From 67c7d5515bc2463d29cc19fbf3424aa5c680cce4 Mon Sep 17 00:00:00 2001
From: mkeyes <mkeyes@localhost>
Date: Wed, 08 Aug 2007 19:27:53 +0000
Subject: [PATCH] Converted functional tests for password validators to use dsconfig. Added more test cases to verify six more features.
---
opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_history_based.xml | 469 ++++++++++
opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_character_set.xml | 434 +++++++++
opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml | 28
opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_dictionary.xml | 273 ++++++
opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_attribute_value.xml | 557 ++++++++++++
opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_unique_chars.xml | 419 +++++++++
opendj-sdk/opends/tests/functional-tests/shared/functions/dsconfig.xml | 116 ++
opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_repeat_chars.xml | 378 ++++++++
8 files changed, 2,674 insertions(+), 0 deletions(-)
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/functions/dsconfig.xml b/opendj-sdk/opends/tests/functional-tests/shared/functions/dsconfig.xml
index ea8dcfc..6e8b710 100755
--- a/opendj-sdk/opends/tests/functional-tests/shared/functions/dsconfig.xml
+++ b/opendj-sdk/opends/tests/functional-tests/shared/functions/dsconfig.xml
@@ -475,6 +475,122 @@
</function>
+ <!-- Modify password validator using dsconfig -->
+ <function name="modifyPwdValidator">
+ <function-prolog>
+ This function modifies a password validator using dsconfig
+ </function-prolog>
+ <function-map-args>
+ <function-arg-def name="location" type="optional" default="'%s' % STAF_REMOTE_HOSTNAME">
+ <function-arg-description>
+ Location of target host
+ </function-arg-description>
+ <function-arg-property name="type" value="hostname"/>
+ </function-arg-def>
+
+ <function-arg-def name="dsPath" type="optional" default="'%s/%s' % (DIRECTORY_INSTANCE_DIR,OPENDSNAME)">
+ <function-arg-description>
+ Pathname to installation root
+ </function-arg-description>
+ <function-arg-property name="type" value="filepath"/>
+ </function-arg-def>
+
+ <function-arg-def name="dsInstanceHost" type="optional" default="'%s' % STAF_REMOTE_HOSTNAME">
+ <function-arg-description>
+ Directory server hostname or IP address
+ </function-arg-description>
+ <function-arg-property name="type" value="hostname"/>
+ </function-arg-def>
+
+ <function-arg-def name="dsInstancePort" type="required">
+ <function-arg-description>
+ Directory server port number
+ </function-arg-description>
+ <function-arg-property name="type" value="Port number"/>
+ </function-arg-def>
+
+ <function-arg-def name="dsInstanceDn" type="required">
+ <function-arg-description>
+ Bind DN
+ </function-arg-description>
+ <function-arg-property name="type" value="DN"/>
+ </function-arg-def>
+
+ <function-arg-def name="dsInstancePswd" type="required">
+ <function-arg-description>
+ Bind password
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+
+ <function-arg-def name="propertyName" type="required">
+ <function-arg-description>
+ Property to modify, e.g. enabled
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+
+ <function-arg-def name="attributeName" type="required">
+ <function-arg-description>
+ Attribute to modify, e.g. match-attribute
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+
+ <function-arg-def name="attributeValue" type="optional" default="'none'">
+ <function-arg-description>
+ New attribute value
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+
+ <function-arg-def name="modifyType" type="optional" default="'set'">
+ <function-arg-description>
+ The modify type. Default value is set.
