servlet.checkPassword(USERNAME, USER_PASSWORD));
        Assert.assertEquals("1 919 555 5555", servlet.getUserDisplayName(USERNAME));
        Assert.assertEquals("There should only be 1 entries", 1L, servlet.getUniqueGroupIdsForUser("uid=vmmuser1,ou=users,o=vmm").size());
    }

    @Test
    public void twoLDAPThenOneConfiguredWithoutFederationDynamically() throws Exception {
        Log.info(c, "twoLDAPThenOneConfiguredWithoutFederationDynamically", "Entering test twoLDAPThenOneConfiguredWithoutFederationDynamically");
        ServerConfiguration clone = emptyConfiguration.clone();
        LDAPFatUtils.createSunLdapRegistry(clone, "LDAP", (String) null, (String) null);
        LDAPFatUtils.createADLdapRegistry(clone, "LDAP_AD", "SampleLdapADRealm");
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertNull("Authentication should not succeed.", servlet.checkPassword(USERNAME, USER_PASSWORD));
        server.waitForStringInLog("CWIML4538E");
        Assert.assertEquals("There should only be 2 entries", 2L, servlet.getUsers(USERNAME, 5).getList().size());
        ServerConfiguration clone2 = emptyConfiguration.clone();
        LDAPFatUtils.createTDSLdapRegistry(clone2, (String) null, (String) null);
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "cn=vmmtestuser,o=ibm,c=us", servlet.checkPassword(USERNAME, USER_PASSWORD));
        Assert.assertEquals("LdapRegistry", servlet.getRealm());
    }

    @Test
    public void updateAppSecurity2ToAppSecurity1FeatureTest() throws Exception {
        Log.info(c, "updateAppSecurity2ToAppSecurity1FeatureTest", "Entering test updateAppSecurity2ToAppSecurity1FeatureTest");
        ServerConfiguration clone = emptyConfiguration.clone();
        clone.getFeatureManager().getFeatures().clear();
        clone.getFeatureManager().getFeatures().add("appSecurity-1.0");
        clone.getFeatureManager().getFeatures().add("securitylibertyinternals-1.0");
        LDAPFatUtils.createFederatedRepository(clone, "TDSRealm", new String[]{LDAPFatUtils.createTDSLdapRegistry(clone, (String) null, (String) null).getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, true);
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "cn=vmmtestuser,o=ibm,c=us", servlet.checkPassword(USERNAME, USER_PASSWORD));
        Assert.assertEquals("TDSRealm", servlet.getRealm());
    }

    @Test
    public void ldapConfigUpdateLoginPropertyTest() throws Exception {
        Log.info(c, "ldapConfigUpdateLoginPropertyTest", "Entering test ldapConfigUpdateLoginPropertyTest");
        ServerConfiguration clone = emptyConfiguration.clone();
        LDAPFatUtils.createFederatedRepository(clone, "TDSRealm", new String[]{LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm").getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, true);
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "cn=vmmtestuser,o=ibm,c=us", servlet.checkPassword(USERNAME, USER_PASSWORD));
        Assert.assertEquals("TDSRealm", servlet.getRealm());
        ServerConfiguration clone2 = emptyConfiguration.clone();
        LdapRegistry createTDSLdapRegistry = LDAPFatUtils.createTDSLdapRegistry(clone2, "LDAP", "SampleLdapIDSRealm");
        createTDSLdapRegistry.setIdsFilters(new LdapFilters("(&(mail=%v)(objectclass=ePerson))", "(&(cn=%v)(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=groupOfURLs)))", "*:uid", "*:cn", "groupOfNames:member;groupOfUniqueNames:uniqueMember"));
        LDAPFatUtils.createFederatedRepository(clone2, "TDSRealm", new String[]{createTDSLdapRegistry.getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed as mail.", "cn=vmmLibertyUser,o=ibm,c=us", servlet.checkPassword("vmmLibertyUser@ibm.com", "vmmLibertyUser"));
        Assert.assertNull("Authentication should not succeed.", servlet.checkPassword("vmmuser1", "vmmuser1"));
        server.waitForStringInLog("CWIML4537E");
        Assert.assertEquals("vmmtestuser@ibm.com", servlet.getUserDisplayName("cn=vmmtestuser,o=ibm,c=us"));
    }

    @Test
    public void ldapConfigMultipleLoginPropertiesTest() throws Exception {
        Log.info(c, "ldapConfigMultipleLoginPropertiesTest", "Entering test ldapConfigMultipleLoginPropertiesTest");
        ServerConfiguration clone = emptyConfiguration.clone();
        LdapRegistry createTDSLdapRegistry = LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm");
        createTDSLdapRegistry.setIdsFilters(new LdapFilters("(&(|(sn=%v)(mail=%v))(objectclass=ePerson))", "(&(cn=%v)(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=groupOfURLs)))", "*:uid", "*:cn", "groupOfNames:member;groupOfUniqueNames:uniqueMember"));
        LDAPFatUtils.createFederatedRepository(clone, "TDSRealm", new String[]{createTDSLdapRegistry.getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed with sn.", "cn=vmmLibertyUser,o=ibm,c=us", servlet.checkPassword("vmmLibertyUserSN", "vmmLibertyUser"));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed with mail.", "cn=vmmLibertyUser,o=ibm,c=us", servlet.checkPassword("vmmLibertyUser@ibm.com", "vmmLibertyUser"));
        Assert.assertNull("Authentication should not succeed with uid.", servlet.checkPassword("vmmuser1", "vmmuser1"));
        server.waitForStringInLog("CWIML4537E");
        Assert.assertEquals("vmmuser1sn", servlet.getUserDisplayName("cn=vmmuser1,o=ibm,c=us"));
    }

    @Test
    public void dynamicallyUpdateLdapConfigToHaveAttrMapping() throws Exception {
        Log.info(c, "dynamicallyUpdateLdapConfigToHaveAttrMapping", "Entering test dynamicallyUpdateLdapConfigToHaveAttrMapping");
        ServerConfiguration clone = emptyConfiguration.clone();
        LdapRegistry createTDSLdapRegistry = LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm");
        LDAPFatUtils.createFederatedRepository(clone, "TDSRealm", new String[]{createTDSLdapRegistry.getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertEquals(USERNAME, servlet.getUserDisplayName(USERNAME));
        LDAPFatUtils.assertDNsEqual((String) null, "cn=vmmtestuser,o=ibm,c=us", servlet.getUniqueUserId(USERNAME));
        LDAPFatUtils.assertDNsEqual((String) null, "cn=vmmtestuser,o=ibm,c=us", servlet.getUserSecurityName(USERNAME));
        ServerConfiguration clone2 = clone.clone();
        AttributeConfiguration attributeConfiguration = new AttributeConfiguration();
        attributeConfiguration.getAttributes().add(new Attribute("telephoneNumber", "photoURL", "PersonAccount", (String) null, (String) null));
        attributeConfiguration.getAttributes().add(new Attribute("sn", "photoURLThumbnail", "PersonAccount", (String) null, (String) null));
        ((LdapRegistry) clone2.getLdapRegistries().get(0)).setAttributeConfiguration(attributeConfiguration);
        FederatedRepository createFederatedRepository = LDAPFatUtils.createFederatedRepository(clone2, "TDSRealm", new String[]{createTDSLdapRegistry.getBaseDN()});
        createFederatedRepository.getPrimaryRealm().setUserDisplayNameMapping(new RealmPropertyMapping("photoURL", "photoURL"));
        createFederatedRepository.getPrimaryRealm().setUniqueUserIdMapping(new RealmPropertyMapping("photoURLThumbnail", "photoURLThumbnail"));
        createFederatedRepository.getPrimaryRealm().setUserSecurityNameMapping(new RealmPropertyMapping("cn", "cn"));
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        Assert.assertEquals("1 919 555 5555", servlet.getUserDisplayName(USERNAME));
        Assert.assertEquals("vmmtestusersn", servlet.getUniqueUserId(USERNAME));
        Assert.assertEquals(USERNAME, servlet.getUserSecurityName("vmmtestusersn"));
    }

