[Chicago-talk] Faking an LDAP server during tests?

[Jonathan Rockway]

I'm the author of the Apache::AuthLDAPBind module, which authenticates a 
user to Apache by binding to an LDAP server with the provided username 
and password (more on this configuration below).

In the interest of completeness, I'm in the process of writing a 
thorough test suite for the module.  Getting an Apache running via 
Apache::Test is simple enough, but here's the tough part:  How can I 
get mod_perl to load a fake Net::LDAP for my module?  I'm familiar with 
Test::MockObject, and that's what I'd like to use here, but I can't 
think of a way to do this without touching the code of 
Apache/AuthLDAPBind.pm.  Modification to the module which would detect 
whether or not we're testing kind of defeats the purpose of testing (if 
$doing_test then work_properly(); else fail_miserably_in_production(); :)

Anyway, any insight would be appreciated.

And while we're on the topic, I'm wondering how common this 
configuration is.  All of the other AuthLDAP* (and mod_ldap_*... there 
are a lot of them) seem to pull a password hash out of LDAP, and then 
check the password against the hash.  The computer center here requires 
the application to bind with the user's (c)netid and password, and if 
the bind succeeds the application is to assume that the password is 
correct.  All in all, this seems like a better system, but I haven't 
seen anyone else using it.  Comments?

Regards,
Jonathan Rockway

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 370 bytes
Desc: OpenPGP digital signature
Url : http://mail.pm.org/pipermail/chicago-talk/attachments/20060616/a0c17af3/attachment.bin