From f5d754f7946a809dfcdc4593065503a5cca40d83 Mon Sep 17 00:00:00 2001
From: smaguin <smaguin@localhost>
Date: Thu, 19 Jun 2008 11:53:41 +0000
Subject: [PATCH] new single server system test
---
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.jar | 0
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/build.ksh | 39
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.xml | 342 +++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/single.xml | 72
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Server.java | 46
opendj-sdk/opends/tests/system-tests/scenario/singleServer/data/99_ext_schema.ldif | 28
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/secureModifyEntries.xml | 340 +++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Server.java | 46
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Worker.java | 165 +
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/tasks/tasks.xml | 223 ++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/security_lib.xml | 70
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Client.java | 488 +++++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Client.java | 498 +++++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Worker.java | 159 +
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/build.ksh | 39
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/secureUserpasswordModify.xml | 330 +++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/build.ksh | 39
opendj-sdk/opends/tests/system-tests/scenario/singleServer/post_configuration.xml | 968 +++++++++++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/run.ksh | 50
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/run.ksh | 50
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Server.java | 46
opendj-sdk/opends/tests/system-tests/scenario/singleServer/pre_configuration.xml | 183 ++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Client.java | 489 +++++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Worker.java | 182 ++
opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/run.ksh | 50
opendj-sdk/opends/tests/system-tests/scenario/singleServer/conf.xml | 243 ++
26 files changed, 5,185 insertions(+), 0 deletions(-)
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/build.ksh b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/build.ksh
new file mode 100755
index 0000000..367e089
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/build.ksh
@@ -0,0 +1,39 @@
+#!/bin/ksh
+
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2008 Sun Microsystems, Inc.
+
+export CLASSPATH=$CLASSPATH:.
+
+mkdir -p $COMPILDIR
+echo "Compiling classes..."
+javac src/*.java -d $COMPILDIR
+[ $? -ne 0 ] && return 1
+echo "Creating jarfile"
+cd $COMPILDIR
+jar cvf secureModifyEntries.jar *.class
+[ $? -ne 0 ] && return 1
+echo "Cleanup"
+rm -f *.class
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/run.ksh b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/run.ksh
new file mode 100644
index 0000000..95effcf
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/run.ksh
@@ -0,0 +1,50 @@
+#!/bin/ksh
+
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2008 Sun Microsystems, Inc.
+
+suffix="dc=com"
+hostname=nott
+maxDuration=50
+nb_threads=1
+NB_MAX_mod=100
+keystorePath=/tmp/sylvie
+LDAPSport=1235
+
+bindDN="cn=directory manager"
+bindPW=password
+
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp ../LDAPjdk/ldapjdk.jar:search.jar Client $@
+
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp ../LDAPjdk/ldapjdk.jar:search.jar -Djavax.net.ssl.keyStore=/tmp/shared/data/CERT_1111/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=/tmp/shared/data/CERT_1111/keystore -Djava.security.debug=ALL -Djava.security.auth.debug=ALL -Djavax.net.debug=ALL -Djavax.security.sasl.level=FINEST Client $@
+
+## SSL
+java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp secureModifyEntries.jar -Djavax.net.ssl.keyStore=$keystorePath/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=$keystorePath/keystore -Djavax.security.sasl.level=FINEST -Dport=$LDAPSport -DmaxDuration=$maxDuration -DNB_MAX_mod=$NB_MAX_mod -Dsuffix=$suffix -Dnb_threads=$nb_threads -Dhostname=$hostname Client $@
+#
+
+
+## CLEAR
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp search.jar -Djavax.net.ssl.keyStore=/tmp/shared/data/CERT_1111/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=/tmp/shared/data/CERT_1111/keystore -Djavax.security.sasl.level=FINEST -Dport=1111 -DmaxDuration=$maxDuration -DNB_MAX_mod=$NB_MAX_mod -Dsuffix=$suffix -Dnb_threads=$nb_threads -Dhostname=$hostname -DbindDN="$bindDN" -DbindPW=$bindPW Client $@
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/secureModifyEntries.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/secureModifyEntries.xml
new file mode 100644
index 0000000..21cb5bc
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/secureModifyEntries.xml
@@ -0,0 +1,340 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="secureModifyEntries"/>
+
+ <!-- ************************************************************ -->
+ <function name="secureModifyEntries" scope="local">
+
+ <function-map-args>
+ <function-arg-def name="workingDir" type="required"/>
+ <function-arg-def name="client" type="required"/>
+ <function-arg-def name="instances" type="required"/>
+ <function-arg-def name="duration" type="required"/>
+ <function-arg-def name="suffix" type="required"/>
+ <function-arg-def name="outFile" type="required"/>
+ <function-arg-def name="fileFd" type="required"/>
+ </function-map-args>
+
+
+ <sequence>
+ <!-- =================== Comments =================== -->
+ <!-- client is run under paralleliterate tag -->
+ <!-- each variables defined are internal -->
+ <!-- client should have its own err_num variable in order -->
+ <!-- to inform scheduler if it has pass/fail status -->
+ <script>
+ errNum = 0
+ msg = ''
+ </script>
+
+ <!-- ================== Preamble =================== -->
+ <!-- parse the client parameters : -->
+ <!-- params is [[param1,val1],[param2,val2],...] -->
+ <!-- get the ldap instance parameters -->
+
+
+ <script>
+ compilDir = '%s/%s_%s' % (workingDir,client.getHost(),client.getId())
+
+ outFile = '%s/client_secureModifyEntries_id%s.txt' % \
+ (client.getLogDir(),client.getId())
+
+ #
+ # Extract client parameters from client.getParams()
+ #
+ cParams = client.getParams()
+ try:
+ serverInstanceFromClient = cParams[0][1]
+ except IndexError:
+ serverInstanceFromClient = NOT_DEFINED
+ msg = '%s\nERROR: serverInstanceFromClient undefined,mandatory' % msg
+ try:
+ baseDn = cParams[1][1]
+ except IndexError:
+ baseDn = NOT_DEFINED
+ msg = '%s\nERROR: baseDn undefined,mandatory' % msg
+ try:
+ nbCnx = cParams[2][1]
+ except IndexError:
+ nbCnx = NOT_DEFINED
+ msg = '%s\nERROR: nbCnx undefined,mandatory' % msg
+ try:
+ nbMaxOp = cParams[3][1]
+ except IndexError:
+ nbMaxOp = NOT_DEFINED
+ msg = '%s\nERROR: nbMaxOperations undefined,mandatory' % msg
+ try:
+ attributeName = cParams[4][1]
+ except IndexError:
+ attributeName = NOT_DEFINED
+ try:
+ protocol = cParams[5][1]
+ except IndexError:
+ protocol = NOT_DEFINED
+ try:
+ authentication = cParams[6][1]
+ except IndexError:
+ authentication = NOT_DEFINED
+ try:
+ certAlias = cParams[7][1]
+ except IndexError:
+ certAlias = NOT_DEFINED
+ try:
+ operation = cParams[8][1]
+ except IndexError:
+ operation = NOT_DEFINED
+ try:
+ delaySec = cParams[9][1]
+ except IndexError:
+ delaySec = NOT_DEFINED
+ #
+ # setup parms to run the client
+ #
+ if serverInstanceFromClient != NOT_DEFINED:
+ sys.path.append("%s/phases/scheduler" % TESTS_DIR )
+ from scheduler import getInstance
+ serverInstance = getInstance(serverInstanceFromClient,instances)
+ if (serverInstance == 'ERROR'):
+ msg = '%s\nERROR: cant find client instance named' % msg
+ msg = '%s %s in server instance list' % \
+ (msg,serverInstanceFromClient)
+
+ else:
+ # remove sec, try to finish before timer kill -9 the client
+ duration = duration - 120
+
+ # keystorePath
+ keystorePath = "%s/CERT_%s_%s/config" % (client.getLogDir(),client.getName(),client.getId())
+
+ parms=[]
+ if (protocol == 'ssl'):
+ parms.append('-Dhostname=%s -Dport=%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPSPort()))
+ else:
+ parms.append('-Dhostname=%s -Dport=%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPPort()))
+
+ parms.append('-Dsuffix="%s"' % baseDn)
+
+ parms.append('-Dnb_threads=%s -DNB_MAX_mod=%s -DmaxDuration=%s' % (nbCnx,nbMaxOp,duration))
+ parms.append('-Dprotocol="%s"' % protocol)
+ if attributeName != NOT_DEFINED:
+ parms.append('-DattributeName="%s"' % attributeName)
+ parms.append('-Dauthentication="%s"' % authentication)
+
+ parms.append('-DbindDN="%s"' % DIRECTORY_INSTANCE_DN)
+ parms.append('-DbindPW="%s"' % DIRECTORY_INSTANCE_PSWD)
+
+ parms.append('-Doperation="%s"' % operation)
+ if delaySec != NOT_DEFINED:
+ parms.append('-DdelaySec="%s"' % delaySec)
+ parms = ' '.join(parms)
+ </script>
+
+ <if expr="msg.find('ERROR') != -1">
+ <sequence>
+ <message>'%s' % msg</message>
+ <call function="'writeOperationResult'">
+ {
+ 'returncode' : '1',
+ 'expected' : '0',
+ 'result' : msg,
+ 'status' : 'ERROR',
+ 'fileFd' : fileFd
+ }
+ </call>
+ <script>
+ errNum += 1
+ </script>
+ </sequence>
+ <else>
+ <sequence>
+
+ <!-- ==== Add execute permission to build.ksh file ==== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'chmod',
+ 'fileFd' : fileFd }
+ </call>
+ <call function="'writeMessage'">
+ {'content' : 'Add execute permission to build.ksh file',
+ 'fileFd' : fileFd}
+ </call>
+
+
+ <process name="'%s: chmod +x build.ksh' % client.getHost()">
+ <location>client.getHost()</location>
+ <command mode="'shell'">'chmod +x build.ksh'</command>
+ <parms/>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=/bin:/usr/bin']</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <call function="'checkRC'">
+ { 'returncode' : RC,
+ 'result' : STAXResult[0][1],
+ 'fileFd' : fileFd }
+ </call>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+
+ <!-- ==== Build client : run build.ksh file ==== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'build',
+ 'fileFd' : fileFd }
+ </call>
+
+
+ <!-- Build Client in unique directory (compilDir), avoid -->
+ <!-- conflict if same client is run several time at the same time -->
+ <process name="'%s: build %s' % (client.getHost(),client.getName())">
+ <location>client.getHost()</location>
+ <command mode="'shell'">'./build.ksh'</command>
+ <parms/>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=%s/bin:/bin:/usr/bin' % JAVA_HOME,'COMPILDIR=%s' % compilDir ]</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <call function="'checkRC'">
+ { 'returncode' : RC,
+ 'result' : STAXResult[0][1],
+ 'fileFd' : fileFd }
+ </call>
+ <if expr="RC != 0">
+ <message>
+ 'FAILED to build client %s on %s' % \
+ (client.getName(),client.getHost())
+ </message>
+ </if>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+
+ <!-- ========== Run the client ========== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'run',
+ 'fileFd' : fileFd }
+ </call>
+ <call function="'writeMessage'">
+ { 'fileFd' : fileFd,
+ 'content' : 'Do ldapmodify on %s:%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPSPort())
+ }
+ </call>
+
+ <script>
+ cParam = '-client -Xmx1G -Xms1G'
+ cParam = '%s -XX:NewRatio=1 -XX:SurvivorRatio=100' % cParam
+ cParam = '%s -cp %s/secureModifyEntries.jar' % (cParam,compilDir)
+ cParam = '%s -Djavax.net.ssl.keyStore=%s/keystore' % (cParam,keystorePath)
