Testing with the test-LDAP

The EGIL SCIM client

Testing with the test-LDAP

There’s a test framework included with the EGIL client source code. Its purpose is to automate testing of the client, but it can also be useful if you just need an LDAP server populated with some dummy school data, perhaps if you’re implementing an EGIL server and wish to test it with the EGIL client.

To use it you need a Linux system (or anything with a bash shell I suppose) with Docker installed (the LDAP server will run in a Docker container).

Once you’ve downloaded the EGIL client source code, you’ll find some scripts in the directory test/scripts which will help you start and populate the LDAP server.

To start the LDAP server:

joe@ubuntu:~/git/EgilSCIM$ ./test/scripts/start_test_ldap

The first time you run the command it might take a while since it needs to download the LDAP container.

You should now have a Docker container running (named “kommunens-ldap”), with an LDAP server listening on port 388. It uses unencrypted communication and should of course only be used for test purposes.

The LDAP server is now empty, except that there are two users:

  • cn=readonly,dc=kommunen,dc=se (password: readonly)
  • cn=admin,dc=kommunen,dc=se (password: verysecret)

The first can be used by the EGIL client and the second can be used to populate or modify the contents.

If you wish to restart the LDAP and get back to this (almost) empty state, simply run the start_test_ldap script again.

If you wish to stop the LDAP, you use docker stop:

joe@ubuntu:~/git/EgilSCIM$ docker stop kommunens-ldap

Scenarios

The test framework uses LDIF files to populate and modify the LDAP contents. There are some scenarios included in the directory test/scenarios.

LDIF are just text files that specify LDAP changes in a declarative way. If you have a look at the included files you can probably figure out how to write your own scenarios if you wish to test something specific.

Each scenario consists of a collection of LDIF files in a directory. You can apply a scenario with the apply_scenario script:

joe@ubuntu:~/git/EgilSCIM$ ./test/scripts/apply_scenario ./test/scenarios/base/

A convention used by the test framework is that a scenario in a sub-directory assumes that the parent directory has just been applied. Thus you can apply X followed by X/Y (but after this you might not be able to apply X/Z).

The included base scenario is very small with just a couple of students, teachers and groups, but it has everything needed for the EGIL client to load all SS12000 objects in the EGIL profile.

There are a couple of small examples of scenarios for modifying the base scenario:

  • base/student_name_change
  • base/delete_student

So you can apply the base scenario and run the EGIL client, then apply for instance delete_student and run the EGIL client again to send just the needed changes to the SCIM server.

If you want a larger scenario you can use medium or large. These are randomly generated, medium contains:

  • 2 school units
  • 100 groups (50 per school unit)
  • 1000 students (500 per school unit)
  • 100 teachers (50 per school unit)

The number of members in each group varies, in total there are 1000 membership relations per school unit.

Some teachers or students are not in any group and will thus not be sent to the SCIM server.

The large scenario is the same but with 20 school units.

Testing with the EGIL client

In test/configs/base you’ll find configuration files compatible with the LDAP schema used by the included scenarios. You’ll need to modify master.conf a bit to specify for instance which SCIM server to connect to and how to authenticate (and perhaps remove some SS12000 objects from scim-type-send-order if the SCIM server doesn’t support all types).