external-software/github_OpenIdentityPlatform_OpenDJ.git

Fix issue 4043: problems with ACI unit tests

matthew_swift

21.08.2009 04ef2a7960b1977bf5e90e4737122471f18fbfaa

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTestCase.java

@@ -22,45 +22,109 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

package org.opends.server.authorization.dseecompat;

import org.opends.server.DirectoryServerTestCase;
import org.opends.server.TestCaseUtils;
import org.opends.server.config.ConfigConstants;
import org.opends.server.core.DirectoryServer;
import org.opends.server.protocols.internal.InternalClientConnection;
import org.opends.server.protocols.ldap.LDAPResultCode;
import org.opends.server.tools.LDAPModify;
import org.opends.server.tools.LDAPSearch;
import org.opends.server.tools.LDAPDelete;
import org.opends.server.tools.LDAPPasswordModify;
import org.opends.server.types.Attribute;
import org.opends.server.types.DN;
import org.opends.server.types.Entry;
import org.opends.server.types.Modification;
import org.opends.server.types.ModificationType;
import org.opends.server.types.ResultCode;

import static org.opends.server.util.ServerConstants.EOL;

import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.testng.Assert;
import org.testng.Reporter;

import java.io.*;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.HashMap;
import java.util.ArrayList;

import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.NoPermissionException;
import javax.naming.directory.AttributeModificationException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;


@Test(groups = {"precommit", "dseecompat"}, sequential = true)
public abstract class  AciTestCase extends DirectoryServerTestCase {
  private Attribute globalACIAttribute = null;



  @BeforeClass
  public void aciTestCaseSetup() throws Exception
  {
    Reporter.log("Running aciTestCaseSetup");

    TestCaseUtils.startServer();
    TestCaseUtils.clearJEBackend(true, "userRoot", "dc=example,dc=com");
    TestCaseUtils.initializeTestBackend(true);

    // Save Global ACI.
    Entry e = DirectoryServer.getEntry(DN.decode(ACCESS_HANDLER_DN));
    List<Attribute> attrs =
        e.getAttribute(ConfigConstants.ATTR_AUTHZ_GLOBAL_ACI);
    if (attrs != null && !attrs.isEmpty())
    {
      Reporter.log("Saved global ACI attribute");

      globalACIAttribute = attrs.iterator().next();
    }
  }



  @AfterClass(alwaysRun = true)
  public void aciTestCaseTearDown() throws Exception
  {
    Reporter.log("Running aciTestCaseTearDown");

    TestCaseUtils.clearJEBackend(false, "userRoot", null);
    TestCaseUtils.initializeTestBackend(true);

    // Restore Global ACI.
    if (globalACIAttribute != null)
    {
      Reporter.log("Restoring global ACI attribute: " + globalACIAttribute);

      List<Modification> modifications = new ArrayList<Modification>(1);
      modifications.add(new Modification(ModificationType.REPLACE,
          globalACIAttribute));
      InternalClientConnection conn =
          InternalClientConnection.getRootConnection();

      ResultCode rc =
          conn.processModify(DN.decode(ACCESS_HANDLER_DN),
              modifications).getResultCode();
      Assert.assertEquals(rc, ResultCode.SUCCESS,
          "Unable to restore global ACI");
    }
  }



  public static final String DIR_MGR_DN = "cn=Directory Manager";
  public static final String PWD = "password";
  public  static final String filter = "(objectclass=*)";

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java

@@ -22,11 +22,10 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */
package org.opends.server.authorization.dseecompat;

import org.opends.server.DirectoryServerTestCase;
import org.opends.server.TestCaseUtils;
import org.opends.messages.Message;
import org.opends.server.types.LDIFImportConfig;
@@ -81,7 +80,7 @@
 * the syntax.
 */
@Test(sequential=true, groups="slow")
public class AciTests extends DirectoryServerTestCase {
public class AciTests extends AciTestCase {
// TODO: test modify use cases
// TODO: test searches where we expect a subset of attributes and entries
// TODO: test delete
@@ -544,15 +543,10 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.startServer();
    deleteAttrFromEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI, true);
    TestCaseUtils.clearJEBackend(true, "userRoot", "dc=example,dc=com");
  }

