From 943475548357fca9cb40d4522bb6fdefdb1e952c Mon Sep 17 00:00:00 2001
From: el_kaboing <el_kaboing@localhost>
Date: Wed, 03 Jan 2007 15:11:48 +0000
Subject: [PATCH] Adding test cases for Issue 1044.
---
opends/tests/functional-tests/testcases/security/startTLS/security_force_pwd_change_startTLS.xml | 728 +++++++++++++++++++++++++++++++++
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd1.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd2.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_long.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry2.ldif | 43 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd3.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_short.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd.ldif | 29 +
opends/tests/functional-tests/testcases/security/startTLS/security_startTLS.xml | 4
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_add.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_reset.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd3.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_del_attr.ldif | 28 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_disable_max_reset_age.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_reset.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd2.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_add.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_force_pwd.ldif | 29 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry1.ldif | 43 +
opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_add_attr.ldif | 29 +
20 files changed, 1,281 insertions(+), 0 deletions(-)
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry1.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry1.ldif
new file mode 100644
index 0000000..3103d6d
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry1.ldif
@@ -0,0 +1,43 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mcat, ou=People, ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+cn: Mortimer Cat
+sn: Cat
+givenname: Mortimer
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+ou: Accounting
+ou: People
+l: Sunnyvale
+uid: mcat
+mail: mcat@example.com
+telephonenumber: +1 408 555 4798
+facsimiletelephonenumber: +1 408 555 9751
+roomnumber: 4612
+userpassword: pizza
+
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry2.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry2.ldif
new file mode 100644
index 0000000..40bdfee
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/add_entry2.ldif
@@ -0,0 +1,43 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog, ou=People, ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+cn: Mortimer Dog
+sn: Dog
+givenname: Mortimer
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+ou: Accounting
+ou: People
+l: Sunnyvale
+uid: mdog
+mail: mdog@example.com
+telephonenumber: +1 408 555 4798
+facsimiletelephonenumber: +1 408 555 9751
+roomnumber: 4612
+userpassword: pizza
+
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_add.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_add.ldif
new file mode 100644
index 0000000..4696d06
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_add.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-force-change-on-add
+ds-cfg-force-change-on-add: true
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_reset.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_reset.ldif
new file mode 100644
index 0000000..0e8266d
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_force_pwd_reset.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-force-change-on-reset
+ds-cfg-force-change-on-reset: true
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd.ldif
new file mode 100644
index 0000000..c377ac4
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+changetype: modify
+replace: userpassword
+userpassword: adminpizza
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd2.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd2.ldif
new file mode 100644
index 0000000..e0e666b
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd2.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+changetype: modify
+replace: userpassword
+userpassword: adminlongpizza
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd3.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd3.ldif
new file mode 100644
index 0000000..e9328c9
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_change_user_pwd3.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+changetype: modify
+replace: userpassword
+userpassword: adminshortpizza
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_disable_max_reset_age.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_disable_max_reset_age.ldif
new file mode 100644
index 0000000..cdfd562
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_disable_max_reset_age.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-maximum-password-reset-age
+ds-cfg-maximum-password-reset-age: 0 seconds
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_long.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_long.ldif
new file mode 100644
index 0000000..329a0f1
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_long.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-maximum-password-reset-age
+ds-cfg-maximum-password-reset-age: 30 minutes
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_short.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_short.ldif
new file mode 100644
index 0000000..c1d1ba5
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_enable_max_reset_age_short.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-maximum-password-reset-age
+ds-cfg-maximum-password-reset-age: 8 seconds
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_add.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_add.ldif
new file mode 100644
index 0000000..348b547
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_add.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-force-change-on-add
+ds-cfg-force-change-on-add: false
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_reset.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_reset.ldif
new file mode 100644
index 0000000..8516764
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/admin_reset_force_pwd_reset.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-force-change-on-reset
+ds-cfg-force-change-on-reset: false
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_add_attr.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_add_attr.ldif
new file mode 100644
index 0000000..1accb63
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_add_attr.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com
+changetype: modify
+add: pager
+pager: +1 999 555 1212
