From 1d8be5c22e8afbbd8b56a2e24329b8a975a627c0 Mon Sep 17 00:00:00 2001
From: Ludovic Poitou <ludovic.poitou@forgerock.com>
Date: Fri, 31 Jan 2014 21:30:29 +0000
Subject: [PATCH] OPENDJ-1319. Relax constraint on minimal character sets in password validator
---
opends/src/server/org/opends/server/extensions/CharacterSetPasswordValidator.java | 4
opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/CharacterSetPasswordValidatorTestCase.java | 252 ++++++++++++++++++++++++++++++++------------------
opends/src/messages/messages/extension.properties | 4
3 files changed, 164 insertions(+), 96 deletions(-)
diff --git a/opends/src/messages/messages/extension.properties b/opends/src/messages/messages/extension.properties
index 61834b4..10a901e 100644
--- a/opends/src/messages/messages/extension.properties
+++ b/opends/src/messages/messages/extension.properties
@@ -869,8 +869,8 @@
MILD_ERR_PWSCHEME_INVALID_BASE64_DECODED_STORED_PASSWORD_578=The password \
value %s has been base64-decoded but is too short to be valid
MILD_ERR_CHARSET_VALIDATOR_MIN_CHAR_SETS_TOO_SMALL_579=The provided minimum \
- required number of character sets '%d' is invalid because it must include \
- all mandatory character sets and at least one optional character set
+ required number of character sets '%d' is invalid because it must at least \
+ include all mandatory character sets
MILD_ERR_CHARSET_VALIDATOR_MIN_CHAR_SETS_TOO_BIG_580=The provided minimum \
required number of character sets '%d' is invalid because it is greater than \
the total number of defined character sets
diff --git a/opends/src/server/org/opends/server/extensions/CharacterSetPasswordValidator.java b/opends/src/server/org/opends/server/extensions/CharacterSetPasswordValidator.java
index 1631916..8046e2c 100644
--- a/opends/src/server/org/opends/server/extensions/CharacterSetPasswordValidator.java
+++ b/opends/src/server/org/opends/server/extensions/CharacterSetPasswordValidator.java
@@ -249,7 +249,7 @@
int requiredOptionalCharacterSets;
if (currentConfig.getMinCharacterSets() == null)
{
- requiredOptionalCharacterSets = 1;
+ requiredOptionalCharacterSets = 0;
}
else
{
@@ -463,7 +463,7 @@
{
int minCharacterSets = configuration.getMinCharacterSets();
- if (minCharacterSets <= mandatoryCharacterSets)
+ if (minCharacterSets < mandatoryCharacterSets)
{
Message message = ERR_CHARSET_VALIDATOR_MIN_CHAR_SETS_TOO_SMALL
.get(minCharacterSets);
diff --git a/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/CharacterSetPasswordValidatorTestCase.java b/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/CharacterSetPasswordValidatorTestCase.java
index 7c9c92d..61ac6de 100644
--- a/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/CharacterSetPasswordValidatorTestCase.java
+++ b/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/CharacterSetPasswordValidatorTestCase.java
@@ -88,82 +88,97 @@
throws Exception
{
List<Entry> entries = TestCaseUtils.makeEntries(
- "dn: cn=Character Set,cn=Password Validators,cn=config",
- "objectClass: top",
- "objectClass: ds-cfg-password-validator",
- "objectClass: ds-cfg-character-set-password-validator",
- "cn: Character Set",
- "ds-cfg-java-class: org.opends.server.extensions." +
- "CharacterSetPasswordValidator",
- "ds-cfg-enabled: true",
- "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
- "ds-cfg-character-set: 1:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
- "ds-cfg-character-set: 1:0123456789",
- "ds-cfg-character-set: 1:~!@#$%^&*()-_=+[]{}|;:,.<>/?",
- "ds-cfg-allow-unclassified-characters: true",
- "",
- "dn: cn=Character Set,cn=Password Validators,cn=config",
- "objectClass: top",
- "objectClass: ds-cfg-password-validator",
- "objectClass: ds-cfg-character-set-password-validator",
- "cn: Character Set",
- "ds-cfg-java-class: org.opends.server.extensions." +
- "CharacterSetPasswordValidator",
- "ds-cfg-enabled: true",
