package org.apache.hive.service.auth;

import java.util.HashMap;
import java.util.Map;
import javax.naming.ldap.LdapContext;
import javax.security.sasl.AuthenticationException;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifs;
import org.apache.directory.server.core.annotations.ContextEntry;
import org.apache.directory.server.core.annotations.CreateDS;
import org.apache.directory.server.core.annotations.CreateIndex;
import org.apache.directory.server.core.annotations.CreatePartition;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.apache.directory.server.integ.ServerIntegrationUtils;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.directory.shared.ldap.message.control.Control;
import org.apache.hadoop.hive.conf.HiveConf;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;

@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP"), @CreateTransport(protocol = "LDAPS")})
@RunWith(FrameworkRunner.class)
@CreateDS(partitions = {@CreatePartition(name = "example", suffix = "dc=example,dc=com", contextEntry = @ContextEntry(entryLdif = "dn: dc=example,dc=com\ndc: example\nobjectClass: top\nobjectClass: domain\n\n"), indexes = {@CreateIndex(attribute = "objectClass"), @CreateIndex(attribute = "dc"), @CreateIndex(attribute = "ou"), @CreateIndex(attribute = "distinguishedName")})})
@ApplyLdifs({"dn: ou=People,dc=example,dc=com", "distinguishedName: ou=People,dc=example,dc=com", "objectClass: top", "objectClass: organizationalUnit", "objectClass: ExtensibleObject", "ou: People", "description: Contains entries which describe persons (seamen)", "dn: ou=Groups,dc=example,dc=com", "distinguishedName: ou=Groups,dc=example,dc=com", "objectClass: top", "objectClass: organizationalUnit", "objectClass: ExtensibleObject", "ou: Groups", "description: Contains entries which describe groups (crews, for instance)", "dn: uid=group1,ou=Groups,dc=example,dc=com", "distinguishedName: uid=group1,ou=Groups,dc=example,dc=com", "objectClass: top", "objectClass: groupOfNames", "objectClass: ExtensibleObject", "cn: group1", "ou: Groups", "sn: group1", "member: uid=user1,ou=People,dc=example,dc=com", "dn: uid=group2,ou=Groups,dc=example,dc=com", "distinguishedName: uid=group2,ou=Groups,dc=example,dc=com", "objectClass: top", "objectClass: groupOfNames", "objectClass: ExtensibleObject", "givenName: Group2", "ou: Groups", "cn: group2", "sn: group2", "member: uid=user2,ou=People,dc=example,dc=com", "dn: cn=group3,ou=Groups,dc=example,dc=com", "distinguishedName: cn=group3,ou=Groups,dc=example,dc=com", "objectClass: top", "objectClass: groupOfNames", "objectClass: ExtensibleObject", "cn: group3", "ou: Groups", "sn: group3", "member: cn=user3,ou=People,dc=example,dc=com", "dn: cn=group4,ou=Groups,dc=example,dc=com", "distinguishedName: cn=group4,ou=Groups,dc=example,dc=com", "objectClass: top", "objectClass: groupOfUniqueNames", "objectClass: ExtensibleObject", "ou: Groups", "cn: group4", "sn: group4", "uniqueMember: cn=user4,ou=People,dc=example,dc=com", "dn: uid=user1,ou=People,dc=example,dc=com", "distinguishedName: uid=user1,ou=People,dc=example,dc=com", "objectClass: inetOrgPerson", "objectClass: person", "objectClass: top", "objectClass: ExtensibleObject", "givenName: Test1", "cn: Test User1", "sn: user1", "uid: user1", "userPassword: user1", "dn: uid=user2,ou=People,dc=example,dc=com", "distinguishedName: uid=user2,ou=People,dc=example,dc=com", "objectClass: inetOrgPerson", "objectClass: person", "objectClass: top", "objectClass: ExtensibleObject", "givenName: Test2", "cn: Test User2", "sn: user2", "uid: user2", "userPassword: user2", "dn: cn=user3,ou=People,dc=example,dc=com", "distinguishedName: cn=user3,ou=People,dc=example,dc=com", "objectClass: inetOrgPerson", "objectClass: person", "objectClass: top", "objectClass: ExtensibleObject", "givenName: Test1", "cn: Test User3", "sn: user3", "uid: user3", "userPassword: user3", "dn: cn=user4,ou=People,dc=example,dc=com", "distinguishedName: cn=user4,ou=People,dc=example,dc=com", "objectClass: inetOrgPerson", "objectClass: person", "objectClass: top", "objectClass: ExtensibleObject", "givenName: Test4", "cn: Test User4", "sn: user4", "uid: user4", "userPassword: user4"})
/* loaded from: input_file:org/apache/hive/service/auth/TestLdapAtnProviderWithMiniDS.class */
public class TestLdapAtnProviderWithMiniDS extends AbstractLdapTestUnit {
    private static String ldapUrl;
    private static LdapServer server;
    private static HiveConf hiveConf;
    private static byte[] hiveConfBackup;
    private static LdapContext ctx;
    private static LdapAuthenticationProviderImpl ldapProvider;
    static final User USER1 = new User("user1", "user1", "uid=user1,ou=People,dc=example,dc=com");
    static final User USER2 = new User("user2", "user2", "uid=user2,ou=People,dc=example,dc=com");
    static final User USER3 = new User("user3", "user3", "cn=user3,ou=People,dc=example,dc=com");
    static final User USER4 = new User("user4", "user4", "cn=user4,ou=People,dc=example,dc=com");