   @AfterClass(alwaysRun = true)
   public void tearDown() throws Exception {
     modEntries(GLOBAL_DEFAULT_ACIS, DIR_MGR_DN, DIR_MGR_PW);
  }


  @BeforeMethod
  public void clearBackend() throws Exception {

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AlternateRootDN.java

@@ -22,7 +22,7 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */


@@ -32,10 +32,8 @@

import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeMethod;
import org.testng.Assert;
import org.opends.server.TestCaseUtils;
import static org.opends.server.config.ConfigConstants.*;
import java.util.HashMap;
import static org.opends.server.util.ServerConstants.*;
@@ -70,20 +68,11 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.startServer();
    deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
    addEntries("o=test");
    addRootEntry();
  }

  @AfterClass(alwaysRun = true)
  public void tearDown() throws Exception {
    String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
            G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
            E_EXTEND_OP);
    LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
  }


  @BeforeMethod
  public void clearBackend() throws Exception {

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/ExtOpTestCase.java

@@ -22,14 +22,13 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

package org.opends.server.authorization.dseecompat;

import org.testng.annotations.*;
import org.testng.annotations.Test;
import org.opends.server.TestCaseUtils;
import org.opends.server.protocols.ldap.LDAPResultCode;
import static org.opends.server.util.ServerConstants.*;
import static org.opends.server.config.ConfigConstants.*;
@@ -118,18 +117,10 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.startServer();
    deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
    addEntries("o=test");
  }

   @AfterClass(alwaysRun = true)
  public void tearDown() throws Exception {
       String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
               G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
               E_EXTEND_OP);
       LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
   }

  @BeforeMethod
  public void clearBackend() throws Exception {

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/GetEffectiveRightsTestCase.java

@@ -22,7 +22,7 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

package org.opends.server.authorization.dseecompat;
@@ -30,10 +30,8 @@
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.AfterClass;
import static org.opends.server.config.ConfigConstants.*;
import org.testng.Assert;
import org.opends.server.TestCaseUtils;
import static org.opends.server.util.ServerConstants.OID_GET_EFFECTIVE_RIGHTS;

import java.util.HashMap;
@@ -163,19 +161,10 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.startServer();
    deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
    addEntries("o=test");
  }

  @AfterClass(alwaysRun = true)
  public void tearDown() throws Exception {
       String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
               G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
               E_EXTEND_OP);
       LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
   }

   @BeforeMethod
   public void removeAcis() throws Exception {
        deleteAttrFromEntry("ou=People,o=test", "aci");

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/NestedGroupDNTestCase.java

@@ -22,18 +22,16 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */


package org.opends.server.authorization.dseecompat;

import org.testng.annotations.BeforeClass;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import org.testng.Assert;
import org.opends.server.TestCaseUtils;
import static org.opends.server.config.ConfigConstants.ATTR_AUTHZ_GLOBAL_ACI;

/**
@@ -56,19 +54,10 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.restartServer();
    deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
    addEntries("o=test");
  }

  @AfterClass(alwaysRun = true)
  public void tearDown() throws Exception {
       String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
               G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
               E_EXTEND_OP);
       LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
   }


  @BeforeMethod
  public void clearBackend() throws Exception {

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/ProxyBindTestCase.java

@@ -22,7 +22,7 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

/**
@@ -73,7 +73,6 @@

    @BeforeClass
    public void setupClass() throws Exception {
      TestCaseUtils.startServer();
      TestCaseUtils.dsconfig(
              "set-sasl-mechanism-handler-prop",
              "--handler-name", "DIGEST-MD5",

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/ReferencesTestCase.java

@@ -22,21 +22,17 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

package org.opends.server.authorization.dseecompat;

import org.testng.annotations.BeforeClass;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import org.testng.Assert;
import org.opends.server.TestCaseUtils;
import static org.opends.server.util.ServerConstants.OID_MANAGE_DSAIT_CONTROL;
import static org.opends.server.config.ConfigConstants.ATTR_AUTHZ_GLOBAL_ACI;

import java.util.HashMap;
import java.io.StringReader;
import java.io.BufferedReader;
import java.io.IOException;
@@ -81,21 +77,10 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.restartServer();
    deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
    TestCaseUtils.clearJEBackend(true,"userRoot", suffix);
    addEntries(suffix);
  }