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+
+ <function-arg-def name="expectedRC" type="optional" default="0">
+ <function-arg-description>
+ Expected return code value. Default value is 0
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+
+ </function-map-args>
+ <sequence>
+
+ <call function="'dsconfigSet'">
+ { 'location' : '%s' % location ,
+ 'dsPath' : '%s' % dsPath ,
+ 'dsInstanceHost' : '%s' % dsInstanceHost ,
+ 'dsInstancePort' : '%s' % dsInstancePort ,
+ 'dsInstanceDn' : '%s' % dsInstanceDn ,
+ 'dsInstancePswd' : '%s' % dsInstancePswd ,
+ 'objectName' : 'password-validator' ,
+ 'propertyType' : 'validator' ,
+ 'propertyName' : '%s' % (propertyName) ,
+ 'attributeName' : '%s' % (attributeName) ,
+ 'attributeValue' : '%s' % (attributeValue) ,
+ 'modifyType' : '%s' % (modifyType) ,
+ 'expectedRC' : expectedRC }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : STAXCode ,
+ 'result' : STAXReason ,
+ 'expected' : expectedRC }
+ </call>
+
+ <return>
+ STAXReason
+ </return>
+
+ </sequence>
+
+ </function>
+
<!-- Modify password policy using dsconfig -->
<function name="modifyGlobal">
<function-prolog>
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_attribute_value.xml b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_attribute_value.xml
new file mode 100755
index 0000000..a8cc2ed
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_attribute_value.xml
@@ -0,0 +1,557 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Portions Copyright 2006-2007 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="attribute_value"/>
+
+ <function name="attribute_value">
+
+ <sequence>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: Preamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: Preamble Step 1. Checking existence of ds-cfg-password-validator-length'
+ </message>
+
+ <call function="'compareEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'attrToBeCompared' : 'ds-cfg-password-validator-enabled:true',
+ 'entryToBeCompared' : 'cn=Attribute Value,cn=Password Validators,cn=config' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: Preamble Step 2. Admin Enabling Validator'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Attribute Value,cn=Password Validators,cn=config' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: add attribute sn'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Attribute Value: add attribute sn'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Attribute Value' ,
+ 'attributeName' : 'match-attribute' ,
+ 'attributeValue' : 'sn' ,
+ 'modifyType' : 'add' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to sn'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to sn'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'Miller' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Miller' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to lower case sn'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to lower case sn'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'miller' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'miller' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to upper case sn'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to upper case sn'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'MILLER' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'MILLER' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to mixed case sn'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to mixed case sn'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'mIlLeR' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'mIlLeR' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to reversed upper case sn'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to reversed upper case sn'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'RELLIM' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'RELLIM' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: add attribute roomnumber'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Attribute Value: add attribute roomnumber'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Attribute Value' ,
+ 'attributeName' : 'match-attribute' ,
+ 'attributeValue' : 'roomnumber' ,
+ 'modifyType' : 'add' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to roomnumber'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to roomnumber'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : '4135' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Miller' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to sn 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to sn 2'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'Miller' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password 2'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Miller' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: disable reverse match-attribute'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Attribute Value: add attribute sn'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Attribute Value' ,
+ 'attributeName' : 'test-reversed-password' ,
+ 'attributeValue' : 'false' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to reverse sn'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to reverse sn'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'gosling' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'rellim' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with good password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'rellim' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: user modifying password to sn 3'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to sn 3'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'rellim' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'Miller' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user binding with invalid password 3'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Miller' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+
+ <testcase name="'Security: Pwd Validator: Attribute Value: Postamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Attribute Value: Postamble Step 1. Admin Resetting Maximum Pwd Length'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Attribute Value,cn=Password Validators,cn=config' ,
+ 'modifyType' : 'remove' }
+ </call>
+
+ <!--- User Change Password -->
+ <message>
+ 'Security: Pwd Validator: Attribute Value: Postamble Step 2. User Changing Password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'rellim' ,
+ 'DNToModify' : 'uid=dmiller, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'Miller' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: Postamble Step 3. User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=dmiller,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Miller' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ </sequence>
+
+ </function>
+
+</stax>
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_character_set.xml b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_character_set.xml
new file mode 100755
index 0000000..61eadba
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_character_set.xml
@@ -0,0 +1,434 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Portions Copyright 2006-2007 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="character_set"/>
+
+ <function name="character_set">
+
+ <sequence>
+
+ <testcase name="'Security: Pwd Validator: Character Set: Preamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: Preamble Step 1. Checking existence of ds-cfg-password-validator-length'
+ </message>
+
+ <call function="'compareEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'attrToBeCompared' : 'ds-cfg-password-validator-enabled:true',
