apache · jdaugherty · Jun 9, 2025 · Jun 7, 2025 · Jun 7, 2025 · Jun 8, 2025
diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
@@ -29,7 +29,7 @@ concurrency:
   cancel-in-progress: false
 jobs:
   coreTests:
-    if: ${{ contains(github.event.head_commit.message, '[skip tests]') }}
+    if: ${{ !contains(github.event.head_commit.message, '[skip tests]') }}
     runs-on: ubuntu-24.04
     steps:
       - name: "📥 Checkout repository"
@@ -46,7 +46,7 @@ jobs:
       - name: "🏃‍♂️ Run Tests"
         run: ./gradlew check --max-workers=2 --refresh-dependencies --continue
   functionalTests:
-    if: ${{ contains(github.event.head_commit.message, '[skip tests]') }}
+    if: ${{ !contains(github.event.head_commit.message, '[skip tests]') }}
     runs-on: ubuntu-24.04
     strategy:
       fail-fast: false

diff --git a/build.gradle b/build.gradle
@@ -45,6 +45,15 @@ allprojects {
             }
         }
     }
+
+    configurations.configureEach {
+        resolutionStrategy.eachDependency { DependencyResolveDetails details ->
+            if (details.requested.group == 'org.seleniumhq.selenium') {
+                details.useVersion('4.25.0')
+                details.because('Temporary workaround because of https://issues.chromium.org/issues/42323769')
+            }
+        }
+    }
 }
 
 subprojects {

diff --git a/gradle.properties b/gradle.properties
@@ -20,6 +20,7 @@ projectVersion=7.0.0-SNAPSHOT
 grailsVersion=7.0.0-SNAPSHOT
 javaVersion=17
 
+unboundidLdapSdk=7.0.2
 apacheDsVersion=1.5.4
 asciidoctorGradlePluginVersion=4.0.4
 casClientCoreVersion=4.0.4

diff --git a/plugin-acl/examples/functional-test-app/src/integration-test/groovy/pages/LoginPage.groovy b/plugin-acl/examples/functional-test-app/src/integration-test/groovy/pages/LoginPage.groovy
@@ -25,7 +25,7 @@ class LoginPage extends Page {
 
 	static url = 'login/auth'
 
-	static at = { title == 'Login' }
+	static at = { waitFor { title == 'Login' } }
 
 	static content = {
 		loginForm { $('form') }

diff --git a/.../examples/functional-test-app/src/integration-test/groovy/test/AdminFunctionalSpec.groovy b/.../examples/functional-test-app/src/integration-test/groovy/test/AdminFunctionalSpec.groovy
@@ -69,6 +69,7 @@ class AdminFunctionalSpec extends AbstractSecuritySpec {
 	void 'view all'() {
 		when:
 		go "report/show?number=$i"
+		waitFor { title == 'Show Report' }
 
 		then:
 		assertContentContains "report$i"

diff --git a/plugin-core/examples/functional-test-app/src/integration-test/groovy/pages/LoginPage.groovy b/plugin-core/examples/functional-test-app/src/integration-test/groovy/pages/LoginPage.groovy
@@ -25,7 +25,7 @@ class LoginPage extends Page {
 
 	static url = 'login/auth'
 
-	static at = { title == 'Login' }
+	static at = { waitFor { title == 'Login' } }
 
 	static content = {
 		loginForm { $('form') }

diff --git a/...l-test-app/grails-spring-security-group/src/integration-test/groovy/demo/LoginPage.groovy b/...l-test-app/grails-spring-security-group/src/integration-test/groovy/demo/LoginPage.groovy
@@ -24,9 +24,7 @@ import geb.Page
 class LoginPage extends Page {
     static url = "login/auth"
 
