From ca9a15d7f7162036f1bea8b4c0216625ee72cdd6 Mon Sep 17 00:00:00 2001
From: Gary Williams <gary.williams@forgerock.com>
Date: Tue, 03 Apr 2012 11:42:59 +0000
Subject: [PATCH] Remove old password policy tests from functional test suite
---
/dev/null | 128 ------------------------------------------
opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/security.xml | 6 -
2 files changed, 2 insertions(+), 132 deletions(-)
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_disable_max_pwd_age.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_disable_max_pwd_age.xml
deleted file mode 100755
index e0d1127..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_disable_max_pwd_age.xml
+++ /dev/null
@@ -1,63 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="disable_max_pwd_age"/>
-
- <function name="disable_max_pwd_age">
-
- <sequence>
-
- <!--- Test Case : Admin Reset Max Pwd Age -->
- <testcase name="getTestCaseName('Admin Reset Max Pwd Age')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Resetting Max Pwd Age'
- </message>
-
- <call function="'modifyEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeModified' : '%s/security/pwd_policy/admin_change_max_pwd_age.ldif' % remote.data }
- </call>
-
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
-
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_enable_max_pwd_age.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_enable_max_pwd_age.xml
deleted file mode 100755
index 3d8e283..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_enable_max_pwd_age.xml
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="enable_max_pwd_age"/>
-
- <function name="enable_max_pwd_age">
-
- <sequence>
-
- <!--- Test Case : Check Existence of ds-cfg-max-password-age -->
- <testcase name="getTestCaseName('Check Existence of ds-cfg-max-password-age')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Checking existence of ds-cfg-max-password-age'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-max-password-age:0 seconds',
- 'entryToBeCompared' : 'cn=Default Password Policy,cn=Password Policies,cn=config' }
- </call>
-
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case : Admin Change Max Pwd Age -->
- <testcase name="getTestCaseName('Admin Change Max Pwd Age')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Changing Max Pwd Age'
- </message>
-
- <call function="'modifyEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeModified' : '%s/security/pwd_policy/admin_change_max_pwd_age.ldif' % remote.data }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_force_pwd_change.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_force_pwd_change.xml
deleted file mode 100755
index 84fad4b..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_force_pwd_change.xml
+++ /dev/null
@@ -1,867 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="force_pwd_change"/>
-
- <function name="force_pwd_change">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Force Password Change
- #@TestSuitePurpose Force Password Change
- #@TestSuiteGroup Force Password Change
- #@TestScript security_force_pwd_change.xml
- -->
-
- <!--- Define default value for basedn -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- basepwp = 'cn=Default Password Policy,cn=Password Policies,cn=config'
- </script>
-
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Force Pwd Change On Add
- #@TestIssue none
- #@TestPurpose Force Pwd Change On Add
- #@TestPreamble none
- #@TestStep Step 1. Checking existence of ds-cfg-force-change-on-add
- #@TestStep Step 2. Admin Enabling Force Password On Add
- #@TestPostamble none
- #@TestResult Success if the 2 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Preamble - Force Pwd Change On Add')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'Security: Pwd Change: Preamble Step 1. Chk ds-cfg-force-change-on-add exists'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-force-change-on-add:false',
- 'entryToBeCompared' : basepwp }
- </call>
-
-
- <message>
- 'Security: Pwd Change: Preamble Step 2. Admin Enabling Force Password On Add'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'force-change-on-add' ,
- 'attributeValue' : 'true' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Add Single New User
- #@TestIssue none
- #@TestPurpose Add Single New User
- #@TestPreamble none
- #@TestStep add_entry1.ldif
- #@TestStep User Searching With Password SearchObject RC 19
- #@TestPostamble none
- #@TestResult Success if the 2 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Add Single New User')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Adding Single New User'
- </message>
-
- <call function="'addEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeAdded' : '%s/security/pwd_policy/add_entry1.ldif' \
- % remote.data }
- </call>
-
- <message>
- 'Security: Pwd Change: User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mcat,%s' % basedn ,
- 'dsInstancePswd' : 'pizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 19 }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Added User changes password
- #@TestIssue none
- #@TestPurpose Added User changes password
- #@TestPreamble none
- #@TestStep User Change Password
- #@TestStep User Searching With Password SearchObject RC 0
- #@TestPostamble none
- #@TestResult Success if the 2 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Added User Change Password')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mcat,%s' % basedn ,
- 'dsInstancePswd' : 'pizza' ,
- 'dsAuthzID' : 'dn:uid=mcat,%s' % basedn ,
- 'dsNewPassword' : 'newpizza' }
- </call>
-
- <message>
- 'Security: Pwd Change: User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mcat,%s' % basedn ,
- 'dsInstancePswd' : 'newpizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Admin Disable Force Password On Add
- #@TestIssue none
- #@TestPurpose Admin Disable Force Password On Add
- #@TestPreamble none
- #@TestStep Step 1. Admin Disabling Force Password On Add
- #@TestStep Step 2. Adding Single New User add_entry2.ldif
- #@TestStep Step 3. User Searching With Password RC 0
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Postamble - Disable Force Pwd On Add')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Postamble Step 1. Admin Disabling Force Password On Add'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'force-change-on-add' ,
- 'attributeValue' : 'false' }
- </call>
-
- <message>
- 'Security: Pwd Change: Postamble Step 2. Adding Single New User'
- </message>
-
- <call function="'addEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeAdded' : '%s/security/pwd_policy/add_entry2.ldif' \
- % remote.data }
- </call>
-
-
- <message>
- 'Security: Pwd Change: Postamble Step 3. User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'pizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Force Pwd Change On Reset
- #@TestIssue none
- #@TestPurpose Force Pwd Change On Reset
- #@TestPreamble none
- #@TestStep Step 1. Checking ds-cfg-force-change-on-reset exist
- #@TestStep Step 2. Admin Enabling Force Password On Reset
- Change ds-cfg-force-change-on-reset to true
- #@TestPostamble none
- #@TestResult Success if the 2 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Preamble - Force Pwd Change On Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'Security: Pwd Change: Preamble Step 1. Chk ds-cfg-force-change-on-reset exists'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-force-change-on-reset:false',
- 'entryToBeCompared' : basepwp }
- </call>
-
- <message>
- 'Security: Pwd Change: Preamble Step 2. Admin Enabling Force Password On Reset'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'force-change-on-reset' ,
- 'attributeValue' : 'true' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Admin Reset User Pwd
- #@TestIssue none
- #@TestPurpose Admin Reset User Pwd
- #@TestPreamble none
- #@TestStep Admin Resetting User Pwd
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Admin Reset User Pwd')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Resetting User Pwd'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=mdog,%s' % basedn ,
- 'dsNewPassword' : 'adminpizza' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName User Search With Old Pwd
- #@TestIssue none
- #@TestPurpose User Search With Old Pwd
- #@TestPreamble none
- #@TestStep User Search With Old Pwd : SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Old Pwd - Search')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Searching With Old Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'pizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName User Add With Old Pwd
- #@TestIssue none
- #@TestPurpose User Add With Old Pwd
- #@TestPreamble none
- #@TestStep User Adding Attr With Old Password RC 49
- #@TestStep Checking User-added Attribute Exists RC 16
- #@TestPostamble none
- #@TestResult Success if the 2 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Old Pwd - Add')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Adding Attr With Old Password'
- </message>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'pizza' ,
- 'DNToModify' : 'uid=mdog,%s' % basedn ,
- 'attributeName' : 'pager' ,
- 'newAttributeValue' : '+1 999 555 1212' ,
- 'changetype' : 'add' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- 'Security: Pwd Change: Checking For Existence of User-added Attribute'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'pager:+1 999 555-1212',
- 'entryToBeCompared' : 'uid=mdog,%s' % basedn ,
- 'expectedRC' : 16 }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName User Delete With Old Pwd
- #@TestIssue none
- #@TestPurpose User Delete With Old Pwd
- #@TestPreamble none
- #@TestStep User Deleting Attr With Old Password RC 49
- #@TestStep Checking For Existence of User-deleted Attribute
- #@TestPostamble none
- #@TestResult Success if the 2 step are PASS
- -->
-
- <testcase name="getTestCaseName('Old Pwd - Delete')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Deleting Attr With Old Password'
- </message>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'pizza' ,
- 'DNToModify' : 'uid=mdog,%s' % basedn ,
- 'attributeName' : 'roomnumber' ,
- 'changetype' : 'delete' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- 'Security: Pwd Change: Checking For Existence of User-deleted Attribute'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'roomnumber:4612',
- 'entryToBeCompared' : 'uid=mdog,%s' % basedn , }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Old Pwd - Compare
- #@TestIssue none
- #@TestPurpose Old Pwd - Compare
- #@TestPreamble none
- #@TestStep Checking For Existence of User Attribute RC 49
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Old Pwd - Compare')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Checking For Existence of User Attribute'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'pizza' ,
- 'attrToBeCompared' : 'l:Sunnyvale',
- 'entryToBeCompared' : 'uid=mdog,%s' % basedn ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName User Search With Assigned Pwd
- #@TestIssue none
- #@TestPurpose User Search With Assigned Pwd
- #@TestPreamble none
- #@TestStep User Searching With Assigned Password RC 19
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Search With Assigned Pwd')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Searching With Assigned Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'adminpizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 19 }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName User Change Password
- #@TestIssue none
- #@TestPurpose User Change Password
- #@TestPreamble none
- #@TestStep User Changing Password after reset
- #@TestStep User Searching With Assigned Password RC 49
- #@TestStep User Searching With New Password SearchObject RC 0
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('User Change Password After Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'adminpizza' ,
- 'dsAuthzID' : 'dn:uid=mdog,%s' % basedn ,
- 'dsNewPassword' : 'newpizza' }
- </call>
-
- <message>
- 'Security: Pwd Change: User Searching With Assigned Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'adminpizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- 'Security: Pwd Change: User Searching With New Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'newpizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Admin Enable Maximum Reset Age - Long Reset Time
- #@TestIssue none
- #@TestPurpose Admin Enable Maximum Reset Age - Long Reset Time
- #@TestPreamble none
- #@TestStep Admin Enabling Maximum Reset Age - Long Reset Time
- set max-password-reset-age to 30 m
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Admin Enable Max Reset Age Long')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Enabling Maximum Reset Age Long'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'max-password-reset-age' ,
- 'attributeValue' : '30 m' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Admin Change User Pwd - Long Reset Time
- #@TestIssue none
- #@TestPurpose Admin Change User Pwd - Long Reset Time
- #@TestPreamble none
- #@TestStep Admin Changing User Pwd
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Admin Reset User Pwd - Long Reset Time')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Changing User Pwd'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=mdog,%s' % basedn ,
- 'dsNewPassword' : 'adminlongpizza' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName User Change Password - Long Reset Time
- #@TestIssue none
- #@TestPurpose User Changing Password - Long Reset Time
- #@TestPreamble none
- #@TestStep User Changing Password - Long Reset Time
- #@TestStep User Searching With Password RC 0
- #@TestPostamble none
- #@TestResult Success if the 2 steps are PASS
- -->
-
- <testcase name="getTestCaseName('User Change Password - Long Reset Time')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'adminlongpizza' ,
- 'dsAuthzID' : 'dn:uid=mdog,%s' % basedn ,
- 'dsNewPassword' : 'newlongpizza' }
- </call>
-
- <message>
- 'Security: Pwd Change: User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'newlongpizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Admin Enable Maxmimum Reset Age - Short Reset Time
- #@TestIssue none
- #@TestPurpose Admin Enable Maxmimum Reset Age - Short Reset Time
- #@TestPreamble none
- #@TestStep Admin Enable Maxmimum Reset Age Short Reset Time
- set max-password-reset-age to 8 s
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Admin Enable Max Reset Age Short')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Enabling Maximum Reset Age Short'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'max-password-reset-age' ,
- 'attributeValue' : '8 s' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Admin Change User Pwd - Short Reset Time
- #@TestIssue none
- #@TestPurpose Admin Changing User Pwd -Short Reset Time
- #@TestPreamble none
- #@TestStep Admin Changing User Pwd
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Admin Reset User Pwd - Short Reset Time')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Changing User Pwd'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=mdog,%s' % basedn ,
- 'dsNewPassword' : 'adminshortpizza' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName User Change Password -Short Reset Time