+ 'entryToBeCompared' : 'cn=Character Set,cn=Password Validators,cn=config' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: Preamble Step 2. Admin Enabling Validator'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Character Set,cn=Password Validators,cn=config' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: user modifying password to string with all letters'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to string with all letters'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ruling' ,
+ 'DNToModify' : 'uid=gfarmer, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'newruling' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newruling' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: user modifying password to string with all numbers'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to string with all numbers'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ruling' ,
+ 'DNToModify' : 'uid=gfarmer, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : '123456789' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : '123456789' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: change letter characters'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Attribute Value: add attribute sn'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Character Set' ,
+ 'attributeName' : 'character-set' ,
+ 'attributeValue' : '3:0123456789' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Character Set' ,
+ 'attributeName' : 'character-set' ,
+ 'attributeValue' : '1:ABCDEFGHIJKLMNOPQRSTUVWXYZ' ,
+ 'modifyType' : 'add' }
+ </call>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Character Set' ,
+ 'attributeName' : 'character-set' ,
+ 'attributeValue' : '3:abcdefghijklmnopqrstuvwxyz' ,
+ 'modifyType' : 'add' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: user modifying password to string with all letters 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to string with all letters 2'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ruling' ,
+ 'DNToModify' : 'uid=gfarmer, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'newruling' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newruling' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: user modifying password to string with all numbers 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to string with all numbers 2'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ruling' ,
+ 'DNToModify' : 'uid=gfarmer, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : '123456789' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : '123456789' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: user modifying password to valid string'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to valid string'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ruling' ,
+ 'DNToModify' : 'uid=gfarmer, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'Newruling123' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: user binding with valid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Newruling123' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: disable validator'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Attribute Value: add attribute sn'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Character Set' ,
+ 'attributeName' : 'enabled' ,
+ 'attributeValue' : 'false' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+
+ <testcase name="'Security: Pwd Validator: Character Set: user modifying password to valid string 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Attribute Value: user modifying password to valid string 2'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Newruling123' ,
+ 'DNToModify' : 'uid=gfarmer, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'newruling' ,
+ 'changetype' : 'replace' }
+ </call>
+ <!-- Uncomment this when Issue 2050/1449 is resolved.
+ <message>
+ 'Security: Pwd Validator: Character Set: user binding with valid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newruling' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+ -->
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Character Set: Postamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Character Set: Postamble Step 1. Admin Resetting Maximum Pwd Length'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Character Set,cn=Password Validators,cn=config' ,
+ 'modifyType' : 'remove' }
+ </call>
+
+ <!--- User Change Password -->
+ <message>
+ 'Security: Pwd Validator: Character Set: Postamble Step 2. User Changing Password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'Newruling123' ,
+ 'DNToModify' : 'uid=gfarmer, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'newnewruling' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Character Set: Postamble Step 3. User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=gfarmer,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newnewruling' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ </sequence>
+
+ </function>
+
+</stax>
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_dictionary.xml b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_dictionary.xml
new file mode 100755
index 0000000..04e0cd1
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_dictionary.xml
@@ -0,0 +1,273 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Portions Copyright 2006-2007 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="dictionary"/>
+
+ <function name="dictionary">
+
+ <sequence>
+
+ <testcase name="'Security: Pwd Validator: Dictionary: Preamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: Preamble - Admin Enabling Dictionary'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Dictionary' ,
+ 'attributeName' : 'enabled' ,
+ 'attributeValue' : 'true' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: Preamble - Admin Enabling Validator'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Dictionary,cn=Password Validators,cn=config' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Dictionary: user modifying password to string with all letters'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: user modifying password to string with all letters'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'inflict' ,
+ 'DNToModify' : 'uid=abergin, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'zymochemistry' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'zymochemistry' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Dictionary: Using Using Reverse Password'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: user modifying password to reverse word'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'inflict' ,
+ 'DNToModify' : 'uid=abergin, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sbbad' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: user binding with invalid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sbbad' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Dictionary: Disable Reverse Password'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: Enable Reverse Password'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Dictionary' ,
+ 'attributeName' : 'test-reversed-password' ,
+ 'attributeValue' : 'false' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Dictionary: Using Using Reverse Password 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: user modifying password to reverse word 2'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'inflict' ,
+ 'DNToModify' : 'uid=abergin, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sbbad' ,
+ 'changetype' : 'replace' }
+ </call>
+ <!-- Uncomment when Issue 2081 is resolved.