+ cParam = '%s -Djavax.net.ssl.trustStore=%s/keystore' % (cParam,keystorePath)
+ cParam = '%s -Djavax.security.sasl.level=FINEST' % cParam
+ cParam = '%s -Djavax.net.ssl.trustStorePassword=password' % cParam
+ cParam = '%s -Djavax.net.ssl.keyStorePassword=password' % cParam
+ cParam = '%s %s Client' % (cParam,parms)
+
+ titleName = '%s: run %s on %s' % \
+ (client.getHost(),client.getName(),
+ serverInstance.getName())
+ </script>
+ <call function="'writeMessage'">
+ { 'fileFd' : fileFd,
+ 'content' : 'DEBUG %s' % cParam
+ }
+ </call>
+ <process name="'%s' % titleName">
+ <location>client.getHost()</location>
+ <command>'%s/bin/java' % JAVA_HOME</command>
+ <parms>cParam </parms>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=%s/bin:/bin:/usr/bin' % JAVA_HOME]</envs>
+ <stderr mode="'stdout'"/>
+ <stdout>outFile</stdout>
+ <returnstdout/>
+ </process>
+ <!-- TBD : result should be STAXResult[0][1] : problem when
+ javaexception, with carac " and < >-->
+ <call function="'checkRC'">
+ { 'returncode' : RC ,
+ 'result' : '',
+ 'fileFd' : fileFd }
+ </call>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+ <!-- ========== Postamble ========== -->
+ <call function="'writeMessage'">
+ {'content' : 'Output file %s' % outFile,
+ 'fileFd' : fileFd}
+ </call>
+
+
+ <process name="'%s:%s: Grep' % (client.getHost(),client.getName())">
+ <location>client.getHost()</location>
+ <command mode="'shell'">
+ "grep 'TOTAL' %s | cut -d ' ' -f3-" % outFile
+ </command>
+ <envs>['PATH=/bin:/usr/bin']</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <script>
+ summary = STAXResult[0][1]
+ </script>
+
+
+ <call function="'writeMessage'">
+ {'content' : 'Summary %s' % (summary),
+ 'fileFd' : fileFd}
+ </call>
+
+ </sequence>
+ </else>
+ </if>
+
+ <return> errNum </return>
+
+ </sequence>
+
+ </function>
+
+</stax>
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Client.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Client.java
new file mode 100644
index 0000000..dc3f4ad
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Client.java
@@ -0,0 +1,498 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+
+import java.util.*;
+import java.io.*;
+import java.lang.Thread;
+import javax.naming.*;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchResult;
+import javax.naming.directory.Attributes;
+
+
+public class Client {
+
+
+ static int NB_MAX_mod=100;
+ static int nb_mod_started=0;
+ static int nb_mod_done=0;
+ static int total_nb_mod=0;
+ static int nb_threads=3;
+ static int nb_thread_ready=0;
+
+ static Random random;
+ static String hostname ;
+ static int portnumber;
+ static String bindDN;
+ static String bindPW;
+ static String suffix;
+ static Server server;
+ static String authentication;
+ static String protocol;
+ static String operation;
+ static String attributeName;
+ static String time= new String ("0 sec.");
+ static long timeTostopTest=0;
+ static long maxDuration=0;
+ static long duration=0;
+ static long startup=0;
+ static ArrayList<String> DNList;
+ static long delayCnx=1000;
+ static long delaySec=1;
+
+
+ public Client()
+ {
+
+ random= new Random();
+ DNList=new ArrayList<String>();
+
+ try {
+
+ /*
+ * bind as directory manager to get the full list of DN
+ * create a list of DN
+ */
+ Hashtable envLdap = set_properties_LDAP_simpleBind();
+
+ DirContext ctx = null;
+ ctx = new InitialDirContext(envLdap);
+
+ // Search options
+ String filter = "(objectclass=inetorgperson)";
+ String[] attrs = { "uid"};
+
+ SearchControls constraints = new SearchControls();
+ constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ constraints.setReturningAttributes(attrs);
+
+ NamingEnumeration results = ctx.search(suffix, filter, constraints);
+ Exception exc = null;
+ int count = 0;
+
+ try {
+ while (results != null && results.hasMore()) {
+ SearchResult res = (SearchResult) results.next();
+ DNList.add (res.getNameInNamespace());
+
+ count++;
+ }
+
+ DNList.trimToSize();
+ if ( DNList.size() == 0) {
+ println("ERROR", "No entry found in \"" + suffix + "\"");
+ System.exit(1);
+ }
+ } catch (Exception ex) {
+ exc = ex;
+ }
+ if ( exc != null ) {
+ throw exc;
+ }
+ } catch (Exception e) {
+
+ println ("INFO", "Failed to establish connection ");
+ e.printStackTrace();
+ System.exit(1);
+ }
+
+ try {
+
+
+ // execute the threads
+ for (int i=0; i < nb_threads; i++ ) {
+ Worker w = new Worker(this, server);
+ }
+ println ("INFO", nb_threads + " threads connected to server " + server );
+ //println ("INFO", "Will search using filter \"(" + attr + " = <value> )\" (MAX =" + NB_MAX_mod + ")" );
+
+ // Wait until all the threads have initialized their context
+ // and are ready to bind
+ try {
+ while ( nb_thread_ready() < nb_threads) {
+ // wait
+ }
+ // All the threads are ready, wake up all the threads
+ synchronized(this) {
+ nb_thread_ready=0;
+ notifyAll();
+ }
+ }
+ catch ( Exception e1 ) {
+ System.out.println ("E1");
+ e1.printStackTrace();
+ }
+
+ int seconds=0;
+ // initialize startup
+ long t1=System.currentTimeMillis();
+
+ // work until Max duration is reached
+ while (true) {
+
+ long new_t1=System.currentTimeMillis();
+
+ // end of the system test. Exit
+ if ( ( timeTostopTest != 0 ) && ( new_t1 > timeTostopTest ) ) {
+
+ // inform all the threads it's the end
+ synchronized (this) {
+ nb_mod_started=NB_MAX_mod;
+ }
+ break;
+ }
+
+ // status every delayCnx
+ if ( (new_t1 - t1) >= delayCnx) {
+
+ println("INFO", (nb_mod_done/delaySec) + " mod/sec.");
+
+ // inform all the threads the max nb searchs has been reached
+ synchronized (this) {
+ nb_mod_started=NB_MAX_mod;
+ }
+
+ // Wait all the threads to close their cnx and sleep
+ try {
+ total_nb_mod+=nb_mod_done;
+ while ( nb_thread_ready() < nb_threads) {
+ // wait
+ }
+ // All the threads are ready, wake up all the threads
+ synchronized(this) {
+ nb_thread_ready=0;
+ nb_mod_started=0;
+ nb_mod_done=0;
+
+ notifyAll();
+ }
+ }
+ catch ( Exception e1 ) {
+ System.out.println ("E1");
+ e1.printStackTrace();
+ }
+
+ if ( (seconds++) >= 9 ) {
+ duration=((new_t1-startup)/1000);
+ println("INFO", "Avg rate: " + (total_nb_mod/duration) + " mod/sec. after " + getTime(duration));
+ seconds=0;
+ }
+ t1=new_t1;
+ }
+ }
+ println ("INFO", "End of the client");
+ System.exit(0);
+ }
+ catch( Exception e ) {
+
+ e.printStackTrace();
+ System.exit(1);
+ }
+
+
+ }
+
+
+/* =========================================
+ * MAIN
+ * ======================================= */
+
+ public static void main( String[] args )
+
+ {
+
+ startup=System.currentTimeMillis();
+
+ // ===========================================
+ // Get the arguments specified for each option.
+ //
+
+ // Ldap port
+ String sport = System.getProperty("port");
+ portnumber = Integer.parseInt(sport);
+
+ // BaseDN
+ suffix = System.getProperty("suffix");
+ println ("INFO" , "suffix " + suffix);
+
+ // nb_threads
+ String snb_threads = System.getProperty("nb_threads");
+ nb_threads = Integer.parseInt(snb_threads);
+
+ println ("INFO" , "nb_threads " + snb_threads);
+
+ // test duration
+ String sMaxDuration = System.getProperty("maxDuration");
+ maxDuration = Long.parseLong(sMaxDuration);
+ println ("INFO" , "maxDuration " + maxDuration);
+
+ // credential for simple bind
+ bindDN = System.getProperty("bindDN");
+ bindPW = System.getProperty("bindPW");
+ println ("INFO" , "bindDN " + bindDN);
+
+ // Max number of searchs
+ String sNB_MAX_mod = System.getProperty("NB_MAX_mod");
+ NB_MAX_mod = Integer.parseInt(sNB_MAX_mod);
+ println ("INFO" , "sNB_MAX_mod " + sNB_MAX_mod);
+
+ // attribute to modify or add
+ attributeName = System.getProperty("attributeName");
+ println ("INFO" , "attributeName " + attributeName);
+
+ // operation to perform: modify or add
+ operation = System.getProperty("operation");
+ println ("INFO" , "operation " + operation);
+ // hostname
+ hostname = System.getProperty("hostname");
+
+ // protocol : SSL or TLS
+ protocol = System.getProperty("protocol");
+ println ("INFO" , "protocol " + protocol);
+
+ // authentication : EXTERNAL or simple
+ authentication = System.getProperty("authentication");
+ println ("INFO" , "authentication " + authentication);
+
+ // delay Sec before closing conx
+ String sdelaySec = System.getProperty("delaySec");
+ delaySec = Long.parseLong(sdelaySec);
+ delayCnx = delaySec * 1000;
+ println ("INFO" , "delayCnx " + delayCnx);
+
+ if ( maxDuration != 0 ) {
+ maxDuration= maxDuration * 1000;
+ }
+ timeTostopTest=( startup + maxDuration);
+ println("INFO", "the test will finish at " + timeTostopTest );
+
+ // ===========================================
+ // Initialize the Server
+ server=new Server (hostname,portnumber);
+
+ System.out.println ("DEBUG declare server " + portnumber + " " + hostname);
+
+ Runtime.getRuntime().addShutdownHook(new Thread() {
+
+ public void run() {
+ }
+ });
+
+ Client c = new Client();
+ }
+
+/* =========================================
+ * Get Date
+ * ======================================= */
+ public static String getTime(long d) {
+ String time=new String (d + " sec.");
+ if ( d > 10000 ) {
+ time=new String ((d/3600) + " hours");
+ } else if ( d > 300 ) {
+ time=new String ((d/60) + " min.");
+ }
+ return time;
+ }
+
+/* =========================================
+ * return true if the number of NB_MAX_mod has been reached
+ * else, increase nb_mod_started
+ * ======================================= */
+
+ public boolean nb_mod_started_reached() {
+
+ synchronized (this) {
+ if ( nb_mod_started>=NB_MAX_mod ) {
+ return true;
+
+ } else {
+ nb_mod_started++;
+ return false;
+ }
+ }
+ }
+
+
+/* =========================================
+ * thread is waiting for a notify from the main thread
+ * ======================================= */
+
+ public void thread_go_to_sleep() {
+
+ synchronized (this) {
+ try {
+ nb_thread_ready++;
+
+ this.wait();
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+
+/* =========================================
+ * increase the number of mod started
+ * ======================================= */
+ public void inc_mod_started() {
+
+ synchronized (this) {
+ if ( nb_mod_started>=NB_MAX_mod ) {
+ try {
+ this.wait();
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+
+ } else {
+ nb_mod_started++;
+ }
+ }
+ }
+
+
+
+/* =========================================
+ * increase the number of mod done
+ * ======================================= */
+ public void inc_mod_done() {
+ synchronized (this) {
+ try {
+ nb_mod_done++;
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+
+/* =========================================
+ * Configure the Properties depending of the selected authentication and protocol
+ * authentication : EXTERNAL or simple
+ * protocol ssl, tls or clear
+ * ======================================= */
+ public static Hashtable set_properties_LDAP() {
+
+ String provider ;
+
+ Hashtable envLdap = new Hashtable();
+ envLdap.put("java.naming.factory.initial",
+ "com.sun.jndi.ldap.LdapCtxFactory");
+
+ envLdap.put(Context.SECURITY_AUTHENTICATION, authentication);
+
+ if ( protocol.equals("ssl")) {
+ provider = "ldaps://"+server.host+":"+server.port+"/";
+ envLdap.put(Context.SECURITY_PROTOCOL, protocol);
+
+ } else {
+ provider = "ldap://"+server.host+":"+server.port+"/";
+ }
+ envLdap.put(Context.PROVIDER_URL, provider);
+
+ return envLdap;
+ }
+
+
+/* =========================================
+ * Configure the Properties for a simple Bind
+ * bind as directory manager
+ * use the selected protocol : ssl, tls or clear
+ * ======================================= */
+
