From 16826586e3c777d49c8d7644f7b12cdafc8df9b6 Mon Sep 17 00:00:00 2001
From: smaguin <smaguin@localhost>
Date: Fri, 16 Nov 2007 13:38:43 +0000
Subject: [PATCH] use dsconfig to set mapper certificate configuration
---
opends/tests/functional-tests/testcases/security/client_auth/fingerprint_mapper.xml | 93 +++++++++++------------
opends/tests/functional-tests/testcases/security/client_auth/subject_attribute_mapper.xml | 60 ++++++--------
opends/tests/functional-tests/testcases/security/client_auth/subject_dn_mapper.xml | 49 ++++++-----
opends/tests/functional-tests/testcases/security/client_auth/equal_dn_mapper.xml | 24 +++---
4 files changed, 108 insertions(+), 118 deletions(-)
diff --git a/opends/tests/functional-tests/testcases/security/client_auth/equal_dn_mapper.xml b/opends/tests/functional-tests/testcases/security/client_auth/equal_dn_mapper.xml
index e5f3f7f..4a9c267 100755
--- a/opends/tests/functional-tests/testcases/security/client_auth/equal_dn_mapper.xml
+++ b/opends/tests/functional-tests/testcases/security/client_auth/equal_dn_mapper.xml
@@ -53,19 +53,19 @@
<message>
'---- Configure the SASL EXTERNAL mechanism -----'
</message>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=EXTERNAL,cn=SASL Mechanisms,cn=config',
- 'attributeName' : 'ds-cfg-certificate-mapper',
- 'newAttributeValue' : 'cn=Subject Equals DN,cn=Certificate Mappers,cn=config',
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
+
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-sasl-mechanism-handler-prop' ,
+ 'objectType' : 'handler-name' ,
+ 'objectName' : 'EXTERNAL',
+ 'optionsString' : '--set certificate-mapper:"Subject Equals DN"',
+ 'expectedRC' : 0 }
</call>
-
+
<call function="'testCase_Postamble'"/>
</sequence>
diff --git a/opends/tests/functional-tests/testcases/security/client_auth/fingerprint_mapper.xml b/opends/tests/functional-tests/testcases/security/client_auth/fingerprint_mapper.xml
index d6cd823..4100264 100755
--- a/opends/tests/functional-tests/testcases/security/client_auth/fingerprint_mapper.xml
+++ b/opends/tests/functional-tests/testcases/security/client_auth/fingerprint_mapper.xml
@@ -54,19 +54,19 @@
<message>
'---- Configure the SASL EXTERNAL mechanism -----'
</message>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=EXTERNAL,cn=SASL Mechanisms,cn=config',
- 'attributeName' : 'ds-cfg-certificate-mapper',
- 'newAttributeValue' : 'cn=Fingerprint Mapper,cn=Certificate Mappers,cn=config',
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
- </call>
-
+
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-sasl-mechanism-handler-prop' ,
+ 'objectType' : 'handler-name' ,
+ 'objectName' : 'EXTERNAL',
+ 'optionsString' : '--set certificate-mapper:"Fingerprint Mapper"',
+ 'expectedRC' : 0 }
+ </call>
+
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
@@ -144,25 +144,23 @@
<message>'MD5 fingerprint for %s is : %s ' % (USER_2_CERT,MD5_fingerprint_cert2)</message>
<message>'SHA1 fingerprint for %s is : %s ' % (USER_2_CERT,SHA1_fingerprint_cert2)</message>
- <!-- Configure the mapper to map MD5 -->
- <script>
- listAttr = []
- listAttr.append('ds-cfg-fingerprint-attribute:ds-certificate-fingerprint')
- listAttr.append('ds-cfg-fingerprint-algorithm:MD5')
- </script>
-
+ <!-- Configure the mapper to map MD5 -->
+ <!-- fingerprint-attribute:ds-certificate-fingerprint -->
+ <!-- fingerprint-algorithm:MD5-->
<message>'----- Configure the mapper to map MD5 fingerprint '</message>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=Fingerprint Mapper,cn=Certificate Mappers,cn=config',
- 'listAttributes' : listAttr,
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
- </call>
+
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-certificate-mapper-prop' ,
+ 'objectType' : 'mapper-name' ,
+ 'objectName' : 'fingerPrint Mapper',
+ 'optionsString' : '--set fingerprint-attribute:ds-certificate-fingerprint --set fingerprint-algorithm:MD5',
+ 'expectedRC' : 0 }
+ </call>
+
<!-- configure the user entries -->
<message>'----- Configure the attribute ds-certificate-fingerprint for user %s ---' % USER_1_DN</message>
@@ -300,24 +298,21 @@
<!-- Configure the mapper to map SHA1 fingerprint -->
<message>'----- Configure the mapper to map SHA1 fingerprint '</message>
- <script>
- listAttr = []
- listAttr.append('ds-cfg-fingerprint-attribute:ds-certificate-fingerprint')
- listAttr.append('ds-cfg-fingerprint-algorithm:SHA1')
- </script>
-
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=Fingerprint Mapper,cn=Certificate Mappers,cn=config',
- 'listAttributes' : listAttr,
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
- </call>
-
+
+ <!-- fingerprint-attribute:ds-certificate-fingerprint -->
+ <!-- fingerprint-algorithm:SHA1-->