+ <message>
+ 'Security: Pwd Validator: Dictionary: user binding with valid password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sbbad' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+ -->
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Dictionary: Postamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Dictionary: Postamble Step 1. Admin Resetting Maximum Pwd Length'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Dictionary,cn=Password Validators,cn=config' ,
+ 'modifyType' : 'remove' }
+ </call>
+
+ <!--- User Change Password -->
+ <message>
+ 'Security: Pwd Validator: Dictionary: Postamble Step 2. User Changing Password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'inflict' ,
+ 'DNToModify' : 'uid=abergin, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'zymochemistry' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Dictionary: Postamble Step 3. User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=abergin,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'zymochemistry' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ </sequence>
+
+ </function>
+
+</stax>
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_history_based.xml b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_history_based.xml
new file mode 100755
index 0000000..c672da0
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_history_based.xml
@@ -0,0 +1,469 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Portions Copyright 2006-2007 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="history_based"/>
+
+ <function name="history_based">
+
+ <sequence>
+
+ <testcase name="'Security: Pwd Validator: History Based: Preamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: History Based: Preamble - Admin Enabling Validator'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-history-count' ,
+ 'attributeValue' : '3' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: History Based: user modifying password 1'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password 1'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprain' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprainone' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password back to old password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainone' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprain' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user binding with password 1'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainone' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: History Based: user modifying password 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password 2'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainone' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'spraintwo' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password back to old passwords'
+ </message>
+
+ <script>
+ modify_pwds = ['sprain', 'sprainone']
+ </script>
+
+ <iterate var="pwds" in="modify_pwds" indexvar="index">
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'spraintwo' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : '%s' % pwds ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+ </iterate>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user binding with password 2'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'spraintwo' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: History Based: user modifying password 3'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password 3'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'spraintwo' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprainthree' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password back to old passwords'
+ </message>
+
+ <script>
+ modify_pwds = ['sprain', 'sprainone', 'spraintwo']
+ </script>
+
+ <iterate var="pwds" in="modify_pwds" indexvar="index">
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainthree' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : '%s' % pwds ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+ </iterate>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user binding with password 3'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainthree' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: History Based: user modifying password 4'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password 4'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainthree' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprainfour' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password back to old passwords'
+ </message>
+
+ <script>
+ modify_pwds = ['sprainone', 'spraintwo', 'sprainthree']
+ </script>
+
+ <iterate var="pwds" in="modify_pwds" indexvar="index">
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainfour' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : '%s' % pwds ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+ </iterate>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password to original one'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainfour' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprain' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user binding with original password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprain' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: History Based: Modify password history duration'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: History Based: Admin modifying password history duration'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-history-duration' ,
+ 'attributeValue' : '10 s' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: History Based: user modifying password after duration'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: History Based: - Sleeping'
+ </message>
+
+ <call function="'Sleep'">
+ { 'sleepForMilliSeconds' : '15000' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user modifying password after duration'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprain' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprainone' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: user binding with password after duration'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainone' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: History Based: Postamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: History Based: Postamble Step 1. Admin resetting password history duration'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-history-duration' ,