+ public static Hashtable set_properties_LDAP_simpleBind() {
+
+ String provider ;
+
+ Hashtable envLdap = new Hashtable();
+ envLdap.put("java.naming.factory.initial",
+ "com.sun.jndi.ldap.LdapCtxFactory");
+
+ envLdap.put(Context.SECURITY_AUTHENTICATION, "simple");
+
+ envLdap.put(Context.SECURITY_PRINCIPAL, bindDN);
+ envLdap.put(Context.SECURITY_CREDENTIALS, bindPW);
+
+ if ( protocol.equals("ssl")) {
+ provider = "ldaps://"+server.host+":"+server.port+"/";
+ envLdap.put(Context.SECURITY_PROTOCOL, protocol);
+
+ } else {
+ provider = "ldap://"+server.host+":"+server.port+"/";
+ }
+
+ envLdap.put(Context.PROVIDER_URL, provider);
+ return envLdap;
+ }
+
+/* =========================================
+ * Get Date
+ * ======================================= */
+ public static String getDate() {
+
+ // Initialize the today's date string
+ String DATE_FORMAT = "yyyy/MM/dd:HH:mm:ss";
+ java.text.SimpleDateFormat sdf =
+ new java.text.SimpleDateFormat(DATE_FORMAT);
+ Calendar c1 = Calendar.getInstance(); // today
+ return("[" + sdf.format(c1.getTime()) + "]");
+ }
+
+
+/* =========================================
+ * Print
+ * ======================================= */
+ public static void println(String level, String msg) {
+ System.out.println (getDate() + " - " + level + ": " + msg );
+ }
+
+
+/* =========================================
+ * increase the number of threads ready
+ * ======================================= */
+ public void inc_thread_ready() {
+ synchronized (this) {
+ nb_thread_ready++;
+
+ try {
+ this.wait();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ }
+
+
+/* =========================================
+ * return the number of threads ready
+ * ======================================= */
+ public static int nb_thread_ready() {
+ return nb_thread_ready;
+ }
+}
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Server.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Server.java
new file mode 100644
index 0000000..dbf2405
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Server.java
@@ -0,0 +1,46 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+import java.util.*;
+
+
+public class Server {
+ public String host;
+ public int port;
+
+ public Server (String host, int port) {
+ this.host=host;
+ this.port=port;
+ }
+
+ public Server (String hostPort) {
+ StringTokenizer st = new StringTokenizer(hostPort, ":");
+ this.host=st.nextToken();
+ this.port=Integer.parseInt(st.nextToken());
+ }
+
+ public String toString() {
+ return (host + ":" + port);
+ }
+}
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Worker.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Worker.java
new file mode 100644
index 0000000..64613d3
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureModifyEntries/src/Worker.java
@@ -0,0 +1,182 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+
+import java.util.*;
+import java.io.*;
+import java.lang.Thread;
+import javax.naming.*;
+
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.DirContext;
+import javax.naming.Context;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.BasicAttributes;
+
+
+public class Worker extends Thread {
+
+ Server server;
+ Client client;
+ long myId = this.getId();
+
+ /**
+ ** Constructor for Worker thread
+ **/
+ public Worker(Client client2, Server server2) {
+
+ super();
+ try {
+
+ server = server2;
+ client = client2;
+ start();
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ /**
+ * Connect to the server
+ * wait a notify from the main thread to startthe modify operations
+ **/
+ public void run() {
+
+ String value="";
+ String DNtoModify;
+ String attrVal1;
+ ArrayList<String> mailEXT_values= new ArrayList<String>();
+ Random random_cpt= new Random();
+
+ try {
+ /* Define the list of values for mailEXT attribute */
+ mailEXT_values.add("group1");
+ mailEXT_values.add("group2");
+ mailEXT_values.add("group3");
+
+ DirContext ctx = null;
+
+ // Set the properties
+ Hashtable envLdap = client.set_properties_LDAP();
+
+ println("INFO","THREAD " + myId + " is waiting ");
+ // Waiting a notify from the main thread
+ client.inc_thread_ready();
+
+
+ /*
+ * Start modify operations
+ */
+ String[] attrIds = { (String)client.attributeName };
+ while (true) {
+
+ // no sasl authentication
+ // use a random DN to bind
+ if ( client.authentication.equals("simple")) {
+
+ String bindDN=(String) client.DNList.get(client.random.nextInt(client.DNList.size()));
+ String bindPW="userpassword";
+ envLdap.put(Context.SECURITY_PRINCIPAL, bindDN);
+ envLdap.put(Context.SECURITY_CREDENTIALS, bindPW);
+ //println("INFO","THREAD " + myId + "BIND as " + bindDN);
+ }
+ // bind
+ ctx = new InitialDirContext(envLdap);
+
+ while (true) {
+ try {
+
+ //String value=String.valueOf(client.random.nextInt(10000));
+ DNtoModify=(String) client.DNList.get(client.random.nextInt(client.DNList.size()));
+
+ // If attributeName to modify is mailEXT, we get the new value from the list
+ // group1, group2, group2
+ // this list is the list used to define the dynamic groups
+
+ if (client.attributeName.equals("mailEXT")) {
+ attrVal1 = (String) mailEXT_values.get(random_cpt.nextInt(3));
+ } else {
+
+ String value_cpt=String.valueOf(random_cpt.nextInt(10000));
+ long cur_date=System.currentTimeMillis();
+ String scur_date = String.valueOf(cur_date);
+ attrVal1 = "new description"+scur_date+"-"+value_cpt;
+ }
+
+ Attributes attrs = new BasicAttributes(attrIds[0], attrVal1, true);
+
+ // if the Max_nb_mod is reached, counters are initialized
+ // disconnect cnx
+ // Wait the main to wake up
+ if ( client.nb_mod_started_reached() == false) {
+
+ if (client.operation.equals("modify")) {
+ ctx.modifyAttributes(DNtoModify, DirContext.REPLACE_ATTRIBUTE, attrs);
+ } else {
+ ctx.modifyAttributes(DNtoModify, DirContext.ADD_ATTRIBUTE, attrs);
+ }
+
+ client.inc_mod_done();
+ } else {
+ ctx.close();
+ client.thread_go_to_sleep();
+ break;
+ }
+ } catch (Exception ex) {
+
+ println("INFO","THREAD " + myId + " CATCH " + ex);
+
+ }
+ // update the total number of searchs
+ client.inc_mod_done();
+ }
+ }
+ } catch (Exception e) {
+
+ println("INFO", "Failed: expected error code 3 ");
+
+ e.printStackTrace();
+ System.exit(1);
+ }
+ }
+
+ private String getDate() {
+
+ // Initialize the today's date string
+ String DATE_FORMAT = "yyyy/MM/dd:HH:mm:ss";
+ java.text.SimpleDateFormat sdf =
+ new java.text.SimpleDateFormat(DATE_FORMAT);
+ Calendar c1 = Calendar.getInstance(); // today
+ return("[" + sdf.format(c1.getTime()) + "]");
+ }
+
+ private void println(String level, String msg) {
+ System.out.println(getDate() + " - " + level + ": (" + server + ") " + msg );
+ }
+
+}
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/build.ksh b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/build.ksh
new file mode 100755
index 0000000..2eef307
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/build.ksh
@@ -0,0 +1,39 @@
+#!/bin/ksh
+
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2008 Sun Microsystems, Inc.
+
+export CLASSPATH=$CLASSPATH:.
+
+mkdir -p $COMPILDIR
+echo "Compiling classes..."
+javac src/*.java -d $COMPILDIR
+[ $? -ne 0 ] && return 1
+echo "Creating jarfile"
+cd $COMPILDIR
+jar cvf secureSearch.jar *.class
+[ $? -ne 0 ] && return 1
+echo "Cleanup"
+rm -f *.class
\ No newline at end of file
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/run.ksh b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/run.ksh
new file mode 100755
index 0000000..3fb7502
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/run.ksh
@@ -0,0 +1,50 @@
+#!/bin/ksh
+
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2008 Sun Microsystems, Inc.
+
+suffix="dc=com"
+hostname=nott
+maxDuration=50
+nb_threads=10
+NB_MAX_srchs=100
+keystorePath=/tmp/sylvie
+LDAPSport=1235
+
+bindDN="cn=directory manager"
+bindPW=password
+
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp ../LDAPjdk/ldapjdk.jar:search.jar Client $@
+
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp ../LDAPjdk/ldapjdk.jar:search.jar -Djavax.net.ssl.keyStore=/tmp/shared/data/CERT_1111/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=/tmp/shared/data/CERT_1111/keystore -Djava.security.debug=ALL -Djava.security.auth.debug=ALL -Djavax.net.debug=ALL -Djavax.security.sasl.level=FINEST Client $@
+
+## SSL
+java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp secureSearch.jar -Djavax.net.ssl.keyStore=$keystorePath/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=$keystorePath/keystore -Djavax.security.sasl.level=FINEST -Dport=$LDAPSport -DmaxDuration=$maxDuration -DNB_MAX_srchs=$NB_MAX_srchs -Dsuffix=$suffix -Dnb_threads=$nb_threads -Dhostname=$hostname Client $@
+#
+
+
+## CLEAR
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp search.jar -Djavax.net.ssl.keyStore=/tmp/shared/data/CERT_1111/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=/tmp/shared/data/CERT_1111/keystore -Djavax.security.sasl.level=FINEST -Dport=1111 -DmaxDuration=$maxDuration -DNB_MAX_srchs=$NB_MAX_srchs -Dsuffix=$suffix -Dnb_threads=$nb_threads -Dhostname=$hostname -DbindDN="$bindDN" -DbindPW=$bindPW Client $@
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.jar b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.jar
new file mode 100644
index 0000000..1cefe66
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.jar
Binary files differ
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.xml
new file mode 100644
index 0000000..c839d23
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/secureSearch.xml
@@ -0,0 +1,342 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="secureSearch"/>
+
+
+
+ <!-- ************************************************************ -->
+ <function name="secureSearch" scope="local">
+ <function-map-args>
+ <function-arg-def name="workingDir" type="required"/>
+ <function-arg-def name="client" type="required"/>
+ <function-arg-def name="instances" type="required"/>
+ <function-arg-def name="duration" type="required"/>
+ <function-arg-def name="suffix" type="required"/>
+ <function-arg-def name="outFile" type="required"/>
+ <function-arg-def name="fileFd" type="required"/>
+ </function-map-args>
+
+ <sequence>
+ <!-- =================== Comments =================== -->
+ <!-- client is run under paralleliterate tag -->
+ <!-- each variables defined are internal -->
+ <!-- client should have its own err_num variable in order -->
+ <!-- to inform scheduler if it has pass/fail status -->
+ <script>
+ errNum = 0
+ msg = ''
+ </script>
+
+ <!-- ================== Preamble =================== -->
+ <!-- parse the client parameters : -->
+ <!-- params is [[param1,val1],[param2,val2],...] -->
+ <!-- get the ldap instance parameters -->
+
+ <script>
+ compilDir = '%s/%s_%s' % (workingDir,client.getHost(),client.getId())
+
+ outFile = '%s/client_secureSearch_id%s.txt' % \
+ (client.getLogDir(),client.getId())
+
+ #
+ # Extract client parameters from client.getParams()
+ #
+ cParams = client.getParams()
+ try:
+ serverInstanceFromClient = cParams[0][1]
+ except IndexError:
+ serverInstanceFromClient = NOT_DEFINED
+ msg = '%s\nERROR: serverInstanceFromClient undefined,mandatory' % msg
+ try:
+ baseDn = cParams[1][1]
+ except IndexError:
+ baseDn = NOT_DEFINED
+ msg = '%s\nERROR: baseDn undefined,mandatory' % msg
+ try:
+ nbCnx = cParams[2][1]
+ except IndexError:
+ nbCnx = NOT_DEFINED
+ msg = '%s\nERROR: nbCnx undefined,mandatory' % msg
+ try:
+ nbMaxOp = cParams[3][1]
+ except IndexError:
+ nbMaxOp = NOT_DEFINED
+ msg = '%s\nERROR: nbMaxOperations undefined,mandatory' % msg
