{"id":18048064,"url":"https://github.com/ivangfr/springboot-ldap-testcontainers","last_synced_at":"2025-07-08T05:39:19.123Z","repository":{"id":43137698,"uuid":"123773053","full_name":"ivangfr/springboot-ldap-testcontainers","owner":"ivangfr","description":"The goal of this project is to create a simple Spring Boot REST API, named 'simple-service,' and secure it using the Spring Security LDAP module. Additionally, Testcontainers will be utilized for integration testing.","archived":false,"fork":false,"pushed_at":"2025-04-23T07:35:59.000Z","size":2013,"stargazers_count":36,"open_issues_count":0,"forks_count":28,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-23T08:32:12.768Z","etag":null,"topics":["docker","graalvm","java","ldap","native","openldap","phpldapadmin","spring-boot","spring-security","spring-security-ldap","spring-web-mvc","springdoc-openapi","testcontainers"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ivangfr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"ivangfr"}},"created_at":"2018-03-04T09:10:31.000Z","updated_at":"2025-04-23T07:36:03.000Z","dependencies_parsed_at":"2024-04-13T22:29:37.562Z","dependency_job_id":"89f879c7-4d4c-45a8-9913-99d0551d39f2","html_url":"https://github.com/ivangfr/springboot-ldap-testcontainers","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivangfr%2Fspringboot-ldap-testcontainers","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivangfr%2Fspringboot-ldap-testcontainers/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivangfr%2Fspringboot-ldap-testcontainers/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivangfr%2Fspringboot-ldap-testcontainers/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ivangfr","download_url":"https://codeload.github.com/ivangfr/springboot-ldap-testcontainers/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253785944,"owners_count":21964057,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","graalvm","java","ldap","native","openldap","phpldapadmin","spring-boot","spring-security","spring-security-ldap","spring-web-mvc","springdoc-openapi","testcontainers"],"created_at":"2024-10-30T20:11:12.034Z","updated_at":"2025-05-12T17:25:59.815Z","avatar_url":"https://github.com/ivangfr.png","language":"Java","funding_links":["https://github.com/sponsors/ivangfr"],"categories":[],"sub_categories":[],"readme":"# springboot-ldap-testcontainers\n\nThe goal of this project is to create a simple [`Spring Boot`](https://docs.spring.io/spring-boot/index.html) REST API, named `simple-service`, and secure it using the `Spring Security LDAP` module. Additionally, [`Testcontainers`](https://testcontainers.com/) will be utilized for integration testing.\n\n## Proof-of-Concepts \u0026 Articles\n\nOn [ivangfr.github.io](https://ivangfr.github.io), I have compiled my Proof-of-Concepts (PoCs) and articles. You can easily search for the technology you are interested in by using the filter. Who knows, perhaps I have already implemented a PoC or written an article about what you are looking for.\n\n## Additional Readings\n\n- \\[**Medium**\\] [**Implementing and Securing a Simple Spring Boot REST API with LDAP**](https://medium.com/@ivangfr/implementing-and-securing-a-simple-spring-boot-rest-api-with-ldap-7279528ef746)\n- \\[**Medium**\\] [**Implementing and Securing a Spring Boot GraphQL API with LDAP**](https://medium.com/@ivangfr/implementing-and-securing-a-spring-boot-graphql-api-with-ldap-14fe574225e1)\n\n## Project Diagram\n\n![project-diagram](documentation/project-diagram.jpeg)\n\n## Application\n\n- ### simple-service\n\n  `Spring Boot` Java Web application that exposes two endpoints:\n   - `GET /api/public`: can be accessed by anyone, it is not secured;\n   - `GET /api/private`: can only be accessed by users authenticated with valid LDAP credentials.\n\n## Prerequisites\n\n- [`Java 21`](https://www.oracle.com/java/technologies/downloads/#java21) or higher;\n- A containerization tool (e.g., [`Docker`](https://www.docker.com), [`Podman`](https://podman.io), etc.)\n\n## Start Environment\n\nOpen a terminal and inside the `springboot-ldap-testcontainers` root folder run:\n```bash\ndocker compose up -d\n```\n\n## Import OpenLDAP Users\n\nThe `LDIF` file we will use, `simple-service/src/main/resources/ldap-mycompany-com.ldif`, contains a pre-defined structure for `mycompany.com`. Basically, it has 2 groups (`employees` and `clients`) and 3 users (`Bill Gates`, `Steve Jobs`, and `Mark Cuban`). Besides, it's defined that `Bill Gates` and `Mark Cuban` belong to the `employees` group, and `Steve Jobs` belongs to the `clients` group.\n```text\nBill Gates \u003e username: bgates, password: 123\nSteve Jobs \u003e username: sjobs, password: 123\nMark Cuban \u003e username: mcuban, password: 123\n```\n\nThere are two ways to import those users: by running a script or by using [`phpLDAPadmin`](https://github.com/leenooks/phpLDAPadmin).