    @Before
    public void setup() throws Exception {
        ctx = (LdapContext) ServerIntegrationUtils.getWiredContext(ldapServer, (Control[]) null).lookup("dc=example,dc=com");
    }

    @After
    public void shutdown() throws Exception {
    }

    @BeforeClass
    public static void init() throws Exception {
        hiveConf = new HiveConf();
        hiveConf.set("fs.default.name", "file:///");
        ldapProvider = new LdapAuthenticationProviderImpl(hiveConf);
    }

    @AfterClass
    public static void tearDown() throws Exception {
        if (ldapServer.isStarted()) {
            ldapServer.stop();
        }
    }

    private static void initLdapAtn(Map<String, String> map) throws Exception {
        hiveConf = new HiveConf();
        hiveConf.set("fs.default.name", "file:///");
        if (ldapUrl == null) {
            ldapUrl = new String("ldap://localhost:" + ldapServer.getPort());
        }
        hiveConf.set("hive.root.logger", "DEBUG,console");
        hiveConf.set("hive.server2.authentication.ldap.url", ldapUrl);
        if (map != null) {
            for (String str : map.keySet()) {
                hiveConf.set(str, map.get(str));
            }
        }
        ldapProvider = new LdapAuthenticationProviderImpl(hiveConf);
    }

    @Test
    public void testLDAPServer() throws Exception {
        initLdapAtn(null);
        Assert.assertTrue(ldapServer.isStarted());
        Assert.assertTrue(ldapServer.getPort() > 0);
    }

    @Test
    public void testUserBindPositiveWithShortname() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        initLdapAtn(hashMap);
        String uid = USER1.getUID();
        try {
            ldapProvider.Authenticate(uid, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + uid + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + uid + " with password " + USER1.getPassword() + ", expected to succeed");
        }
        String uid2 = USER2.getUID();
        try {
            ldapProvider.Authenticate(uid2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + USER2.getUID() + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + uid2 + " with password " + USER2.getPassword() + ", expected to succeed");
        }
    }

    @Test
    public void testUserBindPositiveWithShortnameOldConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "ou=People,dc=example,dc=com");
        initLdapAtn(hashMap);
        String uid = USER1.getUID();
        try {
            ldapProvider.Authenticate(uid, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + uid + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + uid + " with password " + USER1.getPassword() + ", expected to succeed");
        }
        String uid2 = USER2.getUID();
        try {
            ldapProvider.Authenticate(uid2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + USER2.getUID() + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + uid2 + " with password " + USER2.getPassword() + ", expected to succeed");
        }
    }

    @Test
    public void testUserBindNegativeWithShortname() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        initLdapAtn(hashMap);
        try {
            ldapProvider.Authenticate(USER1.getUID(), USER2.getPassword());
            Assert.fail("testUserBindNegative: Authentication succeeded for " + USER1.getUID() + " with password " + USER2.getPassword() + ", expected to fail");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + USER1.getUID() + " as expected", true);
        }
        try {
            ldapProvider.Authenticate(USER2.getUID(), "user");
            Assert.fail("testUserBindNegative: Authentication failed for " + USER2.getUID() + " with password user, expected to fail");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + USER2.getUID() + " as expected", true);
        }
    }

