mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/tests/functional-tests/testcases/security/pwd_policy/security_force_pwd_change_all_users.xml
@@ -43,6 +43,8 @@ <!--- Define default value for basedn --> <script> basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com' msg1 = 'get-password-changed-by-required-time' msg2 = 'get-seconds-until-required-change-time' </script> @@ -231,8 +233,12 @@ #@TestStep Admin Resetting Pwd Time Exp remove require-change-by-time 20061030183752.848Z #@TestStep User Searching With Password SearchObject returns 0 #@TestStep check manage-account get-password-changed-by-required-time #@TestStep Check manage-account get-seconds-until-required-change-time #@TestPostamble none #@TestResult Success if the 2 steps are PASS #@TestResult Success if the 4 steps are PASS --> <testcase name="getTestCaseName('Postamble Reset')"> @@ -267,6 +273,50 @@ 'extraParams' : '-s base' } </call> <message> 'Security: Pwd Change: Check manage-account %s' % msg1 </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : 'get-password-changed-by-required-time' , 'targetDn' : 'uid=scarter,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : 'Password Changed by Required Time:' } </call> <message> 'Security: Pwd Change: Check manage-account %s' % msg2 </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : 'get-seconds-until-required-change-time' , 'targetDn' : 'uid=scarter,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : 'Seconds Until Required Change Time:' } </call> <call function="'testCase_Postamble'"/> </sequence> </testcase> opends/tests/functional-tests/testcases/security/pwd_policy/security_grace_login.xml
@@ -46,6 +46,9 @@ basedn = '%s o=Pwd Policy Tests,dc=example,dc=com' % basedn1 basepwp ='cn=Default Password Policy,cn=Password Policies,cn=config' msg = 'Security: Grace Login:' msg1 = 'Password Policy DN: %s' % basepwp msg2 = 'Account Is Disabled: false' msg3 = 'Password History:' </script> @@ -255,6 +258,7 @@ #@TestStep Verify remaining grace login with manage-account #@TestStep Search Bind 4 SearchObject returns 49 #@TestStep Verify remaining grace login with manage-account #@TestStep Verify manage-account get-all #@TestPostamble none #@TestResult Success if all the steps are PASS --> @@ -471,6 +475,30 @@ 'expectedString' : 'Remaining Grace Login Count: 0' } </call> <message> '%s Verify manage-account get-all' % msg </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : 'get-all' , 'targetDn' : 'uid=btalbot,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : msg1 , 'expectedString' : msg2 , 'expectedString' : msg3 } </call> <call function="'testCase_Postamble'"/> </sequence> opends/tests/functional-tests/testcases/security/pwd_policy/security_last_login.xml
@@ -265,6 +265,7 @@ set last-login-time-attribute to ds-pwp-last-login-time #@TestStep User Binding With Password returns 0 #@TestStep Check manage-account get-last-login-time #@TestStep Checking for Absence of Last Login Time SearchObject ds-pwp-last-login-time returns 0 checktestString ds-pwp-last-login-time @@ -302,7 +303,29 @@ 'dsFilter' : 'objectclass=*' , 'extraParams' : '-s base' } </call> <message> '%s Check manage-account get-last-login-time' % msg1 </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : 'get-last-login-time' , 'targetDn' : 'uid=jreuter,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : 'Last Login Time: 2' } </call> <message> 'Security: Last Login: Checking for Absence of Last Login Time' </message> @@ -508,13 +531,14 @@ set idle-lockout-interval to 50 s #@TestStep Step 3. User Binding Before Idle Lockout SearchObject returns 0 #@TestStep Step 4. Sleep sleepForMilliSeconds 30000 #@TestStep Step 5. User Changing Password #@TestStep Step 6. Sleep sleepForMilliSeconds to 30000 #@TestStep Step 7. User Binding After Idle Lockout #@TestStep Step 4. Check get-seconds-until-idle-lockout #@TestStep Step 5. Sleep sleepForMilliSeconds 30000 #@TestStep Step 6. User Changing Password #@TestStep Step 7. Sleep sleepForMilliSeconds to 30000 #@TestStep Step 8. User Binding After Idle Lockout SearchObject returns 0 #@TestPostamble none #@TestResult Success if the 7 steps are PASS #@TestResult Success if the 8 steps are PASS --> <testcase name="getTestCaseName('Long Idle Lockout - Pwd Change Override')"> @@ -561,6 +585,28 @@ 'dsFilter' : 'objectclass=*' , 'extraParams' : '-s base' } </call> <message> '%s, %s - %s Step 4. Check get-seconds-until-idle-lockout' % (msg1,msg2,msg4) </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : 'get-seconds-until-idle-lockout' , 'targetDn' : 'uid=jreuter,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : 'Seconds Until Idle Account Lockout: ' } </call> <message> opends/tests/functional-tests/testcases/security/pwd_policy/security_lockout_duration.xml