\n\n### Import users running a script\n\n- In a terminal, make sure you are in the `springboot-ldap-testcontainers` root folder\n\n- Run the following script\n  ```bash\n  ./import-openldap-users.sh\n  ```\n  \n- Check users imported using [`ldapsearch`](https://linux.die.net/man/1/ldapsearch)\n  ```bash\n  ldapsearch -x -D \"cn=admin,dc=mycompany,dc=com\" \\\n    -w admin -H ldap://localhost:389 \\\n    -b \"ou=users,dc=mycompany,dc=com\" \\\n    -s sub \"(uid=*)\"\n  ```\n\n### Import users using phpLDAPadmin\n\n- Access https://localhost:6443\n\n- Login with the following credentials\n  ```text\n  Login DN: cn=admin,dc=mycompany,dc=com\n  Password: admin\n  ```\n\n- Import the file `simple-service/src/main/resources/ldap-mycompany-com.ldif`\n\n- You should see something like\n\n  ![phpldapadmin](documentation/phpldapadmin.jpeg)\n\n## Run application with Maven\n\n- In a terminal, make sure you are in the `springboot-ldap-testcontainers` root folder\n\n- Run the following command to start `simple-service`\n  ```bash\n  ./mvnw clean spring-boot:run --projects simple-service\n  ```\n\n## Run application as Docker container\n\n- In a terminal, make sure you are in the `springboot-ldap-testcontainers` root folder\n\n- Build Docker Image\n  - JVM\n    ```bash\n    ./build-docker-images.sh\n    ```\n  - Native\n    ```bash\n    ./build-docker-images.sh native\n    ```\n\n- Environment Variables\n\n  | Environment Variable | Description                                             |\n  |----------------------|---------------------------------------------------------|\n  | `LDAP_HOST`          | Specify host of the `LDAP` to use (default `localhost`) |\n  | `LDAP_PORT`          | Specify port of the `LDAP` to use (default `389`)       |\n\n- Run Docker Container\n  ```bash\n  docker run --rm --name simple-service -p 8080:8080 \\\n    -e LDAP_HOST=openldap \\\n    --network springboot-ldap-testcontainers_default \\\n    ivanfranchin/simple-service:1.0.0\n  ```\n\n## Testing using curl\n\n1. Open a terminal\n\n2. Call the endpoint `/api/public`\n   ```bash\n   curl -i localhost:8080/api/public\n   ```\n\n   It should return\n   ```text\n   HTTP/1.1 200\n   It is public.\n   ```\n\n3. Try to call the endpoint `/api/private` without credentials\n   ```bash\n   curl -i localhost:8080/api/private\n   ```\n   \n   It should return\n   ```text\n   HTTP/1.1 401\n   ```\n\n4. Call the endpoint `/api/private` again. This time providing `username` and `password`\n   ```bash\n   curl -i -u bgates:123 localhost:8080/api/private\n   ```\n   \n   It should return\n   ```text\n   HTTP/1.1 200\n   bgates, it is private.\n   ```\n\n5. Call the endpoint `/api/private` providing an invalid password\n   ```bash\n   curl -i -u bgates:124 localhost:8080/api/private\n   ```\n   \n   It should return\n   ```text\n   HTTP/1.1 401 \n   ```\n\n6. Call the endpoint `/api/private` providing a non-existing user\n   ```bash\n   curl -i -u cslim:123 localhost:8080/api/private\n   ```\n   \n   It should return\n   ```text\n   HTTP/1.1 401\n   ```\n\n## Testing using Swagger\n\n1. Access http://localhost:8080/swagger-ui.html\n\n   ![swagger](documentation/simple-service-swagger.jpeg)\n\n2. Click `GET /api/public` to open it; then, click `Try it out` button and, finally, `Execute` button.\n\n   It should return\n   ```text\n   Code: 200\n   Response Body: It is public.\n   ```\n\n3. Click `Authorize` button (green-white one, located at the top-right of the page)\n\n4. In the form that opens, provide the `Bill Gates` credentials, i.e., username `bgates` and password `123`. Then, click `Authorize` button, and to finalize, click `Close` button\n\n5. Click `GET /api/private` to open it; then click `Try it out` button and, finally, `Execute` button.\n\n   It should return\n   ```text\n   Code: 200\n   Response Body: bgates, it is private.\n   ```\n\n## Shutdown\n\n- To stop the `simple-service` application, go to the terminal where it is running and press `Ctrl+C`\n- To stop and remove docker compose containers, network, and volumes, in a terminal and inside the `springboot-ldap-testcontainers` root folder, run the following command\n  ```bash\n  docker compose down -v\n  ```\n\n## Running Test Cases\n\n- In a terminal, make sure you are inside the `springboot-ldap-testcontainers` root folder\n\n- Run the command below to start the **Unit Tests**\n  ```bash\n  ./mvnw clean test --projects simple-service\n  ```\n\n- Run the command below to start the **Unit** and **Integration Tests**\n  \u003e **Note**: `Testcontainers` will start the `OpenLDAP` Docker container automatically before some tests begin and will shut it down when the tests finish.\n  ```bash\n  ./mvnw clean verify --projects simple-service\n  ```\n\n## Cleanup\n\nTo remove the Docker image created by this project, go to a terminal and, inside the `springboot-ldap-testcontainers` root folder, run the following script\n```bash\n./remove-docker-images.sh\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fivangfr%2Fspringboot-ldap-testcontainers","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fivangfr%2Fspringboot-ldap-testcontainers","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fivangfr%2Fspringboot-ldap-testcontainers/lists"}