  @AfterClass
  public void tearDown() throws Exception {
    String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
            G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
            E_EXTEND_OP);
    LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
    TestCaseUtils.clearJEBackend(false,"userRoot", suffix);
  }


  /**
   * Test using ACI added to admin base containing "ref" attribute type name

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/SSFTestCase.java

@@ -22,7 +22,7 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

/**
@@ -84,7 +84,7 @@
            "(version 3.0; acl \"NE 56 bit key aci\";" +
            "allow(all) (userdn=\"ldap:///self\" and ssf != \"56\");)";

    

    private static final
    String hiStrengthACI = "(targetattr=\"" + "*" + "\")" +
            "(version 3.0; acl \"128 bit key aci\";" +
@@ -99,7 +99,6 @@

    @BeforeClass
    public void setupClass() throws Exception {
      TestCaseUtils.startServer();
      TestCaseUtils.dsconfig(
              "create-password-policy",
              "--policy-name", pwdPolicy,
@@ -124,10 +123,6 @@

    @AfterClass(alwaysRun = true)
    public void tearDown() throws Exception {
         String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
                G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
                E_EXTEND_OP);
         LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
         TestCaseUtils.dsconfig(
                 "delete-password-policy",
                 "--policy-name", pwdPolicy

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/TargAttrFiltersTestCase.java

@@ -22,15 +22,13 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

package org.opends.server.authorization.dseecompat;

import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import org.testng.annotations.BeforeClass;
import org.opends.server.TestCaseUtils;


/**
@@ -38,11 +36,6 @@
 */
public class TargAttrFiltersTestCase  extends AciTestCase {

    @BeforeClass
    public void startServer() throws Exception {
      TestCaseUtils.startServer();
   }

  //Valid targattrfilters statements. Not the complete ACI.
  @DataProvider(name = "validStatements")
  public Object[][] valids() {

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/TargetAttrTestCase.java

@@ -22,17 +22,14 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

package org.opends.server.authorization.dseecompat;

import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeMethod;
import org.testng.Assert;
import org.opends.server.TestCaseUtils;
import static org.opends.server.config.ConfigConstants.*;

import java.util.HashMap;
@@ -122,19 +119,10 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.startServer();
    deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
    addEntries("o=test");
  }

  @AfterClass(alwaysRun = true)
  public void tearDown() throws Exception {
     String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
          G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
             E_EXTEND_OP);
     LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
  }

  /**
   * Test targetattr behavior using userattr bind rule.
   *

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/TargetControlTestCase.java

@@ -22,7 +22,7 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */


@@ -31,7 +31,6 @@
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import org.testng.annotations.*;
import org.opends.server.TestCaseUtils;
import org.opends.server.protocols.ldap.LDAPResultCode;
import static org.opends.server.util.ServerConstants.*;
import static org.opends.server.config.ConfigConstants.ATTR_AUTHZ_GLOBAL_ACI;
@@ -61,19 +60,10 @@

  @BeforeClass
  public void setupClass() throws Exception {
    TestCaseUtils.startServer();
    deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
    addEntries("o=test");                    
    addEntries("o=test");
  }

  @AfterClass(alwaysRun = true)
  public void tearDown() throws Exception {
       String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
               G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
               E_EXTEND_OP);
       LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
   }


  @BeforeMethod
  public void clearBackend() throws Exception {

 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/TargetTestCase.java

@@ -22,13 +22,11 @@
 * CDDL HEADER END
 *
 *
 *      Copyright 2008 Sun Microsystems, Inc.
 *      Copyright 2008-2009 Sun Microsystems, Inc.
 */

package org.opends.server.authorization.dseecompat;

import org.opends.server.DirectoryServerTestCase;
import org.opends.server.TestCaseUtils;
import org.opends.server.types.DN;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.ByteString;
@@ -36,15 +34,9 @@
import static org.testng.Assert.fail;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import org.testng.annotations.BeforeClass;

public class TargetTestCase extends DirectoryServerTestCase
public class TargetTestCase extends AciTestCase
{
  @BeforeClass
  public void startServer() throws Exception
  {
    TestCaseUtils.startServer();
  }