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_force_pwd.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_force_pwd.ldif
new file mode 100644
index 0000000..712d161
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_force_pwd.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mcat,ou=People,ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+changetype: modify
+replace: userpassword
+userpassword: newpizza
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd1.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd1.ldif
new file mode 100644
index 0000000..d4ad89d
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd1.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+changetype: modify
+replace: userpassword
+userpassword: newpizza
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd2.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd2.ldif
new file mode 100644
index 0000000..c87ac00
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd2.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+changetype: modify
+replace: userpassword
+userpassword: newlongpizza
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd3.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd3.ldif
new file mode 100644
index 0000000..2689d96
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_change_pwd3.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=startTLS tests, o=SSL Tests, dc=example,dc=com
+changetype: modify
+replace: userpassword
+userpassword: newshortpizza
diff --git a/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_del_attr.ldif b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_del_attr.ldif
new file mode 100644
index 0000000..ab1e226
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/startTLS/force_pwd_change/user_del_attr.ldif
@@ -0,0 +1,28 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: uid=mdog,ou=People,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com
+changetype: modify
+delete: roomnumber
diff --git a/opends/tests/functional-tests/testcases/security/startTLS/security_force_pwd_change_startTLS.xml b/opends/tests/functional-tests/testcases/security/startTLS/security_force_pwd_change_startTLS.xml
new file mode 100755
index 0000000..bc02585
--- /dev/null
+++ b/opends/tests/functional-tests/testcases/security/startTLS/security_force_pwd_change_startTLS.xml
@@ -0,0 +1,728 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "stax.dtd">
+<!---
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License"). You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at
+ * trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at
+ * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ * add the following below this CDDL HEADER, with the fields enclosed
+ * by brackets "[]" replaced with your own identifying * information:
+ * Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ *
+ *
+ * Portions Copyright 2006 Sun Microsystems, Inc.
+ -->
+<stax>
+
+ <defaultcall function="force_pwd_change_startTLS"/>
+
+ <function name="force_pwd_change_startTLS">
+
+ <sequence>
+
+ <testcase name="'Security: TLS: Preamble - Force Pwd Change On Add'">
+ <sequence>
+ <message>
+ 'Security: TLS: Preamble Step 1. Checking existence of ds-cfg-force-change-on-add'
+ </message>
+
+ <call function="'compareEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'attrToBeCompared' : 'ds-cfg-force-change-on-add:false',
+ 'entryToBeCompared' : 'cn=Default Password Policy,cn=Password Policies,cn=config' ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: Preamble Step 2. Admin Enabling Force Password On Add'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_force_pwd_add.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Add Single New User -->
+ <testcase name="'Security: TLS: Add Single New User'">
+ <sequence>
+ <message>
+ 'Security: TLS: Adding Single New User'
+ </message>
+
+ <call function="'addEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeAdded' : '%s/security/startTLS/force_pwd_change/add_entry1.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mcat,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'pizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 19 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Change Password -->
+ <testcase name="'Security: TLS: Added User Change Password'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Changing Password'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mcat,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'pizza' ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_force_pwd.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mcat,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newpizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Disable Force Password On Add -->
+ <testcase name="'Security: TLS: Postamble - Disable Force Pwd On Add'">
+ <sequence>
+ <message>
+ 'Security: TLS: Postamble Step 1. Admin Disabling Force Password On Add'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_reset_force_pwd_add.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: Postamble Step 2. Adding Single New User'
+ </message>
+
+ <call function="'addEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeAdded' : '%s/security/startTLS/force_pwd_change/add_entry2.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: Postamble Step 3. User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'pizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <testcase name="'Security: TLS: Preamble - Force Pwd Change On Reset'">
+ <sequence>
+ <message>
+ 'Security: TLS: Preamble Step 1. Checking existence of ds-cfg-force-change-on-reset'
+ </message>
+
+ <call function="'compareEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'attrToBeCompared' : 'ds-cfg-force-change-on-reset:false',
+ 'entryToBeCompared' : 'cn=Default Password Policy,cn=Password Policies,cn=config' ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: Preamble Step 2. Admin Enabling Force Password On Reset'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_force_pwd_reset.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Change User Pwd -->
+ <testcase name="'Security: TLS: Admin Reset User Pwd'">
+ <sequence>
+ <message>
+ 'Security: TLS: Admin Resetting User Pwd'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_user_pwd.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+
+ <!--- Test Case : User Search With Old Pwd -->
+ <testcase name="'Security: TLS: Old Pwd - Search'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Searching With Old Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'pizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 1 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Add With Old Pwd -->