- "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
- "ds-cfg-allow-unclassified-characters: true",
- "",
- "dn: cn=Character Set,cn=Password Validators,cn=config",
- "objectClass: top",
- "objectClass: ds-cfg-password-validator",
- "objectClass: ds-cfg-character-set-password-validator",
- "cn: Character Set",
- "ds-cfg-java-class: org.opends.server.extensions." +
- "CharacterSetPasswordValidator",
- "ds-cfg-enabled: true",
- "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
- "ds-cfg-character-set: 1:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
- "ds-cfg-character-set: 1:0123456789",
- "ds-cfg-character-set: 1:~!@#$%^&*()-_=+[]{}|;:,.<>/?",
- "ds-cfg-allow-unclassified-characters: false",
- "",
- "dn: cn=Character Set,cn=Password Validators,cn=config",
- "objectClass: top",
- "objectClass: ds-cfg-password-validator",
- "objectClass: ds-cfg-character-set-password-validator",
- "cn: Character Set",
- "ds-cfg-java-class: org.opends.server.extensions." +
- "CharacterSetPasswordValidator",
- "ds-cfg-enabled: true",
- "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
- "ds-cfg-character-set: 0:0123456789",
- "ds-cfg-allow-unclassified-characters: true",
- "ds-cfg-min-character-sets: 2",
- "",
- "dn: cn=Character Set,cn=Password Validators,cn=config",
- "objectClass: top",
- "objectClass: ds-cfg-password-validator",
- "objectClass: ds-cfg-character-set-password-validator",
- "cn: Character Set",
- "ds-cfg-java-class: org.opends.server.extensions." +
- "CharacterSetPasswordValidator",
- "ds-cfg-enabled: true",
- "ds-cfg-character-set-ranges: 0:0-9",
- "ds-cfg-allow-unclassified-characters: true",
- "ds-cfg-min-character-sets: 1",
- "",
- "dn: cn=Character Set,cn=Password Validators,cn=config",
- "objectClass: top",
- "objectClass: ds-cfg-password-validator",
- "objectClass: ds-cfg-character-set-password-validator",
- "cn: Character Set",
- "ds-cfg-java-class: org.opends.server.extensions." +
- "CharacterSetPasswordValidator",
- "ds-cfg-enabled: true",
- "ds-cfg-character-set-ranges: 1:A-Z\u13a0-\u13f4",
- "ds-cfg-character-set: 0:0123456789",
- "ds-cfg-allow-unclassified-characters: true",
- "ds-cfg-min-character-sets: 2");
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-character-set: 1:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ "ds-cfg-character-set: 1:0123456789",
+ "ds-cfg-character-set: 1:~!@#$%^&*()-_=+[]{}|;:,.<>/?",
+ "ds-cfg-allow-unclassified-characters: true",
+ "",
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-allow-unclassified-characters: true",
+ "",
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-character-set: 1:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ "ds-cfg-character-set: 1:0123456789",
+ "ds-cfg-character-set: 1:~!@#$%^&*()-_=+[]{}|;:,.<>/?",
+ "ds-cfg-allow-unclassified-characters: false",
+ "",
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-character-set: 0:0123456789",
+ "ds-cfg-allow-unclassified-characters: true",
+ "ds-cfg-min-character-sets: 2",
+ "",
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set-ranges: 0:0-9",
+ "ds-cfg-allow-unclassified-characters: true",
+ "ds-cfg-min-character-sets: 1",
+ "",
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set-ranges: 1:A-Z\u13a0-\u13f4",
+ "ds-cfg-character-set: 0:0123456789",
+ "ds-cfg-allow-unclassified-characters: true",
+ "ds-cfg-min-character-sets: 2",
+ "",
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-character-set: 1:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ "ds-cfg-character-set: 1:0123456789",
+ "ds-cfg-character-set: 0:~!@#$%^&*()-_=+[]{}|;:,.<>/?",
+ "ds-cfg-allow-unclassified-characters: false",
+ "ds-cfg-min-character-sets: 3");
Object[][] array = new Object[entries.size()][1];
for (int i=0; i < array.length; i++)
@@ -179,7 +194,7 @@
/**
* Tests the process of initializing the server with valid configurations.