+ try:
+ attributeName = cParams[4][1]
+ except IndexError:
+ attributeName = NOT_DEFINED
+ try:
+ protocol = cParams[5][1]
+ except IndexError:
+ protocol = NOT_DEFINED
+ try:
+ authentication = cParams[6][1]
+ except IndexError:
+ authentication = NOT_DEFINED
+ try:
+ certAlias = cParams[7][1]
+ except IndexError:
+ certAlias = NOT_DEFINED
+ try:
+ delaySec = cParams[8][1]
+ except IndexError:
+ delaySec = NOT_DEFINED
+
+ #
+ # setup parms to run the client
+ #
+ if serverInstanceFromClient != NOT_DEFINED:
+ sys.path.append("%s/phases/scheduler" % TESTS_DIR )
+ from scheduler import getInstance
+ serverInstance = getInstance(serverInstanceFromClient,instances)
+ if (serverInstance == 'ERROR'):
+ msg = '%s\nERROR: cant find client instance named' % msg
+ msg = '%s %s in server instance list' % \
+ (msg,serverInstanceFromClient)
+
+ else:
+ # remove sec, try to finish before timer kill -9 the client
+ duration = duration - 60
+
+ # keystorePath
+ keystorePath = "%s/CERT_%s_%s/config" % (client.getLogDir(),client.getName(),client.getId())
+
+ parms=[]
+ if (protocol == 'ssl'):
+ parms.append('-Dhostname=%s -Dport=%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPSPort()))
+ else:
+ parms.append('-Dhostname=%s -Dport=%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPPort()))
+
+ parms.append('-Dsuffix="%s"' % baseDn)
+
+ parms.append('-Dnb_threads=%s -DNB_MAX_srchs=%s -DmaxDuration=%s' % (nbCnx,nbMaxOp,duration))
+
+ parms.append('-Dprotocol="%s"' % protocol)
+ if attributeName != NOT_DEFINED:
+ parms.append('-DattributeName="%s"' % attributeName)
+ parms.append('-Dauthentication="%s"' % authentication)
+
+
+ parms.append('-DbindDN="%s"' % DIRECTORY_INSTANCE_DN)
+ parms.append('-DbindPW="%s"' % DIRECTORY_INSTANCE_PSWD)
+
+ if delaySec != NOT_DEFINED:
+ parms.append('-DdelaySec="%s"' % delaySec)
+ parms = ' '.join(parms)
+ </script>
+
+ <call function="'writeMessage'">
+ {'content' : 'DEBUG params %s' % parms ,
+ 'fileFd' : fileFd}
+ </call>
+ <if expr="msg.find('ERROR') != -1">
+ <sequence>
+ <message>'%s' % msg</message>
+ <call function="'writeOperationResult'">
+ {
+ 'returncode' : '1',
+ 'expected' : '0',
+ 'result' : msg,
+ 'status' : 'ERROR',
+ 'fileFd' : fileFd
+ }
+ </call>
+ <script>
+ errNum += 1
+ </script>
+ </sequence>
+ <else>
+ <sequence>
+
+ <!-- ==== Add execute permission to build.ksh file ==== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'chmod',
+ 'fileFd' : fileFd }
+ </call>
+ <call function="'writeMessage'">
+ {'content' : 'Add execute permission to build.ksh file',
+ 'fileFd' : fileFd}
+ </call>
+
+
+ <process name="'%s: chmod +x build.ksh' % client.getHost()">
+ <location>client.getHost()</location>
+ <command mode="'shell'">'chmod +x build.ksh'</command>
+ <parms/>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=/bin:/usr/bin']</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <call function="'checkRC'">
+ { 'returncode' : RC,
+ 'result' : STAXResult[0][1],
+ 'fileFd' : fileFd }
+ </call>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+
+ <!-- ==== Build client : run build.ksh file ==== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'build',
+ 'fileFd' : fileFd }
+ </call>
+
+
+ <!-- Build Client in unique directory (compilDir), avoid -->
+ <!-- conflict if same client is run several time at the same time -->
+ <process name="'%s: build %s' % (client.getHost(),client.getName())">
+ <location>client.getHost()</location>
+ <command mode="'shell'">'./build.ksh'</command>
+ <parms/>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=%s/bin:/bin:/usr/bin' % JAVA_HOME,'COMPILDIR=%s' % compilDir ]</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <call function="'checkRC'">
+ { 'returncode' : RC,
+ 'result' : STAXResult[0][1],
+ 'fileFd' : fileFd }
+ </call>
+ <if expr="RC != 0">
+ <message>
+ 'FAILED to build client %s on %s' % \
+ (client.getName(),client.getHost())
+ </message>
+ </if>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+
+ <!-- ========== Run the client ========== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'run',
+ 'fileFd' : fileFd }
+ </call>
+ <call function="'writeMessage'">
+ { 'fileFd' : fileFd,
+ 'content' : 'Do ldapsearchs on %s:%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPSPort())
+ }
+ </call>
+
+ <script>
+ cParam = '-client -Xmx1G -Xms1G'
+ cParam = '%s -XX:NewRatio=1 -XX:SurvivorRatio=100' % cParam
+ cParam = '%s -cp %s/secureSearch.jar' % (cParam,compilDir)
+ cParam = '%s -Djavax.net.ssl.keyStore=%s/keystore' % (cParam,keystorePath)
+ cParam = '%s -Djavax.net.ssl.trustStore=%s/keystore' % (cParam,keystorePath)
+ cParam = '%s -Djavax.security.sasl.level=FINEST' % cParam
+ cParam = '%s -Djavax.net.ssl.trustStorePassword=password' % cParam
+ cParam = '%s -Djavax.net.ssl.keyStorePassword=password' % cParam
+ cParam = '%s %s Client' % (cParam,parms)
+
+ titleName = '%s: run %s on %s' % \
+ (client.getHost(),client.getName(),
+ serverInstance.getName())
+ </script>
+ <call function="'writeMessage'">
+ { 'fileFd' : fileFd,
+ 'content' : 'DEBUG %s' % cParam
+ }
+ </call>
+ <process name="'%s' % titleName">
+ <location>client.getHost()</location>
+ <command>'%s/bin/java' % JAVA_HOME</command>
+ <parms>cParam </parms>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=%s/bin:/bin:/usr/bin' % JAVA_HOME]</envs>
+ <stderr mode="'stdout'"/>
+ <stdout>outFile</stdout>
+ <returnstdout/>
+ </process>
+ <!-- java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp secureSearch.jar -Djavax.net.ssl.keyStore=/tmp/shared/data/CERT_1111/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=/tmp/shared/data/CERT_1111/keystore -Djavax.security.sasl.level=FINEST -Dport=1636 -DmaxDuration=$maxDuration -DNB_MAX_srchs=$NB_MAX_srchs -Dsuffix=$suffix -Dnb_threads=$nb_threads -Dhostname=$hostname Client $@
+-->
+ <!-- TBD : result should be STAXResult[0][1] : problem when
+ javaexception, with carac " and < >-->
+ <call function="'checkRC'">
+ { 'returncode' : RC ,
+ 'result' : '',
+ 'fileFd' : fileFd }
+ </call>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+ <!-- ========== Postamble ========== -->
+ <call function="'writeMessage'">
+ {'content' : 'Output file %s' % outFile,
+ 'fileFd' : fileFd}
+ </call>
+
+ <process name="'%s:%s: Grep' % (client.getHost(),client.getName())">
+ <location>client.getHost()</location>
+ <command mode="'shell'">
+ "grep 'TOTAL' %s | cut -d ' ' -f3-" % outFile
+ </command>
+ <envs>['PATH=/bin:/usr/bin']</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <script>
+ summary = STAXResult[0][1]
+ </script>
+ <call function="'writeMessage'">
+ {'content' : 'Summary %s' % (summary),
+ 'fileFd' : fileFd}
+ </call>
+
+ </sequence>
+ </else>
+ </if>
+
+ <return> errNum </return>
+
+ </sequence>
+
+ </function>
+
+
+
+</stax>
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Client.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Client.java
new file mode 100644
index 0000000..50162e6
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Client.java
@@ -0,0 +1,488 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+
+import java.util.*;
+import java.io.*;
+import java.lang.Thread;
+import javax.naming.*;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchResult;
+import javax.naming.directory.Attributes;
+
+public class Client {
+
+ static int NB_MAX_srchs=100;
+ static int nb_srchs_started=0;
+ static int nb_srchs_done=0;
+ static int total_nb_srchs=0;
+ static int nb_threads=3;
+ static int nb_thread_ready=0;
+
+ static Random random;
+ static String hostname ;
+ static int portnumber;
+ static String bindDN;
+ static String bindPW;
+ static String suffix;
+ static Server server;
+ static String authentication;
+ static String protocol;
+ static String attributeName;
+ static String time= new String ("0 sec.");;
+ static long duration=0;
+ static long maxDuration=0;
+ static long startup=0;
+ static long timeTostopTest=0;
+ static ArrayList<String> DNList;
+ static ArrayList<String> uidList;
+ static long delayCnx=1000;
+ static long delaySec=1;
+
+ public Client()
+ {
+ random= new Random();
+ DNList=new ArrayList<String>();
+ uidList=new ArrayList<String>();
+
+ try {
+
+ Hashtable envLdap = set_properties_LDAP_simpleBind();
+
+ DirContext ctx = null;
+ ctx = new InitialDirContext(envLdap);
+
+ // Search options
+ String filter = "(objectclass=inetorgperson)";
+ String[] attrs = { "uid"};
+
+ SearchControls constraints = new SearchControls();
+ constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ constraints.setReturningAttributes(attrs);
+
+ NamingEnumeration results = ctx.search(suffix, filter, constraints);
+ Exception exc = null;
+ int count = 0;
+
+ try {
+ while (results != null && results.hasMore()) {
+ SearchResult res = (SearchResult) results.next();
+ DNList.add (res.getNameInNamespace());
+
+ Attributes uidAttrs = res.getAttributes();
+ uidList.add ((String) uidAttrs.get("uid").get());
+
+ count++;
+ }
+
+ DNList.trimToSize();
+ if ( DNList.size() == 0) {
+ println("ERROR", "No entry found in \"" + suffix + "\"");
+ System.exit(1);
+ }
+ } catch (Exception ex) {
+ exc = ex;
+ }
+ if ( exc != null ) {
+ throw exc;
+ }
+ ctx.close();
+ } catch (Exception e) {
+
+ println ("INFO", "Failed: expected error code 3 ");
+ e.printStackTrace();
+ System.exit(1);
+ }
+
+
+ try {
+
+ // execute the threads
+ for (int i=0; i < nb_threads; i++ ) {
+ Worker w = new Worker(this, server);
+ }
+ println ("INFO", nb_threads + " threads connected to server " + server );
+
+ // Wait until all the threads have initialized their context
+ // and are ready to bind
+ try {
+ while ( nb_thread_ready() < nb_threads) {
+ // wait
+ }
+ // All the threads are ready, wake up all the threads
+ synchronized(this) {
+ nb_thread_ready=0;
+ notifyAll();
+ }
+ }
+ catch ( Exception e1 ) {
+ System.out.println ("E1");
+ e1.printStackTrace();
+ }
+
+ int seconds=0;
+ long t1=System.currentTimeMillis();
+
+ // work until Max duration is reached
+ while (true) {
+
+ long new_t1=System.currentTimeMillis();
+
+ // end of the system test. Exit
+ if ( ( timeTostopTest != 0 ) && ( new_t1 > timeTostopTest ) ) {
+
+ // inform all the threads it's the end
+ synchronized (this) {
+ nb_srchs_started=NB_MAX_srchs;
+ }
+ break;
+ }
+
+ // status every second
+ if ( (new_t1 - t1) >= delayCnx ) {
+
+ println("INFO", (nb_srchs_done/delaySec) + " srch/sec.");
+
+ // inform all the threads the max nb searchs has been reached
+ synchronized (this) {
+ nb_srchs_started=NB_MAX_srchs;
+ }
+
+ // Wait all the threads to close their cnx and sleep
+ try {
+ total_nb_srchs+=nb_srchs_done;
+ while ( nb_thread_ready() < nb_threads) {
+ // wait
+ }
+ // All the threads are ready, wake up all the threads
+ synchronized(this) {
+ nb_thread_ready=0;
+ nb_srchs_started=0;
+ nb_srchs_done=0;
+
+ notifyAll();
+ }
+ }
+ catch ( Exception e1 ) {
+ System.out.println ("E1");
+ e1.printStackTrace();
+ }
+
+ if ( (seconds++) >= 9 ) {
+ duration=((new_t1-startup)/1000);
+ println("INFO", "Avg rate: " + (total_nb_srchs/duration) + " srchs/sec. after " + getTime(duration));
+ seconds=0;
+ }
+ t1=new_t1;
+ }
+ }
+ System.exit(0);
+ }
+ catch( Exception e ) {
+
+ e.printStackTrace();
+ System.exit(1);
+ }
+
+
+ }
+
+
+
+
+/* =========================================
+ * MAIN
+ * ======================================= */
+
+ public static void main( String[] args )
+ {
+
+ startup=System.currentTimeMillis();
+
+ // ===========================================
+ // Get the arguments specified for each option.