+ 'attributeValue' : '0 d' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: Postamble Step 2. Admin resetting password history count'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-history-count' ,
+ 'attributeValue' : '0' }
+ </call>
+
+ <!--- User Change Password -->
+ <message>
+ 'Security: Pwd Validator: History Based: Postamble Step 3. user modifying password back to old passwords'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainone' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'spraintwo' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'spraintwo' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprainthree' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprainthree' ,
+ 'DNToModify' : 'uid=scarter, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'sprain' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: History Based: Postamble Step 4. User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprain' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ </sequence>
+
+ </function>
+
+</stax>
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml
index 22739eb..8f3e7ab 100755
--- a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml
@@ -61,6 +61,34 @@
<call function="'pwd_length'" />
<import machine="'%s' % STAF_LOCAL_HOSTNAME"
+ file="'%s/testcases/security/pwd_validator/security_attribute_value.xml' % (TESTS_DIR)"/>
+ <call function="'attribute_value'" />
+
+ <import machine="'%s' % STAF_LOCAL_HOSTNAME"
+ file="'%s/testcases/security/pwd_validator/security_character_set.xml' % (TESTS_DIR)"/>
+ <call function="'character_set'" />
+
+ <import machine="'%s' % STAF_LOCAL_HOSTNAME"
+ file="'%s/testcases/security/pwd_validator/security_history_based.xml' % (TESTS_DIR)"/>
+ <call function="'history_based'" />
+ <!--
+ <import machine="'%s' % STAF_LOCAL_HOSTNAME"
+ file="'%s/testcases/security/pwd_validator/security_similarity_based.xml' % (TESTS_DIR)"/>
+ <call function="'similarity_based'" />
+ -->
+ <import machine="'%s' % STAF_LOCAL_HOSTNAME"
+ file="'%s/testcases/security/pwd_validator/security_dictionary.xml' % (TESTS_DIR)"/>
+ <call function="'dictionary'" />
+
+ <import machine="'%s' % STAF_LOCAL_HOSTNAME"
+ file="'%s/testcases/security/pwd_validator/security_unique_chars.xml' % (TESTS_DIR)"/>
+ <call function="'unique_chars'" />
+
+ <import machine="'%s' % STAF_LOCAL_HOSTNAME"
+ file="'%s/testcases/security/pwd_validator/security_repeat_chars.xml' % (TESTS_DIR)"/>
+ <call function="'repeat_chars'" />
+
+ <import machine="'%s' % STAF_LOCAL_HOSTNAME"
file="'%s/testcases/security/pwd_validator/security_skip_val_for_admins.xml' % (TESTS_DIR)"/>
<call function="'skip_val_for_admins'" />
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_repeat_chars.xml b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_repeat_chars.xml
new file mode 100755
index 0000000..6ce5d3e
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_repeat_chars.xml
@@ -0,0 +1,378 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Portions Copyright 2006-2007 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="repeat_chars"/>
+
+ <function name="repeat_chars">
+
+ <sequence>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: Preamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: Admin Enabling Validator'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Repeated Characters,cn=Password Validators,cn=config' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: password with 3 repeat chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sensitive' ,
+ 'DNToModify' : 'uid=trigden, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abbbcdef' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbbcdef' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: password with 2 repeat chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sensitive' ,
+ 'DNToModify' : 'uid=trigden, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abbcdef' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbcdef' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: change maximum length'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: change maximum length'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Repeated Characters' ,
+ 'attributeName' : 'maximum-consecutive-length' ,
+ 'attributeValue' : '3' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: password with 3 repeat chars 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbcdef' ,
+ 'DNToModify' : 'uid=trigden, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abbbcdef' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbbcdef' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: reset maximum length'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: change unique chars'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Repeated Characters' ,
+ 'attributeName' : 'maximum-consecutive-length' ,
+ 'attributeValue' : '2' ,
+ 'modifyType' : 'set' }
+ </call>
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: enable case sensitive chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: enable case sensitive chars'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Repeated Characters' ,
+ 'attributeName' : 'case-sensitive-validation' ,
+ 'attributeValue' : 'true' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: password with 3 repeat chars 3'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbbcdef' ,
+ 'DNToModify' : 'uid=trigden, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abcccdef' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abcccdef' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: password with 3 case sensitive repeat chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbbcdef' ,