@@ -42,7 +42,14 @@ <!--- Define default value for basedn --> <script> basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com' basedn1 = 'ou=people,ou=password tests,' basedn = '%s o=Pwd Policy Tests,dc=example,dc=com' % basedn1 pwp = 'cn=Default Password Policy,cn=Password Policies,cn=config' msg = 'Security: Lockout Duration:' msg1 = 'Security: Lockout Duration: Preamble' msg2 = 'Security: Lockout Duration: Short Lockout Duration' msg3 = 'get-seconds-until-password-reset-lockout' msg4 = 'Security: Lockout Duration: Long Lockout Duration' </script> @@ -71,7 +78,7 @@ <sequence> <call function="'testCase_Preamble'"/> <message> 'Security: Lockout Duration: Preamble Step 1. Checking existence of ds-cfg-lockout-duration' '%s Step 1. Checking existence of ds-cfg-lockout-duration' % msg1 </message> <call function="'compareEntry'"> @@ -80,11 +87,11 @@ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'attrToBeCompared' : 'ds-cfg-lockout-duration:0 seconds', 'entryToBeCompared' : 'cn=Default Password Policy,cn=Password Policies,cn=config' } 'entryToBeCompared' : pwp } </call> <message> 'Security: Lockout Duration: Preamble Step 2. Admin Changing Lockout Count' '%s Step 2. Admin Changing Lockout Count' % msg1 </message> <call function="'modifyPwdPolicy'"> @@ -98,7 +105,7 @@ </call> <message> 'Security: Lockout Duration: Preamble Step 3. User Lockout With Bad Pwd 3x' '%s Step 3. User Lockout With Bad Pwd 3x' % msg1 </message> <script> @@ -119,7 +126,7 @@ </iterate> <message> 'Security: Lockout Duration: Preamble Step 4. Admin Resetting User Pwd' '%s Preamble Step 4. Admin Resetting User Pwd' % msg1 </message> <call function="'ldapPasswordModifyWithScript'"> @@ -132,7 +139,7 @@ </call> <message> 'Security: Lockout Duration: Preamble Step 5. User Bind With New Password' '%s Step 5. User Bind With New Password' % msg1 </message> <call function="'SearchObject'"> @@ -165,7 +172,7 @@ <sequence> <call function="'testCase_Preamble'"/> <message> 'Security: Lockout Duration: Admin Making Lockout Duration Short' '%s Admin Making Lockout Duration Short' % msg </message> <call function="'modifyPwdPolicy'"> @@ -205,7 +212,7 @@ <sequence> <call function="'testCase_Preamble'"/> <message> 'Security: Lockout Duration: Short Lockout Duration Step 1. User Lockout With Bad Pwd 3x' '%s Step 1. User Lockout With Bad Pwd 3x' % msg2 </message> <script> @@ -234,7 +241,7 @@ </call> <message> 'Security: lockout Duration: Short Lockout Duration Step 2. User Changing Password' '%s Step 2. User Changing Password' % msg2 </message> <call function="'ldapPasswordModifyWithScript'"> @@ -247,7 +254,7 @@ </call> <message> 'Security: Lockout Duration: Short Lockout Duration Step 3. User Bind With New Password' '%s Step 3. User Bind With New Password' % msg2 </message> <call function="'SearchObject'"> @@ -272,6 +279,8 @@ #@TestPurpose Admin making Lockout Duration Long #@TestPreamble none #@TestStep set lockout-duration to 5 days #@TestStep Check manage-account get-seconds-until-password-reset-lockout #@TestPostamble none #@TestResult Success if the step is PASS --> @@ -280,7 +289,7 @@ <sequence> <call function="'testCase_Preamble'"/> <message> 'Security: Lockout Duration: Admin Making Lockout Duration Long' '%s Admin Making Lockout Duration Long' % msg </message> <call function="'modifyPwdPolicy'"> @@ -293,6 +302,28 @@ 'attributeValue' : '5 d' } </call> <message> '%s Check manage-account %s' % (msg,msg3) </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : msg3 , 'targetDn' : 'uid=scarter,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : 'Seconds Until Password Reset Lockout:' } </call> <call function="'testCase_Postamble'"/> </sequence> @@ -321,7 +352,7 @@ <sequence> <call function="'testCase_Preamble'"/> <message> 'Security: Lockout Duration: Long Lockout Duration Step 1. User Initial Bind' '%s Long Lockout Duration Step 1. User Initial Bind' % msg </message> <call function="'SearchObject'"> @@ -335,7 +366,7 @@ </call> <message> 'Security: Lockout Duration: Long Lockout Duration Step 2. User Lockout With Bad Pwd 3x' '%s Step 2. User Lockout With Bad Pwd 3x' % msg4 </message> <script> @@ -364,7 +395,7 @@ </call> <message> 'Security: lockout Duration: Long Lockout Duration Step 3. User Changing Password' '%s Step 3. User Changing Password' % msg4 </message> <call