  @DataProvider

			@@ -22,45 +22,109 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/

			package org.opends.server.authorization.dseecompat;

			import org.opends.server.DirectoryServerTestCase;
			import org.opends.server.TestCaseUtils;
			import org.opends.server.config.ConfigConstants;
			import org.opends.server.core.DirectoryServer;
			import org.opends.server.protocols.internal.InternalClientConnection;
			import org.opends.server.protocols.ldap.LDAPResultCode;
			import org.opends.server.tools.LDAPModify;
			import org.opends.server.tools.LDAPSearch;
			import org.opends.server.tools.LDAPDelete;
			import org.opends.server.tools.LDAPPasswordModify;
			import org.opends.server.types.Attribute;
			import org.opends.server.types.DN;
			import org.opends.server.types.Entry;
			import org.opends.server.types.Modification;
			import org.opends.server.types.ModificationType;
			import org.opends.server.types.ResultCode;

			import static org.opends.server.util.ServerConstants.EOL;

			import org.testng.annotations.AfterClass;
			import org.testng.annotations.BeforeClass;
			import org.testng.annotations.Test;
			import org.testng.Assert;
			import org.testng.Reporter;

			import java.io.*;
			import java.util.Hashtable;
			import java.util.List;
			import java.util.Map;
			import java.util.HashMap;
			import java.util.ArrayList;

			import javax.naming.Context;
			import javax.naming.NamingException;
			import javax.naming.NoPermissionException;
			import javax.naming.directory.AttributeModificationException;
			import javax.naming.directory.BasicAttribute;
			import javax.naming.directory.DirContext;
			import javax.naming.directory.InitialDirContext;
			import javax.naming.directory.ModificationItem;
			import javax.naming.ldap.InitialLdapContext;
			import javax.naming.ldap.LdapContext;
			import javax.naming.ldap.StartTlsRequest;
			import javax.naming.ldap.StartTlsResponse;


			@Test(groups = {"precommit", "dseecompat"}, sequential = true)
			public abstract class AciTestCase extends DirectoryServerTestCase {
			private Attribute globalACIAttribute = null;



			@BeforeClass
			public void aciTestCaseSetup() throws Exception
			{
			Reporter.log("Running aciTestCaseSetup");

			TestCaseUtils.startServer();
			TestCaseUtils.clearJEBackend(true, "userRoot", "dc=example,dc=com");
			TestCaseUtils.initializeTestBackend(true);

			// Save Global ACI.
			Entry e = DirectoryServer.getEntry(DN.decode(ACCESS_HANDLER_DN));
			List<Attribute> attrs =
			e.getAttribute(ConfigConstants.ATTR_AUTHZ_GLOBAL_ACI);
			if (attrs != null && !attrs.isEmpty())
			{
			Reporter.log("Saved global ACI attribute");

			globalACIAttribute = attrs.iterator().next();
			}
			}



			@AfterClass(alwaysRun = true)
			public void aciTestCaseTearDown() throws Exception
			{
			Reporter.log("Running aciTestCaseTearDown");

			TestCaseUtils.clearJEBackend(false, "userRoot", null);
			TestCaseUtils.initializeTestBackend(true);

			// Restore Global ACI.
			if (globalACIAttribute != null)
			{
			Reporter.log("Restoring global ACI attribute: " + globalACIAttribute);

			List<Modification> modifications = new ArrayList<Modification>(1);
			modifications.add(new Modification(ModificationType.REPLACE,
			globalACIAttribute));
			InternalClientConnection conn =
			InternalClientConnection.getRootConnection();

