Add ldap & pki role mapping files

gwbrown · gwbrown · commit 7b3441c970b4 · 2024-09-05T17:12:37.000-06:00
diff --git a/x-pack/plugin/security/qa/smoke-test-all-realms/src/javaRestTest/java/org/elasticsearch/xpack/security/authc/SecurityRealmSmokeTestCase.java b/x-pack/plugin/security/qa/smoke-test-all-realms/src/javaRestTest/java/org/elasticsearch/xpack/security/authc/SecurityRealmSmokeTestCase.java
@@ -53,6 +53,8 @@ public abstract class SecurityRealmSmokeTestCase extends ESRestTestCase {
         .configFile("saml-metadata.xml", Resource.fromClasspath("saml-metadata.xml"))
         .configFile("kerberos.keytab", Resource.fromClasspath("kerberos.keytab"))
         .configFile("oidc-jwkset.json", Resource.fromClasspath("oidc-jwkset.json"))
+        .configFile("ldap_role_mapping.yml", Resource.fromClasspath("ldap_role_mapping.yml"))
+        .configFile("pki_role_mapping.yml", Resource.fromClasspath("pki_role_mapping.yml"))
         .setting("xpack.ml.enabled", "false")
         .setting("xpack.security.enabled", "true")
         .setting("xpack.security.authc.token.enabled", "true")
@@ -77,11 +79,14 @@ public abstract class SecurityRealmSmokeTestCase extends ESRestTestCase {
         .setting("xpack.security.authc.realms.ldap.ldap2.order", "2")
         .setting("xpack.security.authc.realms.ldap.ldap2.url", "ldap://localhost:7777")
         .setting("xpack.security.authc.realms.ldap.ldap2.user_search.base_dn", "OU=users,DC=example,DC=com")
+        .setting("xpack.security.authc.realms.ldap.ldap2.files.role_mapping", "ldap_role_mapping.yml")
         // - AD (configured but won't work because we don't want external fixtures in this test suite)
         .setting("xpack.security.authc.realms.active_directory.ad3.order", "3")
         .setting("xpack.security.authc.realms.active_directory.ad3.domain_name", "localhost")
+        .setting("xpack.security.authc.realms.active_directory.ad3.files.role_mapping", "ldap_role_mapping.yml")
         // - PKI (works)
         .setting("xpack.security.authc.realms.pki.pki4.order", "4")
+        .setting("xpack.security.authc.realms.pki.pki4.files.role_mapping", "pki_role_mapping.yml")
         // - SAML (configured but won't work because we don't want external fixtures in this test suite)
         .setting("xpack.security.authc.realms.saml.saml5.order", "5")
         .setting("xpack.security.authc.realms.saml.saml5.idp.metadata.path", "saml-metadata.xml")
diff --git a/x-pack/plugin/security/qa/smoke-test-all-realms/src/javaRestTest/resources/ldap_role_mapping.yml b/x-pack/plugin/security/qa/smoke-test-all-realms/src/javaRestTest/resources/ldap_role_mapping.yml
@@ -0,0 +1,5 @@
+# AD Realm Role Mapping
+group_role:
+  - "CN=Avengers,CN=users,DC=ad,DC=test,DC=elasticsearch,DC=com"
+user_role:
+  - "CN=Thor,CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com"
diff --git a/x-pack/plugin/security/qa/smoke-test-all-realms/src/javaRestTest/resources/pki_role_mapping.yml b/x-pack/plugin/security/qa/smoke-test-all-realms/src/javaRestTest/resources/pki_role_mapping.yml
@@ -0,0 +1,4 @@
+# Role mappings for PKI tests
+
+user:
+  - "CN=Elasticsearch Test Node, OU=elasticsearch, O=org"

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +# Role mappings for PKI tests
++
 +user:
 +  - "CN=Elasticsearch Test Node, OU=elasticsearch, O=org"