    @Test
    public void testUserBindNegativeWithShortnameOldConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "ou=People,dc=example,dc=com");
        initLdapAtn(hashMap);
        try {
            ldapProvider.Authenticate(USER1.getUID(), USER2.getPassword());
            Assert.fail("testUserBindNegative: Authentication succeeded for " + USER1.getUID() + " with password " + USER2.getPassword() + ", expected to fail");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + USER1.getUID() + " as expected", true);
        }
        try {
            ldapProvider.Authenticate(USER2.getUID(), "user");
            Assert.fail("testUserBindNegative: Authentication failed for " + USER2.getUID() + " with password user, expected to fail");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + USER2.getUID() + " as expected", true);
        }
    }

    @Test
    public void testUserBindPositiveWithDN() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn + " with password " + USER1.getPassword() + ", expected to succeed:" + e.getMessage());
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn2 + " user as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn2 + " with password " + USER2.getPassword() + ", expected to succeed:" + e2.getMessage());
        }
    }

    @Test
    public void testUserBindPositiveWithDNOldConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "ou=People,dc=example,dc=com");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn + " with password " + USER1.getPassword() + ", expected to succeed");
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn2 + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn2 + " with password " + USER2.getPassword() + ", expected to succeed");
        }
    }

    @Test
    public void testUserBindPositiveWithDNWrongOldConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "ou=DummyPeople,dc=example,dc=com");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn + " with password " + USER1.getPassword() + ", expected to succeed");
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn2 + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn2 + " with password " + USER2.getPassword() + ", expected to succeed");
        }
    }

    @Test
    public void testUserBindPositiveWithDNWrongConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=DummyPeople,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=DummyGroups,dc=example,dc=com");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn + " with password " + USER1.getPassword() + ", expected to succeed");
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn2 + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn2 + " with password " + USER2.getPassword() + ", expected to succeed");
        }
    }

    @Test
    public void testUserBindPositiveWithDNBlankConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", " ");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", " ");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn + " with password " + USER1.getPassword() + ", expected to succeed");
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn2 + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn2 + " with password " + USER2.getPassword() + ", expected to succeed");
        }
    }

    @Test
    public void testUserBindPositiveWithDNBlankOldConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn + " with password " + USER1.getPassword() + ", expected to succeed");
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.assertTrue("testUserBindPositive: Authentication succeeded for " + dn2 + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserBindPositive: Authentication failed for user:" + dn2 + " with password " + USER2.getPassword() + ", expected to succeed");
        }
    }

    @Test
    public void testUserBindNegativeWithDN() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.fail("testUserBindNegative: Authentication succeeded for " + dn + " with password " + USER2.getPassword() + ", expected to fail");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + dn + " as expected", true);
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, "user");
            Assert.fail("testUserBindNegative: Authentication failed for " + dn2 + " with password user, expected to fail");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + dn2 + " as expected", true);
        }
    }

    @Test
    public void testUserBindNegativeWithDNOldConfig() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "ou=People,dc=example,dc=com");
        initLdapAtn(hashMap);
        Assert.assertTrue(ldapServer.getPort() > 0);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.fail("testUserBindNegative: Authentication succeeded for " + dn + " with password " + USER2.getPassword() + ", expected to fail");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + dn + " as expected", true);
        }
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, "user");
            Assert.fail("testUserBindNegative: Authentication failed for " + dn2 + " with password user, expected to fail");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testUserBindNegative: Authentication failed for " + dn2 + " as expected", true);
        }
    }

    @Test
    public void testUserFilterPositive() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userFilter", USER2.getUID());
        initLdapAtn(hashMap);
        String dn = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.assertTrue("testUserFilterPositive: Authentication succeeded for " + dn + " as expected", true);
            dn = USER2.getUID();
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.assertTrue("testUserFilterPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserFilterPositive: Authentication failed for " + dn + ",user expected to pass userfilter");
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap2.put("hive.server2.authentication.ldap.userFilter", USER1.getUID());
        initLdapAtn(hashMap2);
        try {
            String dn2 = USER1.getDN();
            ldapProvider.Authenticate(dn2, USER1.getPassword());
            Assert.assertTrue("testUserFilterPositive: Authentication succeeded for " + dn2 + " as expected", true);
            dn = USER1.getUID();
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserFilterPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserFilterPositive: Authentication failed for " + dn + ",user expected to pass userfilter");
        }
        HashMap hashMap3 = new HashMap();
        hashMap3.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap3.put("hive.server2.authentication.ldap.userFilter", USER2.getUID() + "," + USER1.getUID());
        initLdapAtn(hashMap3);
        try {
            String dn3 = USER1.getDN();
            ldapProvider.Authenticate(dn3, USER1.getPassword());
            Assert.assertTrue("testUserFilterPositive: Authentication succeeded for " + dn3 + " as expected", true);
            String uid = USER2.getUID();
            ldapProvider.Authenticate(uid, USER2.getPassword());
            Assert.assertTrue("testUserFilterPositive: Authentication succeeded for " + uid + " as expected", true);
        } catch (AuthenticationException e3) {
            Assert.fail("testUserFilterPositive: Authentication failed for user, user is expected to pass userfilter");
        }
    }

