diff --git a/smp-webapp/src/main/resources/spring-security.xml b/smp-webapp/src/main/resources/spring-security.xml
index 95acbfb125f5e8a79de047d2e4ff199046a89183..c6f13ba67f5dae72eeaba5f29f5032bbcf99f570 100644
--- a/smp-webapp/src/main/resources/spring-security.xml
+++ b/smp-webapp/src/main/resources/spring-security.xml
@@ -50,10 +50,11 @@
</authentication-manager>
<!-- user detail service is used only in preAhtProviders for cert authentication that is why search is only on cert table-->
+ <!-- database Cert ID search must be case insensitive -->
<jdbc-user-service id="smpJdbcUserDetailsService"
data-source-ref="dataSource"
- users-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, 'dummy' AS PASWORD, u.ACTIVE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE c.CERTIFICATE_ID = ?"
- authorities-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, u.ROLE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE c.CERTIFICATE_ID = ?"/>
+ users-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, 'dummy' AS PASWORD, u.ACTIVE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE lower(c.CERTIFICATE_ID) = lower(?)"
+ authorities-by-username-query="SELECT c.CERTIFICATE_ID AS USERNAME, u.ROLE FROM SMP_CERTIFICATE c INNER JOIN SMP_USER u ON (u.id = c.id) WHERE lower(c.CERTIFICATE_ID) = lower(?)"/>
<b:bean id="preauthAuthProvider"
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
diff --git a/smp-webapp/src/test/java/eu/europa/ec/cipa/smp/server/security/SecurityConfigurationTest.java b/smp-webapp/src/test/java/eu/europa/ec/cipa/smp/server/security/SecurityConfigurationTest.java
index 9ec124502c504afc8d57a3bdd9a19bd93a065053..1a62953ee502d167ae6f03d684092537461f2b40 100644
--- a/smp-webapp/src/test/java/eu/europa/ec/cipa/smp/server/security/SecurityConfigurationTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/cipa/smp/server/security/SecurityConfigurationTest.java
@@ -56,8 +56,16 @@ public class SecurityConfigurationTest {
public static final String TEST_USERNAME_HASHED_PASS = "test_user_hashed_pass";
public static final String PASSWORD = "test123";
- public static final String BLUE_COAT_VALID_HEADER = "sno=66&subject=C=BE,O=org,CN=comon name&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
- public static final String TEST_USERNAME_BLUE_COAT = "CN=comon name,O=org,C=BE:0000000000000066";
+ public static final String BLUE_COAT_VALID_HEADER = "sno=bb66&subject=C=BE,O=org,CN=comon name&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
+ public static final String BLUE_COAT_VALID_HEADER_UPPER_SN = "sno=BB66&subject=C=BE,O=org,CN=comon name&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
+ public static final String TEST_USERNAME_BLUE_COAT = "CN=comon name,O=org,C=BE:000000000000bb66";
+
+ public static final String BLUE_COAT_VALID_HEADER_DB_UPPER_SN = "sno=BB66&subject=C=BE,O=org,CN=comon name UPPER database SN,O=org,C=BE&validfrom=Dec 6 17:41:42 2016 GMT&validto=Jul 9 23:59:00 2050 GMT&issuer=C=x,O=y,CN=z";
+
+
+ public static final String TEST_USERNAME_BLUE_COAT__DB_UPPER_SN = "CN=comon name UPPER database SN,O=org,C=BE:000000000000BB66";
+
+
@Autowired
private WebApplicationContext context;
@@ -143,5 +151,39 @@ public class SecurityConfigurationTest {
.andExpect(content().string(TEST_USERNAME_BLUE_COAT));
}
+ @Test
+ public void validBlueCoatHeaderAuthorizedBeforeValidBasicAuthTestUpper() throws Exception {
+ HttpHeaders headers = new HttpHeaders();
+ headers.add("Client-Cert", BLUE_COAT_VALID_HEADER_UPPER_SN);
+ mvc.perform(MockMvcRequestBuilders.put(RETURN_LOGGED_USER_PATH)
+ .headers(headers)
+ .with(httpBasic(TEST_USERNAME_HASHED_PASS, PASSWORD)))
+ .andExpect(status().isOk())
+ .andExpect(content().string(TEST_USERNAME_BLUE_COAT));
+ }
+
+
+ @Test
+ public void validBlueCoatHeaderAuthorizedBeforeValidBasicAuthTestDBUpperSN() throws Exception {
+ HttpHeaders headers = new HttpHeaders();
+ headers.add("Client-Cert", BLUE_COAT_VALID_HEADER_DB_UPPER_SN);
