Testing » History » Version 2
Version 1 (Luke Murphey, 10/28/2016 08:03 PM) → Version 2/4 (Luke Murphey, 10/28/2016 10:05 PM)
h1. Testing
Below is information regarding how to set up a RADIUS server in order to run the unit tests against.
h2. Install a RADIUS server (FreeRADIUS)
Install FreeRADIUS per directions for your OS. On mac, you can install it via brew:
<pre>
brew install freeradius-server
</pre>
h2. Setup a user
Create a user for testing bu adding one to the users config file (raddb/users). The actual path varies. On a Mac with FreeRADIUS 3.0.12, the file is at /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/.
I usually just use the example that is suggested in the FreeRADIUS docs:
<pre>
bob Cleartext-Password := "hello"
Reply-Message := "Hello, %{User-Name}"
</pre>
h2. Test your RADIUS server with radtest
Start FreeRADIUS Free in debugging mode:
<pre>
radiusd -X
</pre>
Next, run radtest against the server:
<pre>
radtest bob hello localhost 0 testing123
</pre>
If successful, you should see a message ending with:
<pre>
Received Access-Accept Id 238 from 127.0.0.1:1812 to 0.0.0.0:0 length 32
Reply-Message = "Hello, bob"
</pre>
h2. Setup FreeRADIUS with the vendor specific roles
h3. Install the vendor specific dictionary for Splunk
Install the Splunk vendor specific dictionary.
<pre>
BEGIN-VENDOR Splunk
ATTRIBUTE Splunk-Roles 1 string
END-VENDOR Splunk
</pre>
This file should be saved to something like "splunk.dictionary" and added to the dictionary file:
<pre>
$INCLUDE /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/splunk.dictionary
</pre>
h3. Modify user account to set roles
Modify the users file to return the roles:
<pre>
bob Cleartext-Password := "hello"
Reply-Message := "Hello, %{User-Name}",
Splunk-Roles = "can_delete,admin"
</pre>
Next, run radtest against the server:
<pre>
radtest bob hello localhost 0 testing123
</pre>
If successful, you should see a message with the roles:
<pre>
Received Access-Accept Id 16 from 127.0.0.1:1812 to 0.0.0.0:0 length 56
Reply-Message = "Hello, bob"
Splunk-Roles = "can_delete,admin"
</pre>
h2. Setup Splunk
Install Splunk and the RADIUS authentication app.
To run the tests with the given configuration, use the following local.build.properties file:
<pre>
value.test.radius.server=127.0.0.1
value.test.radius.secret=testing123
value.test.radius.username=bob
value.test.radius.password=hello
value.test.radius.identifier=unit_test
value.test.radius.vendor_code=27389
value.test.radius.roles_attribute_id=1
</pre>
Below is information regarding how to set up a RADIUS server in order to run the unit tests against.
h2. Install a RADIUS server (FreeRADIUS)
Install FreeRADIUS per directions for your OS. On mac, you can install it via brew:
<pre>
brew install freeradius-server
</pre>
h2. Setup a user
Create a user for testing bu adding one to the users config file (raddb/users). The actual path varies. On a Mac with FreeRADIUS 3.0.12, the file is at /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/.
I usually just use the example that is suggested in the FreeRADIUS docs:
<pre>
bob Cleartext-Password := "hello"
Reply-Message := "Hello, %{User-Name}"
</pre>
h2. Test your RADIUS server with radtest
Start FreeRADIUS Free in debugging mode:
<pre>
radiusd -X
</pre>
Next, run radtest against the server:
<pre>
radtest bob hello localhost 0 testing123
</pre>
If successful, you should see a message ending with:
<pre>
Received Access-Accept Id 238 from 127.0.0.1:1812 to 0.0.0.0:0 length 32
Reply-Message = "Hello, bob"
</pre>
h2. Setup FreeRADIUS with the vendor specific roles
h3. Install the vendor specific dictionary for Splunk
Install the Splunk vendor specific dictionary.
<pre>
BEGIN-VENDOR Splunk
ATTRIBUTE Splunk-Roles 1 string
END-VENDOR Splunk
</pre>
This file should be saved to something like "splunk.dictionary" and added to the dictionary file:
<pre>
$INCLUDE /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/splunk.dictionary
</pre>
h3. Modify user account to set roles
Modify the users file to return the roles:
<pre>
bob Cleartext-Password := "hello"
Reply-Message := "Hello, %{User-Name}",
Splunk-Roles = "can_delete,admin"
</pre>
Next, run radtest against the server:
<pre>
radtest bob hello localhost 0 testing123
</pre>
If successful, you should see a message with the roles:
<pre>
Received Access-Accept Id 16 from 127.0.0.1:1812 to 0.0.0.0:0 length 56
Reply-Message = "Hello, bob"
Splunk-Roles = "can_delete,admin"
</pre>
h2. Setup Splunk
Install Splunk and the RADIUS authentication app.
To run the tests with the given configuration, use the following local.build.properties file:
<pre>
value.test.radius.server=127.0.0.1
value.test.radius.secret=testing123
value.test.radius.username=bob
value.test.radius.password=hello
value.test.radius.identifier=unit_test
value.test.radius.vendor_code=27389
value.test.radius.roles_attribute_id=1
</pre>