+ <testcase name="'Security: TLS: Old Pwd - Add'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Adding Attr With Old Password'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'pizza' ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_add_attr.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 1">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: Checking For Existence of User-added Attribute'
+ </message>
+
+ <call function="'compareEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'attrToBeCompared' : 'pager:+1 999 555-1212',
+ 'entryToBeCompared' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 16 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Delete With Old Pwd -->
+ <testcase name="'Security: TLS: Old Pwd - Delete'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Deleting Attr With Old Password'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'pizza' ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_del_attr.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 1">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: Checking For Existence of User-deleted Attribute'
+ </message>
+
+ <call function="'compareEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'attrToBeCompared' : 'roomnumber:4612',
+ 'entryToBeCompared' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Delete With Old Pwd -->
+ <testcase name="'Security: TLS: Old Pwd - Compare'">
+ <sequence>
+ <message>
+ 'Security: TLS: Checking For Existence of User Attribute'
+ </message>
+
+ <call function="'compareEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'pizza' ,
+ 'attrToBeCompared' : 'l:Sunnyvale',
+ 'entryToBeCompared' : 'uid=mdog,ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com' ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 1 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Search With Assigned Pwd -->
+ <testcase name="'Security: TLS: Search With Assigned Pwd'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Searching With Assigned Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'adminpizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 19 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Change Password -->
+ <testcase name="'Security: TLS: User Change Password After Reset'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Changing Password'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'adminpizza' ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_pwd1.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: User Searching With Assigned Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'adminpizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <if expr="RC != 1">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: User Searching With New Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newpizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Enable Maximum Reset Age -->
+ <testcase name="'Security: TLS: Admin Enable Max Reset Age Long'">
+ <sequence>
+ <message>
+ 'Security: TLS: Admin Enabling Maximum Reset Age Long'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_enable_max_reset_age_long.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Change User Pwd -->
+ <testcase name="'Security: TLS: Admin Reset User Pwd - Long Reset Time'">
+ <sequence>
+ <message>
+ 'Security: TLS: Admin Changing User Pwd'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_user_pwd2.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Change Password -->
+ <testcase name="'Security: TLS: User Change Password - Long Reset Time'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Changing Password'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'adminlongpizza' ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_pwd2.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newlongpizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Enable Maxmimum Reset Age -->
+ <testcase name="'Security: TLS: Admin Enable Max Reset Age Short'">
+ <sequence>
+ <message>
+ 'Security: TLS: Admin Enabling Maximum Reset Age Short'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_enable_max_reset_age_short.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Change User Pwd -->
+ <testcase name="'Security: TLS: Admin Reset User Pwd - Short Reset Time'">
+ <sequence>
+ <message>
+ 'Security: TLS: Admin Changing User Pwd'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_user_pwd3.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : User Change Password -->
+ <testcase name="'Security: TLS: User Change Password - Short Reset Time'">
+ <sequence>
+ <message>
+ 'Security: TLS: User Change Password - Short Reset Time - Sleeping'
+ </message>
+
+ <call function="'Sleep'">
+ { 'sleepForMilliSeconds' : '12000' }
+ </call>
+
+ <message>
+ 'Security: TLS: User Changing Password'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'adminshortpizza' ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_pwd3.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 1">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: User Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'newshortpizza' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base -q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 1 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Disable Force Password On Reset -->
+ <testcase name="'Security: TLS: Postamble - Disable Force Pwd On Reset'">
+ <sequence>
+ <message>
+ 'Security: TLS: Postamble Step 1. Admin Disabling Max Pwd Age'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_disable_max_reset_age.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: TLS: Postamble Step 2. Admin Disabling Force Password On Reset'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_reset_force_pwd_reset.ldif' % STAGED_DATA_DIR ,
+ 'extraParams' : '-q -X' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <return>RC</return>
+
+ </sequence>
+
+ </function>
+
+</stax>
diff --git a/opends/tests/functional-tests/testcases/security/startTLS/security_startTLS.xml b/opends/tests/functional-tests/testcases/security/startTLS/security_startTLS.xml
index 4ec0730..0821cd2 100755
--- a/opends/tests/functional-tests/testcases/security/startTLS/security_startTLS.xml
+++ b/opends/tests/functional-tests/testcases/security/startTLS/security_startTLS.xml
@@ -77,6 +77,10 @@
<call function="'bob_startTLS'" />
<import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
+ file="'%s/testcases/security/startTLS/security_force_pwd_change_startTLS.xml' % (TESTS_DIR)"/>
+ <call function="'force_pwd_change_startTLS'" />
+
+ <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
file="'%s/testcases/security/startTLS/security_teardown_startTLS.xml' % (TESTS_DIR)"/>
<call function="'teardown_startTLS'" />
--
Gitblit v1.10.0