+ //
+
+ // Ldap port
+ String sport = System.getProperty("port");
+ portnumber = Integer.parseInt(sport);
+
+
+ // BaseDN
+ suffix = System.getProperty("suffix");
+ println ("INFO" , "suffix " + suffix);
+
+ // nb_threads
+ String snb_threads = System.getProperty("nb_threads");
+ nb_threads = Integer.parseInt(snb_threads);
+
+ println ("INFO" , "nb_threads " + snb_threads);
+
+ // test duration
+ String sMaxDuration = System.getProperty("maxDuration");
+ maxDuration = Long.parseLong(sMaxDuration);
+ println ("INFO" , "maxDuration " + maxDuration);
+
+ // credential for simple bind
+ bindDN = System.getProperty("bindDN");
+ bindPW = System.getProperty("bindPW");
+ println ("INFO" , "bindDN " + bindDN);
+
+ // attribute to search
+ attributeName = System.getProperty("attributeName");
+ println ("INFO" , "attributeName " + attributeName);
+
+ // Max number of searchs
+ String sNB_MAX_srchs = System.getProperty("NB_MAX_srchs");
+ NB_MAX_srchs = Integer.parseInt(sNB_MAX_srchs);
+ println ("INFO" , "sNB_MAX_srchs " + sNB_MAX_srchs);
+
+ // hostname
+ hostname = System.getProperty("hostname");
+
+
+ // protocol : SSL or TLS
+ protocol = System.getProperty("protocol");
+ println ("INFO" , "protocol " + protocol);
+
+ // authentication : EXTERNAL or simple
+ authentication = System.getProperty("authentication");
+ println ("INFO" , "authentication " + authentication);
+
+ // delay Sec before closing conx
+ String sdelaySec = System.getProperty("delaySec");
+ delaySec = Long.parseLong(sdelaySec);
+ delayCnx = delaySec * 1000;
+ println ("INFO" , "delayCnx " + delayCnx);
+
+
+ if ( maxDuration != 0 ) {
+ maxDuration= maxDuration * 1000;
+ }
+ timeTostopTest=( startup + maxDuration);
+ println("INFO", "END of the test : " + timeTostopTest );
+
+
+ // ===========================================
+ // Initialize the Server
+ server=new Server (hostname,portnumber);
+
+ System.out.println ("DEBUG declare server " + portnumber + " " + hostname);
+
+ Runtime.getRuntime().addShutdownHook(new Thread() {
+
+ public void run() {
+ }
+ });
+
+ Client c = new Client();
+ }
+
+
+/* =========================================
+ * return true if the number of NB_MAX_srchs has been reached
+ * else, increase nb_srchs_started
+ * ======================================= */
+
+ public boolean nb_srchs_started_reached() {
+
+ synchronized (this) {
+ if ( nb_srchs_started>=NB_MAX_srchs ) {
+ return true;
+
+ } else {
+ nb_srchs_started++;
+ return false;
+ }
+ }
+ }
+
+
+/* =========================================
+ * thread is waiting for a notify from the main thread
+ * ======================================= */
+ public void thread_go_to_sleep() {
+
+ synchronized (this) {
+ try {
+ nb_thread_ready++;
+
+ this.wait();
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+
+/* =========================================
+ * increase the number of srchs started
+ * ======================================= */
+ public void inc_srchs_started() {
+
+ synchronized (this) {
+ if ( nb_srchs_started>=NB_MAX_srchs ) {
+ try {
+ this.wait();
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+
+ } else {
+ nb_srchs_started++;
+ }
+ }
+ }
+
+/* =========================================
+ * increase the number of srchs done
+ * ======================================= */
+ public void inc_srchs_done() {
+ synchronized (this) {
+ try {
+ nb_srchs_done++;
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+/* =========================================
+ * Configure the Properties depending of the selected authentication and protocol
+ * authentication : EXTERNAL or simple
+ * protocol ssl, tls or clear
+ * ======================================= */
+
+ public static Hashtable set_properties_LDAP() {
+
+ String provider ;
+
+ Hashtable envLdap = new Hashtable();
+ envLdap.put("java.naming.factory.initial",
+ "com.sun.jndi.ldap.LdapCtxFactory");
+
+ envLdap.put(Context.SECURITY_AUTHENTICATION, authentication);
+
+ if ( protocol.equals("ssl")) {
+ provider = "ldaps://"+server.host+":"+server.port+"/";
+ envLdap.put(Context.SECURITY_PROTOCOL, protocol);
+
+ } else {
+ provider = "ldap://"+server.host+":"+server.port+"/";
+ }
+
+ envLdap.put(Context.PROVIDER_URL, provider);
+ return envLdap;
+ }
+
+
+/* =========================================
+ * Configure the Properties for a simple Bind
+ * bind as directory manager
+ * use the selected protocol : ssl, tls or clear
+ * ======================================= */
+ public static Hashtable set_properties_LDAP_simpleBind() {
+
+ String provider ;
+
+ Hashtable envLdap = new Hashtable();
+ envLdap.put("java.naming.factory.initial",
+ "com.sun.jndi.ldap.LdapCtxFactory");
+
+ envLdap.put(Context.SECURITY_AUTHENTICATION, "simple");
+
+ envLdap.put(Context.SECURITY_PRINCIPAL, bindDN);
+ envLdap.put(Context.SECURITY_CREDENTIALS, bindPW);
+
+ if ( protocol.equals("ssl")) {
+ provider = "ldaps://"+server.host+":"+server.port+"/";
+ envLdap.put(Context.SECURITY_PROTOCOL, protocol);
+
+ } else {
+ provider = "ldap://"+server.host+":"+server.port+"/";
+ }
+
+ envLdap.put(Context.PROVIDER_URL, provider);
+ return envLdap;
+ }
+
+/* =========================================
+ * Get Date
+ * ======================================= */
+ public static String getDate() {
+
+ // Initialize the today's date string
+ String DATE_FORMAT = "yyyy/MM/dd:HH:mm:ss";
+ java.text.SimpleDateFormat sdf =
+ new java.text.SimpleDateFormat(DATE_FORMAT);
+ Calendar c1 = Calendar.getInstance(); // today
+ return("[" + sdf.format(c1.getTime()) + "]");
+ }
+
+/* =========================================
+ * print
+ * ======================================= */
+ public static void println(String level, String msg) {
+ System.out.println (getDate() + " - " + level + ": " + msg );
+ }
+
+/* =========================================
+ * increase the number of threads ready
+ * ======================================= */
+ public void inc_thread_ready() {
+ synchronized (this) {
+ nb_thread_ready++;
+
+ try {
+ this.wait();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ }
+/* =========================================
+ * return the number of threads ready
+ * ======================================= */
+ public static int nb_thread_ready() {
+
+ return nb_thread_ready;
+
+ }
+
+/* =========================================
+ * getTime
+ * ======================================= */
+ public static String getTime(long d) {
+ String time=new String (d + " sec.");
+ if ( d > 10000 ) {
+ time=new String ((d/3600) + " hours");
+ } else if ( d > 300 ) {
+ time=new String ((d/60) + " min.");
+ }
+ return time;
+ }
+}
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Server.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Server.java
new file mode 100644
index 0000000..dbf2405
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Server.java
@@ -0,0 +1,46 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+import java.util.*;
+
+
+public class Server {
+ public String host;
+ public int port;
+
+ public Server (String host, int port) {
+ this.host=host;
+ this.port=port;
+ }
+
+ public Server (String hostPort) {
+ StringTokenizer st = new StringTokenizer(hostPort, ":");
+ this.host=st.nextToken();
+ this.port=Integer.parseInt(st.nextToken());
+ }
+
+ public String toString() {
+ return (host + ":" + port);
+ }
+}
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Worker.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Worker.java
new file mode 100644
index 0000000..9f20d76
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureSearch/src/Worker.java
@@ -0,0 +1,159 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+
+import java.util.*;
+import java.io.*;
+import java.lang.Thread;
+import javax.naming.*;
+
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.DirContext;
+import javax.naming.Context;
+import javax.naming.directory.InitialDirContext;
+
+
+public class Worker extends Thread {
+
+ Server server;
+ Client client;
+ long myId = this.getId();
+
+ public Worker(Client client2, Server server2) {
+
+ super();
+ try {
+
+ server = server2;
+ client = client2;
+ start();
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+
+ public void run() {
+
+ String value="";
+
+ try {
+
+ DirContext ctx = null;
+
+ // Set the properties
+ Hashtable envLdap = client.set_properties_LDAP();
+
+ // the thread is waiting the main to wake up
+ client.inc_thread_ready();
+
+ println("INFO","THREAD " + myId + " is wake up for test");
+
+ while (true) {
+
+ // no sasl authentication
+ // use a random DN to bind
+ if ( client.authentication.equals("simple")) {
+
+ String bindDN=(String) client.DNList.get(client.random.nextInt(client.DNList.size()));
+ String bindPW="userpassword";
+
+ envLdap.put(Context.SECURITY_PRINCIPAL, bindDN);
+ envLdap.put(Context.SECURITY_CREDENTIALS, bindPW);
+
+ }
+ // bind
+ ctx = new InitialDirContext(envLdap);
+
+
+ //String filter = "(objectclass=*)";
+ SearchControls constraints = new SearchControls();
+ String[] returnattrs = {client.attributeName};
+ constraints.setReturningAttributes(returnattrs);
+ constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
+
+
+ while (true) {
+ try {
+ String searchDN=(String) client.suffix;
+ String filter="uid="+(String) client.uidList.get(client.random.nextInt(client.uidList.size()));
+
+ // if the Max_nb_search is reached, counters are initialized
+ // disconnect cnx
+ // Wait the main to wake up
+
+ if ( client.nb_srchs_started_reached() == false) {
+
+ // Search entries
+ NamingEnumeration results = ctx.search(searchDN, filter, constraints);
+ while (results != null && results.hasMore()) {
+ SearchResult res = (SearchResult) results.next();
+ Attributes uidAttrs = res.getAttributes();
+ }
+ results.close();
+
+ client.inc_srchs_done();
+ } else {
+ ctx.close();
+ client.thread_go_to_sleep();
+ break;
+ }
+ } catch (Exception ex) {
+
+ println("INFO","THREAD " + myId + " CATCH " + ex);
+
+ }
+
+ // update the total number of searchs
+ client.inc_srchs_done();
+ }
+
+ }
+ } catch (Exception e) {
+ println("INFO", "Failed: expected error code 3 ");
+
+ e.printStackTrace();
+ System.exit(1);
+ }
+ }
+
+ private String getDate() {
+
+ // Initialize the today's date string
+ String DATE_FORMAT = "yyyy/MM/dd:HH:mm:ss";
+ java.text.SimpleDateFormat sdf =
+ new java.text.SimpleDateFormat(DATE_FORMAT);
+ Calendar c1 = Calendar.getInstance(); // today
+ return("[" + sdf.format(c1.getTime()) + "]");
+ }
+
+ private void println(String level, String msg) {
+ System.out.println(getDate() + " - " + level + ": (" + server + ") " + msg );
+ }
+
+}
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/build.ksh b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/build.ksh
new file mode 100644
index 0000000..7790e8c
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/build.ksh
@@ -0,0 +1,39 @@
+#!/bin/ksh
+
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2008 Sun Microsystems, Inc.
+
+export CLASSPATH=$CLASSPATH:.
+
+mkdir -p $COMPILDIR
+echo "Compiling classes..."
+javac src/*.java -d $COMPILDIR
+[ $? -ne 0 ] && return 1
+echo "Creating jarfile"
+cd $COMPILDIR
+jar cvf secureUserpasswordModify.jar *.class
+[ $? -ne 0 ] && return 1
+echo "Cleanup"
+rm -f *.class
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/run.ksh b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/run.ksh
new file mode 100644
index 0000000..95effcf
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/run.ksh
@@ -0,0 +1,50 @@
+#!/bin/ksh
+
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2008 Sun Microsystems, Inc.
+
+suffix="dc=com"
+hostname=nott
+maxDuration=50
+nb_threads=1
+NB_MAX_mod=100
+keystorePath=/tmp/sylvie
+LDAPSport=1235
+
+bindDN="cn=directory manager"
+bindPW=password
+
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp ../LDAPjdk/ldapjdk.jar:search.jar Client $@
+
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp ../LDAPjdk/ldapjdk.jar:search.jar -Djavax.net.ssl.keyStore=/tmp/shared/data/CERT_1111/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=/tmp/shared/data/CERT_1111/keystore -Djava.security.debug=ALL -Djava.security.auth.debug=ALL -Djavax.net.debug=ALL -Djavax.security.sasl.level=FINEST Client $@
+
+## SSL
+java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp secureModifyEntries.jar -Djavax.net.ssl.keyStore=$keystorePath/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=$keystorePath/keystore -Djavax.security.sasl.level=FINEST -Dport=$LDAPSport -DmaxDuration=$maxDuration -DNB_MAX_mod=$NB_MAX_mod -Dsuffix=$suffix -Dnb_threads=$nb_threads -Dhostname=$hostname Client $@
+#
+
+
+## CLEAR
+#java -client -Xmx1G -Xms1G -XX:NewRatio=1 -XX:SurvivorRatio=100 -cp search.jar -Djavax.net.ssl.keyStore=/tmp/shared/data/CERT_1111/keystore -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStore=/tmp/shared/data/CERT_1111/keystore -Djavax.security.sasl.level=FINEST -Dport=1111 -DmaxDuration=$maxDuration -DNB_MAX_mod=$NB_MAX_mod -Dsuffix=$suffix -Dnb_threads=$nb_threads -Dhostname=$hostname -DbindDN="$bindDN" -DbindPW=$bindPW Client $@
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/secureUserpasswordModify.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/secureUserpasswordModify.xml
new file mode 100644
index 0000000..9530410
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/secureUserpasswordModify.xml
@@ -0,0 +1,330 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="secureUserpasswordModify"/>
+
+ <!-- ************************************************************ -->
+ <function name="secureUserpasswordModify" scope="local">
+
+ <function-map-args>
+ <function-arg-def name="workingDir" type="required"/>
+ <function-arg-def name="client" type="required"/>
+ <function-arg-def name="instances" type="required"/>
+ <function-arg-def name="duration" type="required"/>
+ <function-arg-def name="suffix" type="required"/>
+ <function-arg-def name="outFile" type="required"/>
+ <function-arg-def name="fileFd" type="required"/>
+ </function-map-args>
+
+
+ <sequence>
+ <!-- =================== Comments =================== -->
+ <!-- client is run under paralleliterate tag -->
+ <!-- each variables defined are internal -->
+ <!-- client should have its own err_num variable in order -->
+ <!-- to inform scheduler if it has pass/fail status -->
+ <script>
+ errNum = 0
+ msg = ''
+ </script>
+
+ <!-- ================== Preamble =================== -->
+ <!-- parse the client parameters : -->
+ <!-- params is [[param1,val1],[param2,val2],...] -->
+ <!-- get the ldap instance parameters -->
+
+
+ <script>
+ compilDir = '%s/%s_%s' % (workingDir,client.getHost(),client.getId())
+
+ outFile = '%s/client_secureUserpasswordModify_id%s.txt' % \
+ (client.getLogDir(),client.getId())
+
+ #
+ # Extract client parameters from client.getParams()
+ #
+ cParams = client.getParams()
+ try:
+ serverInstanceFromClient = cParams[0][1]
+ except IndexError:
+ serverInstanceFromClient = NOT_DEFINED
+ msg = '%s\nERROR: serverInstanceFromClient undefined,mandatory' % msg
+ try:
+ baseDn = cParams[1][1]
+ except IndexError:
+ baseDn = NOT_DEFINED
+ msg = '%s\nERROR: baseDn undefined,mandatory' % msg
+ try:
+ nbCnx = cParams[2][1]
+ except IndexError:
+ nbCnx = NOT_DEFINED
+ msg = '%s\nERROR: nbCnx undefined,mandatory' % msg
+ try:
+ nbMaxOp = cParams[3][1]
+ except IndexError:
+ nbMaxOp = NOT_DEFINED
+ msg = '%s\nERROR: nbMaxOperations undefined,mandatory' % msg
+ try:
+ attributeName = cParams[4][1]
+ except IndexError:
+ attributeName = NOT_DEFINED
+ try:
+ protocol = cParams[5][1]
+ except IndexError:
+ protocol = NOT_DEFINED
+ try:
+ certAlias = cParams[6][1]
+ except IndexError:
+ certAlias = NOT_DEFINED
+ try:
+ delaySec = cParams[7][1]
+ except IndexError:
+ delaySec = NOT_DEFINED
+ #
+ # setup parms to run the client
+ #
+ if serverInstanceFromClient != NOT_DEFINED:
+ sys.path.append("%s/phases/scheduler" % TESTS_DIR )
+ from scheduler import getInstance
+ serverInstance = getInstance(serverInstanceFromClient,instances)
+ if (serverInstance == 'ERROR'):
+ msg = '%s\nERROR: cant find client instance named' % msg
+ msg = '%s %s in server instance list' % \
+ (msg,serverInstanceFromClient)
+
+ else:
+ # remove sec, try to finish before timer kill -9 the client
+ duration = duration - 120
+
+ # keystorePath
+ keystorePath = "%s/CERT_%s_%s/config" % (client.getLogDir(),client.getName(),client.getId())
+
+ parms=[]
+ if (protocol == 'ssl'):
+ parms.append('-Dhostname=%s -Dport=%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPSPort()))
+ else:
+ parms.append('-Dhostname=%s -Dport=%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPPort()))
+
+ parms.append('-Dsuffix="%s"' % baseDn)
+
+ parms.append('-Dnb_threads=%s -DNB_MAX_mod=%s -DmaxDuration=%s' % (nbCnx,nbMaxOp,duration))
+ parms.append('-Dprotocol="%s"' % protocol)
+ if attributeName != NOT_DEFINED:
+ parms.append('-DattributeName="%s"' % attributeName)
+
+ parms.append('-DbindDN="%s"' % DIRECTORY_INSTANCE_DN)
+ parms.append('-DbindPW="%s"' % DIRECTORY_INSTANCE_PSWD)
+
+ if delaySec != NOT_DEFINED:
+ parms.append('-DdelaySec="%s"' % delaySec)
+ parms = ' '.join(parms)
+ </script>
+
+ <if expr="msg.find('ERROR') != -1">
+ <sequence>
+ <message>'%s' % msg</message>
+ <call function="'writeOperationResult'">
+ {
+ 'returncode' : '1',
+ 'expected' : '0',
+ 'result' : msg,
+ 'status' : 'ERROR',
+ 'fileFd' : fileFd
+ }
+ </call>
+ <script>
+ errNum += 1
+ </script>
+ </sequence>
+ <else>
+ <sequence>
+
+ <!-- ==== Add execute permission to build.ksh file ==== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'chmod',
+ 'fileFd' : fileFd }
+ </call>
+ <call function="'writeMessage'">
+ {'content' : 'Add execute permission to build.ksh file',
+ 'fileFd' : fileFd}
+ </call>
+
+
+ <process name="'%s: chmod +x build.ksh' % client.getHost()">
+ <location>client.getHost()</location>
+ <command mode="'shell'">'chmod +x build.ksh'</command>
+ <parms/>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=/bin:/usr/bin']</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <call function="'checkRC'">
+ { 'returncode' : RC,
+ 'result' : STAXResult[0][1],
+ 'fileFd' : fileFd }
+ </call>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+
+ <!-- ==== Build client : run build.ksh file ==== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'build',
+ 'fileFd' : fileFd }
+ </call>
+
+
+ <!-- Build Client in unique directory (compilDir), avoid -->
+ <!-- conflict if same client is run several time at the same time -->
+ <process name="'%s: build %s' % (client.getHost(),client.getName())">
+ <location>client.getHost()</location>
+ <command mode="'shell'">'./build.ksh'</command>
+ <parms/>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=%s/bin:/bin:/usr/bin' % JAVA_HOME,'COMPILDIR=%s' % compilDir ]</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <call function="'checkRC'">
+ { 'returncode' : RC,
+ 'result' : STAXResult[0][1],
+ 'fileFd' : fileFd }
+ </call>
+ <if expr="RC != 0">
+ <message>
+ 'FAILED to build client %s on %s' % \
+ (client.getName(),client.getHost())
+ </message>
+ </if>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+
+ <!-- ========== Run the client ========== -->
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'run',
+ 'fileFd' : fileFd }
+ </call>
+ <call function="'writeMessage'">
+ { 'fileFd' : fileFd,
+ 'content' : 'Do ldapmodify on %s:%s' % \
+ (serverInstance.getHost(),serverInstance.getLDAPSPort())
+ }
+ </call>
+
+ <script>
+ cParam = '-client -Xmx1G -Xms1G'
+ cParam = '%s -XX:NewRatio=1 -XX:SurvivorRatio=100' % cParam
+ cParam = '%s -cp %s/secureUserpasswordModify.jar' % (cParam,compilDir)
+ cParam = '%s -Djavax.net.ssl.keyStore=%s/keystore' % (cParam,keystorePath)
+ cParam = '%s -Djavax.net.ssl.trustStore=%s/keystore' % (cParam,keystorePath)
+ cParam = '%s -Djavax.security.sasl.level=FINEST' % cParam
+ cParam = '%s -Djavax.net.ssl.trustStorePassword=password' % cParam
+ cParam = '%s -Djavax.net.ssl.keyStorePassword=password' % cParam
+ cParam = '%s %s Client' % (cParam,parms)
+
+ titleName = '%s: run %s on %s' % \
+ (client.getHost(),client.getName(),
+ serverInstance.getName())
+ </script>
+ <call function="'writeMessage'">
+ { 'fileFd' : fileFd,
+ 'content' : 'DEBUG %s' % cParam
+ }
+ </call>
+ <process name="'%s' % titleName">
+ <location>client.getHost()</location>
+ <command>'%s/bin/java' % JAVA_HOME</command>
+ <parms>cParam </parms>
+ <workdir>workingDir</workdir>
+ <envs>['PATH=%s/bin:/bin:/usr/bin' % JAVA_HOME]</envs>
+ <stderr mode="'stdout'"/>
+ <stdout>outFile</stdout>
+ <returnstdout/>
+ </process>
+ <!-- TBD : result should be STAXResult[0][1] : problem when
+ javaexception, with carac " and < >-->
+ <call function="'checkRC'">
+ { 'returncode' : RC ,
+ 'result' : '',
+ 'fileFd' : fileFd }
+ </call>
+ <script>
+ errNum += STAXResult
+ </script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+ <!-- ========== Postamble ========== -->
+ <call function="'writeMessage'">
+ {'content' : 'Output file %s' % outFile,
+ 'fileFd' : fileFd}
+ </call>
+
+
+ <process name="'%s:%s: Grep' % (client.getHost(),client.getName())">
+ <location>client.getHost()</location>
+ <command mode="'shell'">
+ "grep 'TOTAL' %s | cut -d ' ' -f3-" % outFile
+ </command>
+ <envs>['PATH=/bin:/usr/bin']</envs>
+ <stderr mode="'stdout'"/>
+ <stdout/>
+ <returnstdout/>
+ </process>
+ <script>
+ summary = STAXResult[0][1]
+ </script>
+
+
+ <call function="'writeMessage'">
+ {'content' : 'Summary %s' % (summary),
+ 'fileFd' : fileFd}
+ </call>
+
+ </sequence>
+ </else>
+ </if>
+
+ <return> errNum </return>
+
+ </sequence>
+
+ </function>
+
+</stax>
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Client.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Client.java
new file mode 100644
index 0000000..89b3a77
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Client.java
@@ -0,0 +1,489 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+
+import java.util.*;
+import java.io.*;
+import java.lang.Thread;
+import javax.naming.*;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchResult;
+import javax.naming.directory.Attributes;
+
+
+public class Client {
+
+
+ static int NB_MAX_mod=100;
+ static int nb_mod_started=0;
+ static int nb_mod_done=0;
+ static int total_nb_mod=0;
+ static int nb_threads=3;
+ static int nb_thread_ready=0;
+
+ static Random random;
+ static String hostname ;
+ static int portnumber;
+ static String bindDN;
+ static String bindPW;
+ static String suffix;
+ static Server server;
+ static String protocol;
+ static String attributeName;
+ static String time= new String ("0 sec.");
+ static long timeTostopTest=0;
+ static long maxDuration=0;
+ static long duration=0;
+ static long startup=0;
+ static ArrayList<String> DNList;
+ static long delayCnx=1000;
+ static long delaySec=1;