    /* JADX WARN: Type inference failed for: r4v2, types: [java.lang.String[], java.lang.String[][]] */
    @Test
    @Ignore("User cn=vmmattruser,o=ibm,c=us does not exist.")
    public void updateLdapConfigToHaveNonVMMPropertyAsLoginProperty() throws Exception {
        Log.info(c, "updateLdapConfigToHaveNonVMMPropertyAsLoginProperty", "Entering test updateLdapConfigToHaveNonVMMPropertyAsLoginProperty");
        ServerConfiguration clone = emptyConfiguration.clone();
        LDAPFatUtils.createFederatedRepository(clone, "TDSRealm", new String[]{LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm").getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertEquals("vmmattruser", servlet.getUserDisplayName("vmmattruser"));
        LDAPFatUtils.assertDNsEqual((String) null, "cn=vmmattruser,o=ibm,c=us", servlet.getUniqueUserId("vmmattruser"));
        LDAPFatUtils.assertDNsEqual((String) null, "cn=vmmattruser,o=ibm,c=us", servlet.getUserSecurityName("vmmattruser"));
        ServerConfiguration clone2 = emptyConfiguration.clone();
        LdapRegistry createTDSLdapRegistry = LDAPFatUtils.createTDSLdapRegistry(clone2, "LDAP", "SampleLdapIDSRealm");
        createTDSLdapRegistry.setHost("${ldap.server.4.name}");
        createTDSLdapRegistry.setPort("${ldap.server.4.port}");
        createTDSLdapRegistry.setBindDN("${ldap.server.4.bindDN}");
        createTDSLdapRegistry.setBindPassword("${ldap.server.4.bindPassword}");
        createTDSLdapRegistry.setFailoverServer(new FailoverServers("failoverLdapServers", (String[][]) new String[]{new String[]{"${ldap.server.1.name}", "${ldap.server.1.port}"}, new String[]{"${ldap.server.5.name}", "${ldap.server.5.port}"}}));
        createTDSLdapRegistry.setIdsFilters(new LdapFilters("(&(photoURL=%v)(objectclass=ePerson))", (String) null, "*:photoURL", (String) null, (String) null));
        createTDSLdapRegistry.setAttributeConfiguration(new AttributeConfiguration());
        createTDSLdapRegistry.getAttributeConfiguration().getAttributes().add(new Attribute("postOfficeBox", "photoURL", "PersonAccount", (String) null, (String) null));
        LDAPFatUtils.createFederatedRepository(clone2, "TDSRealm", new String[]{createTDSLdapRegistry.getBaseDN()}).getPrimaryRealm().setUserDisplayNameMapping(new RealmPropertyMapping("principalName", "photoURL"));
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "cn=vmmattruser,o=ibm,c=us", servlet.checkPassword("chinchwad", "vmmattruserpwd"));
        Assert.assertEquals("chinchwad", servlet.getUserDisplayName("vmmattruser"));
    }

    @Test
    public void testAuthenticationCase() throws Exception {
        Log.info(c, "testAuthenticationCase", "Entering test testAuthenticationCase");
        ServerConfiguration clone = emptyConfiguration.clone();
        LDAPFatUtils.createFederatedRepository(clone, "TDSRealm", new String[]{LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm").getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        LDAPFatUtils.assertDNsEqual("Authentication should succeed.", "cn=vmmtestuser,o=ibm,c=us", servlet.checkPassword(USERNAME.toUpperCase(), USER_PASSWORD));
        ServerConfiguration clone2 = clone.clone();
        ((LdapRegistry) clone2.getLdapRegistries().get(0)).setIgnoreCase(false);
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        Assert.assertNull("Authentication should fail.", servlet.checkPassword(USERNAME.toUpperCase(), USER_PASSWORD));
    }

    @Test
    public void testExternalId() throws Exception {
        Log.info(c, "testExternalId", "Entering test testExternalId");
        Assume.assumeTrue(LDAPUtils.USE_LOCAL_LDAP_SERVER);
        ServerConfiguration clone = emptyConfiguration.clone();
        LDAPFatUtils.createSunLdapRegistry(clone, "LDAP", (String) null, (String) null);
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertEquals("Authentication should succeed.", "uid=noNSUID,ou=users,dc=rtp,dc=raleigh,dc=ibm,dc=com", servlet.checkPassword("noNSUID", "password"));
        ServerConfiguration clone2 = clone.clone();
        ((LdapRegistry) clone2.getLdapRegistries().get(0)).setAttributeConfiguration(new AttributeConfiguration());
        ((LdapRegistry) clone2.getLdapRegistries().get(0)).getAttributeConfiguration().getExternalIdAttributes().add(new ExternalIdAttribute("cn", "PersonAccount", (String) null, false));
        LDAPFatUtils.createFederatedRepository(clone2, "SampleLdapSUNRealm", new String[]{"dc=rtp,dc=raleigh,dc=ibm,dc=com"}).getPrimaryRealm().setUserSecurityNameMapping(new RealmPropertyMapping("principalName", "uniqueId"));
        LDAPFatUtils.updateConfigDynamically(server, clone2, shouldWaitForAppToStart(clone2));
        String checkPassword = servlet.checkPassword("noNSUID", "password");
        System.out.println("result = " + checkPassword);
        Assert.assertEquals("Authentication should succeed.", "noNSUIDCN", checkPassword);
    }

