Testing » History » Version 3
Luke Murphey, 10/30/2016 02:31 AM
| 1 | 1 | Luke Murphey | h1. Testing |
|---|---|---|---|
| 2 | 1 | Luke Murphey | |
| 3 | 2 | Luke Murphey | Below is information regarding how to set up a RADIUS server in order to run the unit tests against. |
| 4 | 2 | Luke Murphey | |
| 5 | 1 | Luke Murphey | h2. Install a RADIUS server (FreeRADIUS) |
| 6 | 1 | Luke Murphey | |
| 7 | 1 | Luke Murphey | Install FreeRADIUS per directions for your OS. On mac, you can install it via brew: |
| 8 | 1 | Luke Murphey | |
| 9 | 1 | Luke Murphey | <pre> |
| 10 | 1 | Luke Murphey | brew install freeradius-server |
| 11 | 1 | Luke Murphey | </pre> |
| 12 | 1 | Luke Murphey | |
| 13 | 1 | Luke Murphey | h2. Setup a user |
| 14 | 1 | Luke Murphey | |
| 15 | 1 | Luke Murphey | Create a user for testing bu adding one to the users config file (raddb/users). The actual path varies. On a Mac with FreeRADIUS 3.0.12, the file is at /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/. |
| 16 | 1 | Luke Murphey | |
| 17 | 1 | Luke Murphey | I usually just use the example that is suggested in the FreeRADIUS docs: |
| 18 | 1 | Luke Murphey | |
| 19 | 1 | Luke Murphey | <pre> |
| 20 | 1 | Luke Murphey | bob Cleartext-Password := "hello" |
| 21 | 1 | Luke Murphey | Reply-Message := "Hello, %{User-Name}" |
| 22 | 1 | Luke Murphey | </pre> |
| 23 | 1 | Luke Murphey | |
| 24 | 1 | Luke Murphey | h2. Test your RADIUS server with radtest |
| 25 | 1 | Luke Murphey | |
| 26 | 2 | Luke Murphey | Start FreeRADIUS in debugging mode: |
| 27 | 1 | Luke Murphey | |
| 28 | 1 | Luke Murphey | <pre> |
| 29 | 1 | Luke Murphey | radiusd -X |
| 30 | 1 | Luke Murphey | </pre> |
| 31 | 1 | Luke Murphey | |
| 32 | 1 | Luke Murphey | Next, run radtest against the server: |
| 33 | 1 | Luke Murphey | |
| 34 | 1 | Luke Murphey | <pre> |
| 35 | 1 | Luke Murphey | radtest bob hello localhost 0 testing123 |
| 36 | 1 | Luke Murphey | </pre> |
| 37 | 1 | Luke Murphey | |
| 38 | 1 | Luke Murphey | If successful, you should see a message ending with: |
| 39 | 1 | Luke Murphey | |
| 40 | 1 | Luke Murphey | <pre> |
| 41 | 1 | Luke Murphey | Received Access-Accept Id 238 from 127.0.0.1:1812 to 0.0.0.0:0 length 32 |
| 42 | 1 | Luke Murphey | Reply-Message = "Hello, bob" |
| 43 | 1 | Luke Murphey | </pre> |
| 44 | 1 | Luke Murphey | |
| 45 | 3 | Luke Murphey | h2. Setup FreeRADIUS to specify Splunk roles |
| 46 | 2 | Luke Murphey | |
| 47 | 2 | Luke Murphey | h3. Install the vendor specific dictionary for Splunk |
| 48 | 2 | Luke Murphey | |
| 49 | 3 | Luke Murphey | Install the Splunk vendor specific dictionary. The dictionary should look something like this: |
| 50 | 1 | Luke Murphey | |
| 51 | 2 | Luke Murphey | <pre> |
| 52 | 3 | Luke Murphey | VENDOR Splunk 27389 |
| 53 | 2 | Luke Murphey | BEGIN-VENDOR Splunk |
| 54 | 2 | Luke Murphey | ATTRIBUTE Splunk-Roles 1 string |
| 55 | 1 | Luke Murphey | END-VENDOR Splunk |
| 56 | 2 | Luke Murphey | </pre> |
| 57 | 2 | Luke Murphey | |
| 58 | 3 | Luke Murphey | This file should be saved to something like "splunk.dictionary" (or see the attached file). This should be included to the main dictionary file: |
| 59 | 2 | Luke Murphey | |
| 60 | 2 | Luke Murphey | <pre> |
| 61 | 2 | Luke Murphey | $INCLUDE /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/splunk.dictionary |
| 62 | 2 | Luke Murphey | </pre> |
| 63 | 2 | Luke Murphey | |
| 64 | 2 | Luke Murphey | h3. Modify user account to set roles |
| 65 | 2 | Luke Murphey | |
| 66 | 2 | Luke Murphey | Modify the users file to return the roles: |
| 67 | 2 | Luke Murphey | |
| 68 | 2 | Luke Murphey | <pre> |
| 69 | 2 | Luke Murphey | bob Cleartext-Password := "hello" |
| 70 | 2 | Luke Murphey | Reply-Message := "Hello, %{User-Name}", |
| 71 | 2 | Luke Murphey | Splunk-Roles = "can_delete,admin" |
| 72 | 2 | Luke Murphey | </pre> |
| 73 | 2 | Luke Murphey | |
| 74 | 2 | Luke Murphey | Next, run radtest against the server: |
| 75 | 2 | Luke Murphey | |
| 76 | 2 | Luke Murphey | <pre> |
| 77 | 2 | Luke Murphey | radtest bob hello localhost 0 testing123 |
| 78 | 2 | Luke Murphey | </pre> |
| 79 | 2 | Luke Murphey | |
| 80 | 2 | Luke Murphey | If successful, you should see a message with the roles: |
| 81 | 2 | Luke Murphey | |
| 82 | 2 | Luke Murphey | <pre> |
| 83 | 2 | Luke Murphey | Received Access-Accept Id 16 from 127.0.0.1:1812 to 0.0.0.0:0 length 56 |
| 84 | 2 | Luke Murphey | Reply-Message = "Hello, bob" |
| 85 | 2 | Luke Murphey | Splunk-Roles = "can_delete,admin" |
| 86 | 2 | Luke Murphey | </pre> |
| 87 | 2 | Luke Murphey | |
| 88 | 1 | Luke Murphey | h2. Setup Splunk |
| 89 | 1 | Luke Murphey | |
| 90 | 1 | Luke Murphey | Install Splunk and the RADIUS authentication app. |
| 91 | 2 | Luke Murphey | |
| 92 | 2 | Luke Murphey | To run the tests with the given configuration, use the following local.build.properties file: |
| 93 | 2 | Luke Murphey | |
| 94 | 2 | Luke Murphey | <pre> |
| 95 | 2 | Luke Murphey | value.test.radius.server=127.0.0.1 |
| 96 | 2 | Luke Murphey | value.test.radius.secret=testing123 |
| 97 | 2 | Luke Murphey | value.test.radius.username=bob |
| 98 | 2 | Luke Murphey | value.test.radius.password=hello |
| 99 | 2 | Luke Murphey | value.test.radius.identifier=unit_test |
| 100 | 2 | Luke Murphey | value.test.radius.vendor_code=27389 |
| 101 | 2 | Luke Murphey | value.test.radius.roles_attribute_id=1 |
| 102 | 2 | Luke Murphey | </pre> |