			ResultCode rc =
			conn.processModify(DN.decode(ACCESS_HANDLER_DN),
			modifications).getResultCode();
			Assert.assertEquals(rc, ResultCode.SUCCESS,
			"Unable to restore global ACI");
			}
			}



			public static final String DIR_MGR_DN = "cn=Directory Manager";
			public static final String PWD = "password";
			public static final String filter = "(objectclass=*)";

			@@ -22,11 +22,10 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/
			package org.opends.server.authorization.dseecompat;

			import org.opends.server.DirectoryServerTestCase;
			import org.opends.server.TestCaseUtils;
			import org.opends.messages.Message;
			import org.opends.server.types.LDIFImportConfig;
			@@ -81,7 +80,7 @@
			* the syntax.
			*/
			@Test(sequential=true, groups="slow")
			public class AciTests extends DirectoryServerTestCase {
			public class AciTests extends AciTestCase {
			// TODO: test modify use cases
			// TODO: test searches where we expect a subset of attributes and entries
			// TODO: test delete
			@@ -544,15 +543,10 @@

			@BeforeClass
			public void setupClass() throws Exception {
			TestCaseUtils.startServer();
			deleteAttrFromEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI, true);
			TestCaseUtils.clearJEBackend(true, "userRoot", "dc=example,dc=com");
			}

			@AfterClass(alwaysRun = true)
			public void tearDown() throws Exception {
			modEntries(GLOBAL_DEFAULT_ACIS, DIR_MGR_DN, DIR_MGR_PW);
			}


			@BeforeMethod
			public void clearBackend() throws Exception {

			@@ -22,7 +22,7 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/


			@@ -32,10 +32,8 @@

			import org.testng.annotations.BeforeClass;
			import org.testng.annotations.Test;
			import org.testng.annotations.AfterClass;
			import org.testng.annotations.BeforeMethod;
			import org.testng.Assert;
			import org.opends.server.TestCaseUtils;
			import static org.opends.server.config.ConfigConstants.*;
			import java.util.HashMap;
			import static org.opends.server.util.ServerConstants.*;
			@@ -70,20 +68,11 @@

			@BeforeClass
			public void setupClass() throws Exception {
			TestCaseUtils.startServer();
			deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
			addEntries("o=test");
			addRootEntry();
			}

			@AfterClass(alwaysRun = true)
			public void tearDown() throws Exception {
			String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
			G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
			E_EXTEND_OP);
			LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
			}


			@BeforeMethod
			public void clearBackend() throws Exception {

			@@ -22,14 +22,13 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/

			package org.opends.server.authorization.dseecompat;

			import org.testng.annotations.*;
			import org.testng.annotations.Test;
			import org.opends.server.TestCaseUtils;
			import org.opends.server.protocols.ldap.LDAPResultCode;
			import static org.opends.server.util.ServerConstants.*;
			import static org.opends.server.config.ConfigConstants.*;
			@@ -118,18 +117,10 @@

			@BeforeClass
			public void setupClass() throws Exception {
			TestCaseUtils.startServer();
			deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
			addEntries("o=test");
			}

			@AfterClass(alwaysRun = true)
			public void tearDown() throws Exception {
			String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
			G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
			E_EXTEND_OP);
			LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
			}

			@BeforeMethod
			public void clearBackend() throws Exception {

			@@ -22,18 +22,16 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/


			package org.opends.server.authorization.dseecompat;

			import org.testng.annotations.BeforeClass;
			import org.testng.annotations.AfterClass;
			import org.testng.annotations.BeforeMethod;
			import org.testng.annotations.Test;
			import org.testng.Assert;
			import org.opends.server.TestCaseUtils;
			import static org.opends.server.config.ConfigConstants.ATTR_AUTHZ_GLOBAL_ACI;

			/**
			@@ -56,19 +54,10 @@

			@BeforeClass
			public void setupClass() throws Exception {
			TestCaseUtils.restartServer();
			deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
			addEntries("o=test");
			}

			@AfterClass(alwaysRun = true)
			public void tearDown() throws Exception {
			String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
			G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
			E_EXTEND_OP);
			LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
			}