    @Test
    public void testUserFilterNegative() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userFilter", USER2.getUID());
        initLdapAtn(hashMap);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.fail("testUserFilterNegative: Authentication succeeded for " + dn + ",user is expected to fail userfilter");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testUserFilterNegative: Authentication failed for " + dn + " as expected", true);
        }
        String uid = USER1.getUID();
        try {
            ldapProvider.Authenticate(uid, USER1.getPassword());
            Assert.fail("testUserFilterNegative: Authentication succeeded for " + uid + ",user is expected to fail userfilter");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testUserFilterNegative: Authentication failed for " + uid + " as expected", true);
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap2.put("hive.server2.authentication.ldap.userFilter", USER1.getUID());
        initLdapAtn(hashMap2);
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.fail("testUserFilterNegative: Authentication succeeded for " + dn2 + ",user is expected to fail userfilter");
        } catch (AuthenticationException e3) {
            Assert.assertTrue("testUserFilterNegative: Authentication failed for " + dn2 + " as expected", true);
        }
        String uid2 = USER2.getUID();
        try {
            ldapProvider.Authenticate(uid2, USER2.getPassword());
            Assert.fail("testUserFilterNegative: Authentication succeeded for " + uid2 + ",user is expected to fail userfilter");
        } catch (AuthenticationException e4) {
            Assert.assertTrue("testUserFilterNegative: Authentication failed for " + uid2 + " as expected", true);
        }
        HashMap hashMap3 = new HashMap();
        hashMap3.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap3.put("hive.server2.authentication.ldap.userFilter", USER3.getUID());
        initLdapAtn(hashMap3);
        String uid3 = USER1.getUID();
        try {
            ldapProvider.Authenticate(uid3, USER1.getPassword());
            Assert.fail("testUserFilterNegative: Authentication succeeded for " + uid3 + ",user expected to fail userfilter");
        } catch (AuthenticationException e5) {
            Assert.assertTrue("testUserFilterNegative: Authentication failed for " + uid3 + " as expected", true);
        }
        String dn3 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn3, USER2.getPassword());
            Assert.fail("testUserFilterNegative: Authentication succeeded for " + dn3 + ",user expected to fail userfilter");
        } catch (AuthenticationException e6) {
            Assert.assertTrue("testUserFilterNegative: Authentication failed for " + dn3 + " as expected", true);
        }
    }

    @Test
    public void testGroupFilterPositive() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupFilter", "group1,group2");
        initLdapAtn(hashMap);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
            String uid = USER1.getUID();
            ldapProvider.Authenticate(uid, USER1.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + uid + " as expected", true);
            dn = USER2.getDN();
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testGroupFilterPositive: Authentication failed for " + dn + ",user expected to pass groupfilter");
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap2.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        hashMap2.put("hive.server2.authentication.ldap.groupFilter", "group2");
        initLdapAtn(hashMap2);
        String dn2 = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER2.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + dn2 + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testGroupFilterPositive: Authentication failed for " + dn2 + ",user expected to pass groupfilter");
        }
    }

    @Test
    public void testGroupFilterNegative() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupFilter", "group1");
        initLdapAtn(hashMap);
        String dn = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.fail("testGroupFilterNegative: Authentication succeeded for " + dn + ",user expected to fail groupfilter");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testGroupFilterNegative: Authentication failed for " + dn + " as expected", true);
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap2.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        hashMap2.put("hive.server2.authentication.ldap.groupFilter", "group2");
        initLdapAtn(hashMap2);
        String dn2 = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER1.getPassword());
            Assert.fail("testGroupFilterNegative: Authentication succeeded for " + dn2 + ",user expected to fail groupfilter");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testGroupFilterNegative: Authentication failed for " + dn2 + " as expected", true);
        }
    }

