Testing » History » Version 3
Luke Murphey, 10/30/2016 02:31 AM
1 | 1 | Luke Murphey | h1. Testing |
---|---|---|---|
2 | 1 | Luke Murphey | |
3 | 2 | Luke Murphey | Below is information regarding how to set up a RADIUS server in order to run the unit tests against. |
4 | 2 | Luke Murphey | |
5 | 1 | Luke Murphey | h2. Install a RADIUS server (FreeRADIUS) |
6 | 1 | Luke Murphey | |
7 | 1 | Luke Murphey | Install FreeRADIUS per directions for your OS. On mac, you can install it via brew: |
8 | 1 | Luke Murphey | |
9 | 1 | Luke Murphey | <pre> |
10 | 1 | Luke Murphey | brew install freeradius-server |
11 | 1 | Luke Murphey | </pre> |
12 | 1 | Luke Murphey | |
13 | 1 | Luke Murphey | h2. Setup a user |
14 | 1 | Luke Murphey | |
15 | 1 | Luke Murphey | Create a user for testing bu adding one to the users config file (raddb/users). The actual path varies. On a Mac with FreeRADIUS 3.0.12, the file is at /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/. |
16 | 1 | Luke Murphey | |
17 | 1 | Luke Murphey | I usually just use the example that is suggested in the FreeRADIUS docs: |
18 | 1 | Luke Murphey | |
19 | 1 | Luke Murphey | <pre> |
20 | 1 | Luke Murphey | bob Cleartext-Password := "hello" |
21 | 1 | Luke Murphey | Reply-Message := "Hello, %{User-Name}" |
22 | 1 | Luke Murphey | </pre> |
23 | 1 | Luke Murphey | |
24 | 1 | Luke Murphey | h2. Test your RADIUS server with radtest |
25 | 1 | Luke Murphey | |
26 | 2 | Luke Murphey | Start FreeRADIUS in debugging mode: |
27 | 1 | Luke Murphey | |
28 | 1 | Luke Murphey | <pre> |
29 | 1 | Luke Murphey | radiusd -X |
30 | 1 | Luke Murphey | </pre> |
31 | 1 | Luke Murphey | |
32 | 1 | Luke Murphey | Next, run radtest against the server: |
33 | 1 | Luke Murphey | |
34 | 1 | Luke Murphey | <pre> |
35 | 1 | Luke Murphey | radtest bob hello localhost 0 testing123 |
36 | 1 | Luke Murphey | </pre> |
37 | 1 | Luke Murphey | |
38 | 1 | Luke Murphey | If successful, you should see a message ending with: |
39 | 1 | Luke Murphey | |
40 | 1 | Luke Murphey | <pre> |
41 | 1 | Luke Murphey | Received Access-Accept Id 238 from 127.0.0.1:1812 to 0.0.0.0:0 length 32 |
42 | 1 | Luke Murphey | Reply-Message = "Hello, bob" |
43 | 1 | Luke Murphey | </pre> |
44 | 1 | Luke Murphey | |
45 | 3 | Luke Murphey | h2. Setup FreeRADIUS to specify Splunk roles |
46 | 2 | Luke Murphey | |
47 | 2 | Luke Murphey | h3. Install the vendor specific dictionary for Splunk |
48 | 2 | Luke Murphey | |
49 | 3 | Luke Murphey | Install the Splunk vendor specific dictionary. The dictionary should look something like this: |
50 | 1 | Luke Murphey | |
51 | 2 | Luke Murphey | <pre> |
52 | 3 | Luke Murphey | VENDOR Splunk 27389 |
53 | 2 | Luke Murphey | BEGIN-VENDOR Splunk |
54 | 2 | Luke Murphey | ATTRIBUTE Splunk-Roles 1 string |
55 | 1 | Luke Murphey | END-VENDOR Splunk |
56 | 2 | Luke Murphey | </pre> |
57 | 2 | Luke Murphey | |
58 | 3 | Luke Murphey | This file should be saved to something like "splunk.dictionary" (or see the attached file). This should be included to the main dictionary file: |
59 | 2 | Luke Murphey | |
60 | 2 | Luke Murphey | <pre> |
61 | 2 | Luke Murphey | $INCLUDE /usr/local/Cellar/freeradius-server/3.0.12/etc/raddb/splunk.dictionary |
62 | 2 | Luke Murphey | </pre> |
63 | 2 | Luke Murphey | |
64 | 2 | Luke Murphey | h3. Modify user account to set roles |
65 | 2 | Luke Murphey | |
66 | 2 | Luke Murphey | Modify the users file to return the roles: |
67 | 2 | Luke Murphey | |
68 | 2 | Luke Murphey | <pre> |
69 | 2 | Luke Murphey | bob Cleartext-Password := "hello" |
70 | 2 | Luke Murphey | Reply-Message := "Hello, %{User-Name}", |
71 | 2 | Luke Murphey | Splunk-Roles = "can_delete,admin" |
72 | 2 | Luke Murphey | </pre> |
73 | 2 | Luke Murphey | |
74 | 2 | Luke Murphey | Next, run radtest against the server: |
75 | 2 | Luke Murphey | |
76 | 2 | Luke Murphey | <pre> |
77 | 2 | Luke Murphey | radtest bob hello localhost 0 testing123 |
78 | 2 | Luke Murphey | </pre> |
79 | 2 | Luke Murphey | |
80 | 2 | Luke Murphey | If successful, you should see a message with the roles: |
81 | 2 | Luke Murphey | |
82 | 2 | Luke Murphey | <pre> |
83 | 2 | Luke Murphey | Received Access-Accept Id 16 from 127.0.0.1:1812 to 0.0.0.0:0 length 56 |
84 | 2 | Luke Murphey | Reply-Message = "Hello, bob" |
85 | 2 | Luke Murphey | Splunk-Roles = "can_delete,admin" |
86 | 2 | Luke Murphey | </pre> |
87 | 2 | Luke Murphey | |
88 | 1 | Luke Murphey | h2. Setup Splunk |
89 | 1 | Luke Murphey | |
90 | 1 | Luke Murphey | Install Splunk and the RADIUS authentication app. |
91 | 2 | Luke Murphey | |
92 | 2 | Luke Murphey | To run the tests with the given configuration, use the following local.build.properties file: |
93 | 2 | Luke Murphey | |
94 | 2 | Luke Murphey | <pre> |
95 | 2 | Luke Murphey | value.test.radius.server=127.0.0.1 |
96 | 2 | Luke Murphey | value.test.radius.secret=testing123 |
97 | 2 | Luke Murphey | value.test.radius.username=bob |
98 | 2 | Luke Murphey | value.test.radius.password=hello |
99 | 2 | Luke Murphey | value.test.radius.identifier=unit_test |
100 | 2 | Luke Murphey | value.test.radius.vendor_code=27389 |
101 | 2 | Luke Murphey | value.test.radius.roles_attribute_id=1 |
102 | 2 | Luke Murphey | </pre> |