- #@TestIssue none
- #@TestPurpose User Change Password -Short Reset Time
- #@TestPreamble none
- #@TestStep User Change Password sleep 12000
- #@TestStep User Changing Password ldapPasswordModifyWithScript
- returns 49
- #@TestStep User Searching With Password SearchObject return 49
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('User Change Password - Short Reset Time')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Change Password - Short Reset Time - Sleeping'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : '12000' }
- </call>
-
- <message>
- 'Security: Pwd Change: User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'adminpizza' ,
- 'dsAuthzID' : 'dn:uid=mdog,%s' % basedn ,
- 'dsNewPassword' : 'newshortpizza' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- 'Security: Pwd Change: User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mdog,%s' % basedn ,
- 'dsInstancePswd' : 'newshortpizza' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Force Password Change
- #@TestName Admin Disable Force Password On Reset
- #@TestIssue none
- #@TestPurpose Admin Disable Force Password On Reset
- #@TestPreamble none
- #@TestStep Step 1. Admin Disabling Max Pwd Age
- set max-password-reset-age to 0 s
- #@TestStep Step 2. Admin Disabling Force Password On Reset
- set force-change-on-reset to false
- #@TestPostamble none
- #@TestResult Success if the 2 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Postamble - Disable Force Pwd On Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Postamble Step 1. Admin Disabling Max Pwd Age'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'max-password-reset-age' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
-'Security: Pwd Change: Postamble Step 2. Admin Disabling Force Pwd On Reset'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'force-change-on-reset' ,
- 'attributeValue' : 'false' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_force_pwd_change_all_users.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_force_pwd_change_all_users.xml
deleted file mode 100755
index 26dde06..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_force_pwd_change_all_users.xml
+++ /dev/null
@@ -1,322 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="force_pwd_change_all_users"/>
-
- <function name="force_pwd_change_all_users">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Force PasswordChange All Users
- #@TestSuitePurpose Force PasswordChange All Users
- #@TestSuiteGroup Force PasswordChange All Users
- #@TestScript security_force_pwd_change_all_users.xml
- -->
-
- <!--- Define default value for basedn -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- msg1 = 'get-password-changed-by-required-time'
- msg2 = 'get-seconds-until-required-change-time'
- </script>
-
-
- <!--- Test Case information
- #@TestMarker Force PasswordChange All Users
- #@TestName User Search With Password
- #@TestIssue none
- #@TestPurpose Set the Pwd Expiration Time to a past date
- #@TestPreamble none
- #@TestStep Step 1 - User Searching With Password
- #@TestStep Step 2 - Admin Enabling Exp Pwd No Warning
- set expire-passwords-without-warning to true
- #@TestStep Step 3 - Admin Setting Pwd Time Exp
- set require-change-by-time to 20061030183752.848Z
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Preamble Setup')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Preamble Step 1 - User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Pwd Change: Preamble Step 2 - Admin Enabling Exp Pwd No Warning'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'expire-passwords-without-warning' ,
- 'attributeValue' : 'true' }
- </call>
-
- <message>
- 'Security: Pwd Change: Preamble Step 3 -Admin Setting Pwd Time Exp'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'require-change-by-time' ,
- 'attributeValue' : '20061030183752.848Z' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--
- - Test Case information
- #@TestMarker Force PasswordChange All Users
- #@TestName User Search With Expired Password
- #@TestIssue none
- #@TestPurpose User Search With Expired Password
- #@TestPreamble none
- #@TestStep User Search With Expired Password RC 49
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('User Search With Exp Password')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Searching With Expired Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--
- - Test Case information
- #@TestMarker Force PasswordChange All Users
- #@TestName Admin Disable Exp Pwd No Warning
- #@TestIssue none
- #@TestPurpose Admin Disable Exp Pwd No Warning
- #@TestPreamble none
- #@TestStep Admin Disabling Exp Pwd No Warning
- set expire-passwords-without-warning to false
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Admin Disable Exp Pwd No Warning')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Disabling Exp Pwd No Warning'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'expire-passwords-without-warning' ,
- 'attributeValue' : 'false' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--
- - Test Case information
- #@TestMarker Force PasswordChange All Users
- #@TestName User Search With Expired Password 2
- #@TestIssue none
- #@TestPurpose User Search With Expired Password 2
- #@TestPreamble none
- #@TestStep User Searching With Expired Password 2
- SearchObject grep will expire
- #@TestPostamble none
- #@TestResult Success if the steps is PASS
- -->
-
- <testcase name="getTestCaseName('User Search With Exp Password 2')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: User Searching With Expired Password 2'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'will expire' }
- </call>
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- <!--
- - Test Case information
- #@TestMarker Force PasswordChange All Users
- #@TestName Admin Reset Pwd Time Exp
- #@TestIssue none
- #@TestPurpose Admin Reset Pwd Time Exp
- #@TestPreamble none
- #@TestStep Admin Resetting Pwd Time Exp
- remove require-change-by-time 20061030183752.848Z
- #@TestStep User Searching With Password SearchObject returns 0
- #@TestStep check manage-account
- get-password-changed-by-required-time
- #@TestStep Check manage-account
- get-seconds-until-required-change-time
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Postamble Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Change: Admin Resetting Pwd Time Exp'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'require-change-by-time' ,
- 'attributeValue' : '20061030183752.848Z' ,
- 'modifyType' : 'remove' }
- </call>
-
- <message>
- 'Security: Pwd Change: User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- 'Security: Pwd Change: Check manage-account %s' % msg1
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-password-changed-by-required-time' ,
- 'targetDn' : 'uid=scarter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Password Changed by Required Time:' }
- </call>
-
- <message>
- 'Security: Pwd Change: Check manage-account %s' % msg2
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-seconds-until-required-change-time' ,
- 'targetDn' : 'uid=scarter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Seconds Until Required Change Time:' }
- </call>
-
- <call function="'testCase_Postamble'"/>
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_grace_login.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_grace_login.xml
deleted file mode 100755
index 0daad67..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_grace_login.xml
+++ /dev/null
@@ -1,662 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2007-2008 Sun Microsystems, Inc.
- ! Portions Copyright 2012 ForgeRock AS
- ! -->
-<stax>
-
- <defaultcall function="grace_login"/>
-
- <function name="grace_login">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Grace Login
- #@TestSuitePurpose Test the Password Policy Grace Login
- #@TestSuiteGroup Grace Login
- #@TestScript security_grace_login.xml
- -->
-
- <!--- Define default values for test -->
- <script>
- basedn1 = 'ou=people,ou=password tests,'
- basedn = '%s o=Pwd Policy Tests,dc=example,dc=com' % basedn1
- basepwp ='cn=Default Password Policy,cn=Password Policies,cn=config'
- msg = 'Security: Grace Login:'
- msg1 = 'Password Policy DN: %s' % basepwp
- msg2 = 'Account Is Disabled: false'
- msg3 = 'Password History:'
-
- grace_login_count = 3
- </script>
-
-
- <!--- Test Case information
- #@TestMarker Grace Login
- #@TestName Admin Changing Pwd Policy Settings
- #@TestIssue none
- #@TestPurpose Admin Changing Pwd Policy Settings
- #@TestPreamble none
- #@TestStep set ds-cfg-expire-passwords-without-warning true
- ds-cfg-min-password-age 1 seconds
- ds-cfg-max-password-age 3 seconds
- ds-cfg-password-expiration-warning-interval 1 s
- ds-cfg-grace-login-count 3
- #@TestPostamble none
- #@TestResult Success if modifyAnAttribute returns 0
- -->
-
- <testcase name="getTestCaseName('Preamble, Admin Change Pwd Policy Settings')">
- <sequence>
- <call function="'testCase_Preamble'"/>
-
- <script>
- listAttrs=[]
- listAttrs.append("ds-cfg-expire-passwords-without-warning:true")
- listAttrs.append("ds-cfg-allow-expired-password-changes:true")
- listAttrs.append("ds-cfg-min-password-age:1 seconds")
- listAttrs.append("ds-cfg-max-password-age:3 seconds")
- listAttrs.append("ds-cfg-password-expiration-warning-interval:1 seconds")
- listAttrs.append("ds-cfg-grace-login-count:%s" % grace_login_count)
- </script>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Admin modifying password policy setting.' % msg }
- </call>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : basepwp ,
- 'listAttributes' : listAttrs ,
- 'changetype' : 'replace' }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Get Default Password Policy.' % msg }
- </call>
-
- <script>
- options=[]
- options.append('--policy-name "Default Password Policy"')
- dsconfigOptions=' '.join(options)
- </script>
-
- <call function="'dsconfig'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
- 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
- 'subcommand' : 'get-password-policy-prop',
- 'optionsString' : dsconfigOptions
-
- }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Grace Login
- #@TestName Admin Changing min password age beyond limit
- #@TestIssue 2032
- #@TestPurpose Testing issue 2032
- #@TestPreamble none
- #@TestStep Change Pwd Policy min password age beyond limit
- set ds-cfg-min-password-age 10 seconds
- ds-cfg-max-password-age 3 seconds
- ds-cfg-password-expiration-warning-interval 1 s
- #@TestPostamble none
- #@TestResult Success if modifyAnAttribute returns 53
- -->
-
- <testcase name="getTestCaseName
- ('Preamble, Admin Change min pwd age beyond limit')">
- <sequence>
- <call function="'testCase_Preamble'"/>
-
- <script>
- listAttrs=[]
- listAttrs.append("ds-cfg-min-password-age:10 seconds")
- listAttrs.append("ds-cfg-max-password-age:3 seconds")
- listAttrs.append("ds-cfg-password-expiration-warning-interval:1 seconds")
- </script>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
- </call>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : basepwp ,
- 'listAttributes' : listAttrs ,
- 'changetype' : 'replace' ,
- 'expectedRC' : 53 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Grace Login
- #@TestName Admin Changing min password age to limit
- #@TestIssue 2032
- #@TestPurpose Testing issue 2032
- #@TestPreamble none
- #@TestStep Change Pwd Policy min password age to limit
- set ds-cfg-min-password-age 2 seconds
- ds-cfg-max-password-age 3 seconds
- ds-cfg-password-expiration-warning-interval 1 s
- #@TestPostamble none
- #@TestResult Success if modifyAnAttribute returns 53
- -->
-
- <testcase name="getTestCaseName('Preamble, Admin Change min pwd age to limit')">
- <sequence>
- <call function="'testCase_Preamble'"/>
-
- <script>
- listAttrs=[]
- listAttrs.append("ds-cfg-min-password-age:2 seconds")
- listAttrs.append("ds-cfg-max-password-age:3 seconds")
- listAttrs.append("ds-cfg-password-expiration-warning-interval:1 seconds")
- </script>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
- </call>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : basepwp ,
- 'listAttributes' : listAttrs ,
- 'changetype' : 'replace' ,
- 'expectedRC' : 53 }
- </call>
-
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Grace Login
- #@TestName Admin Changing expire warning interval beyond limit
- #@TestIssue 2032
- #@TestPurpose Testing issue 2032
- #@TestPreamble none
- #@TestStep Change Pwd Pol expire warning interval beyond limit
- set ds-cfg-min-password-age 1 seconds
- ds-cfg-max-password-age 3 seconds
- ds-cfg-password-expiration-warning-interval 10 s
- #@TestPostamble none
- #@TestResult Success if modifyAnAttribute returns 53
- -->
-
- <testcase name="getTestCaseName
- ('Preamble, Admin Change expire warning interval beyond limit')">
- <sequence>
- <call function="'testCase_Preamble'"/>
-
- <script>
- listAttrs=[]
- listAttrs.append("ds-cfg-min-password-age:1 seconds")
- listAttrs.append("ds-cfg-max-password-age:3 seconds")
- listAttrs.append("ds-cfg-password-expiration-warning-interval:10 seconds")
- </script>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
- </call>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : basepwp ,
- 'listAttributes' : listAttrs ,
- 'changetype' : 'replace' ,
- 'expectedRC' : 53 }
- </call>
-
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Grace Login
- #@TestName Search Bad Pwd 4x
- #@TestIssue none
- #@TestPurpose Search Bad Pwd 4x
- #@TestPreamble none
- #@TestStep Pause 2 seconds
- #@TestStep Verify grace login use times with manage-account
- #@TestStep Search Bind 1 SearchObject returns 19
- #@TestStep Verify remaining grace login with manage-account
- #@TestStep Verify grace login use times with manage-account
- #@TestStep Search Bind 2 SearchObject returns 19
- #@TestStep Verify remaining grace login with manage-account
- #@TestStep Search Bind 3 SearchObject returns 49
- #@TestStep Verify remaining grace login with manage-account
- #@TestStep Search Bind 4 SearchObject returns 49
- #@TestStep Verify remaining grace login with manage-account
- #@TestStep Verify manage-account get-all
- #@TestPostamble none
- #@TestResult Success if all the steps are PASS
- -->
-
- <testcase name="getTestCaseName('Search Bad Pwd 4x')">
- <sequence>
- <call function="'testCase_Preamble'"/>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Get Default Password Policy.' % msg }
- </call>
-
- <script>
- options=[]
- options.append('--policy-name "Default Password Policy"')
- dsconfigOptions=' '.join(options)
- </script>
-
- <call function="'dsconfig'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
- 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
- 'subcommand' : 'get-password-policy-prop',
- 'optionsString' : dsconfigOptions
-
- }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Pause 2 seconds.' % msg }
- </call>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : '2000' }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Verify remaining grace login count with manage-account ' % msg }
- </call>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-remaining-grace-login-count' ,
- 'targetDn' : 'uid=btalbot,%s' % basedn }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Verify grace login use times with manage-account ' % msg }
- </call>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-grace-login-use-times' ,
- 'targetDn' : 'uid=btalbot,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Grace Login Use Times:' }
- </call>
-
- <!-- The password has expired, entering grace login period -->
- <script>
- remaining_grace_login_count = 2
- </script>
- <loop from="1" to="grace_login_count" var="loop">
-
- <sequence>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Search Bind %s' % (msg,loop) }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=btalbot,%s' % basedn ,
- 'dsInstancePswd' : 'trident',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 19 }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Verify remaining grace login count.' % msg }
- </call>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-remaining-grace-login-count' ,
- 'targetDn' : 'uid=btalbot,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Remaining Grace Login Count: %s' % remaining_grace_login_count }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Verify grace login use times.' % msg }
- </call>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-grace-login-use-times' ,
- 'targetDn' : 'uid=btalbot,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <!-- TODO: WTF -->
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Grace Login Use Times: 20' }
- </call>
-
- <script>
- remaining_grace_login_count -= 1
- </script>
-
- </sequence>
- </loop>
-
-
- <!-- The password has expired, no grace logins remaining -->
- <call function="'testStep'">
- { 'stepMessage' : '%s Search Bind 4' % msg }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=btalbot,%s' % basedn ,
- 'dsInstancePswd' : 'trident',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Verify remaining grace login with manage-account' % msg }
- </call>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-remaining-grace-login-count' ,
- 'targetDn' : 'uid=btalbot,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Remaining Grace Login Count: 0' }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Verify manage-account get-all' % msg }
- </call>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-all' ,
- 'targetDn' : 'uid=btalbot,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : msg1 ,
- 'expectedString' : msg2 ,
- 'expectedString' : msg3 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Grace Login
- #@TestName Reset Pwd
- #@TestIssue none
- #@TestPurpose Reset Pwd
- #@TestPreamble none
- #@TestStep Search Bind 1 SearchObject returns 19
- #@TestStep User resetting password
- #@TestStep Admin reset max password age set
- max-password-age to 24 h
- #@TestStep Search Bind 2 SearchObject returns 0
- #@TestStep Search Bind 2 SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Pwd')">
- <sequence>
- <call function="'testCase_Preamble'"/>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Reset Pwd, Search Bind 1' % msg }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
- 'dsInstancePswd' : 'forsook',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 19 }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Reset Pwd, User resetting password' % msg }
- </call>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
- 'dsInstancePswd' : 'forsook' ,
- 'dsAuthzID' : 'dn:uid=kwinters,%s' % basedn ,
- 'dsNewPassword' : 'newforsook' ,
- 'knownIssue' : '3249' }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Reset Pwd, Admin reset max password age' % msg }
- </call>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'max-password-age' ,
- 'attributeValue' : '24 h' }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Reset Pwd, Search Bind 2' % msg }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
- 'dsInstancePswd' : 'newforsook',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Reset Pwd, Search Bind 3' % msg }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
- 'dsInstancePswd' : 'newforsook',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Grace Login
- #@TestName Admin Resetting Pwd Policy Settings
- #@TestIssue none
- #@TestPurpose Admin Resetting Pwd Policy Settings
- #@TestPreamble none
- #@TestStep set ds-cfg-expire-passwords-without-warning to
- false ds-cfg-max-password-age 0 seconds
- ds-cfg-min-password-age 0 seconds
- ds-cfg-password-expiration-warning-interval 5 d
- ds-cfg-grace-login-count 0
- #@TestPostamble none
- #@TestResult Success if modifyAnAttribute returns 0
- -->
-
- <testcase name="getTestCaseName('Postamble, Admin Reset Pwd Policy Settings')">
- <sequence>
- <call function="'testCase_Preamble'"/>
-
- <script>
- listAttrs=[]
- listAttrs.append("ds-cfg-expire-passwords-without-warning:false")
- listAttrs.append("ds-cfg-allow-expired-password-changes:false")
- listAttrs.append("ds-cfg-max-password-age:0 seconds")
- listAttrs.append("ds-cfg-min-password-age:0 seconds")
- listAttrs.append("ds-cfg-password-expiration-warning-interval:5 d")
- listAttrs.append("ds-cfg-grace-login-count:0")
- </script>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Admin resetting password policy settings.' % msg }
- </call>
-
- <call function="'modifyAnAttribute'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'DNToModify' : basepwp ,
- 'listAttributes' : listAttrs ,
- 'changetype' : 'replace' }
- </call>
-
- <call function="'testStep'">
- { 'stepMessage' : '%s Get Default Password Policy.' % msg }
- </call>
-
- <script>
- options=[]
- options.append('--policy-name "Default Password Policy"')
- dsconfigOptions=' '.join(options)
- </script>
-
- <call function="'dsconfig'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
- 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
- 'subcommand' : 'get-password-policy-prop',
- 'optionsString' : dsconfigOptions
-
- }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_last_login.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_last_login.xml
deleted file mode 100755
index 2444634..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_last_login.xml
+++ /dev/null
@@ -1,1797 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="last_login"/>
-
- <function name="last_login">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Last Login
- #@TestSuitePurpose Test Password Policy for Last Login
- #@TestSuiteGroup Last Login
- #@TestScript security_last_login.xml
- -->
-
- <!--- Define default value for basedn -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- basepwp = 'cn=Default Password Policy,cn=Password Policies,cn=config'
- msg1 = 'Security: Last Login:'
- msg2 = 'Long Idle Lockout'
- msg3 = 'Admin Changing Idle Lockout Interval'
- msg4 = 'Password Change Override Step'
- msg5 = 'User Bind Reset Step'
- msg6 = 'User Binding Before Idle Lockout'
- msg7 = 'User Binding After Idle Lockout'
- </script>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Check for ds-cfg-idle-lockout-interval
- #@TestIssue none
- #@TestPurpose Check for ds-cfg-idle-lockout-interval
- #@TestPreamble none
- #@TestStep Checking existence of
- ds-cfg-idle-lockout-interval with value set 0
- #@TestPostamble none
- #@TestResult Success if compareEntry returns 0
- -->
-
- <testcase name="getTestCaseName('Preamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Preamble - Checking existence of ds-cfg-idle-lockout-interval' % msg1
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-idle-lockout-interval:0 seconds',
- 'entryToBeCompared' : basepwp }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin enable last login attribute only
- #@TestIssue none
- #@TestPurpose Admin enable last login attribute only
- #@TestPreamble none
- #@TestStep Admin Enable Last Login Attribute Only
- modifyPwdPolicy set last-login-time-attribute
- to ds-pwp-last-login-time
- #@TestStep User Binding With Password returns 0
- #@TestStep Checking for Absence of Last Login Time
- SearchObject attribute ds-pwp-last-login-time
- returns 0 checktestStringNotPresent
- ds-pwp-last-login-time
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Admin Enable Last Login Attr Only')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Last Login: Admin Enable Last Login Attribute Only'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-attribute' ,
- 'attributeValue' : 'ds-pwp-last-login-time' }
- </call>
-
- <message>
- 'Security: Last Login: User Binding With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- 'Security: Last Login: Checking for Absence of Last Login Time'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsBaseDN' : 'uid=jreuter,%s' % basedn ,
- 'dsFilter' : 'objectclass=*' ,
- 'attributes' : 'ds-pwp-last-login-time' }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestStringNotPresent'">
- { 'returnString' : returnString ,
- 'testString' : 'ds-pwp-last-login-time' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin enable last login format only
- #@TestIssue none
- #@TestPurpose Admin enable last login format only
- #@TestPreamble none
- #@TestStep Admin Disable Last Login Attribute Only set
- last-login-time-attribute to reset
- #@TestStep Admin Enable Last Login Format Only set
- last-login-time-format to EEE, MMM dd,
- yyyy HH:mm:ss
- #@TestStep User Binding With Password returns 0
- #@TestStep Checking for Absence of Last Login Time
- SearchObject attribute ds-pwp-last-login-time
- checktestStringNotPresent ds-pwp-last-login-time
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Admin Enable Last Login Format Only')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Last Login: Admin Disable Last Login Attribute Only'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-attribute' ,
- 'modifyType' : 'reset' }
- </call>
-
- <message>
- 'Security: Last Login: Admin Enable Last Login Format Only'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-format' ,
- 'attributeValue' : 'EEE, MMM dd, yyyy HH:mm:ss' }
- </call>
-
- <message>
- 'Security: Last Login: User Binding With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- 'Security: Last Login: Checking for Absence of Last Login Time'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsBaseDN' : 'uid=jreuter,%s' % basedn ,
- 'dsFilter' : 'objectclass=*' ,
- 'attributes' : 'ds-pwp-last-login-time' }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestStringNotPresent'">
- { 'returnString' : returnString ,
- 'testString' : 'ds-pwp-last-login-time' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin enable both last login attribute and format
- #@TestIssue none
- #@TestPurpose Admin enable both last login attribute and format
- #@TestPreamble none
- #@TestStep Admin Enable Last Login Attribute And Format
- set last-login-time-attribute to
- ds-pwp-last-login-time
- #@TestStep User Binding With Password returns 0
- #@TestStep Check manage-account get-last-login-time
- #@TestStep Checking for Absence of Last Login Time
- SearchObject ds-pwp-last-login-time returns 0
- checktestString ds-pwp-last-login-time
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Admin Enable Last Login Attr And Format')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Last Login: Admin Enable Last Login Attribute And Format'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-attribute' ,
- 'attributeValue' : 'ds-pwp-last-login-time' }
- </call>
-
- <message>
- 'Security: Last Login: User Binding With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- '%s Check manage-account get-last-login-time' % msg1
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-last-login-time' ,
- 'targetDn' : 'uid=jreuter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Last Login Time: 2' }
- </call>
-
- <message>
- 'Security: Last Login: Checking for Absence of Last Login Time'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsBaseDN' : 'uid=jreuter,%s' % basedn ,
- 'dsFilter' : 'objectclass=*' ,
- 'attributes' : 'ds-pwp-last-login-time' }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'ds-pwp-last-login-time' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Long Idle Lockout Interval
- #@TestIssue none
- #@TestPurpose Long Idle Lockout Interval
- #@TestPreamble none
- #@TestStep Step 1. Check User Bind returns 0
- #@TestStep Step 2. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 3. User Binding Before Idle Lockout
- SearchObject returns 0
- #@TestStep Step 4. Sleep sleepForMilliSeconds 60000
- #@TestStep Step 5. User Binding After Idle Lockout
- SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Last Login: Long Idle Lockout Step 1. Check User Bind'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
-'%s Long Idle Lockout Step 2. Admin Changing Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s Long Idle Lockout Step 3. User Binding Before Idle Lockout' % msg1
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Long Idle Lockout Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
-
- <message>
-'%s Long Idle Lockout Step 5. User Binding After Idle Lockout' % msg1
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin Reset Idle Lockout Interval 1
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval 1
- #@TestPreamble none
- #@TestStep Step 1. set idle-lockout-interval to 0 s
- #@TestStep Step 2. User Binding SearchObject returns 0
- #@TestStep Step 3. Sleep sleepForMilliSeconds 60000
- #@TestStep Step 4. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 4 tests are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Idle Lockout')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Reset Idle Lockout Step 1. Admin Resetting Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 2. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 3. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 4. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Password Change Override
- #@TestIssue none
- #@TestPurpose Password Change Override
- #@TestPreamble none
- #@TestStep Step 1. Check User Bind SearchObject returns 0
- #@TestStep Step 2. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 3. User Binding Before Idle Lockout
- SearchObject returns 0
- #@TestStep Step 4. Check get-seconds-until-idle-lockout
- #@TestStep Step 5. Sleep sleepForMilliSeconds 30000
- #@TestStep Step 6. User Changing Password
- #@TestStep Step 7. Sleep sleepForMilliSeconds to 30000
- #@TestStep Step 8. User Binding After Idle Lockout
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 8 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout - Pwd Change Override')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s, %s - Password Change Override Step 1. Check User Bind' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
-'%s, %s - Password Change Override Step 2. %s' % (msg1,msg2,msg3)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s, %s - %s Step 3. User Binding Before Idle Lockout' % (msg1,msg2,msg4)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'destroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
-'%s, %s - %s Step 4. Check get-seconds-until-idle-lockout' % (msg1,msg2,msg4)
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-seconds-until-idle-lockout' ,
- 'targetDn' : 'uid=jreuter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Seconds Until Idle Account Lockout: ' }
- </call>
-
-
- <message>
- 'Security: Last Login: Long Idle Lockout Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 30000 }
- </call>
-
-
- <message>
-'%s, %s - Password Change Override Step 5. User Changing Password' % (msg1,msg2)
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=jreuter,%s' % basedn ,
- 'dsNewPassword' : 'newdestroy' }
- </call>
-
- <message>
- 'Security: Last Login: Long Idle Lockout Step 6. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 30000 }
- </call>
-
- <message>
-'%s Long Idle Lockout Step 7. User Binding After Idle Lockout' % msg1
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin Reset Idle Lockout Interval 2
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval 2
- #@TestPreamble none
- #@TestStep Step 1. Admin Resetting Idle Lockout Interval
- set idle-lockout-interval to 0
- #@TestStep Step 2. User Binding SearchObject returns 0
- #@TestStep Step 3. Sleep sleepForMilliSeconds 60000
- #@TestStep Step 4. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Idle Lockout 2')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Reset Idle Lockout 2 Step 1. Admin Resetting Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout 2 Step 2. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout 2 Step 3. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout 2 Step 4. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName User Bind Reset Last Login Time
- #@TestIssue none
- #@TestPurpose User Bind Reset Last Login Time
- #@TestPreamble none
- #@TestStep Step 1. Check User Bind SearchObject returns 0
- #@TestStep Step 2. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 3. User Binding Before Idle Lockout
- SearchObject returns 0
- #@TestStep Step 4. Sleep sleepForMilliSeconds 30000
- #@TestStep Step 5. User Bind To Reset Last Login Time
- SearchObject returns 0
- #@TestStep Step 6. Sleep sleepForMilliSeconds 30000
- #@TestStep Step 7. User Binding After Idle Lockout
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 7 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout - User Bind Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Long Idle Lockout - User Bind Reset Step 1. Check User Bind' % msg1
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
-'%s, %s - User Bind Reset Step 2. %s' % (msg1,msg2,msg3)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s, %s - %s 3. User Binding Before Idle Lockout' % (msg1,msg2,msg5)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Long Idle Lockout - User Bind Reset Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 30000 }
- </call>
-
- <message>
-'%s, %s - %s 5. User Bind To Reset Last Login Time' % (msg1,msg2,msg5)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Long Idle Lockout - User Bind Reset Step 6. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 30000 }
- </call>
-
- <message>
-'%s, %s - User Bind Reset Step 7. User Binding After Idle Lockout' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin Reset Idle Lockout Interval 3
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval 3
- #@TestPreamble none
- #@TestStep Step 1. Admin Resetting Idle Lockout Interval
- set idle-lockout-interval to 0
- #@TestStep Step 2. User Binding SearchObject returns 0
- #@TestStep Step 3. Sleep sleepForMilliSeconds 60000
- #@TestStep Step 4. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Idle Lockout 3')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Reset Idle Lockout Step 1. Admin Resetting Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 2. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 3. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 4. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Long Idle Lockout Interval
- #@TestIssue none
- #@TestPurpose Long Idle Lockout Interval
- #@TestPreamble none
- #@TestStep Step 1. Disable Last Login set
- last-login-time-attribute to reset
- #@TestStep Step 2. Check User Bind SearchObject returns 0
- #@TestStep Step 3. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 4. User Binding SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout - Disabled Last Login')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s, %s - Disabled Last Login Step 1. Disable Last Login' % (msg1,msg2)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-attribute' ,
- 'modifyType' : 'reset' }
- </call>
-
- <message>
-'%s, %s - Disabled Last Login Step 2. Check User Bind' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
-'%s, %s - Disabled Last Login Step 3. %s' % (msg1,msg2,msg3)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s, %s - Disabled Last Login Step 4. User Binding' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin Reset Idle Lockout Interval 4
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval 4
- #@TestPreamble none
- #@TestStep Step 1. Enable Last Login Attribute set
- last-login-time-attribute to ds-pwp-last-login-time
- #@TestStep Step 2. Admin Resetting Idle Lockout Interval
- set idllockout-interval to 0 s
- #@TestStep Step 3. User Binding SearchObject returns 0
- #@TestStep Step 4. Sleep sleepForMilliSeconds 60000
- #@TestStep Step 5. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Idle Lockout 4')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'Security: Last Login: Reset Idle Lockout Step 1. Enable Last Login - Attribute'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-attribute' ,
- 'attributeValue' : 'ds-pwp-last-login-time' }
- </call>
-
- <message>
-'%s Reset Idle Lockout Step 2. Admin Resetting Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 3. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 5. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Long Idle Lockout Interval Disabled Last Login 2
- #@TestIssue none
- #@TestPurpose Long Idle Lockout Interval Disabled Last Login 2
- #@TestPreamble none
- #@TestStep Step 1. Disable Last Login set
- last-login-time-format to reset
- #@TestStep Step 2. Check User Bind SearchObject returns 0
- #@TestStep Step 3. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 4. User Binding SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout - Disabled Last Login 2')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s, %s - Disabled Last Login 2 Step 1. Disable Last Login' % (msg1,msg2)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-format' ,
- 'modifyType' : 'reset' }
- </call>
-
- <message>
-'%s, %s - Disabled Last Login 2 Step 2. Check User Bind' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
-'%s, %s - Disabled Last Login 2 Step 3. %s' % (msg1,msg2,msg3)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s, %s - Disabled Last Login 2 Step 4. User Binding' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin Reset Idle Lockout Interval 5
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval 5
- #@TestPreamble none
- #@TestStep Step 1. Enable Last Login Attribute set
- last-login-time-format to EEE, MMM dd,
- yyyy HH:mm:ss
- #@TestStep Step 2. Admin Resetting Idle Lockout Interval
- set idle-lockout-interval to 0 s
- #@TestStep Step 3. User Binding SearchObject returns 0
- #@TestStep Step 4. Sleep sleepForMilliSeconds to 60000
- #@TestStep Step 5. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Idle Lockout 5')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'Security: Last Login: Reset Idle Lockout Step 1. Enable Last Login - Attribute'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-format' ,
- 'attributeValue' : 'EEE, MMM dd, yyyy HH:mm:ss' }
- </call>
-
- <message>
-'%s Reset Idle Lockout Step 2. Admin Resetting Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 3. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 5. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Long Idle Lockout Interval - Repeat
- #@TestIssue none
- #@TestPurpose Long Idle Lockout Interval - Repeat
- #@TestPreamble none
- #@TestStep Step 1. Check User Bind SearchObject returns 0
- #@TestStep Step 2. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 3. User Binding Before Idle Lockout
- SearchObject returns 0
- #@TestStep Step 4. Sleep sleepForMilliSeconds to 60000
- #@TestStep Step 5. User Binding After Idle Lockout
- SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout - Repeat')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Last Login: Long Idle Lockout Step 1. Check User Bind'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
-'%s, %s Step 2. Admin Changing Idle Lockout Interval' % (msg1,msg2)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s, %s Step 3. User Binding Before Idle Lockout' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Long Idle Lockout Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
-
- <message>
-'%s, %s Step 5. User Binding After Idle Lockout' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin Reset Idle Lockout Interval 6
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval 6
- #@TestPreamble none
- #@TestStep Step 1. Admin Resetting Idle Lockout Interval
- set idle-lockout-interval to 0 s
- #@TestStep Step 2. User Binding SearchObject returns 0
- #@TestStep Step 3. Sleep sleepForMilliSeconds to 60000
- #@TestStep Step 4. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Idle Lockout 6')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Reset Idle Lockout Step 1. Admin Resetting Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 2. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 3. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 4. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Long Idle Lockout Interval - Pwd Change Override 2
- #@TestIssue none
- #@TestPurpose Long Idle Lockout Interval - Pwd Change Override 2
- SearchObject returns 0
- #@TestPreamble none
- #@TestStep Step 1. Check User Bind SearchObject returns 0
- #@TestStep Step 2. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 3. User Binding Before Idle Lockout
- SearchObject returns 0
- #@TestStep Step 4. Sleep sleepForMilliSeconds to 60000
- #@TestStep Step 5. User Changing Password
- #@TestStep Step 6. User Binding After Idle Lockout
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 6 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout - Pwd Change Override 2')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s, %s - Pwd Change Override 2 Step 1. Check User Bind' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
-'%s, %s - Pwd Change Override 2 Step 2. %s' % (msg1,msg2,msg3)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s, %s - Pwd Change Override 2 Step 3. %s' % (msg1,msg2,msg6)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'newdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
-'Security: Last Login: Long Idle Lockout - Pwd Change Override 2 Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
- <message>
-'%s, %s - Pwd Change Override 2 Step 5. User Changing Password' % (msg1,msg2)
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=jreuter,%s' % basedn ,
- 'dsNewPassword' : 'anotherdestroy' }
- </call>
-
- <message>
-'%s, %s - Pwd Change Override 2 Step 6. %s' % (msg1,msg2,msg7)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'anotherdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Admin Reset Idle Lockout Interval 7
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval 7
- #@TestPreamble none
- #@TestStep Step 1. Admin Resetting Idle Lockout Interval
- set idle-lockout-interval to 0 s
- #@TestStep Step 2. User Binding SearchObject returns 0
- #@TestStep Step 3. Sleep sleepForMilliSeconds 60000
- #@TestStep Step 4. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Reset Idle Lockout 7')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Reset Idle Lockout Step 1. Admin Resetting Idle Lockout Interval' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 2. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'anotherdestroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 3. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
-
- <message>
- 'Security: Last Login: Reset Idle Lockout Step 4. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'anotherdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Long Idle Lockout - Pwd Change Override 3
- #@TestIssue none
- #@TestPurpose Long Idle Lockout - Pwd Change Override 3
- #@TestPreamble none
- #@TestStep Step 1. Disable Last Login set
- last-login-time-format to reset
- #@TestStep Step 2. Check User Bind SearchObject returns 0
- #@TestStep Step 3. Admin Changing Idle Lockout Interval
- set idle-lockout-interval to 50 s
- #@TestStep Step 4. User Binding Before Idle Lockout
- SearchObject returns 49
- #@TestStep Step 5. Admin Changing Password
- #@TestStep Step 6. User Binding After Admin Pwd Change
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 6 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Idle Lockout - Pwd Change Override 3')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Long Idle Lockout - Pwd Change Override 3 Step 1. Disable Last Login' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-format' ,
- 'modifyType' : 'reset' }
- </call>
-
- <message>
-'%s, %s - Pwd Change Override 3 Step 2. Check User Bind' % (msg1,msg2)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'anotherdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
-'%s, %s - Pwd Change Override 3 Step 3. %s' % (msg1,msg2,msg3)
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '50 s' }
- </call>
-
- <message>
-'%s, %s - Pwd Change Override 3 Step 4. %s' % (msg1,msg2,msg6)
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'anotherdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
-'%s, %s - Pwd Change Override 3 Step 5. Admin Changing Password' % (msg1,msg2)
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=jreuter,%s' % basedn ,
- 'dsNewPassword' : 'lastdestroy' }
- </call>
-
- <message>
-'%s Pwd Override 3 Step 6. User Binding After Admin Pwd Change' % msg1
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'lastdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Last Login
- #@TestName Postamble Admin Reset Idle Lockout Interval
- #@TestIssue none
- #@TestPurpose Admin Reset Idle Lockout Interval
- #@TestPreamble none
- #@TestStep Step 1. Admin Resetting Idle Lockout Interval
- set idle-lockout-interval' to 0 s
- #@TestStep Step 2. Admin Disabling Last Login Time
- Attribute last-login-time-attribute to reset
- #@TestStep Step 3. User Binding SearchObject returns 0
- #@TestStep Step 4. Sleep sleepForMilliSeconds 60000
- #@TestStep Step 5. User Binding SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Postamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'Security: Last Login: Postamble Step 1. Admin Resetting Idle Lockout Interval'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'idle-lockout-interval' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
-'%s Postamble Step 2. Admin Disabling Last Login Time Attribute' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'last-login-time-attribute' ,
- 'modifyType' : 'reset' }
- </call>
-
- <message>
- 'Security: Last Login: Postamble Step 3. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'lastdestroy',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
-
- <message>
- 'Security: Last Login: Postamble Step 4. Sleep'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : 60000 }
- </call>
-
-
- <message>
- 'Security: Last Login: Postamble Step 5. User Binding'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=jreuter,%s' % basedn ,