    @Test
    public void testImplicitEmptyParticipatingBaseEntry() throws Exception {
        Log.info(c, "testImplicitEmptyParticipatingBaseEntry", "Entering test testImplicitEmptyParticipatingBaseEntry");
        ServerConfiguration clone = emptyConfiguration.clone();
        LdapRegistry createTDSLdapRegistry = LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm");
        createTDSLdapRegistry.setBaseDN("");
        createTDSLdapRegistry.setRecursiveSearch(true);
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertEquals("SampleLdapIDSRealm", servlet.getRealm());
        Assert.assertTrue("User validation should succeed.", servlet.isValidUser(USERNAME));
        Assert.assertEquals("There should only be one entry", 1L, servlet.getUsers(USERNAME, 2).getList().size());
        Assert.assertEquals(USERNAME, servlet.getUserDisplayName("cn=vmmtestuser,o=ibm,c=us"));
        LDAPFatUtils.assertDNsEqual("getUniqueUserId returned incorrect value", "cn=vmmtestuser,o=ibm,c=us", servlet.getUniqueUserId(USERNAME));
        Assert.assertEquals("getUserSecurityName returned incorrect value", "cn=vmmtestuser,o=ibm,c=us", servlet.getUserSecurityName(USERNAME));
        List groupsForUser = servlet.getGroupsForUser("vmmuser1");
        Assert.assertTrue("Expected group 'vmmgroup1' returned for user. Results were: " + groupsForUser, groupsForUser.contains("cn=vmmgroup1,o=ibm,c=us"));
        Assert.assertTrue("Group validation should succeed.", servlet.isValidGroup("vmmgrp1"));
        Assert.assertEquals("There should only be one entry", 1L, servlet.getGroups("vmmgrp1", 2).getList().size());
        Assert.assertEquals("vmmgrp1", servlet.getGroupDisplayName("cn=vmmgrp1,o=ibm,c=us"));
        LDAPFatUtils.assertDNsEqual("getUniqueGroupId returned incorrect value", "cn=vmmgrp1,o=ibm,c=us", servlet.getUniqueGroupId("vmmgrp1"));
        LDAPFatUtils.assertDNsEqual("getGroupSecurityName returned incorrect value", "cn=vmmgrp1,o=ibm,c=us", servlet.getGroupSecurityName("vmmgrp1"));
        List list = servlet.getUsersForGroup("vmmgroup1", 0).getList();
        Assert.assertTrue("Expected user 'vmmuser1' in group. Results were: " + list, list.contains("cn=vmmuser1,o=ibm,c=us"));
    }

    @Test
    public void testExplicitEmptyParticipatingBaseEntry() throws Exception {
        Log.info(c, "testExplicitEmptyParticipatingBaseEntry", "Entering test testExplicitEmptyParticipatingBaseEntry");
        ServerConfiguration clone = emptyConfiguration.clone();
        LdapRegistry createTDSLdapRegistry = LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm");
        createTDSLdapRegistry.setBaseDN("");
        createTDSLdapRegistry.setRecursiveSearch(true);
        LDAPFatUtils.createFederatedRepository(clone, "FederatedRealm", new String[]{""});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertEquals("FederatedRealm", servlet.getRealm());
        Assert.assertTrue("User validation should succeed.", servlet.isValidUser(USERNAME));
        Assert.assertEquals("There should only be one entry", 1L, servlet.getUsers(USERNAME, 2).getList().size());
        Assert.assertEquals(USERNAME, servlet.getUserDisplayName("cn=vmmtestuser,o=ibm,c=us"));
        LDAPFatUtils.assertDNsEqual("getUniqueUserId returned incorrect value", "cn=vmmtestuser,o=ibm,c=us", servlet.getUniqueUserId(USERNAME));
        Assert.assertEquals("getUserSecurityName returned incorrect value", "cn=vmmtestuser,o=ibm,c=us", servlet.getUserSecurityName(USERNAME));
        List groupsForUser = servlet.getGroupsForUser("vmmuser1");
        Assert.assertTrue("Expected group 'vmmgroup1' returned for user. Results were: " + groupsForUser, groupsForUser.contains("cn=vmmgroup1,o=ibm,c=us"));
        Assert.assertTrue("Group validation should succeed.", servlet.isValidGroup("vmmgrp1"));
        Assert.assertEquals("There should only be one entry", 1L, servlet.getGroups("vmmgrp1", 2).getList().size());
        Assert.assertEquals("vmmgrp1", servlet.getGroupDisplayName("cn=vmmgrp1,o=ibm,c=us"));
        LDAPFatUtils.assertDNsEqual("getUniqueGroupId returned incorrect value", "cn=vmmgrp1,o=ibm,c=us", servlet.getUniqueGroupId("vmmgrp1"));
        LDAPFatUtils.assertDNsEqual("getGroupSecurityName returned incorrect value", "cn=vmmgrp1,o=ibm,c=us", servlet.getGroupSecurityName("vmmgrp1"));
        List list = servlet.getUsersForGroup("vmmgroup1", 0).getList();
        Assert.assertTrue("Expected user 'vmmuser1' in group. Results were: " + list, list.contains("cn=vmmuser1,o=ibm,c=us"));
    }

