external-software/github_OpenIdentityPlatform_OpenDJ.git

			@@ -24,6 +24,7 @@
			! CDDL HEADER END
			!
			! Copyright 2007-2008 Sun Microsystems, Inc.
			! Portions Copyright 2012 ForgeRock AS
			! -->
			<stax>

			@@ -40,7 +41,7 @@
			#@TestScript security_grace_login.xml
			-->

			<!--- Define default value for basedn -->
			<!--- Define default values for test -->
			<script>
			basedn1 = 'ou=people,ou=password tests,'
			basedn = '%s o=Pwd Policy Tests,dc=example,dc=com' % basedn1
			@@ -49,6 +50,8 @@
			msg1 = 'Password Policy DN: %s' % basepwp
			msg2 = 'Account Is Disabled: false'
			msg3 = 'Password History:'

			grace_login_count = 3
			</script>


			@@ -62,7 +65,7 @@
			ds-cfg-min-password-age 1 seconds
			ds-cfg-max-password-age 3 seconds
			ds-cfg-password-expiration-warning-interval 1 s
			ds-cfg-grace-login-count 2
			ds-cfg-grace-login-count 3
			#@TestPostamble none
			#@TestResult Success if modifyAnAttribute returns 0
			-->
			@@ -78,12 +81,12 @@
			listAttrs.append("ds-cfg-min-password-age:1 seconds")
			listAttrs.append("ds-cfg-max-password-age:3 seconds")
			listAttrs.append("ds-cfg-password-expiration-warning-interval:1 seconds")
			listAttrs.append("ds-cfg-grace-login-count:2")
			listAttrs.append("ds-cfg-grace-login-count:%s" % grace_login_count)
			</script>

			<message>
			'Security: Grace Login: Admin modifying password policy settings'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Admin modifying password policy setting.' % msg }
			</call>

			<call function="'modifyAnAttribute'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -95,7 +98,26 @@
			'changetype' : 'replace' }
			</call>

			<call function="'testStep'">
			{ 'stepMessage' : '%s Get Default Password Policy.' % msg }
			</call>

			<script>
			options=[]
			options.append('--policy-name "Default Password Policy"')
			dsconfigOptions=' '.join(options)
			</script>

			<call function="'dsconfig'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
			'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
			'subcommand' : 'get-password-policy-prop',
			'optionsString' : dsconfigOptions

			}
			</call>

			<call function="'testCase_Postamble'"/>

			@@ -128,9 +150,9 @@
			listAttrs.append("ds-cfg-password-expiration-warning-interval:1 seconds")
			</script>

			<message>
			'Security: Grace Login: Admin modifying password policy settings'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
			</call>

			<call function="'modifyAnAttribute'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -143,7 +165,6 @@
			'expectedRC' : 53 }
			</call>


			<call function="'testCase_Postamble'"/>

			</sequence>
			@@ -174,9 +195,9 @@
			listAttrs.append("ds-cfg-password-expiration-warning-interval:1 seconds")
			</script>

			<message>
			'Security: Grace Login: Admin modifying password policy settings'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
			</call>

			<call function="'modifyAnAttribute'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -221,9 +242,9 @@
			listAttrs.append("ds-cfg-password-expiration-warning-interval:10 seconds")
			</script>

			<message>
			'Security: Grace Login: Admin modifying password policy settings'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
			</call>

			<call function="'modifyAnAttribute'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -268,17 +289,50 @@
			<sequence>
			<call function="'testCase_Preamble'"/>

			<message>
			'Security: Grace Login: Pause 2 seconds'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Get Default Password Policy.' % msg }
			</call>

			<script>
			options=[]
			options.append('--policy-name "Default Password Policy"')
			dsconfigOptions=' '.join(options)
			</script>

			<call function="'dsconfig'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
			'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
			'subcommand' : 'get-password-policy-prop',
			'optionsString' : dsconfigOptions

			}
			</call>

			<call function="'testStep'">
			{ 'stepMessage' : '%s Pause 2 seconds.' % msg }
			</call>

			<call function="'Sleep'">
			{ 'sleepForMilliSeconds' : '2000' }
			</call>

			<message>
			'%s Verify grace login use times with manage-account ' % msg
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Verify remaining grace login count with manage-account ' % msg }
			</call>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
			'subcommand' : 'get-remaining-grace-login-count' ,
			'targetDn' : 'uid=btalbot,%s' % basedn }
			</call>

			<call function="'testStep'">
			{ 'stepMessage' : '%s Verify grace login use times with manage-account ' % msg }
			</call>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -297,9 +351,17 @@
			'expectedString' : 'Grace Login Use Times:' }
			</call>

			<message>
			'Security: Grace Login: Search Bind 1'
			</message>
			<!-- The password has expired, entering grace login period -->
			<script>
			remaining_grace_login_count = 2
			</script>
			<loop from="1" to="grace_login_count" var="loop">

			<sequence>

			<call function="'testStep'">
			{ 'stepMessage' : '%s Search Bind %s' % (msg,loop) }
			</call>

			<call function="'SearchObject'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -312,9 +374,9 @@
			'expectedRC' : 19 }
			</call>

			<message>
			'%s Verify remaining grace login count with manage-account ' % msg
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Verify remaining grace login count.' % msg }
			</call>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -330,13 +392,12 @@

			<call function="'checktestString'">
			{ 'returnString' : returnString ,
			'expectedString' : 'Remaining Grace Login Count: 2' ,
			'issue' : '3430' }
			'expectedString' : 'Remaining Grace Login Count: %s' % remaining_grace_login_count }
			</call>