+ mvc.perform(MockMvcRequestBuilders.put(RETURN_LOGGED_USER_PATH)
+ .headers(headers)
+ .with(httpBasic(TEST_USERNAME_HASHED_PASS, PASSWORD)))
+ .andExpect(status().isOk())
+ .andExpect(content().string(TEST_USERNAME_BLUE_COAT__DB_UPPER_SN));
+ }
+
+ @Test
+ public void validBlueCoatHeaderAuthorizedBeforeValidBasicAuthTestUpperDBUpperSN() throws Exception {
+ HttpHeaders headers = new HttpHeaders();
+ headers.add("Client-Cert", BLUE_COAT_VALID_HEADER_DB_UPPER_SN);
+ mvc.perform(MockMvcRequestBuilders.put(RETURN_LOGGED_USER_PATH)
+ .headers(headers)
+ .with(httpBasic(TEST_USERNAME_HASHED_PASS, PASSWORD)))
+ .andExpect(status().isOk())
+ .andExpect(content().string(TEST_USERNAME_BLUE_COAT__DB_UPPER_SN));
+ }
+
}
diff --git a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/UserResourceTest.java b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/UserResourceTest.java
index b0951bed6c25bc834eaa6f781c138679613561ff..0911d0541e096365e825d195fab99779eea3b9b2 100644
--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/UserResourceTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/UserResourceTest.java
@@ -89,7 +89,7 @@ public class UserResourceTest {
assertNotNull(res);
- assertEquals(9, res.getServiceEntities().size());
+ assertEquals(10, res.getServiceEntities().size());
res.getServiceEntities().forEach(sgMap-> {
UserRO sgro = mapper.convertValue(sgMap, UserRO.class);
assertNotNull(sgro.getId());
diff --git a/smp-webapp/src/test/resources/webapp_integration_test_data.sql b/smp-webapp/src/test/resources/webapp_integration_test_data.sql
index 3dcd14469ec77fc9c86406f98ae5b001c3c96cd9..4c8a680947a7f84901c424cde463087879b4988a 100644
--- a/smp-webapp/src/test/resources/webapp_integration_test_data.sql
+++ b/smp-webapp/src/test/resources/webapp_integration_test_data.sql
@@ -15,7 +15,7 @@ insert into SMP_USER (ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPD
insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (4, 'test_user_hashed_pass', '$2a$06$AXSSUDJlpzzq/gPZb7eIBeb8Mi0.PTKqDjzujZH.bWPwj5.ePEInW', 'SERVICE_GROUP_ADMIN',1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (5, 'test_user_clear_pass', 'test123', 'SERVICE_GROUP_ADMIN',1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (6, 'cert1', '', 'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
-insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (6, 'CN=comon name,O=org,C=BE:0000000000000066', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
+insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (6, 'CN=comon name,O=org,C=BE:000000000000bb66', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
insert into SMP_USER(ID, USERNAME, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (7, 'cert2', 'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (7, 'CN=EHEALTH_SMP_TEST_BRAZIL,O=European Commission,C=BE:48b681ee8e0dcc08', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
@@ -26,6 +26,9 @@ insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_O
insert into SMP_USER(ID, USERNAME, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (9, 'Cert4', 'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (9, 'CN=EHEALTH_SMP_EC,O=European Commission,C=BEf71ee8b11cb3b787', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
+insert into SMP_USER(ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPDATED_ON) values (10, 'cert5', '', 'SMP_ADMIN', 1,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
+insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (10, 'CN=comon name UPPER database SN,O=org,C=BE:000000000000BB66', null,null,CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());
+
-- set the ids to higher values - tests are using sequnce which stars from 1
insert into SMP_SERVICE_GROUP(ID, PARTICIPANT_IDENTIFIER, PARTICIPANT_SCHEME, CREATED_ON, LAST_UPDATED_ON) values (100000, 'urn:australia:ncpb', 'ehealth-actorid-qns', CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP());