case insensitive certificate id search

smp-webapp/src/main/resources/spring-security.xml

@@ -50,10 +50,11 @@
     </authentication-manager>
 
     <!-- user detail service is used only in preAhtProviders for cert authentication that is why search is only on cert table-->
+    <!-- database Cert ID search must be case insensitive  -->
     <jdbc-user-service id="smpJdbcUserDetailsService"
                        data-source-ref="dataSource"
-                       users-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, 'dummy' AS PASWORD, u.ACTIVE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE c.CERTIFICATE_ID = ?"
-                       authorities-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, u.ROLE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE c.CERTIFICATE_ID = ?"/>
+                       users-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, 'dummy' AS PASWORD, u.ACTIVE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE lower(c.CERTIFICATE_ID) = lower(?)"
+                       authorities-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, u.ROLE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE lower(c.CERTIFICATE_ID) = lower(?)"/>
 
     <b:bean id="preauthAuthProvider"
             class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">

smp-webapp/src/test/java/eu/europa/ec/cipa/smp/server/security/SecurityConfigurationTest.java

@@ -56,8 +56,16 @@ public class SecurityConfigurationTest {
     public static final String TEST_USERNAME_HASHED_PASS = "test_user_hashed_pass";
     public static final String PASSWORD = "test123";
 
-    public static final String BLUE_COAT_VALID_HEADER = "sno=66&subject=C=BE,O=org,CN=comon name&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
-    public static final String TEST_USERNAME_BLUE_COAT = "CN=comon name,O=org,C=BE:0000000000000066";
+    public static final String BLUE_COAT_VALID_HEADER = "sno=bb66&subject=C=BE,O=org,CN=comon name&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
+    public static final String BLUE_COAT_VALID_HEADER_UPPER_SN = "sno=BB66&subject=C=BE,O=org,CN=comon name&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
+    public static final String TEST_USERNAME_BLUE_COAT = "CN=comon name,O=org,C=BE:000000000000bb66";
+
+    public static final String BLUE_COAT_VALID_HEADER_DB_UPPER_SN = "sno=BB66&subject=C=BE,O=org,CN=comon name UPPER database SN,O=org,C=BE&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
+
+
+    public static final String TEST_USERNAME_BLUE_COAT__DB_UPPER_SN = "CN=comon name UPPER database SN,O=org,C=BE:000000000000BB66";
+
+
 
     @Autowired
     private WebApplicationContext context;
@@ -143,5 +151,39 @@ public class SecurityConfigurationTest {
                 .andExpect(content().string(TEST_USERNAME_BLUE_COAT));
     }
 
+    @Test
+    public void validBlueCoatHeaderAuthorizedBeforeValidBasicAuthTestUpper() throws Exception {
+        HttpHeaders headers = new HttpHeaders();
+        headers.add("Client-Cert", BLUE_COAT_VALID_HEADER_UPPER_SN);
+        mvc.perform(MockMvcRequestBuilders.put(RETURN_LOGGED_USER_PATH)
+                .headers(headers)
+                .with(httpBasic(TEST_USERNAME_HASHED_PASS, PASSWORD)))
+                .andExpect(status().isOk())
+                .andExpect(content().string(TEST_USERNAME_BLUE_COAT));
+    }
+
+
+    @Test
+    public void validBlueCoatHeaderAuthorizedBeforeValidBasicAuthTestDBUpperSN() throws Exception {
+        HttpHeaders headers = new HttpHeaders();
+        headers.add("Client-Cert", BLUE_COAT_VALID_HEADER_DB_UPPER_SN);
+        mvc.perform(MockMvcRequestBuilders.put(RETURN_LOGGED_USER_PATH)
+                .headers(headers)
+                .with(httpBasic(TEST_USERNAME_HASHED_PASS, PASSWORD)))
+                .andExpect(status().isOk())
+                .andExpect(content().string(TEST_USERNAME_BLUE_COAT__DB_UPPER_SN));
+    }
+
+    @Test
+    public void validBlueCoatHeaderAuthorizedBeforeValidBasicAuthTestUpperDBUpperSN() throws Exception {
+        HttpHeaders headers = new HttpHeaders();
+        headers.add("Client-Cert", BLUE_COAT_VALID_HEADER_DB_UPPER_SN);
+        mvc.perform(MockMvcRequestBuilders.put(RETURN_LOGGED_USER_PATH)
+                .headers(headers)
+                .with(httpBasic(TEST_USERNAME_HASHED_PASS, PASSWORD)))
+                .andExpect(status().isOk())
+                .andExpect(content().string(TEST_USERNAME_BLUE_COAT__DB_UPPER_SN));
+    }
+
 
 }

smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/UserResourceTest.java

@@ -89,7 +89,7 @@ public class UserResourceTest {
 
 
         assertNotNull(res);
-        assertEquals(9, res.getServiceEntities().size());
+        assertEquals(10, res.getServiceEntities().size());
         res.getServiceEntities().forEach(sgMap-> {
             UserRO  sgro = mapper.convertValue(sgMap, UserRO.class);
             assertNotNull(sgro.getId());

smp-webapp/src/test/resources/webapp_integration_test_data.sql

@@ -15,7 +15,7 @@ insert into SMP_USER (ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPD
 insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (4, 'test_user_hashed_pass',                     '$2a$06$AXSSUDJlpzzq/gPZb7eIBeb8Mi0.PTKqDjzujZH.bWPwj5.ePEInW', 'SERVICE_GROUP_ADMIN',1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
 insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (5, 'test_user_clear_pass',                      'test123',                                                     'SERVICE_GROUP_ADMIN',1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
 insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (6, 'cert1', '',                                                             'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
-insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (6, 'CN=comon name,O=org,C=BE:0000000000000066', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
+insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (6, 'CN=comon name,O=org,C=BE:000000000000bb66', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
 
 insert into SMP_USER(ID, USERNAME, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (7, 'cert2', 'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
 insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (7, 'CN=EHEALTH_SMP_TEST_BRAZIL,O=European Commission,C=BE:48b681ee8e0dcc08', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
@@ -26,6 +26,9 @@ insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_O
 insert into SMP_USER(ID, USERNAME, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (9, 'Cert4', 'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
 insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (9, 'CN=EHEALTH_SMP_EC,O=European Commission,C=BEf71ee8b11cb3b787', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
 
+insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (10, 'cert5', '',                                                             'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
+insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (10, 'CN=comon name UPPER database SN,O=org,C=BE:000000000000BB66', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
+
 
 -- set the ids to higher values - tests are using sequnce which stars from 1
 insert into SMP_SERVICE_GROUP(ID, PARTICIPANT_IDENTIFIER, PARTICIPANT_SCHEME, CREATED_ON, LAST_UPDATED_ON) values (100000, 'urn:australia:ncpb', 'ehealth-actorid-qns', CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());