			<message>
			'%s Verify grace login use times with manage-account ' % msg
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Verify grace login use times.' % msg }
			</call>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -350,51 +411,24 @@
			returnString = STAXResult[0][1]
			</script>

			<!-- TODO: WTF -->
			<call function="'checktestString'">
			{ 'returnString' : returnString ,
			'expectedString' : 'Grace Login Use Times: 20' }
			</call>

			<message>
			'Security: Grace Login: Search Bind 2'
			</message>

			<call function="'SearchObject'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : 'uid=btalbot,%s' % basedn ,
			'dsInstancePswd' : 'trident',
			'dsBaseDN' : 'dc=example,dc=com' ,
			'dsFilter' : 'objectclass=*' ,
			'extraParams' : '-s base',
			'expectedRC' : 19 }
			</call>

			<message>
			'%s Verify remaining grace login with manage-account ' % msg
			</message>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
			'subcommand' : 'get-remaining-grace-login-count' ,
			'targetDn' : 'uid=btalbot,%s' % basedn }
			</call>

			<script>
			returnString = STAXResult[0][1]
			remaining_grace_login_count -= 1
			</script>

			<call function="'checktestString'">
			{ 'returnString' : returnString ,
			'expectedString' : 'Remaining Grace Login Count: 1',
			'issue' : '3430' }
			</call>
			</sequence>
			</loop>

			<message>
			'Security: Grace Login: Search Bind 3'
			</message>

			<!-- The password has expired, no grace logins remaining -->
			<call function="'testStep'">
			{ 'stepMessage' : '%s Search Bind 4' % msg }
			</call>

			<call function="'SearchObject'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -407,9 +441,9 @@
			'expectedRC' : 49 }
			</call>

			<message>
			'%s Verify remaining grace login with manage-account ' % msg
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Verify remaining grace login with manage-account' % msg }
			</call>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -428,46 +462,10 @@
			'expectedString' : 'Remaining Grace Login Count: 0' }
			</call>

			<message>
			'Security: Grace Login: Search Bind 4'
			</message>

			<call function="'SearchObject'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
			'dsInstanceDn' : 'uid=btalbot,%s' % basedn ,
			'dsInstancePswd' : 'trident',
			'dsBaseDN' : 'dc=example,dc=com' ,
			'dsFilter' : 'objectclass=*' ,
			'extraParams' : '-s base',
			'expectedRC' : 49 }
			<call function="'testStep'">
			{ 'stepMessage' : '%s Verify manage-account get-all' % msg }
			</call>

			<message>
			'%s Verify remaining grace login with manage-account ' % msg
			</message>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
			'subcommand' : 'get-remaining-grace-login-count' ,
			'targetDn' : 'uid=btalbot,%s' % basedn }
			</call>

			<script>
			returnString = STAXResult[0][1]
			</script>

			<call function="'checktestString'">
			{ 'returnString' : returnString ,
			'expectedString' : 'Remaining Grace Login Count: 0' }
			</call>

			<message>
			'%s Verify manage-account get-all' % msg
			</message>

			<call function="'manageAccountWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
			@@ -512,9 +510,9 @@
			<sequence>
			<call function="'testCase_Preamble'"/>

			<message>
			'Security: Grace Login: Reset Pwd, Search Bind 1'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Reset Pwd, Search Bind 1' % msg }
			</call>

			<call function="'SearchObject'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -527,10 +525,9 @@
			'expectedRC' : 19 }
			</call>

			<message>
			'Security: Grace Login: Reset Pwd, User resetting password'
			</message>

			<call function="'testStep'">
			{ 'stepMessage' : '%s Reset Pwd, User resetting password' % msg }
			</call>

			<call function="'ldapPasswordModifyWithScript'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -542,9 +539,9 @@
			'knownIssue' : '3249' }
			</call>

			<message>
			'Security: Grace Login: Reset Pwd, Admin reset max password age'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Reset Pwd, Admin reset max password age' % msg }
			</call>

			<call function="'modifyPwdPolicy'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -555,9 +552,9 @@
			'attributeValue' : '24 h' }
			</call>

			<message>
			'Security: Grace Login: Reset Pwd, Search Bind 2'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Reset Pwd, Search Bind 2' % msg }
			</call>

			<call function="'SearchObject'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -569,9 +566,9 @@
			'extraParams' : '-s base' }
			</call>

			<message>
			'Security: Grace Login: Reset Pwd, Search Bind 3'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Reset Pwd, Search Bind 3' % msg }
			</call>

			<call function="'SearchObject'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -617,9 +614,9 @@
			listAttrs.append("ds-cfg-grace-login-count:0")
			</script>

			<message>
			'Security: Grace Login: Admin resetting password policy settings'
			</message>
			<call function="'testStep'">
			{ 'stepMessage' : '%s Admin resetting password policy settings.' % msg }
			</call>

			<call function="'modifyAnAttribute'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
			@@ -631,6 +628,27 @@
			'changetype' : 'replace' }
			</call>

			<call function="'testStep'">
			{ 'stepMessage' : '%s Get Default Password Policy.' % msg }
			</call>

			<script>
			options=[]
			options.append('--policy-name "Default Password Policy"')
			dsconfigOptions=' '.join(options)
			</script>

			<call function="'dsconfig'">
			{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
			'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
			'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
			'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
			'subcommand' : 'get-password-policy-prop',
			'optionsString' : dsconfigOptions

			}
			</call>

			<call function="'testCase_Postamble'"/>

			</sequence>

	opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_grace_login.xml	276 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/staf-tests/functional-tests/testcases/security/pwd_validator/security_dictionary.xml	patch \| view \| raw \| blame \| history