+
+
+ public Client()
+ {
+
+ random= new Random();
+ DNList=new ArrayList<String>();
+
+ try {
+
+ /*
+ * bind as directory manager to get the full list of DN
+ * create a list of DN
+ */
+ Hashtable envLdap = set_properties_LDAP_simpleBind();
+
+ DirContext ctx = null;
+ ctx = new InitialDirContext(envLdap);
+
+ // Search options
+ String filter = "(objectclass=inetorgperson)";
+ String[] attrs = { "uid"};
+
+ SearchControls constraints = new SearchControls();
+ constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ constraints.setReturningAttributes(attrs);
+
+ NamingEnumeration results = ctx.search(suffix, filter, constraints);
+ Exception exc = null;
+ int count = 0;
+
+ try {
+ while (results != null && results.hasMore()) {
+ SearchResult res = (SearchResult) results.next();
+ DNList.add (res.getNameInNamespace());
+
+ count++;
+ }
+
+ DNList.trimToSize();
+ if ( DNList.size() == 0) {
+ println("ERROR", "No entry found in \"" + suffix + "\"");
+ System.exit(1);
+ }
+ } catch (Exception ex) {
+ exc = ex;
+ }
+ if ( exc != null ) {
+ throw exc;
+ }
+ } catch (Exception e) {
+
+ println ("INFO", "ERROR Failed to establish connection ");
+ e.printStackTrace();
+ System.exit(1);
+ }
+
+ try {
+
+
+ // execute the threads
+ for (int i=0; i < nb_threads; i++ ) {
+ Worker w = new Worker(this, server);
+ }
+ println ("INFO", nb_threads + " threads connected to server " + server );
+ //println ("INFO", "Will search using filter \"(" + attr + " = <value> )\" (MAX =" + NB_MAX_mod + ")" );
+
+ // Wait until all the threads have initialized their context
+ // and are ready to bind
+ try {
+ while ( nb_thread_ready() < nb_threads) {
+ // wait
+ }
+ // All the threads are ready, wake up all the threads
+ synchronized(this) {
+ nb_thread_ready=0;
+ notifyAll();
+ }
+ }
+ catch ( Exception e1 ) {
+ System.out.println ("E1");
+ e1.printStackTrace();
+ }
+
+ int seconds=0;
+ // initialize startup
+ long t1=System.currentTimeMillis();
+
+ // work until Max duration is reached
+ while (true) {
+
+ long new_t1=System.currentTimeMillis();
+
+ // end of the system test. Exit
+ if ( ( timeTostopTest != 0 ) && ( new_t1 > timeTostopTest ) ) {
+
+ // inform all the threads it's the end
+ synchronized (this) {
+ nb_mod_started=NB_MAX_mod;
+ }
+ break;
+ }
+
+ // status every delayCnx
+ if ( (new_t1 - t1) >= delayCnx) {
+
+ println("INFO", (nb_mod_done/delaySec) + " mod/sec.");
+
+ // inform all the threads the max nb searchs has been reached
+ synchronized (this) {
+ nb_mod_started=NB_MAX_mod;
+ }
+
+ // Wait all the threads to close their cnx and sleep
+ try {
+ total_nb_mod+=nb_mod_done;
+ while ( nb_thread_ready() < nb_threads) {
+ // wait
+ }
+ // All the threads are ready, wake up all the threads
+ synchronized(this) {
+ nb_thread_ready=0;
+ nb_mod_started=0;
+ nb_mod_done=0;
+
+ notifyAll();
+ }
+ }
+ catch ( Exception e1 ) {
+ System.out.println ("E1");
+ e1.printStackTrace();
+ }
+
+ if ( (seconds++) >= 9 ) {
+ duration=((new_t1-startup)/1000);
+ println("INFO", "Avg rate: " + (total_nb_mod/duration) + " mod/sec. after " + getTime(duration));
+ seconds=0;
+ }
+ t1=new_t1;
+ }
+ }
+ println ("INFO", "End of the client");
+ System.exit(0);
+ }
+ catch( Exception e ) {
+
+ e.printStackTrace();
+ System.exit(1);
+ }
+
+
+ }
+
+
+/* =========================================
+ * MAIN
+ * ======================================= */
+
+ public static void main( String[] args )
+
+ {
+
+ startup=System.currentTimeMillis();
+
+ // ===========================================
+ // Get the arguments specified for each option.
+ //
+
+ // Ldap port
+ String sport = System.getProperty("port");
+ portnumber = Integer.parseInt(sport);
+
+ // BaseDN
+ suffix = System.getProperty("suffix");
+ println ("INFO" , "suffix " + suffix);
+
+ // nb_threads
+ String snb_threads = System.getProperty("nb_threads");
+ nb_threads = Integer.parseInt(snb_threads);
+
+ println ("INFO" , "nb_threads " + snb_threads);
+
+ // test duration
+ String sMaxDuration = System.getProperty("maxDuration");
+ maxDuration = Long.parseLong(sMaxDuration);
+ println ("INFO" , "maxDuration " + maxDuration);
+
+ // credential for simple bind
+ bindDN = System.getProperty("bindDN");
+ bindPW = System.getProperty("bindPW");
+ println ("INFO" , "bindDN " + bindDN);
+
+ // Max number of searchs
+ String sNB_MAX_mod = System.getProperty("NB_MAX_mod");
+ NB_MAX_mod = Integer.parseInt(sNB_MAX_mod);
+ println ("INFO" , "sNB_MAX_mod " + sNB_MAX_mod);
+
+ // attribute to modify or add
+ attributeName = System.getProperty("attributeName");
+ println ("INFO" , "attributeName " + attributeName);
+
+ // hostname
+ hostname = System.getProperty("hostname");
+
+ // protocol : SSL or TLS
+ protocol = System.getProperty("protocol");
+ println ("INFO" , "protocol " + protocol);
+
+ // delay Sec before closing conx
+ String sdelaySec = System.getProperty("delaySec");
+ delaySec = Long.parseLong(sdelaySec);
+ delayCnx = delaySec * 1000;
+ println ("INFO" , "delayCnx " + delayCnx);
+
+ if ( maxDuration != 0 ) {
+ maxDuration= maxDuration * 1000;
+ }
+ timeTostopTest=( startup + maxDuration);
+ println("INFO", "the test will finish at " + timeTostopTest );
+
+ // ===========================================
+ // Initialize the Server
+ server=new Server (hostname,portnumber);
+
+ System.out.println ("DEBUG declare server " + portnumber + " " + hostname);
+
+ Runtime.getRuntime().addShutdownHook(new Thread() {
+
+ public void run() {
+ }
+ });
+
+ Client c = new Client();
+ }
+
+/* =========================================
+ * Get Date
+ * ======================================= */
+ public static String getTime(long d) {
+ String time=new String (d + " sec.");
+ if ( d > 10000 ) {
+ time=new String ((d/3600) + " hours");
+ } else if ( d > 300 ) {
+ time=new String ((d/60) + " min.");
+ }
+ return time;
+ }
+
+/* =========================================
+ * return true if the number of NB_MAX_mod has been reached
+ * else, increase nb_mod_started
+ * ======================================= */
+
+ public boolean nb_mod_started_reached() {
+
+ synchronized (this) {
+ if ( nb_mod_started>=NB_MAX_mod ) {
+ return true;
+
+ } else {
+ nb_mod_started++;
+ return false;
+ }
+ }
+ }
+
+
+/* =========================================
+ * thread is waiting for a notify from the main thread
+ * ======================================= */
+
+ public void thread_go_to_sleep() {
+
+ synchronized (this) {
+ try {
+ nb_thread_ready++;
+
+ this.wait();
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+
+/* =========================================
+ * increase the number of mod started
+ * ======================================= */
+ public void inc_mod_started() {
+
+ synchronized (this) {
+ if ( nb_mod_started>=NB_MAX_mod ) {
+ try {
+ this.wait();
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+
+ } else {
+ nb_mod_started++;
+ }
+ }
+ }
+
+
+
+/* =========================================
+ * increase the number of mod done
+ * ======================================= */
+ public void inc_mod_done() {
+ synchronized (this) {
+ try {
+ nb_mod_done++;
+ } catch ( Exception e ) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+
+/* =========================================
+ * Configure the Properties
+ * authentication : simple
+ * protocol ssl, tls or clear
+ * ======================================= */
+ public static Hashtable set_properties_LDAP() {
+
+ String provider ;
+
+ Hashtable envLdap = new Hashtable();
+ envLdap.put("java.naming.factory.initial",
+ "com.sun.jndi.ldap.LdapCtxFactory");
+
+ envLdap.put(Context.SECURITY_AUTHENTICATION, "simple");
+
+ if ( protocol.equals("ssl")) {
+ provider = "ldaps://"+server.host+":"+server.port+"/";
+ envLdap.put(Context.SECURITY_PROTOCOL, protocol);
+
+ } else {
+ provider = "ldap://"+server.host+":"+server.port+"/";
+ }
+ envLdap.put(Context.PROVIDER_URL, provider);
+
+ return envLdap;
+ }
+
+
+/* =========================================
+ * Configure the Properties for a simple Bind
+ * bind as directory manager
+ * use the selected protocol : ssl, tls or clear
+ * ======================================= */
+
+ public static Hashtable set_properties_LDAP_simpleBind() {
+
+ String provider ;
+
+ Hashtable envLdap = new Hashtable();
+ envLdap.put("java.naming.factory.initial",
+ "com.sun.jndi.ldap.LdapCtxFactory");
+
+ envLdap.put(Context.SECURITY_AUTHENTICATION, "simple");
+
+ envLdap.put(Context.SECURITY_PRINCIPAL, bindDN);
+ envLdap.put(Context.SECURITY_CREDENTIALS, bindPW);
+
+ if ( protocol.equals("ssl")) {
+ provider = "ldaps://"+server.host+":"+server.port+"/";
+ envLdap.put(Context.SECURITY_PROTOCOL, protocol);
+
+ } else {
+ provider = "ldap://"+server.host+":"+server.port+"/";
+ }
+
+ envLdap.put(Context.PROVIDER_URL, provider);
+ return envLdap;
+ }
+
+/* =========================================
+ * Get Date
+ * ======================================= */
+ public static String getDate() {
+
+ // Initialize the today's date string
+ String DATE_FORMAT = "yyyy/MM/dd:HH:mm:ss";
+ java.text.SimpleDateFormat sdf =
+ new java.text.SimpleDateFormat(DATE_FORMAT);
+ Calendar c1 = Calendar.getInstance(); // today
+ return("[" + sdf.format(c1.getTime()) + "]");
+ }
+
+
+/* =========================================
+ * Print
+ * ======================================= */
+ public static void println(String level, String msg) {
+ System.out.println (getDate() + " - " + level + ": " + msg );
+ }
+
+
+/* =========================================
+ * increase the number of threads ready
+ * ======================================= */
+ public void inc_thread_ready() {
+ synchronized (this) {
+ nb_thread_ready++;
+
+ try {
+ this.wait();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ }
+
+
+/* =========================================
+ * return the number of threads ready
+ * ======================================= */
+ public static int nb_thread_ready() {
+ return nb_thread_ready;
+ }
+}
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Server.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Server.java
new file mode 100644
index 0000000..dbf2405
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Server.java
@@ -0,0 +1,46 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+import java.util.*;
+
+
+public class Server {
+ public String host;
+ public int port;
+
+ public Server (String host, int port) {
+ this.host=host;
+ this.port=port;
+ }
+
+ public Server (String hostPort) {
+ StringTokenizer st = new StringTokenizer(hostPort, ":");
+ this.host=st.nextToken();
+ this.port=Integer.parseInt(st.nextToken());
+ }
+
+ public String toString() {
+ return (host + ":" + port);
+ }
+}
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Worker.java b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Worker.java
new file mode 100644
index 0000000..7b21eab
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/secureUserpasswordModify/src/Worker.java
@@ -0,0 +1,165 @@
+// CDDL HEADER START
+//
+// The contents of this file are subject to the terms of the
+// Common Development and Distribution License, Version 1.0 only
+// (the "License"). You may not use this file except in compliance
+// with the License.