*
- * @param entry The configuration entry to use for the initialization.
+ * @param e The configuration entry to use for the initialization.
*
* @throws Exception If an unexpected problem occurs.
*/
@@ -322,20 +337,6 @@
"ds-cfg-allow-unclassified-characters: true",
"ds-cfg-min-character-sets: 0",
"",
- // Malformed min-character-sets: too low.
- "dn: cn=Character Set,cn=Password Validators,cn=config",
- "objectClass: top",
- "objectClass: ds-cfg-password-validator",
- "objectClass: ds-cfg-character-set-password-validator",
- "cn: Character Set",
- "ds-cfg-java-class: org.opends.server.extensions." +
- "CharacterSetPasswordValidator",
- "ds-cfg-enabled: true",
- "ds-cfg-character-set: 1:abcdefghijklmnopqrstuvwxyz",
- "ds-cfg-character-set: 0:0123456789",
- "ds-cfg-allow-unclassified-characters: true",
- "ds-cfg-min-character-sets: 1",
- "",
// Malformed min-character-sets: too high.
"dn: cn=Character Set,cn=Password Validators,cn=config",
"objectClass: top",
@@ -488,7 +489,7 @@
/**
* Tests the process of initializing the server with invalid configurations.
*
- * @param entry The configuration entry to use for the initialization.
+ * @param e The configuration entry to use for the initialization.
*
* @throws Exception If an unexpected problem occurs.
*/
@@ -881,6 +882,73 @@
"abc\u0e17ABC",
true
},
+
+ // 1 mandatory, 2 optional, allow unclassified,
+ // must have at least two optional, regardless of unclassified ones
+ new Object[]
+ {
+ TestCaseUtils.makeEntry(
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 0:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-character-set: 0:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ "ds-cfg-character-set: 1:0123456789",
+ "ds-cfg-min-character-sets: 3",
+ "ds-cfg-allow-unclassified-characters: true"),
+ "abc123?!",
+ false
+ },
+
+ // 1 mandatory, 2 optional, allow unclassified,
+ // must have at least two optional, regardless of unclassified ones.
+ new Object[]
+ {
+ TestCaseUtils.makeEntry(
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 0:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-character-set: 0:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ "ds-cfg-character-set: 1:0123456789",
+ "ds-cfg-min-character-sets: 3",
+ "ds-cfg-allow-unclassified-characters: true"),
+ "123!@#$%",
+ false
+ },
+
+ // 1 mandatory, 2 optional, allow unclassified,
+ // must have at least two optional, regardless of unclassified ones.
+ new Object[]
+ {
+ TestCaseUtils.makeEntry(
+ "dn: cn=Character Set,cn=Password Validators,cn=config",
+ "objectClass: top",
+ "objectClass: ds-cfg-password-validator",
+ "objectClass: ds-cfg-character-set-password-validator",
+ "cn: Character Set",
+ "ds-cfg-java-class: org.opends.server.extensions." +
+ "CharacterSetPasswordValidator",
+ "ds-cfg-enabled: true",
+ "ds-cfg-character-set: 0:abcdefghijklmnopqrstuvwxyz",
+ "ds-cfg-character-set: 0:ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ "ds-cfg-character-set: 1:0123456789",
+ "ds-cfg-min-character-sets: 3",
+ "ds-cfg-allow-unclassified-characters: true"),
+ "abc123ABC!@#",
+ true
+ },
+
};
}
--
Gitblit v1.10.0