- 'dsInstancePswd' : 'lastdestroy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_lockout_duration.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_lockout_duration.xml
deleted file mode 100755
index f6795d3..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_lockout_duration.xml
+++ /dev/null
@@ -1,532 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2010 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="lockout_duration"/>
-
- <function name="lockout_duration">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Lockout Duration
- #@TestSuitePurpose Test Lockout Duration in Password Policy
- #@TestSuiteGroup Lockout Duration
- #@TestScript security_lockout_duration.xml
- -->
-
- <!--- Define default value for basedn -->
- <script>
- basedn1 = 'ou=people,ou=password tests,'
- basedn = '%s o=Pwd Policy Tests,dc=example,dc=com' % basedn1
- pwp = 'cn=Default Password Policy,cn=Password Policies,cn=config'
- msg = 'Security: Lockout Duration:'
- msg1 = 'Security: Lockout Duration: Preamble'
- msg2 = 'Security: Lockout Duration: Short Lockout Duration'
- msg3 = 'get-seconds-until-password-reset-lockout'
- msg4 = 'Security: Lockout Duration: Long Lockout Duration'
- </script>
-
-
- <!--- Test Case information
- #@TestMarker Lockout Duration
- #@TestName Preamble
- #@TestIssue none
- #@TestPurpose Preamble
- #@TestPreamble none
- #@TestStep Step 1. Checking existence of
- ds-cfg-lockout-duration compareEntry returns 0
- #@TestStep Step 2. Admin Changing Lockout Count
- set lockout-failure-count to 3
- #@TestStep Step 3. User Lockout With Bad Pwd 3x
- SearchObject returns 49 (3x with bad,
- 1x with correct one)
- #@TestStep Step 4. Admin Resetting User Pwd
- #@TestStep Step 5. User Bind With New Password
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
-
- <testcase name="getTestCaseName('Preamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- '%s Step 1. Checking existence of ds-cfg-lockout-duration' % msg1
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-lockout-duration:0 seconds',
- 'entryToBeCompared' : pwp }
- </call>
-
- <message>
- '%s Step 2. Admin Changing Lockout Count' % msg1
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'lockout-failure-count' ,
- 'attributeValue' : '3' }
- </call>
-
- <message>
- '%s Step 3. User Lockout With Bad Pwd 3x' % msg1
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad', 'normal']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <message>
- '%s Preamble Step 4. Admin Resetting User Pwd' % msg1
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
- 'dsNewPassword' : 'adminnormal' }
- </call>
-
- <message>
- '%s Step 5. User Bind With New Password' % msg1
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
- 'dsInstancePswd' : 'adminnormal' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Lockout Duration
- #@TestName Admin Change Lockout Duration
- #@TestIssue none
- #@TestPurpose Admin making Lockout Duration Short
- #@TestPreamble none
- #@TestStep set lockout-duration to 5 s
- #@TestPostamble none
- #@TestResult Success if the 5 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Make Lockout Duration Short')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- '%s Admin Making Lockout Duration Short' % msg
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'lockout-duration' ,
- 'attributeValue' : '10 s' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Lockout Duration
- #@TestName Testing Lockout Duration Short
- #@TestIssue none
- #@TestPurpose Testing Lockout Duration Short
- #@TestPreamble none
- #@TestStep Step 1. User Lockout with Bad Pwd 3x
- SearchObject returns 49 (3x with bad,
- 1x with correct one)
- Sleeping sleepForMilliSeconds 8000
- #@TestStep Step 2. User Changing Password returns 0
- #@TestStep Step 3. Admin Resetting User Pwd
- #@TestStep Step 4. User Bind With New Password
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Short Lockout Duration')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- '%s Step 1. User Lockout With Bad Pwd 3x' % msg2
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad', 'adminnormal']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <message>
- 'Security: Lockout Duration: Short Lockout Duration - Sleeping'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : '8000' }
- </call>
-
- <message>
- '%s Step 2. User Changing Password' % msg2
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
- 'dsInstancePswd' : 'adminnormal' ,
- 'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
- 'dsNewPassword' : 'newnormal' }
- </call>
-
- <message>
- '%s Step 3. User Bind With New Password' % msg2
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
- 'dsInstancePswd' : 'newnormal' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Lockout Duration
- #@TestName Admin Change Lockout Duration
- #@TestIssue none
- #@TestPurpose Admin making Lockout Duration Long
- #@TestPreamble none
- #@TestStep set lockout-duration to 5 days
- #@TestStep Check manage-account
- get-seconds-until-password-reset-lockout
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Make Lockout Duration Long')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- '%s Admin Making Lockout Duration Long' % msg
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'lockout-duration' ,
- 'attributeValue' : '5 d' }
- </call>
-
- <message>
- '%s Check manage-account %s' % (msg,msg3)
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : msg3 ,
- 'targetDn' : 'uid=scarter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Seconds Until Password Reset Lockout:' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
-
- <!--- Test Case information
- #@TestMarker Lockout Duration
- #@TestName Testing Lockout Duration Long
- #@TestIssue none
- #@TestPurpose Testing Lockout Duration Long
- #@TestPreamble none
- #@TestStep Step 1. User Initial Bind returns 0
- #@TestStep Step 2. User Lockout with Bad Pwd 3x
- SearchObject returns 49 (3x with bad,
- 1x with correct one)
- Sleeping sleepForMilliSeconds 8000
- #@TestStep Step 3. User Changing Password returns 49
- #@TestStep Step 4. User Bind With New Password
- SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Long Lockout Duration')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- '%s Long Lockout Duration Step 1. User Initial Bind' % msg
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
- 'dsInstancePswd' : 'strawberry' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- '%s Step 2. User Lockout With Bad Pwd 3x' % msg4
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad', 'strawberry']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <message>
- 'Security: Lockout Duration: Long Lockout Duration - Sleeping'
- </message>
-
- <call function="'Sleep'">
- { 'sleepForMilliSeconds' : '8000' }
- </call>
-
- <message>
- '%s Step 3. User Changing Password' % msg4
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
- 'dsInstancePswd' : 'strawberry' ,
- 'dsAuthzID' : 'dn:uid=bjablons,%s' % basedn ,
- 'dsNewPassword' : 'newberry' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- '%s Step 4. User Bind With New Password' % msg4
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
- 'dsInstancePswd' : 'newberry' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
-
- <!--- Test Case information
- #@TestMarker Lockout Duration
- #@TestName Postamble
- #@TestIssue none
- #@TestPurpose Postamble
- #@TestPreamble none
- #@TestStep Step 1. Admin resetting Lockout Duration to 0
- #@TestStep Step 2. User Lockout with Bad Pwd 3x
- SearchObject returns 49 (3x with bad,
- 1x with correct one)
- Sleeping sleepForMilliSeconds 8000
- #@TestStep Step 3. User Changing Password returns 0
- #@TestStep Step 4. User Bind With New Password
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the 4 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Postamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- '%s Postamble Step 1. Admin Resetting Lockout Duration' % msg
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'lockout-duration' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- '%s Postamble Step 2. User Lockout With Bad Pwd 3x' % msg
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad', 'newnormal']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <message>
- '%s Postamble Step 3. Admin Resetting User Pwd' % msg
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
- 'dsNewPassword' : 'normal' }
- </call>
-
- <message>
- '%s Postamble Step 4. User Bind With New Password' % msg
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
- 'dsInstancePswd' : 'normal' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- '%s Postamble Step 5. Admin Resetting Lockout Count' % msg
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'lockout-failure-count' ,
- 'attributeValue' : '0' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_lockout_fail_cnt.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_lockout_fail_cnt.xml
deleted file mode 100755
index 4eaed07..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_lockout_fail_cnt.xml
+++ /dev/null
@@ -1,346 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="lockout_fail_cnt"/>
-
- <function name="lockout_fail_cnt">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Lockout Failure Count
- #@TestSuitePurpose Test the password Policy Lockout Failure Count
- #@TestSuiteGroup Lockout Failure Count
- #@TestScript security_lockout_fail_cnt.xml
- -->
-
- <!--- Define default value for basedn,basepwp, msg -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- basepwp = 'cn=Default Password Policy,cn=Password Policies,cn=config'
- msg = 'Security: Lockout Fail Cnt:'
- msg1 = 'get-remaining-authentication-failure-count'
- msg2 = 'Remaining Authentication Failure Count:'
- </script>
-
- <!--- Test Case information
- #@TestMarker Lockout Failure Count
- #@TestName Test Preamble
- #@TestIssue none
- #@TestPurpose Check Default value ds-cfg-lockout-failure-count
- #@TestPreamble none
- #@TestStep Step 1. Check for existence of
- ds-cfg-lockout-failure-count and value is 0
- #@TestStep Step 2. Default Bind With Bad Pwd 3x RC 49
- then User search with good password returns 0
- #@TestStep Step 3. check manage-account
- get-remaining-authentication-failure-count
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Preamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Preamble Step 1. Check for existence of ds-cfg-lockout-failure-count' % msg
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-lockout-failure-count:0',
- 'entryToBeCompared' : basepwp }
- </call>
-
- <message>
- '%s Preamble Step 2. Default Bind With Bad Pwd 3x' % msg
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
- 'dsInstancePswd' : 'oranges',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- '%s Preamble Step 3. Check manage-account %s' % (msg,msg1)
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : msg1 ,
- 'targetDn' : 'uid=bhall,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : msg2 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Lockout Failure Count
- #@TestName Admin Change Lockout Count
- #@TestIssue none
- #@TestPurpose Admin Change Lockout Count
- #@TestPreamble none
- #@TestStep Admin Changing Lockout Count set
- lockout-failure-count to 3
- #@TestStep check manage-account
- get-remaining-authentication-failure-count
- #@TestPostamble none
- #@TestResult Success if all tests are PASS
- -->
-
- <testcase name="getTestCaseName('Admin Change Lockout Cnt')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Lockout Fail Cnt: Admin Changing Lockout Count'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'lockout-failure-count' ,
- 'attributeValue' : '3' }
- </call>
-
- <message>
- '%s Check manage-account %s' % (msg,msg1)
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : msg1 ,
- 'targetDn' : 'uid=bhall,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : '%s 3' % msg2 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Lockout Failure Count
- #@TestName Lockout With Bad Pwd 3x
- #@TestIssue none
- #@TestPurpose Lockout With Bad Pwd 3x
- #@TestPreamble none
- #@TestStep Lockout With Bad Pwd 3x SearchObject RC 49 3x
- #@TestStep check manage-account
- get-remaining-authentication-failure-count
- #@TestPostamble none
- #@TestResult Success if all tests are PASS
- -->
-
- <testcase name="getTestCaseName('Lockout With Bad Pwd 3x')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- '%s Lockout With Bad Pwd 3x' % msg
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad', 'oranges']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <message>
- '%s Check manage-account %s' % (msg,msg1)
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : msg1 ,
- 'targetDn' : 'uid=bhall,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : '%s 0' % msg2 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Lockout Failure Count
- #@TestName Postamble Reset
- #@TestIssue none
- #@TestPurpose Reseting the Password policy and verify it
- #@TestPreamble none
- #@TestStep Step 1. Admin Resetting Lockout Fail Count
- set lockout-failure-count to 0
- #@TestStep Step 2. Check Bind With Previous User Lockout RC 0
- #@TestStep Step 3. Check Bind With Bad Pwd 3x RC 49 3x
- then User search with good password returns 0
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Postamble Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s Postamble Reset: Step 1. Admin Resetting Lockout Fail Count' % msg
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'lockout-failure-count' ,
- 'attributeValue' : '0' }
- </call>
-
- <message>
-'%s Postamble Step 2. Check Bind With Previous User Lockout' % msg
- </message>
-
- <!--- Check Lockouted User -->
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
- 'dsInstancePswd' : 'oranges' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <message>
- '%s Postamble Step 3. Check Bind With Bad Pwd 3x' % msg
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=gfarmer,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base',
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=gfarmer,%s' % basedn ,
- 'dsInstancePswd' : 'ruling',
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base'}
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_min_pwd_age.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_min_pwd_age.xml
deleted file mode 100755
index 01f0ab8..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_min_pwd_age.xml
+++ /dev/null
@@ -1,246 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="min_pwd_age"/>
-
- <function name="min_pwd_age">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Minimum Password Age
- #@TestSuitePurpose Test the Password Policy Minimum Password Age
- #@TestSuiteGroup Minimum Password Age
- #@TestScript security_min_pwd_age.xml
- -->
-
- <!--- Define default value for basedn -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- </script>
-
- <!--- Test Case information
- #@TestMarker Minimum Password Age
- #@TestName Test Preamble
- #@TestIssue none
- #@TestPurpose Checking existence of ds-cfg-min-password-age
- #@TestPreamble none
- #@TestStep Checking existence of ds-cfg-min-password-age
- #@TestPostamble none
- #@TestResult Success if compareEntry returns 0.