    @Test
    public void testCustomContextAndCache() throws Exception {
        Log.info(c, "testCustomContextAndCache", "Entering test testCustomContextAndCache");
        ServerConfiguration clone = emptyConfiguration.clone();
        LdapRegistry createTDSLdapRegistry = LDAPFatUtils.createTDSLdapRegistry(clone, "LDAP", "SampleLdapIDSRealm");
        createTDSLdapRegistry.setContextPool(new ContextPool(true, 17, 19, 18, "1700ms", "1600ms"));
        createTDSLdapRegistry.setLdapCache(new LdapCache(new AttributesCache(true, 4444, 2222, "700s", "ttl1"), new SearchResultsCache(true, 5555, 3333, "777s")));
        LDAPFatUtils.createFederatedRepository(clone, "OneLDAPRealm", new String[]{createTDSLdapRegistry.getBaseDN()});
        LDAPFatUtils.updateConfigDynamically(server, clone, shouldWaitForAppToStart(clone));
        Assert.assertEquals("OneLDAPRealm", servlet.getRealm());
        Assert.assertFalse("Should have found, InitPoolSize: 17", server.findStringsInLogsAndTrace("InitPoolSize: 17").isEmpty());
        Assert.assertFalse("Should have found, MaxPoolSize: 19", server.findStringsInLogsAndTrace("MaxPoolSize: 19").isEmpty());
        Assert.assertFalse("Should have found, PrefPoolSize: 18", server.findStringsInLogsAndTrace("PrefPoolSize: 18").isEmpty());
        Assert.assertFalse("Should have found, PoolTimeOut: 2", server.findStringsInLogsAndTrace("PoolTimeOut: 2").isEmpty());
        Assert.assertFalse("Should have found, PoolWaitTime: 1600", server.findStringsInLogsAndTrace("PoolWaitTime: 1600").isEmpty());
        Log.info(c, "testCustomContextAndCache", "Check cache config settings");
        Assert.assertFalse("Should have found, CacheTimeOut: 700000", server.findStringsInLogsAndTrace("CacheTimeOut: 700000").isEmpty());
        Assert.assertFalse("Should have found, CacheSize: 4444", server.findStringsInLogsAndTrace("CacheSize: 4444").isEmpty());
        Assert.assertFalse("Should have found, CacheSizeLimit: 2222", server.findStringsInLogsAndTrace("CacheSizeLimit: 2222").isEmpty());
        Assert.assertFalse("Should have found, CacheTTLAttr: ttl1", server.findStringsInLogsAndTrace("CacheTTLAttr: ttl1").isEmpty());
        Assert.assertFalse("Should have found, CacheTimeOut: 777000", server.findStringsInLogsAndTrace("CacheTimeOut: 777000").isEmpty());
        Assert.assertFalse("Should have found, CacheSize: 5555", server.findStringsInLogsAndTrace("CacheSize: 5555").isEmpty());
        Assert.assertFalse("Should have found, CacheResultSizeLimit: 3333", server.findStringsInLogsAndTrace("CacheResultSizeLimit: 3333").isEmpty());
    }

    private static boolean shouldWaitForAppToStart(ServerConfiguration serverConfiguration) throws Exception {
        return !server.getServerConfiguration().getFeatureManager().getFeatures().contains("servlet-3.1") && serverConfiguration.getFeatureManager().getFeatures().contains("servlet-3.1");
    }
}