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-certificate-mapper-prop' ,
+ 'objectType' : 'mapper-name' ,
+ 'objectName' : 'fingerPrint Mapper',
+ 'optionsString' : '--set fingerprint-attribute:ds-certificate-fingerprint --set fingerprint-algorithm:SHA1',
+ 'expectedRC' : 0 }
+ </call>
+
<!-- Check mapping is working -->
<message>'--- Check SSL communication with SASL EXTERNAL authentication'</message>
diff --git a/opends/tests/functional-tests/testcases/security/client_auth/subject_attribute_mapper.xml b/opends/tests/functional-tests/testcases/security/client_auth/subject_attribute_mapper.xml
index e90c0f9..2213da6 100755
--- a/opends/tests/functional-tests/testcases/security/client_auth/subject_attribute_mapper.xml
+++ b/opends/tests/functional-tests/testcases/security/client_auth/subject_attribute_mapper.xml
@@ -53,29 +53,20 @@
<message>
'---- Configure the SASL EXTERNAL mechanism with Subject Attribute to User Attribute mapper -----'
</message>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=EXTERNAL,cn=SASL Mechanisms,cn=config',
- 'attributeName' : 'ds-cfg-certificate-mapper',
- 'newAttributeValue' : 'cn=Subject Attribute to User Attribute,cn=Certificate Mappers,cn=config',
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
- </call>
-
-
- <message>
- '---- Configure the Subject Attribute to User Attribute mapper -----'
- </message>
- <script>
- listAttr = []
- listAttr.append('cn=ds-cfg-subject-attribute-mapping:cn:cn')
- listAttr.append('cn=ds-cfg-subject-attribute-mapping:e:mail')
- </script>
+
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-sasl-mechanism-handler-prop' ,
+ 'objectType' : 'handler-name' ,
+ 'objectName' : 'EXTERNAL',
+ 'optionsString' : '--set certificate-mapper:"Subject Attribute to User Attribute"',
+ 'expectedRC' : 0 }
+ </call>
+
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
@@ -107,18 +98,19 @@
'---- Configure the Subject Attribute to User Attribute mapper -----'
</message>
<message>'---- Add a new mapping rule from attribute "uid" from certificate subject and attribute "description" of the user entry'</message>
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=Subject Attribute to User Attribute,cn=Certificate Mappers,cn=config',
- 'attributeName' : 'ds-cfg-subject-attribute-mapping',
- 'newAttributeValue' : 'uid:description',
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
- </call>
-
+
+
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-certificate-mapper-prop' ,
+ 'objectType' : 'mapper-name' ,
+ 'objectName' : 'Subject Attribute to User Attribute',
+ 'optionsString' : '--set subject-attribute-mapping:"uid:description"',
+ 'expectedRC' : 0 }
+ </call>
<message>'----- Configure the attribute description for user %s ---' % USER_1_DN</message>
<message>'----- the attribute description will map with the attribute "uid" of the certificate subject'</message>
diff --git a/opends/tests/functional-tests/testcases/security/client_auth/subject_dn_mapper.xml b/opends/tests/functional-tests/testcases/security/client_auth/subject_dn_mapper.xml
index 72aeb21..a5e5c14 100755
--- a/opends/tests/functional-tests/testcases/security/client_auth/subject_dn_mapper.xml
+++ b/opends/tests/functional-tests/testcases/security/client_auth/subject_dn_mapper.xml
@@ -54,18 +54,19 @@
<message>
'---- Configure the SASL EXTERNAL mechanism -----'
</message>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=EXTERNAL,cn=SASL Mechanisms,cn=config',
- 'attributeName' : 'ds-cfg-certificate-mapper',
- 'newAttributeValue' : 'cn=Subject DN to User Attribute,cn=Certificate Mappers,cn=config',
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
- </call>
+
+
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-sasl-mechanism-handler-prop' ,
+ 'objectType' : 'handler-name' ,
+ 'objectName' : 'EXTERNAL',
+ 'optionsString' : '--set certificate-mapper:"Subject DN to User Attribute"',
+ 'expectedRC' : 0 }
+ </call>
<call function="'testCase_Postamble'"/>
</sequence>
@@ -288,17 +289,19 @@
<message>'----- Configure the mapping to be done on the attribute description' </message>
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : 'cn=Subject DN to User Attribute,cn=Certificate Mappers,cn=config',
- 'attributeName' : 'ds-cfg-subject-attribute',
- 'newAttributeValue' : 'description',
- 'changetype' : 'replace',
- 'expectedRC' : 0 }
- </call>
+
+ <call function="'dsconfig'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-certificate-mapper-prop' ,
+ 'objectType' : 'mapper-name' ,
+ 'objectName' : 'Subject DN to User Attribute',
+ 'optionsString' : '--set subject-attribute:description',
+ 'expectedRC' : 0 }
+ </call>
+
<message>'----- Configure the attribute ds-certificate-subject-dn for user %s ---' % USER_1_DN</message>
--
Gitblit v1.10.0