-    static at = {
-        title == "Login"
-    }
+    static at = { waitFor { title == 'Login' } }
 
     static content = {
         loginButton { $("#submit", 0) }

diff --git a/...ails-spring-security-hierarchical-roles/src/integration-test/groovy/demo/LoginPage.groovy b/...ails-spring-security-hierarchical-roles/src/integration-test/groovy/demo/LoginPage.groovy
@@ -24,9 +24,7 @@ import geb.Page
 class LoginPage extends Page {
     static url = "login/auth"
 
-    static at = {
-        title == "Login"
-    }
+    static at = { waitFor { title == 'Login' } }
 
     static content = {
         loginButton { $("#submit", 0) }

diff --git a/plugin-ldap/examples/custom-user-details-context-mapper/build.gradle b/plugin-ldap/examples/custom-user-details-context-mapper/build.gradle
@@ -37,6 +37,9 @@ dependencies {
     implementation 'org.webjars:bootstrap:4.1.3'
     implementation 'org.webjars:jquery:3.3.1'
 
+    // to not depend on an external ldap server
+    implementation "com.unboundid:unboundid-ldapsdk:$unboundidLdapSdk"
+
     runtimeOnly 'com.bertramlabs.plugins:asset-pipeline-grails'
     runtimeOnly 'com.h2database:h2'
     runtimeOnly 'com.zaxxer:HikariCP'

diff --git a/plugin-ldap/examples/custom-user-details-context-mapper/grails-app/conf/application.groovy b/plugin-ldap/examples/custom-user-details-context-mapper/grails-app/conf/application.groovy
@@ -47,12 +47,11 @@ grails {
 				authorityJoinClassName = 'com.test.UserRole'
 			}
 
-			// http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
 			ldap {
 				context {
-					managerDn = 'cn=read-only-admin,dc=example,dc=com'
-					managerPassword = 'password'
-					server = 'ldap://ldap.forumsys.com:389/' //'ldap://[ip]:[port]/'
+					managerDn = 'cn=admin,dc=example,dc=com'
+					managerPassword = 'secret'
+					server = System.getProperty('grails.test.ldap.url')
 				}
 				authorities {
 					ignorePartialResultException = true
@@ -61,7 +60,7 @@ grails {
 					defaultRole = 'ROLE_USER'
 				}
 				search {
-					base = 'dc=example,dc=com'
+					base = 'ou=people,dc=example,dc=com'
 				}
 			}
 		}

diff --git a/...p/examples/custom-user-details-context-mapper/grails-app/init/com/test/Application.groovy b/...p/examples/custom-user-details-context-mapper/grails-app/init/com/test/Application.groovy
@@ -19,14 +19,70 @@
 
 package com.test
 
+import com.unboundid.ldap.listener.InMemoryDirectoryServer
+import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig
+import com.unboundid.ldap.listener.InMemoryListenerConfig
+import com.unboundid.ldap.sdk.Attribute
+import com.unboundid.ldap.sdk.Entry
 import grails.boot.GrailsApp
 import grails.boot.config.GrailsAutoConfiguration
 