    @Test
    public void testUserAndGroupFilterPositive() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userFilter", USER1.getUID() + "," + USER2.getUID());
        hashMap.put("hive.server2.authentication.ldap.groupFilter", "group1,group2");
        initLdapAtn(hashMap);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserAndGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
            dn = USER1.getUID();
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testUserAndGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testUserAndGroupFilterPositive: Authentication failed for " + dn + ",user expected to pass groupfilter");
        }
        String uid = USER2.getUID();
        try {
            ldapProvider.Authenticate(uid, USER2.getPassword());
            Assert.assertTrue("testUserAndGroupFilterPositive: Authentication succeeded for " + uid + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testUserAndGroupFilterPositive: Authentication failed for " + uid + ",user expected to pass groupfilter");
        }
    }

    @Test
    public void testUserAndGroupFilterNegative() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "uid=%s,ou=Groups,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userFilter", USER1.getUID() + "," + USER2.getUID());
        hashMap.put("hive.server2.authentication.ldap.groupFilter", "group1");
        initLdapAtn(hashMap);
        String dn = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.fail("testUserAndGroupFilterNegative: Authentication succeeded for " + dn + ",user expected to fail groupfilter");
            String uid = USER2.getUID();
            ldapProvider.Authenticate(uid, USER2.getPassword());
            Assert.fail("testUserAndGroupFilterNegative: Authentication succeeded for " + uid + ",user expected to fail groupfilter");
            dn = USER3.getUID();
            ldapProvider.Authenticate(dn, USER3.getPassword());
            Assert.fail("testUserAndGroupFilterNegative: Authentication succeeded for " + dn + ",user expected to fail groupfilter");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testUserAndGroupFilterNegative: Authentication failed for " + dn + " as expected", true);
        }
    }

    @Test
    public void testCustomQueryPositive() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "cn=%s,ou=People,dc=example,dc=com:uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "cn=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.customLDAPQuery", "(&(objectClass=person)(|(uid=" + USER1.getUID() + ")(uid=" + USER4.getUID() + ")))");
        initLdapAtn(hashMap);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testCustomQueryPositive: Authentication succeeded for " + dn + " as expected", true);
            String uid = USER1.getUID();
            ldapProvider.Authenticate(uid, USER1.getPassword());
            Assert.assertTrue("testCustomQueryPositive: Authentication succeeded for " + uid + " as expected", true);
            dn = USER4.getDN();
            ldapProvider.Authenticate(dn, USER4.getPassword());
            Assert.assertTrue("testCustomQueryPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testCustomQueryPositive: Authentication failed for " + dn + ",user expected to pass custom LDAP Query");
        }
    }

    @Test
    public void testCustomQueryNegative() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.customLDAPQuery", "(&(objectClass=person)(uid=" + USER1.getUID() + "))");
        initLdapAtn(hashMap);
        String dn = USER2.getDN();
        try {
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.fail("testCustomQueryNegative: Authentication succeeded for " + dn + ",user expected to fail custom LDAP Query");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testCustomQueryNegative: Authentication failed for " + dn + " as expected", true);
        }
        try {
            dn = USER2.getUID();
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.fail("testCustomQueryNegative: Authentication succeeded for " + dn + ",user expected to fail custom LDAP Query");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testCustomQueryNegative: Authentication failed for " + dn + " as expected", true);
        }
    }