- -->
-
- <testcase name="getTestCaseName('Preamble Check')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Min Pwd Age: Preamble Check: Checking existence of ds-cfg-min-password-age'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-min-password-age:0 seconds',
- 'entryToBeCompared' : 'cn=Default Password Policy,cn=Password Policies,cn=config' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Minimum Password Age
- #@TestName Test Minimum Password Age
- #@TestIssue none
- #@TestPurpose Test Minimum Password Age
- #@TestPreamble none
- #@TestStep Step 1. Admin Enabling Minimum Pwd Age
- set min-password-age to 24 h
- #@TestStep Step 2. User Changing Password
- ldapPasswordModifyWithScript returns 53
- #@TestStep Step 3. User Searching With Password
- SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the 3 steps are PASS
- -->
-
- <testcase name="getTestCaseName('Test')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Min Pwd Age: Test: Step 1. Admin Enabling Minimum Pwd Age'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'min-password-age' ,
- 'attributeValue' : '24 h' }
- </call>
-
- <!--- User Change Password -->
- <message>
- 'Security: Min Pwd Age: Test: Step 2. User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=dmiller,%s' % basedn ,
- 'dsInstancePswd' : 'gosling' ,
- 'dsAuthzID' : 'dn:uid=dmiller,%s' % basedn ,
- 'dsNewPassword' : 'newgosling' ,
- 'expectedRC' : 53 }
- </call>
-
- <!--- User Search With Password -->
- <message>
- 'Security: Min Pwd Age: Test: Step 3. User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=dmiller,%s' % basedn ,
- 'dsInstancePswd' : 'newgosling' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
-
- <!--- Test Case information
- #@TestMarker Minimum Password Age
- #@TestName Postamble Reset
- #@TestIssue none
- #@TestPurpose Reseting the password Policy
- #@TestPreamble none
- #@TestStep Step 1. Admin Disabling Minimum Pwd Age
- set min-password-age to 0 s
- #@TestStep Step 2. User Changing Password RC 0
- #@TestStep Step 3. User Searching With Password RC 0
- #@TestStep Step 4. User Changing Password RC 0
- #@TestStep Step 5. User Searching With Password RC 0
- #@TestPostamble none
- #@TestResult Success if returns 0.
- -->
-
- <testcase name="getTestCaseName('Postamble Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Min Pwd Age: Postamble Reset: Step 1. Admin Disabling Minimum Pwd Age'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'min-password-age' ,
- 'attributeValue' : '0 s' }
- </call>
-
- <message>
- 'Security: Min Pwd Age: Postamble Reset: Step 2. User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=dmiller,%s' % basedn ,
- 'dsInstancePswd' : 'gosling' ,
- 'dsAuthzID' : 'dn:uid=dmiller,%s' % basedn ,
- 'dsNewPassword' : 'newgosling' }
- </call>
-
- <!--- User Search With Password -->
- <message>
- 'Security: Min Pwd Age: Postamble Reset: Step 3. User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=dmiller,%s' % basedn ,
- 'dsInstancePswd' : 'newgosling' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <!--- User Change Password -->
- <message>
- 'Security: Min Pwd Age: Postamble Reset: Step 4. User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=dmiller,%s' % basedn ,
- 'dsInstancePswd' : 'newgosling' ,
- 'dsAuthzID' : 'dn:uid=dmiller,%s' % basedn ,
- 'dsNewPassword' : 'gosling' }
- </call>
-
- <!--- User Search With Password -->
- <message>
- 'Security: Min Pwd Age: Postamble Reset: Step 5. User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=dmiller,%s' % basedn ,
- 'dsInstancePswd' : 'gosling' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_mult_pwd_policies.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_mult_pwd_policies.xml
deleted file mode 100755
index 92fa120..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_mult_pwd_policies.xml
+++ /dev/null
@@ -1,342 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! Portions copyright 2011 ForgeRock AS.
- ! -->
-<stax>
-
- <defaultcall function="mult_pwd_policies"/>
-
- <function name="mult_pwd_policies">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Multiple Password Policies
- #@TestSuitePurpose Test Multiple Password Policies
- #@TestSuiteGroup Multiple Password Policies
- #@TestScript security_mult_pwd_policies.xml
- -->
-
- <!--- Define default value for basedn, msg1, msg2 -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- msg1 = 'default-password-storage-scheme:Salted SHA-1'
- msg2 = 'password-attribute:userPassword'
- </script>
-
-
- <!--- Test Case information
- #@TestMarker Multiple Password Policies
- #@TestName Add New Password Policy
- #@TestIssue none
- #@TestPurpose Preamble - Add Sales Password Policy
- #@TestPreamble none
- #@TestStep with dsconfig create-password-policy Sales
- Password Policy and set
- default-password-storage-schemeSalted SHA-1
- #@TestPostamble none
- #@TestResult Success if dsconfig returns 0
- -->
-
- <testcase name="getTestCaseName('Preamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Mult Pwd Policies: Preamble - Add Sales Password Policy'
- </message>
-
- <call function="'dsconfig'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'create-password-policy' ,
- 'objectType' : 'policy-name' ,
- 'objectName' : 'Sales Password Policy',
- 'optionsString' : '--type password-policy --set "%s" --set %s' % (msg1,msg2),
- 'expectedRC' : 0 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Multiple Password Policies
- #@TestName Adding New Entry With Sales Password Policy
- #@TestIssue none
- #@TestPurpose Adding New Entry With Sales Password Policy
- #@TestPreamble none
- #@TestStep addEntry add_sales_person.ldif
- SearchObject with uid=sguy returns 0
- SearchObject with uid=sgal eturns 0
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
- <testcase name="getTestCaseName('Add New Entry')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Mult Pwd Policies: Adding New Entry With Sales Password Policy'
- </message>
-
- <call function="'addEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeAdded' : '%s/security/pwd_policy/add_sales_person.ldif' \
- % remote.data }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=sguy,%s' % basedn ,
- 'dsInstancePswd' : 'superguy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=sgal,%s' % basedn ,
- 'dsInstancePswd' : 'supergal' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Multiple Password Policies
- #@TestName Modify Sales Pwd Policy
- #@TestIssue none
- #@TestPurpose Admin Changing Sales Lockout Count
- #@TestPreamble none
- #@TestStep Admin Changing Sales Lockout Count
- modifyPwdPolicy for Sales Password Policy
- set lockout-failure-count to 3
- #@TestPostamble none
- #@TestResult Success if modifyPwdPolicy returns 0
- -->
-
- <testcase name="getTestCaseName('Modify Sales Pwd Policy')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Mult Pwd Policies: Admin Changing Sales Lockout Count'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Sales Password Policy' ,
- 'attributeName' : 'lockout-failure-count' ,
- 'attributeValue' : '3' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
-
- <!--- Test Case information
- #@TestMarker Multiple Password Policies
- #@TestName Test Sales Password Policy
- #@TestIssue none
- #@TestPurpose Test Sales Password Policy
- #@TestPreamble none
- #@TestStep Testing Sales Pwd Policy with Lockout Count
- search with bad pwd 3x good pwd 1x
- SearchObject returns 49 4x
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
-
- <testcase name="getTestCaseName('Test Sales Pwd Policy')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Mult Pwd Policies: Testing Sales Pwd Policy with Lockout Count'
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad', 'superguy']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=sguy,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Multiple Password Policies
- #@TestName Testing Default Pwd Policy with Lockout Count
- #@TestIssue none
- #@TestPurpose Testing Default Pwd Policy with Lockout Count
- #@TestPreamble none
- #@TestStep Testing Default Pwd Policy with Lockout Count
- search with bad pwd 3x good pwd 1x
- SearchObject returns 49 3x
- SearchObject returns 0 1x
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
-
- <testcase name="getTestCaseName('Test Default Pwd Policy')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Mult Pwd Policies: Testing Default Pwd Policy with Lockout Count'
- </message>
-
- <script>
- search_pwds = ['bad', 'bad', 'bad']
- </script>
-
- <iterate var="pwds" in="search_pwds" indexvar="index">
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=tclow,%s' % basedn ,
- 'dsInstancePswd' : '%s' % pwds ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
- </iterate>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=tclow,%s' % basedn ,
- 'dsInstancePswd' : 'cardreader' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Multiple Password Policies
- #@TestName Delete Sales Pwd Policy
- #@TestIssue none
- #@TestPurpose Admin Deleting Sales Lockout Count
- #@TestPreamble none
- #@TestStep Admin Deleting Sales Lockout Count
- dsconfig delete Sales Password Policy
- #@TestPostamble none
- #@TestResult Success if dsconfig returns 0
- -->
-
- <testcase name="getTestCaseName('Delete Sales Pwd Policy')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Mult Pwd Policies: Admin Deleting Sales Lockout Count'
- </message>
-
- <call function="'dsconfig'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'delete-password-policy' ,
- 'objectType' : 'policy-name' ,
- 'objectName' : 'Sales Password Policy',
- 'expectedRC' : 0 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Multiple Password Policies
- #@TestName Test Sales Pwd Policy after Remove
- #@TestIssue none
- #@TestPurpose Test Sales Pwd Policy after Remove
- #@TestPreamble none
- #@TestStep Testing Sales Pwd Policy after removing it
- #@TestPostamble none
- #@TestResult Success if SearchObject returns 80 (Other)
- -->
-
- <testcase name="getTestCaseName('Test Sales Pwd Policy 2')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Mult Pwd Policies: Testing Sales Pwd Policy with Lockout Count'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=sgal,%s' % basedn ,
- 'dsInstancePswd' : 'supergal' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 80 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_preencoded_pwds.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_preencoded_pwds.xml
deleted file mode 100755
index 0a2ecb5..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_preencoded_pwds.xml
+++ /dev/null
@@ -1,253 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="preencoded_pwds"/>
-
- <function name="preencoded_pwds">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Preencoded Passwords
- #@TestSuitePurpose Test Preencoded Passwords in Password Policy
- #@TestSuiteGroup Preencoded Passwords
- #@TestScript security_preencoded_pwds.xml
- -->
-
- <!--- Define default value for basedn -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- basepwp = 'cn=Default Password Policy,cn=Password Policies,cn=config'
- msg1 = 'Security: Preencoded Pwds: Preamble'
- </script>
-
-
- <!--- Test Case information
- #@TestMarker Preencoded Passwords
- #@TestName Preamble Check Default
- #@TestIssue none
- #@TestPurpose Preamble Check Default
- #@TestPreamble none
- #@TestStep Check for existence of
- ds-cfg-allow-pre-encoded-passwords
- and value is set to false
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
-
- <testcase name="getTestCaseName('Preamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
-'%s - Check for existence of ds-cfg-allow-pre-encoded-passwords' % msg1
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-allow-pre-encoded-passwords:false',
- 'entryToBeCompared': basepwp }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Preencoded Passwords
- #@TestName Add Entry With Pre-encoded Password
- #@TestIssue none
- #@TestPurpose Adding New Entry With a Pre-encoded Password
- #@TestPreamble none
- #@TestStep addEntry add_entry_preencoded_pwd.ldif RC 53
- SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
-
- <testcase name="getTestCaseName('Default - Add New Entry')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Preencoded Pwds: Adding New Entry With a Pre-encoded Password'
- </message>
-
- <call function="'addEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeAdded' : '%s/security/pwd_policy/add_entry_preencoded_pwd.ldif' \
- % remote.data ,
- 'expectedRC' : 53 }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=pguy,%s' % basedn ,
- 'dsInstancePswd' : 'superguy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Preencoded Passwords
- #@TestName Enable Pre-encoded Passwords in pwd policy
- #@TestIssue none
- #@TestPurpose Admin Enabling Preencoded Pwds
- #@TestPreamble none
- #@TestStep set allow-pre-encoded-passwords to true
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
-