 import groovy.transform.CompileStatic
 
 @CompileStatic
 class Application extends GrailsAutoConfiguration {
+    static InMemoryDirectoryServer directoryServer
     static void main(String[] args) {
+        InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig('dc=example,dc=com')
+        config.addAdditionalBindCredentials('cn=admin,dc=example,dc=com', 'secret')
+        config.setListenerConfigs(
+                InMemoryListenerConfig.createLDAPConfig(
+                        'default',
+                        null,
+                        0,
+                        null,
+                        false,
+                        false
+                )
+        )
+
+        directoryServer = new InMemoryDirectoryServer(config)
+        Entry base = new Entry(
+                "dc=example,dc=com",
+                new Attribute("objectClass", "top", "domain"),
+                new Attribute("dc", "example"))
+        directoryServer.add(base)
+
+        Entry people = new Entry(
+                "ou=people,dc=example,dc=com",
+                new Attribute("objectClass", "top", "organizationalUnit"),
+                new Attribute("ou", "people"));
+        directoryServer.add(people)
+
+        Entry jane = new Entry(
+                "uid=jane,ou=people,dc=example,dc=com",
+                new Attribute("objectClass", "inetOrgPerson"),
+                new Attribute("uid", "jane"),
+                new Attribute("cn", "Jane Doe"),
+                new Attribute("sn", "Doe"),
+                new Attribute("mail", "jane@example.com"),
+                new Attribute("telephoneNumber", "+1 555 111 2222"),
+                new Attribute("userPassword", "password")
+        )
+        directoryServer.add(jane)
+
+        directoryServer.startListening()
+
+        System.setProperty('grails.test.ldap.url', "ldap://localhost:${directoryServer.getListenPort()}" as String)
+
         GrailsApp.run(Application, args)
     }
+
+    @Override
+    void onShutdown(Map<String, Object> event) {
+        if(directoryServer) {
+            directoryServer.close()
+            directoryServer = null
+        }
+    }
 }
diff --git a/.../src/integration-test/groovy/com/test/CustomUserDetailsContextMapperFunctionalSpec.groovy b/.../src/integration-test/groovy/com/test/CustomUserDetailsContextMapperFunctionalSpec.groovy
@@ -19,6 +19,7 @@
 
 package com.test
 
+import grails.plugin.geb.ContainerGebConfiguration
 import grails.testing.mixin.integration.Integration
 import pages.IndexPage
 import pages.SecureSuperuserPage
@@ -49,13 +50,13 @@ class CustomUserDetailsContextMapperFunctionalSpec extends AbstractSecurityFunct
 		assertContentContains 'Please Login'
 
 		when:
-		login 'galileo', 'password'
+		login 'jane', 'password'
 
 		then:
 		at SecureUserPage
 
 		and:
-		assertContentContains('galileo@ldap.forumsys.com')
+		assertContentContains('jane@example.com')
 
 		when:
 		logout()

diff --git a/...les/custom-user-details-context-mapper/src/integration-test/groovy/pages/LoginPage.groovy b/...les/custom-user-details-context-mapper/src/integration-test/groovy/pages/LoginPage.groovy
@@ -25,7 +25,7 @@ class LoginPage extends Page {
 
 	static url = 'login/auth'
 
-	static at = { title == 'Login' }
+	static at = { waitFor { title == 'Login' } }
 
 	static content = {
 		loginForm { $('form') }

diff --git a/plugin-ldap/examples/functional-test-app/src/integration-test/groovy/pages/LoginPage.groovy b/plugin-ldap/examples/functional-test-app/src/integration-test/groovy/pages/LoginPage.groovy
@@ -25,7 +25,7 @@ class LoginPage extends Page {
 
 	static url = 'login/auth'
 
-	static at = { title == 'Login' }
+	static at = { waitFor { title == 'Login' } }
 
 	static content = {
 		loginForm { $('form') }

diff --git a/plugin-ldap/examples/retrieve-db-roles/src/integration-test/groovy/pages/LoginPage.groovy b/plugin-ldap/examples/retrieve-db-roles/src/integration-test/groovy/pages/LoginPage.groovy
@@ -25,7 +25,7 @@ class LoginPage extends Page {
 
 	static url = 'login/auth'
 
-	static at = { title == 'Login' }
+	static at = { waitFor { title == 'Login' } }
 
 	static content = {
 		loginForm { $('form') }

diff --git a/plugin-ldap/examples/retrieve-group-roles/build.gradle b/plugin-ldap/examples/retrieve-group-roles/build.gradle
@@ -36,6 +36,9 @@ dependencies {
     implementation 'org.webjars:bootstrap:4.1.3'
     implementation 'org.webjars:jquery:3.3.1'
 
