fix AuditCheckMockMvcTests with ldap
profile
#3206
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The
AuditCheckMockMvcTests
started failing when running with theldap
+default
profiles, after gh-3186. We can see the issue in ConcourseThis is because:
@DefaultTestContext
which set the profiles todefault
regardless of what profile was passed in from the command line. This means the failing tests had not run with theldap
profile for years.ldap
profile on Github actions, so we did not catch this early (We probably should).default
profile was already active and so there was never anldap
provider here.The failing tests verify that audit events are emitted when the user tries to log in with an incorrect password. Without LDAP
AuthzAuthenticationManager
(internal UAA userstore) emits anIdentityProviderAuthenticationFailureEvent
, and then two technical events are emitted, for a total of three. When theldap
profile is turned on, theDynamicLdapAuthenticationManager
also tries to authenticate the user, and also throws anIdentityProviderAuthenticationFailureEvent
, bringing the total number of events to 4.Same goes for
userNotFoundLoginUnsuccessfulTest
but the use-case is "user not found" and 2/3 events.This fixes those failing tests, by ignoring the extra events that having an LDAP provider creates.