function="'ldapPasswordModifyWithScript'"> @@ -378,7 +409,7 @@ </call> <message> 'Security: Lockout Duration: Long Lockout Duration Step 4. User Bind With New Password' '%s Step 4. User Bind With New Password' % msg4 </message> <call function="'SearchObject'"> @@ -420,7 +451,7 @@ <sequence> <call function="'testCase_Preamble'"/> <message> 'Security: Lockout Duration: Postamble Step 1. Admin Resetting Lockout Duration' '%s Postamble Step 1. Admin Resetting Lockout Duration' % msg </message> <call function="'modifyPwdPolicy'"> @@ -434,7 +465,7 @@ </call> <message> 'Security: Lockout Duration: Postamble Step 2. User Lockout With Bad Pwd 3x' '%s Postamble Step 2. User Lockout With Bad Pwd 3x' % msg </message> <script> @@ -455,7 +486,7 @@ </iterate> <message> 'Security: Lockout Duration: Postamble Step 3. Admin Resetting User Pwd' '%s Postamble Step 3. Admin Resetting User Pwd' % msg </message> <call function="'ldapPasswordModifyWithScript'"> @@ -468,7 +499,7 @@ </call> <message> 'Security: Lockout Duration: Postamble Step 4. User Bind With New Password' '%s Postamble Step 4. User Bind With New Password' % msg </message> <call function="'SearchObject'"> @@ -482,7 +513,7 @@ </call> <message> 'Security: Lockout Duration: Postamble Step 5. Admin Resetting Lockout Count' '%s Postamble Step 5. Admin Resetting Lockout Count' % msg </message> <call function="'modifyPwdPolicy'"> opends/tests/functional-tests/testcases/security/pwd_policy/security_lockout_fail_cnt.xml
@@ -45,6 +45,8 @@ basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com' basepwp = 'cn=Default Password Policy,cn=Password Policies,cn=config' msg = 'Security: Lockout Fail Cnt:' msg1 = 'get-remaining-authentication-failure-count' msg2 = 'Remaining Authentication Failure Count:' </script> <!--- Test Case information @@ -57,8 +59,10 @@ ds-cfg-lockout-failure-count and value is 0 #@TestStep Step 2. Default Bind With Bad Pwd 3x RC 49 then User search with good password returns 0 #@TestStep Step 3. check manage-account get-remaining-authentication-failure-count #@TestPostamble none #@TestResult Success if the 2 steps are PASS #@TestResult Success if the 3 steps are PASS --> <testcase name="getTestCaseName('Preamble')"> @@ -78,7 +82,7 @@ </call> <message> '%s Preamble Step 2. Default Bind With Bad Pwd 3x' % msg '%s Preamble Step 2. Default Bind With Bad Pwd 3x' % msg </message> <script> @@ -107,6 +111,29 @@ 'dsFilter' : 'objectclass=*' , 'extraParams' : '-s base' } </call> <message> '%s Preamble Step 3. Check manage-account %s' % (msg,msg1) </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : msg1 , 'targetDn' : 'uid=bhall,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : msg2 } </call> <call function="'testCase_Postamble'"/> </sequence> @@ -120,15 +147,17 @@ #@TestPreamble none #@TestStep Admin Changing Lockout Count set lockout-failure-count to 3 #@TestStep check manage-account get-remaining-authentication-failure-count #@TestPostamble none #@TestResult Success if modifyPwdPolicy returns 0. #@TestResult Success if all tests are PASS --> <testcase name="getTestCaseName('Admin Change Lockout Cnt')"> <sequence> <call function="'testCase_Preamble'"/> <message> 'Security: Lockout Cnt: Admin Changing Lockout Count' 'Security: Lockout Fail Cnt: Admin Changing Lockout Count' </message> <call function="'modifyPwdPolicy'"> @@ -141,6 +170,28 @@ 'attributeValue' : '3' } </call> <message> '%s Check manage-account %s' % (msg,msg1) </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : msg1 , 'targetDn' : 'uid=bhall,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : '%s 3' % msg2 } </call> <call function="'testCase_Postamble'"/> </sequence> @@ -153,8 +204,10 @@ #@TestPurpose Lockout With Bad Pwd 3x #@TestPreamble none #@TestStep Lockout With Bad Pwd 3x SearchObject RC 49 3x #@TestStep check manage-account get-remaining-authentication-failure-count #@TestPostamble none #@TestResult Success if the test is PASS #@TestResult Success if all tests are PASS --> <testcase name="getTestCaseName('Lockout With Bad Pwd 3x')"> @@ -180,6 +233,28 @@ 'expectedRC' : 49 } </call> </iterate> <message> '%s Check manage-account %s' % (msg,msg1) </message> <call function="'manageAccountWithScript'"> { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : msg1 , 'targetDn' : 'uid=bhall,%s' % basedn } </call> <script> returnString = STAXResult[0][1] </script> <call function="'checktestString'"> { 'returnString' : returnString , 'expectedString' : '%s 0' % msg2 } </call> <call function="'testCase_Postamble'"/>
File was deleted