+ 'DNToModify' : 'uid=trigden, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abcCcdef' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abcCcdef' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Repeat Chars: Postamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: Postamble Step 1. Admin Resetting Maximum Pwd Length'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Repeated Characters,cn=Password Validators,cn=config' ,
+ 'modifyType' : 'remove' }
+ </call>
+
+ <!--- User Change Password -->
+ <message>
+ 'Security: Pwd Validator: Repeat Chars: Postamble Step 2. User Changing Password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abcCcdef' ,
+ 'DNToModify' : 'uid=trigden, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abbbcde' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: Postamble Step 3. User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=trigden,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbbcde' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ </sequence>
+
+ </function>
+
+</stax>
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_unique_chars.xml b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_unique_chars.xml
new file mode 100755
index 0000000..0e53ef1
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/security/pwd_validator/security_unique_chars.xml
@@ -0,0 +1,419 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Portions Copyright 2006-2007 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="unique_chars"/>
+
+ <function name="unique_chars">
+
+ <sequence>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: Preamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: Admin Enabling Validator'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Unique Characters,cn=Password Validators,cn=config' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: password with 3 unique chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'forsook' ,
+ 'DNToModify' : 'uid=kwinters, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abebab' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebab' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base',
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: password with 4 unique chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'forsook' ,
+ 'DNToModify' : 'uid=kwinters, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abebib' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebib' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' ,
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: password with 5 unique chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'forsook' ,
+ 'DNToModify' : 'uid=kwinters, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abebig' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebig' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: cahnge unique chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Unique Chars: change unique chars'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Unique Characters' ,
+ 'attributeName' : 'minimum-unique-characters' ,
+ 'attributeValue' : '3' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: password with 3 unique chars 2'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebig' ,
+ 'DNToModify' : 'uid=kwinters, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abebab' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebab' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: reset unique chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Unique Chars: change unique chars'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Unique Characters' ,
+ 'attributeName' : 'minimum-unique-characters' ,
+ 'attributeValue' : '5' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: enable case sensitive chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Unique Chars: enable case sensitive chars'
+ </message>
+
+ <call function="'modifyPwdValidator'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Unique Characters' ,
+ 'attributeName' : 'case-sensitive-validation' ,
+ 'attributeValue' : 'true' ,
+ 'modifyType' : 'set' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: password with 3 unique chars 3'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebab' ,
+ 'DNToModify' : 'uid=kwinters, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abbabac' ,
+ 'changetype' : 'replace' ,
+ 'expectedRC' : 53 }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abbabac' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' ,
+ 'expectedRC' : 49 }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: password with 3 unique case sensitive chars'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user modifying password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebab' ,
+ 'DNToModify' : 'uid=kwinters, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abBABac' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: user binding with new password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abBABac' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: Pwd Validator: Unique Chars: Postamble'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+ <message>
+ 'Security: Pwd Validator: Unique Chars: Postamble Step 1. Admin Resetting Maximum Pwd Length'
+ </message>
+
+ <call function="'modifyPwdPolicy'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'propertyName' : 'Default Password Policy' ,
+ 'attributeName' : 'password-validator-dn' ,
+ 'attributeValue' : 'cn=Unique Characters,cn=Password Validators,cn=config' ,
+ 'modifyType' : 'remove' }
+ </call>
+
+ <!--- User Change Password -->
+ <message>
+ 'Security: Pwd Validator: Unique Chars: Postamble Step 2. User Changing Password'
+ </message>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abBABac' ,
+ 'DNToModify' : 'uid=kwinters, ou=People, ou=password tests, o=Pwd Validator Tests, dc=example,dc=com' ,
+ 'attributeName' : 'userpassword' ,
+ 'newAttributeValue' : 'abebab' ,
+ 'changetype' : 'replace' }
+ </call>
+
+ <message>
+ 'Security: Pwd Validator: Unique Chars: Postamble Step 3. User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=kwinters,ou=people,ou=password tests,o=Pwd Validator Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'abebab' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ </sequence>
+
+ </function>
+
+</stax>
--
Gitblit v1.10.0