			@BeforeMethod
			public void clearBackend() throws Exception {

			@@ -22,21 +22,17 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/

			package org.opends.server.authorization.dseecompat;

			import org.testng.annotations.BeforeClass;
			import org.testng.annotations.AfterClass;
			import org.testng.annotations.BeforeMethod;
			import org.testng.annotations.Test;
			import org.testng.Assert;
			import org.opends.server.TestCaseUtils;
			import static org.opends.server.util.ServerConstants.OID_MANAGE_DSAIT_CONTROL;
			import static org.opends.server.config.ConfigConstants.ATTR_AUTHZ_GLOBAL_ACI;

			import java.util.HashMap;
			import java.io.StringReader;
			import java.io.BufferedReader;
			import java.io.IOException;
			@@ -81,21 +77,10 @@

			@BeforeClass
			public void setupClass() throws Exception {
			TestCaseUtils.restartServer();
			deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
			TestCaseUtils.clearJEBackend(true,"userRoot", suffix);
			addEntries(suffix);
			}

			@AfterClass
			public void tearDown() throws Exception {
			String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
			G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
			E_EXTEND_OP);
			LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
			TestCaseUtils.clearJEBackend(false,"userRoot", suffix);
			}


			/**
			* Test using ACI added to admin base containing "ref" attribute type name

			@@ -22,15 +22,13 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/

			package org.opends.server.authorization.dseecompat;

			import org.testng.annotations.DataProvider;
			import org.testng.annotations.Test;
			import org.testng.annotations.BeforeClass;
			import org.opends.server.TestCaseUtils;


			/**
			@@ -38,11 +36,6 @@
			*/
			public class TargAttrFiltersTestCase extends AciTestCase {

			@BeforeClass
			public void startServer() throws Exception {
			TestCaseUtils.startServer();
			}

			//Valid targattrfilters statements. Not the complete ACI.
			@DataProvider(name = "validStatements")
			public Object[][] valids() {

			@@ -22,17 +22,14 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/

			package org.opends.server.authorization.dseecompat;

			import org.testng.annotations.BeforeClass;
			import org.testng.annotations.Test;
			import org.testng.annotations.AfterClass;
			import org.testng.annotations.BeforeMethod;
			import org.testng.Assert;
			import org.opends.server.TestCaseUtils;
			import static org.opends.server.config.ConfigConstants.*;

			import java.util.HashMap;
			@@ -122,19 +119,10 @@

			@BeforeClass
			public void setupClass() throws Exception {
			TestCaseUtils.startServer();
			deleteAttrFromAdminEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI);
			addEntries("o=test");
			}

			@AfterClass(alwaysRun = true)
			public void tearDown() throws Exception {
			String aciLdif=makeAddLDIF(ATTR_AUTHZ_GLOBAL_ACI, ACCESS_HANDLER_DN,
			G_READ_ACI, G_SELF_MOD, G_SCHEMA, G_DSE, G_USER_OPS, G_CONTROL,
			E_EXTEND_OP);
			LDIFAdminModify(aciLdif, DIR_MGR_DN, PWD);
			}

			/**
			* Test targetattr behavior using userattr bind rule.
			*

			@@ -22,13 +22,11 @@
			* CDDL HEADER END
			*
			*
			* Copyright 2008 Sun Microsystems, Inc.
			* Copyright 2008-2009 Sun Microsystems, Inc.
			*/

			package org.opends.server.authorization.dseecompat;

			import org.opends.server.DirectoryServerTestCase;
			import org.opends.server.TestCaseUtils;
			import org.opends.server.types.DN;
			import org.opends.server.types.DirectoryException;
			import org.opends.server.types.ByteString;
			@@ -36,15 +34,9 @@
			import static org.testng.Assert.fail;
			import org.testng.annotations.DataProvider;
			import org.testng.annotations.Test;
			import org.testng.annotations.BeforeClass;

			public class TargetTestCase extends DirectoryServerTestCase
			public class TargetTestCase extends AciTestCase
			{
			@BeforeClass
			public void startServer() throws Exception
			{
			TestCaseUtils.startServer();
			}


			@DataProvider