+    // to not depend on an external ldap server
+    implementation "com.unboundid:unboundid-ldapsdk:$unboundidLdapSdk"
+
     runtimeOnly 'com.bertramlabs.plugins:asset-pipeline-grails'
     runtimeOnly 'com.h2database:h2'
     runtimeOnly 'com.zaxxer:HikariCP'

diff --git a/plugin-ldap/examples/retrieve-group-roles/grails-app/conf/application.groovy b/plugin-ldap/examples/retrieve-group-roles/grails-app/conf/application.groovy
@@ -18,53 +18,52 @@
  */
 
 grails {
-	plugin {
-		springsecurity {
-			authority {
-				className = 'com.test.Role'
-			}
-			controllerAnnotations.staticRules = [
-				[pattern: '/',               access: 'permitAll'],
-				[pattern: '/logoff',         access: 'permitAll'],
-				[pattern: '/error',          access: 'permitAll'],
-				[pattern: '/index',          access: 'permitAll'],
-				[pattern: '/index.gsp',      access: 'permitAll'],
-				[pattern: '/shutdown',       access: 'permitAll'],
-				[pattern: '/assets/**',      access: 'permitAll'],
-				[pattern: '/secure/users',   access: 'permitAll'],
-				[pattern: '/**/js/**',       access: 'permitAll'],
-				[pattern: '/**/css/**',      access: 'permitAll'],
-				[pattern: '/**/images/**',   access: 'permitAll'],
-				[pattern: '/**/favicon.ico', access: 'permitAll']
-			]
-			password.algorithm = 'SHA-256'
-			rememberMe {
-				persistent = true
-				persistentToken.domainClassName = 'com.test.PersistentLogin'
-			}
-			userLookup {
-				userDomainClassName = 'com.test.User'
-				authorityJoinClassName = 'com.test.UserRole'
-			}
+    plugin {
+        springsecurity {
+            authority {
+                className = 'com.test.Role'
+            }
+            controllerAnnotations.staticRules = [
+                    [pattern: '/', access: 'permitAll'],
+                    [pattern: '/logoff', access: 'permitAll'],
+                    [pattern: '/error', access: 'permitAll'],
+                    [pattern: '/index', access: 'permitAll'],
+                    [pattern: '/index.gsp', access: 'permitAll'],
+                    [pattern: '/shutdown', access: 'permitAll'],
+                    [pattern: '/assets/**', access: 'permitAll'],
+                    [pattern: '/secure/users', access: 'permitAll'],
+                    [pattern: '/**/js/**', access: 'permitAll'],
+                    [pattern: '/**/css/**', access: 'permitAll'],
+                    [pattern: '/**/images/**', access: 'permitAll'],
+                    [pattern: '/**/favicon.ico', access: 'permitAll']
+            ]
+            password.algorithm = 'SHA-256'
+            rememberMe {
+                persistent = true
+                persistentToken.domainClassName = 'com.test.PersistentLogin'
+            }
+            userLookup {
+                userDomainClassName = 'com.test.User'
+                authorityJoinClassName = 'com.test.UserRole'
+            }
 
-			// http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
-			ldap {
-				context {
-					managerDn = 'cn=read-only-admin,dc=example,dc=com'
-					managerPassword = 'password'
-					server = 'ldap://ldap.forumsys.com:389/' //'ldap://[ip]:[port]/'
-				}
-				authorities {
-					ignorePartialResultException = true
-					retrieveGroupRoles = true
-					groupSearchBase='ou=mathematicians,dc=example,dc=com'
-					retrieveDatabaseRoles = true
-					defaultRole = 'ROLE_USER'
-				}
-				search {
-					base = 'dc=example,dc=com'
-				}
-			}
-		}
-	}
+            ldap {
+                context {
+                    managerDn = 'cn=admin,dc=example,dc=com'
+                    managerPassword = 'secret'
+                    server = System.getProperty('grails.test.ldap.url')
+                }
+                authorities {
+                    ignorePartialResultException = true
+                    retrieveGroupRoles = true
+                    groupSearchBase = 'ou=mathematicians,dc=example,dc=com'
+                    retrieveDatabaseRoles = true
+                    defaultRole = 'ROLE_USER'
+                }
+                search {
+                    base = 'dc=example,dc=com'
+                }
+            }
+        }
+    }
 }