- <testcase name="getTestCaseName('Enable Preencoded Pwds')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Preencoded Pwds: Admin Enabling Preencoded Pwds'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'allow-pre-encoded-passwords' ,
- 'attributeValue' : 'true' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Preencoded Passwords
- #@TestName Test Enabled Pre-encoded Passwords
- #@TestIssue none
- #@TestPurpose Test Enabled Pre-encoded Passwords
- #@TestPreamble none
- #@TestStep addEntry add_entry_preencoded_pwd.ldif RC 0
- SearchObject returns 0
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
-
- <testcase name="getTestCaseName('Enabled - Add New Entry')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Preencoded Pwds: Add New Entry With Pre-encoded Password'
- </message>
-
- <call function="'addEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeAdded' : '%s/security/pwd_policy/add_entry_preencoded_pwd.ldif' \
- % remote.data }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=pguy,%s' % basedn ,
- 'dsInstancePswd' : 'superguy' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker Preencoded Passwords
- #@TestName Disable Pre-encoded Passwords
- #@TestIssue none
- #@TestPurpose Admin Disabling Pre-encoded Passwords
- #@TestPreamble none
- #@TestStep Disable Pre-encoded Passwordds 0
- SearchObject returns 49
- #@TestPostamble none
- #@TestResult Success if the test is PASS
- -->
-
- <testcase name="getTestCaseName('Disable Preencoded Pwds')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Preencoded Pwds: Admin Disabling Pre-encoded Pwds'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'allow-pre-encoded-passwords' ,
- 'attributeValue' : 'false' }
- </call>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=pgal,%s' % basedn ,
- 'dsInstancePswd' : 'supergal' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_pwd_policy.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_pwd_policy.xml
deleted file mode 100755
index 89a735d..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_pwd_policy.xml
+++ /dev/null
@@ -1,115 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2009 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="security_pwd_policy"/>
-
- <function name="security_pwd_policy" scope="local">
-
- <sequence>
-
- <block name="'pwd_policy'">
-
- <try>
-
- <sequence>
-
- <script>
- CurrentTestPath['group']='security'
- CurrentTestPath['suite']=STAXCurrentBlock
- _group=CurrentTestPath['group']
- _suite='pwd_policy'
- </script>
-
- <call function="'testSuite_Preamble'"/>
-
- <call function="'common_setup'">
- {
- 'quickStart' : True ,
- 'startServer' : True ,
- 'stopServer' : False
- }
- </call>
-
- <script>
- testList = []
- testList.append('setup_pwd_policy')
- testList.append('user_pwd_policy')
- testList.append('force_pwd_change')
- testList.append('force_pwd_change_all_users')
-# DISABLED testList.append('enable_max_pwd_age')
-# DISABLED testList.append('disable_max_pwd_age')
- testList.append('min_pwd_age')
- testList.append('lockout_fail_cnt')
- testList.append('grace_login')
- testList.append('mult_pwd_policies')
- testList.append('preencoded_pwds')
- testList.append('lockout_duration')
- testList.append('last_login')
- testList.append('teardown_pwd_policy')
- </script>
-
- <iterate var="_test" in="testList">
- <sequence>
-
- <import machine="STAF_LOCAL_HOSTNAME"
- file="'%s/testcases/%s/%s/security_%s.xml' % (TESTS_DIR,_group,_suite,_test)"/>
- <call function="'%s' % _test" />
-
- </sequence>
- </iterate>
-
- </sequence>
-
- <finally>
- <sequence>
- <!-- Test Suite Cleanup -->
- <message>'Finally: Global Password Policy Cleanup.'</message>
- <try>
- <call function="'common_cleanup'" />
- <catch exception="'STAFException'">
- <sequence>
- <message log="1" level="'fatal'">'Cleanup of test suite failed.'</message>
- </sequence>
- </catch>
- <finally>
- <call function="'testSuite_Postamble'"/>
- </finally>
- </try>
- </sequence>
- </finally>
-
- </try>
-
- </block>
-
- </sequence>
-
- </function>
-
-</stax>
\ No newline at end of file
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_setup_pwd_policy.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_setup_pwd_policy.xml
deleted file mode 100755
index 0af00ab..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_setup_pwd_policy.xml
+++ /dev/null
@@ -1,81 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="setup_pwd_policy"/>
-
- <function name="setup_pwd_policy">
-
- <sequence>
-
-
- <!--- Test Suite information
- #@TestSuiteName setup Password Policy
- #@TestSuitePurpose Setup for the Password Policy test suite.
- #@TestSuiteGroup setup Password Policy
- #@TestScript security_setup_pwd_policy.xml
- -->
-
- <!--- Test Case information
- #@TestMarker setup Password Policy
- #@TestName setup: Add Initials Entries
- #@TestIssue none
- #@TestPurpose Add the initial entries necessary to the
- test suite.
- #@TestPreamble none
- #@TestStep Add pwd_policy_startup.ldif.
- #@TestPostamble none
- #@TestResult Success if addEntry returns 0.
- -->
-
- <testcase name="getTestCaseName('Add Initial Entries')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: Adding Initial Entries'
- </message>
-
- <call function="'addEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeAdded' : '%s/security/pwd_policy/pwd_policy_startup.ldif'\
- % remote.data }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_teardown_pwd_policy.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_teardown_pwd_policy.xml
deleted file mode 100755
index 1e83071..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_teardown_pwd_policy.xml
+++ /dev/null
@@ -1,79 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="teardown_pwd_policy"/>
-
- <function name="teardown_pwd_policy">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName Teardown
- #@TestSuitePurpose Test Teardown in Password Policy
- #@TestSuiteGroup Teardown
- #@TestScript security_lockout_duration.xml
- -->
-
- <!--- Test Case information
- #@TestMarker Teardown
- #@TestName Delete Branch
- #@TestIssue none
- #@TestPurpose Delete Branch
- #@TestPreamble none
- #@TestStep DeleteEntry -x o=Pwd Policy Tests
- #@TestPostamble none
- #@TestResult Success if the step is PASS
- -->
-
- <testcase name="getTestCaseName('Postamble Reset')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: Postamble - Deleting Branch'
- </message>
-
- <call function="'DeleteEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsBaseDN' : 'o=Pwd Policy Tests,dc=example,dc=com' ,
- 'extraParams' : '-x'}
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_user_pwd_policy.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_user_pwd_policy.xml
deleted file mode 100755
index bc9026d..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy/security_user_pwd_policy.xml
+++ /dev/null
@@ -1,445 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2006-2008 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="user_pwd_policy"/>
-
- <function name="user_pwd_policy">
-
- <sequence>
-
- <!--- Test Suite information
- #@TestSuiteName User Password Policy
- #@TestSuitePurpose User Password Policy
- #@TestSuiteGroup User Password Policy
- #@TestScript security_user_pwd_policy.xml
- -->
-
- <!--- Define default value for basedn -->
- <script>
- basedn = 'ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com'
- basepwp = 'cn=Default Password Policy,cn=Password Policies,cn=config'
- msg = 'Security: Pwd Policy:'
- </script>
-
- <!--- Test Case information
- #@TestMarker User Password Policy
- #@TestName Check ds-cfg-allow-user-password-changes
- #@TestIssue none
- #@TestPurpose Checking existence of
- ds-cfg-allow-user-password-changes behavior tests
- #@TestPreamble none
- #@TestStep Check ds-cfg-allow-user-password-changes
- #@TestStep Check the output of the command.
- #@TestPostamble none
- #@TestResult Success if compareEntry returns 0 and the
- output is correct.
- -->
- <testcase name="getTestCaseName('Preamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: Check of ds-cfg-allow-user-password-changes'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-allow-user-password-changes:true',
- 'entryToBeCompared' : basepwp }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
-
- <!--- Test Case information
- #@TestMarker User Password Policy
- #@TestName Check User Search With Password
- #@TestIssue none
- #@TestPurpose Check User Search With Password
- #@TestPreamble none
- #@TestStep Check User Search With Password
- #@TestStep Check the output of the command.
- #@TestPostamble none
- #@TestResult Success if SearchObject returns 0
- -->
-
- <testcase name="getTestCaseName('User Search')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: User Searching With Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker User Password Policy
- #@TestName Check User Search With Bad Password
- #@TestIssue none
- #@TestPurpose Check User Search With Bad Password
- #@TestPreamble none
- #@TestStep Check User Search With Bad Password
- #@TestPostamble none
- #@TestResult Success if SearchObject returns 49
- -->
- <testcase name="getTestCaseName('User Search With Bad Password')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: User Searching With Bad Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'newsprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker User Password Policy
- #@TestName User With Bad Credentials Change Password
- #@TestIssue none
- #@TestPurpose Check User Search With Bad Credentials
- #@TestPreamble none
- #@TestStep Check User Search With Bad Credentials
- #@TestPostamble none
- #@TestResult Success if ldapPasswordModifyWithScript returns 49
- -->
- <testcase name="getTestCaseName('User With Bad Credentials Change Password')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: User with Bad Credentials Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'BadPwd' ,
- 'dsAuthzID' : 'dn:uid=scarter,%s' % basedn ,
- 'dsNewPassword' : 'newsprain' ,
- 'expectedRC' : 49 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker User Password Policy
- #@TestName User Change Password
- #@TestIssue none
- #@TestPurpose User Change Password
- #@TestPreamble none
- #@TestStep Step 1 User Change Password
- #@TestStep Step 2 User Searching With Old Password
- #@TestStep Step 3 User Searching With New Password
- #@TestPostamble none
- #@TestResult Success if SearchObject returns 0
- -->
- <testcase name="getTestCaseName('User Change Password')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: Step 1 User Changing Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsAuthzID' : 'dn:uid=scarter,%s' % basedn ,
- 'dsNewPassword' : 'newsprain' ,
- }
- </call>
-
- <message>
- 'Security: Pwd Policy: Step 2 User Searching With Old Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- 'Security: Pwd Policy: Step 3 User Searching With New Password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'newsprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker User Password Policy
- #@TestName Admin Change Password Policy
- #@TestIssue none
- #@TestPurpose Admin Change Password Policy
- #@TestPreamble none
- #@TestStep Step 1 Modify the Password Policy by setting
- allow-user-password-changes to false
- #@TestStep Step 2 User resetting password should fail (49)
- #@TestStep Step 3 Check manage-account get-password-is-reset
- #@TestPostamble none
- #@TestResult Success if ldapPasswordModifyWithScript returns 49
- -->
-
- <testcase name="getTestCaseName('Admin Change Password Policy')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: Step 1 Admin Changing Password Policy'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'allow-user-password-changes' ,
- 'attributeValue' : 'false' }
- </call>
-
- <message>
- 'Security: Pwd Policy: Step 2 User Resetting Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsAuthzID' : 'dn:uid=scarter,%s' % basedn ,
- 'dsNewPassword' : 'sprain' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- '%s Step 3 Check manage-account get-password-is-reset' % msg
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-password-is-reset' ,
- 'targetDn' : 'uid=scarter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Password Is Reset: false' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Test Case information
- #@TestMarker User Password Policy
- #@TestName Admin Reset Password Policy
- #@TestIssue none
- #@TestPurpose Admin Reset Password Policy
- #@TestPreamble none
- #@TestStep Step 1 - Admin Resetting Password Policy
- set allow-user-password-changes to true
- #@TestStep Step 2 - User Resetting Password
- #@TestStep Step 3 - Check manage-account
- get-password-is-reset
- #@TestStep Step 4 - check manage-account
- get-password-changed-time
- #@TestStep Step 5 - User Searching With Old Password
- #@TestStep Step 6 - User Searching With New Password
- #@TestPostamble none
- #@TestResult Success if SearchObject returns 0.