    @Test
    public void testCustomQueryWithGroupsPositive() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "cn=%s,ou=People,dc=example,dc=com:uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.customLDAPQuery", "(&(objectClass=groupOfNames)(|(cn=group1)(cn=group2)))");
        initLdapAtn(hashMap);
        String dn = USER1.getDN();
        try {
            ldapProvider.Authenticate(dn, USER1.getPassword());
            Assert.assertTrue("testCustomQueryWithGroupsPositive: Authentication succeeded for " + dn + " as expected", true);
            dn = USER2.getUID();
            ldapProvider.Authenticate(dn, USER2.getPassword());
            Assert.assertTrue("testCustomQueryWithGroupsPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testCustomQueryWithGroupsPositive: Authentication failed for " + dn + ",user expected to pass custom LDAP Query");
        }
        hashMap.put("hive.server2.authentication.ldap.baseDN", "dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "cn=%s,ou=People,dc=example,dc=com:uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.customLDAPQuery", "(|(&(objectClass=groupOfNames)(cn=group1))(&(objectClass=person)(sn=user4)))");
        initLdapAtn(hashMap);
        String uid = USER1.getUID();
        try {
            ldapProvider.Authenticate(uid, USER1.getPassword());
            Assert.assertTrue("testCustomQueryWithGroupsPositive: Authentication succeeded for " + uid + " as expected", true);
            uid = USER4.getUID();
            ldapProvider.Authenticate(uid, USER4.getPassword());
            Assert.assertTrue("testCustomQueryWithGroupsPositive: Authentication succeeded for " + uid + " as expected", true);
        } catch (AuthenticationException e2) {
            Assert.fail("testCustomQueryWithGroupsPositive: Authentication failed for " + uid + ",user expected to pass custom LDAP Query");
        }
        hashMap.put("hive.server2.authentication.ldap.baseDN", "dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "cn=%s,ou=People,dc=example,dc=com:uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupMembershipKey", "uniqueMember");
        hashMap.put("hive.server2.authentication.ldap.customLDAPQuery", "(&(objectClass=groupOfUniqueNames)(cn=group4))");
        initLdapAtn(hashMap);
        String dn2 = USER4.getDN();
        try {
            ldapProvider.Authenticate(dn2, USER4.getPassword());
            Assert.assertTrue("testCustomQueryWithGroupsPositive: Authentication succeeded for " + dn2 + " as expected", true);
            dn2 = USER4.getUID();
            ldapProvider.Authenticate(dn2, USER4.getPassword());
            Assert.assertTrue("testCustomQueryWithGroupsPositive: Authentication succeeded for " + dn2 + " as expected", true);
        } catch (AuthenticationException e3) {
            Assert.fail("testCustomQueryWithGroupsPositive: Authentication failed for " + dn2 + ",user expected to pass custom LDAP Query");
        }
    }

    @Test
    public void testCustomQueryWithGroupsNegative() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.baseDN", "dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "cn=%s,ou=People,dc=example,dc=com:uid=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.customLDAPQuery", "(&(objectClass=groupOfNames)(|(cn=group1)(cn=group2)))");
        initLdapAtn(hashMap);
        String dn = USER3.getDN();
        try {
            ldapProvider.Authenticate(dn, USER3.getPassword());
            Assert.fail("testCustomQueryNegative: Authentication succeeded for " + dn + ",user expected to fail custom LDAP Query");
        } catch (AuthenticationException e) {
            Assert.assertTrue("testCustomQueryNegative: Authentication failed for " + dn + " as expected", true);
        }
        try {
            dn = USER3.getUID();
            ldapProvider.Authenticate(dn, USER3.getPassword());
            Assert.fail("testCustomQueryNegative: Authentication succeeded for " + dn + ",user expected to fail custom LDAP Query");
        } catch (AuthenticationException e2) {
            Assert.assertTrue("testCustomQueryNegative: Authentication failed for " + dn + " as expected", true);
        }
    }

    @Test
    public void testGroupFilterPositiveWithCustomGUID() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "cn=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "cn=%s,ou=Groups,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.guidKey", "cn");
        hashMap.put("hive.server2.authentication.ldap.groupFilter", "group3");
        initLdapAtn(hashMap);
        String dn = USER3.getDN();
        try {
            ldapProvider.Authenticate(dn, USER3.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
            dn = USER3.getUID();
            ldapProvider.Authenticate(dn, USER3.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testGroupFilterPositive: Authentication failed for " + dn + ",user expected to pass groupfilter");
        }
    }

    @Test
    public void testGroupFilterPositiveWithCustomAttributes() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("hive.server2.authentication.ldap.userDNPattern", "cn=%s,ou=People,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupDNPattern", "cn=%s,ou=Groups,dc=example,dc=com");
        hashMap.put("hive.server2.authentication.ldap.groupFilter", "group4");
        hashMap.put("hive.server2.authentication.ldap.guidKey", "cn");
        hashMap.put("hive.server2.authentication.ldap.groupMembershipKey", "uniqueMember");
        hashMap.put("hive.server2.authentication.ldap.groupClassKey", "groupOfUniqueNames");
        initLdapAtn(hashMap);
        String dn = USER4.getDN();
        try {
            ldapProvider.Authenticate(dn, USER4.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
            dn = USER4.getUID();
            ldapProvider.Authenticate(dn, USER4.getPassword());
            Assert.assertTrue("testGroupFilterPositive: Authentication succeeded for " + dn + " as expected", true);
        } catch (AuthenticationException e) {
            Assert.fail("testGroupFilterPositive: Authentication failed for " + dn + ",user expected to pass groupfilter");
        }
    }
}