- -->
- <testcase name="getTestCaseName('Postamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy: Postamble Step 1 - Admin Resetting Password Policy'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Default Password Policy' ,
- 'attributeName' : 'allow-user-password-changes' ,
- 'attributeValue' : 'true' }
- </call>
-
- <message>
- 'Security: Pwd Policy: Postamble Step 2 - User Resetting Password'
- </message>
-
- <call function="'ldapPasswordModifyWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'newsprain' ,
- 'dsAuthzID' : 'dn:uid=scarter,%s' % basedn ,
- 'dsNewPassword' : 'sprain' ,
- }
- </call>
-
- <message>
- '%s Step 3 Check manage-account get-password-is-reset' % msg
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-password-is-reset' ,
- 'targetDn' : 'uid=scarter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Password Is Reset: false' }
- </call>
-
- <message>
- '%s Step 4 Check manage-account get-password-changed-time' % msg
- </message>
-
- <call function="'manageAccountWithScript'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'subcommand' : 'get-password-changed-time' ,
- 'targetDn' : 'uid=scarter,%s' % basedn }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'Password Changed Time: 2' }
- </call>
-
- <message>
- '%s Postamble Step 5 - User Searching With Old Password' % msg
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'newsprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' ,
- 'expectedRC' : 49 }
- </call>
-
- <message>
- '%s Postamble Step 6 - User Searching With New Password' % msg
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
- 'dsInstancePswd' : 'sprain' ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-s base' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_pwd_policy_root.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_pwd_policy_root.xml
deleted file mode 100755
index 2af005e..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_pwd_policy_root.xml
+++ /dev/null
@@ -1,103 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2008-2009 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="security_pwd_policy_root"/>
-
- <function name="security_pwd_policy_root" scope="local">
-
- <sequence>
-
- <block name="'pwd_policy_root'">
-
- <try>
-
- <sequence>
-
- <script>
- CurrentTestPath['group']='security'
- CurrentTestPath['suite']=STAXCurrentBlock
- _group=CurrentTestPath['group']
- _suite='pwd_policy_root'
- </script>
-
- <call function="'testSuite_Preamble'"/>
-
- <call function="'common_setup'">
- {
- 'quickStart' : True ,
- 'startServer' : True ,
- 'stopServer' : False
- }
- </call>
-
- <script>
- testList = []
- testList.append('root_user_tests')
- testList.append('root_auth')
- </script>
-
- <iterate var="_test" in="testList">
- <sequence>
-
- <import machine="STAF_LOCAL_HOSTNAME"
- file="'%s/testcases/%s/%s/security_%s.xml' % (TESTS_DIR,_group,_suite,_test)"/>
- <call function="'%s' % _test" />
-
- </sequence>
- </iterate>
-
- </sequence>
-
- <finally>
- <sequence>
- <!-- Test Suite Cleanup -->
- <message>'Finally: Global Start TLS Cleanup.'</message>
- <try>
- <call function="'common_cleanup'" />
- <catch exception="'STAFException'">
- <sequence>
- <message log="1" level="'fatal'">'Cleanup of test suite failed.'</message>
- </sequence>
- </catch>
- <finally>
- <call function="'testSuite_Postamble'"/>
- </finally>
- </try>
- </sequence>
- </finally>
-
- </try>
-
- </block>
-
- </sequence>
-
- </function>
-
-</stax>
\ No newline at end of file
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_root_auth.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_root_auth.xml
deleted file mode 100644
index cf1443c..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_root_auth.xml
+++ /dev/null
@@ -1,473 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2008-2009 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="root_auth"/>
-
- <function name="root_auth">
-
- <sequence>
-
- <!---
- Place suite-specific test information here.
- #@TestSuiteName Root Authentication Tests
- #@TestSuitePurpose Test the basic authentication for new root users.
- #@TestSuiteGroup Basic Root Authentication Tests
- #@TestScript security_root_auth.xml
- -->
-
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - Preamble
- #@TestIssue 420
- #@TestPurpose Configure for Root Auth tests
- #@TestPreamble none
- #@TestStep Admin change pwd storage to CLEAR
- #@TestStep Admin add new root user.
- #@TestStep Admin change Exact Match identity mapper match attribute.
- #@TestStep Admin change Exact Match identity mapper match base dn.
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0,for all steps.
- -->
- <testcase name="getTestCaseName('Root Auth - Preamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy Root: Root Auth, Preamble Step 1 - Admin Changing Pwd Storage to CLEAR'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Root Password Policy' ,
- 'attributeName' : 'default-password-storage-scheme' ,
- 'attributeValue' : 'Clear' }
- </call>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Preamble Step 2 - Admin adding new root user'
- </message>
-
- <call function="'addEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'entryToBeAdded' : '%s/security/pwd_policy_root/add_new_root_user.ldif' % remote.data }
- </call>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Preamble Step 3 - Admin changing authid attribute to givenName'
- </message>
-
- <call function="'modifyIdentityMapper'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'mapperName' : 'Exact Match' ,
- 'attributeName' : 'match-attribute' ,
- 'attributeValue' : 'givenName' }
- </call>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Preamble Step 4 - Admin changing authid dn to root users'
- </message>
-
- <call function="'modifyIdentityMapper'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'mapperName' : 'Exact Match' ,
- 'attributeName' : 'match-base-dn' ,
- 'attributeValue' : 'cn=Root DNs,cn=config' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) DIGEST-MD5 Bind
- #@TestIssue 420
- #@TestPurpose DIGEST-MD5 Bind
- #@TestPreamble none
- #@TestStep New root user binds using DIGEST-MD5
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (dn:) DIGEST-MD5 Bind')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (dn:) DIGEST-MD5 Binding'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:cn=Zroot Manager,cn=Root DNs,cn=config" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) DIGEST-MD5 Bind, short form
- #@TestIssue 420
- #@TestPurpose DIGEST-MD5 Bind, short form
- #@TestPreamble none
- #@TestStep New root user binds using DIGEST-MD5, short form
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (dn:) DIGEST-MD5 Bind, short form')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (dn:) DIGEST-MD5 Binding, short form'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:cn=Zroot" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) DIGEST-MD5 Bind, u: form
- #@TestIssue 420
- #@TestPurpose DIGEST-MD5 Bind, u: form
- #@TestPreamble none
- #@TestStep New root user binds using DIGEST-MD5, u: form
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (u:) DIGEST-MD5 Bind')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (u:) DIGEST-MD5 Binding'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=u:Zroot" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) CRAM-MD5 Bind
- #@TestIssue 420
- #@TestPurpose CRAM-MD5 Bind
- #@TestPreamble none
- #@TestStep New root user binds using CRAM-MD5
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (dn:) CRAM-MD5 Bind')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (dn:) CRAM-MD5 Binding'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=CRAM-MD5 -o "authid=dn:cn=Zroot Manager,cn=Root DNs,cn=config" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) CRAM-MD5 Bind, short form
- #@TestIssue 420
- #@TestPurpose CRAM-MD5 Bind, short form
- #@TestPreamble none
- #@TestStep New root user binds using CRAM-MD5, short form
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (dn:) CRAM-MD5 Bind, short form')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (dn:) CRAM-MD5 Binding, short form'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=CRAM-MD5 -o "authid=dn:cn=Zroot" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) CRAM-MD5 Bind, u: form
- #@TestIssue 420
- #@TestPurpose CRAM-MD5 Bind, u: form
- #@TestPreamble none
- #@TestStep New root user binds using CRAM-MD5, u: form
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (u:) CRAM-MD5 Bind')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (u:) CRAM-MD5 Binding'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=CRAM-MD5 -o "authid=u:Zroot" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) PLAIN Bind
- #@TestIssue 420
- #@TestPurpose PLAIN Bind
- #@TestPreamble none
- #@TestStep New root user binds using PLAIN
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (dn:) PLAIN Bind')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (dn:) PLAIN Binding'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=PLAIN -o "authid=dn:cn=Zroot Manager,cn=Root DNs,cn=config" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) PLAIN Bind, short form
- #@TestIssue 420
- #@TestPurpose PLAIN Bind, short form
- #@TestPreamble none
- #@TestStep New root user binds using PLAIN, short form
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (dn:) PLAIN Bind, short form')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (dn:) PLAIN Binding, short form'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=PLAIN -o "authid=dn:cn=Zroot" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - New Root User (dn:) PLAIN Bind, u: form
- #@TestIssue 420
- #@TestPurpose PLAIN Bind, u: form
- #@TestPreamble none
- #@TestStep New root user binds using PLAIN, u: form
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0.
- -->
- <testcase name="getTestCaseName('Root Auth - New Root User (u:) PLAIN Bind')">
-
- <sequence>
-
- <call function="'testCase_Preamble'"/>
-
- <message>
- 'Security: Pwd Policy Root: Root Auth, Root User (u:) PLAIN Binding'
- </message>
-
- <call function="'AnonSearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsBaseDN' : 'dc=example,dc=com' ,
- 'dsFilter' : 'objectclass=*' ,
- 'extraParams' : '-o mech=PLAIN -o "authid=u:Zroot" -w froglegs' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!---
- Place test-specific test information here.
- The tag, TestMarker, must be the same as the tag, TestSuiteName.
- #@TestMarker Root Authentication Tests
- #@TestName Root Auth - Postamble
- #@TestIssue 420
- #@TestPurpose Reset configuration.
- #@TestPreamble none
- #@TestStep Admin change password storage scheme to SSHA.
- #@TestPostamble none
- #@TestResult Success if OpenDS returns 0
- for all ldap operations.
- -->
- <testcase name="getTestCaseName('Root Auth - Postamble')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy Root: Root Auth, Postamble - Admin Changing Pwd Storage to SSHA'
- </message>
-
- <call function="'modifyPwdPolicy'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'propertyName' : 'Root Password Policy' ,
- 'attributeName' : 'default-password-storage-scheme' ,
- 'attributeValue' : 'Salted SHA-512' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_root_user_tests.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_root_user_tests.xml
deleted file mode 100755
index 5c7ad3f..0000000
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/pwd_policy_root/security_root_user_tests.xml
+++ /dev/null
@@ -1,128 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
-<!--
- ! CDDL HEADER START
- !
- ! The contents of this file are subject to the terms of the
- ! Common Development and Distribution License, Version 1.0 only
- ! (the "License"). You may not use this file except in compliance
- ! with the License.
- !
- ! You can obtain a copy of the license at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
- ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
- ! See the License for the specific language governing permissions
- ! and limitations under the License.
- !
- ! When distributing Covered Code, include this CDDL HEADER in each
- ! file and include the License file at
- ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
- ! add the following below this CDDL HEADER, with the fields enclosed
- ! by brackets "[]" replaced with your own identifying information:
- ! Portions Copyright [yyyy] [name of copyright owner]
- !
- ! CDDL HEADER END
- !
- ! Copyright 2008-2009 Sun Microsystems, Inc.
- ! -->
-<stax>
-
- <defaultcall function="root_user_tests"/>
-
- <function name="root_user_tests">
-
- <sequence>
-
- <!--- Check Existence of ds-cfg-default-password-storage-scheme Attr -->
- <testcase name="getTestCaseName('Default Pwd Scheme')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy Root: Checking default value ds-cfg-default-password-storage-scheme'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsBaseDN' : 'cn=Root Password Policy,cn=Password Policies,cn=config' ,
- 'dsFilter' : 'objectclass=*' ,
- 'attributes' : 'ds-cfg-default-password-storage-scheme' }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'cn=Salted SHA-512' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Check Existence of ds-cfg-password-generator Attr -->
- <testcase name="getTestCaseName('No Default Pwd Generator')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy Root: Checking for ds-cfg-password-generator'
- </message>
-
- <call function="'compareEntry'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'attrToBeCompared' : 'ds-cfg-password-generator:cn=anything',
- 'entryToBeCompared' : 'cn=Root Password Policy,cn=Password Policies,cn=config',
- 'expectedRC' : 16 }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
- </testcase>
-
- <!--- Check Existence of ds-cfg-password-change-requires-current-password Attr -->
- <testcase name="getTestCaseName('Default Pwd Change Setting')">
- <sequence>
- <call function="'testCase_Preamble'"/>
- <message>
- 'Security: Pwd Policy Root: Checking default value ds-cfg-password-change-requires-current-password'
- </message>
-
- <call function="'SearchObject'">
- { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
- 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
- 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
- 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'dsBaseDN' : 'cn=Root Password Policy,cn=Password Policies,cn=config' ,
- 'dsFilter' : 'objectclass=*' ,
- 'attributes' : 'ds-cfg-password-change-requires-current-password' }
- </call>
-
- <script>
- returnString = STAXResult[0][1]
- </script>
-
- <call function="'checktestString'">
- { 'returnString' : returnString ,
- 'expectedString' : 'true' }
- </call>
-
- <call function="'testCase_Postamble'"/>
-
- </sequence>
-
- </testcase>
-
- </sequence>
-
- </function>
-
-</stax>
diff --git a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/security.xml b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/security.xml
index bf031f1..5e72c33 100755
--- a/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/security.xml
+++ b/opendj-sdk/opends/tests/staf-tests/functional-tests/testcases/security/security.xml
@@ -24,7 +24,7 @@
! CDDL HEADER END
!
! Copyright 2006-2009 Sun Microsystems, Inc.
- ! Portions Copyright 2011 ForgeRock AS
+ ! Portions Copyright 2011-2012 ForgeRock AS
! -->
<stax>
<defaultcall function="main_security" />
@@ -57,8 +57,6 @@
suiteList.append(['pkcs12','security_pkcs12'])
suiteList.append(['startTLS','security_startTLS'])
suiteList.append(['sasl','security_sasl'])
- suiteList.append(['pwd_policy','security_pwd_policy'])
- suiteList.append(['pwd_policy_root','security_pwd_policy_root'])
suiteList.append(['auth_pwd_syntax','security_auth_pwd_syntax'])
suiteList.append(['pwd_validator','security_pwd_validator'])
suiteList.append(['pwd_storage','security_pwd_storage'])
@@ -108,4 +106,4 @@
</try>
</sequence>
</function>
-</stax>
\ No newline at end of file
+</stax>
--
Gitblit v1.10.0