+//
+// You can obtain a copy of the license at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE
+// or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+// See the License for the specific language governing permissions
+// and limitations under the License.
+//
+// When distributing Covered Code, include this CDDL HEADER in each
+// file and include the License file at
+// trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+// add the following below this CDDL HEADER, with the fields enclosed
+// information:
+// Portions Copyright [yyyy] [name of copyright owner]
+//
+// CDDL HEADER END
+//
+//
+// Copyright 2008 Sun Microsystems, Inc.
+
+import java.util.*;
+import java.io.*;
+import java.lang.Thread;
+import javax.naming.*;
+
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.DirContext;
+import javax.naming.Context;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.BasicAttributes;
+
+
+public class Worker extends Thread {
+
+ Server server;
+ Client client;
+ long myId = this.getId();
+
+ /**
+ ** Constructor for Worker thread
+ **/
+ public Worker(Client client2, Server server2) {
+
+ super();
+ try {
+
+ server = server2;
+ client = client2;
+ start();
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ /**
+ * Connect to the server
+ * wait a notify from the main thread to startthe modify operations
+ **/
+ public void run() {
+
+ String value="";
+ String initBindPW;
+ String newBindPW;
+ Random random_cpt= new Random();
+ String bindDN;
+ try {
+
+ DirContext ctx = null;
+
+ // Set the properties
+ Hashtable envLdap = client.set_properties_LDAP();
+
+ println("INFO","THREAD " + myId + " is waiting ");
+ // Waiting a notify from the main thread
+ client.inc_thread_ready();
+
+ /*
+ * Start modify operations
+ */
+ String[] attrIds = { (String)client.attributeName };
+ initBindPW = "userpassword";
+ newBindPW = "new_userpassword";
+
+ Attributes initAttrs = new BasicAttributes(attrIds[0], initBindPW, true);
+ Attributes newAttrs = new BasicAttributes(attrIds[0], newBindPW, true);
+
+ while (true) {
+
+ while (true) {
+
+ bindDN=(String) client.DNList.get(client.random.nextInt(client.DNList.size()));
+ try {
+
+ // if the Max_nb_mod is reached, counters are initialized
+ // disconnect cnx
+ // Wait the main to wake up
+ if ( client.nb_mod_started_reached() == false) {
+
+ // bind
+ // use a random DN to bind
+ envLdap.put(Context.SECURITY_PRINCIPAL, bindDN);
+ envLdap.put(Context.SECURITY_CREDENTIALS, initBindPW);
+
+ ctx = new InitialDirContext(envLdap);
+ ctx.modifyAttributes(bindDN, DirContext.REPLACE_ATTRIBUTE, newAttrs);
+ ctx.close();
+
+ // restore the old password
+ // bind
+
+ envLdap.put(Context.SECURITY_PRINCIPAL, bindDN);
+ envLdap.put(Context.SECURITY_CREDENTIALS, newBindPW);
+
+ ctx = new InitialDirContext(envLdap);
+ ctx.modifyAttributes(bindDN, DirContext.REPLACE_ATTRIBUTE, initAttrs);
+ ctx.close();
+
+
+ client.inc_mod_done();
+ } else {
+ client.thread_go_to_sleep();
+ break;
+ }
+ } catch (Exception ex) {
+
+ println("INFO","THREAD " + myId + " ERROR " + ex);
+
+ }
+ // update the total number of searchs
+ client.inc_mod_done();
+ }
+ }
+ } catch (Exception e) {
+
+ println("INFO", "ERROR Failed: expected error code 3 ");
+
+ e.printStackTrace();
+ System.exit(1);
+ }
+ }
+
+ private String getDate() {
+
+ // Initialize the today's date string
+ String DATE_FORMAT = "yyyy/MM/dd:HH:mm:ss";
+ java.text.SimpleDateFormat sdf =
+ new java.text.SimpleDateFormat(DATE_FORMAT);
+ Calendar c1 = Calendar.getInstance(); // today
+ return("[" + sdf.format(c1.getTime()) + "]");
+ }
+
+ private void println(String level, String msg) {
+ System.out.println(getDate() + " - " + level + ": (" + server + ") " + msg );
+ }
+
+}
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/tasks/tasks.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/tasks/tasks.xml
new file mode 100644
index 0000000..4e25ac1
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/clients/tasks/tasks.xml
@@ -0,0 +1,223 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="tasks"/>
+
+ <!-- ************************************************************ -->
+ <function name="tasks" scope="local">
+
+ <function-map-args>
+ <function-arg-def name="workingDir" type="required"/>
+ <function-arg-def name="client" type="required"/>
+ <function-arg-def name="instances" type="required"/>
+ <function-arg-def name="duration" type="required"/>
+ <function-arg-def name="suffix" type="required"/>
+ <function-arg-def name="outFile" type="required"/>
+ <function-arg-def name="fileFd" type="required"/>
+ </function-map-args>
+
+
+ <sequence>
+ <!-- =================== Comments =================== -->
+ <!-- client is run under paralleliterate tag -->
+ <!-- each variables defined are internal -->
+ <!-- client should have its own err_num variable in order -->
+ <!-- to inform scheduler if it has pass/fail status -->
+ <script>
+ errNum = 0
+ msg = ''
+ </script>
+
+ <!-- ================== Preamble =================== -->
+ <!-- parse the client parameters : -->
+ <!-- params is [[param1,val1],[param2,val2],...] -->
+ <!-- get the ldap instance parameters -->
+
+ <script>
+ compilDir = '%s/%s_%s' % (workingDir,client.getHost(),client.getId())
+
+ outFile = '%s/client_tasks_id%s.txt' % \
+ (client.getLogDir(),client.getId())
+
+ #
+ # Extract client parameters from client.getParams()
+ #
+ cParams = client.getParams()
+ try:
+ serverInstanceFromClient = cParams[0][1]
+ except IndexError:
+ serverInstanceFromClient = NOT_DEFINED
+ msg = '%s\nERROR: serverInstanceFromClient undefined,mandatory' % msg
+ try:
+ nbTasks = cParams[1][1]
+ except IndexError:
+ nbTasks = NOT_DEFINED
+ msg = '%s\nERROR: nbTasks undefined,mandatory' % msg
+ try:
+ delaySec = cParams[2][1]
+ except IndexError:
+ delaySec = NOT_DEFINED
+ msg = '%s\nERROR: delaySec undefined,mandatory' % msg
+
+ #
+ # setup parms to run the client
+ #
+ if serverInstanceFromClient != NOT_DEFINED:
+ sys.path.append("%s/phases/scheduler" % TESTS_DIR )
+ from scheduler import getInstance
+ serverInstance = getInstance(serverInstanceFromClient,instances)
+ if (serverInstance == 'ERROR'):
+ msg = '%s\nERROR: cant find client instance named' % msg
+ msg = '%s %s in server instance list' % \
+ (msg,serverInstanceFromClient)
+
+ else:
+ # remove sec, try to finish before timer kill -9 the client
+ duration = duration - 60
+ </script>
+
+ <call function="'writeMessage'">
+ {'content' : 'Executing backup in tasks mode every %s secondes' % delaySec,
+ 'fileFd' : fileFd}
+ </call>
+
+ <if expr="msg.find('ERROR') != -1">
+ <sequence>
+ <message>'%s' % msg</message>
+ <call function="'writeOperationResult'">
+ {
+ 'returncode' : '1',
+ 'expected' : '0',
+ 'result' : msg,
+ 'status' : 'ERROR',
+ 'fileFd' : fileFd
+ }
+ </call>
+ <script>
+ errNum += 1
+ </script>
+ </sequence>
+ <else>
+ <sequence>
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'Backup task',
+ 'fileFd' : fileFd }
+ </call>
+
+ <script>
+ cpt=0
+ intdelaySec= int(delaySec)
+ intnbTasks= int(nbTasks)
+ allowednbTasks= duration / intdelaySec
+ listBackupFolder = []
+ </script>
+
+ <call function="'writeMessage'">
+ {'content' : 'Execute %s tasks every %s sec ' % (allowednbTasks,intdelaySec),
+ 'fileFd' : fileFd}
+ </call>
+
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+ <loop from="1" to="allowednbTasks" >
+ <sequence>
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'Execute a backup task',
+ 'fileFd' : fileFd }
+ </call>
+ <call function="'backup'">
+ { 'location' : serverInstance.getHost(),
+ 'dsPath' : serverInstance.getInstallDir(),
+ 'dsInstanceHost' : serverInstance.getHost(),
+ 'dsInstancePort' : serverInstance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
+ 'startTask' : '0',
+ 'backupDir' : '%s/backup_schedule_asynchronous_%s' % (serverInstance.getInstallDir(),cpt),
+ 'backEnd' : 'userRoot',
+ 'fileFd' : fileFd}
+ </call>
+
+ <script>
+ BackupFolder = '%s/backup_schedule_asynchronous_%s' % (serverInstance.getInstallDir(),cpt)
+ listBackupFolder.append(BackupFolder)
+ </script>
+
+ <!--=== Sleep and wait to start the client when specified ===-->
+ <call function="'sleep'">
+ { 'location' : serverInstance.getHost(),
+ 'sleepForMilliSeconds' : intdelaySec,
+ 'fileFd' : fileFd
+ }
+ </call>
+
+ <script>cpt += 1</script>
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+ </sequence>
+ </loop>
+
+
+ <iterate in="listBackupFolder" var="backupFolder">
+ <sequence>
+ <call function="'deleteFolder'">
+ {
+ 'location' : serverInstance.getHost(),
+ 'foldername' : backupFolder,
+ 'fileFd' : fileFd
+ }
+ </call>
+ <script>
+ errNum += STAXResult
+ </script>
+ </sequence>
+ </iterate>
+
+ <call function="'writeStartTagOperation'">
+ { 'tagName' : 'End Backup task',
+ 'fileFd' : fileFd }
+ </call>
+ <!-- ========== Postamble ========== -->
+ <call function="'writeMessage'">
+ {'content' : 'Output file %s' % outFile,
+ 'fileFd' : fileFd}
+ </call>
+
+ <call function="'writeEndTagOperation'">{'fileFd' : fileFd}</call>
+
+ </sequence>
+ </else>
+ </if>
+ <return> errNum </return>
+
+ </sequence>
+
+ </function>
+
+</stax>
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/conf.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/conf.xml
new file mode 100755
index 0000000..c0641f0
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/conf.xml
@@ -0,0 +1,243 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE systemTestConfiguration SYSTEM "../conf.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+ ! -->
+
+
+<!--==================================================================-->
+<!-- This conf.xml file is an example -->
+<!-- BEFORE running system-tests, you need to set up your environment -->
+<!--==================================================================-->
+
+
+<systemTestConfiguration>
+
+ <!-- ================= Global Parameters ===================== -->
+ <!-- ============= Should be the first node =============== -->
+ <globalParameters>
+ <scenario>
+ <name>Single server</name>
+ <description>This system test implements a single server</description>
+ </scenario>
+ <opendsZip>/qa/realtmp/smaguin/OpenDS/SunOpenDS_SE1.0/opends/OpenDS-1.0.0.zip</opendsZip>
+ <domain>france.sun.com</domain>
+
+ </globalParameters>
+
+
+ <!-- ================= Instance ============================== -->
+ <instance name="I1" product="opends" role="ldapServer">
+ <host>localhost</host>
+ <installDir>/usr/opends/system</installDir>
+ <ports>
+ <ldap>1234</ldap>
+ <ldaps>1235</ldaps>
+ <jmx>1238</jmx>
+ <replicationServer>1237</replicationServer>
+ </ports>
+ <tuning>
+ <java xms="2g" xmx="2g"
+ xxNewSize="512m" xxMaxNewSize="512m"
+ xxSurvivorRatio="6" xxPermSize="128m"
+ xxMaxPermSize="128m" xxUseConcMarkSweepGC="true"/>
+ <databaseCachePercentage>40</databaseCachePercentage>
+ <replicationPurgeDelay unit="h">4</replicationPurgeDelay>
+ </tuning>
+ <security certificate="generateSelfSigned" sslEnabled="true" startTlsEnabled="true" ></security>
+ </instance>
+
+
+ <!-- ================= Suffix ============================== -->
+ <suffix dn="dc=com">
+
+ <topology>
+ <element instanceName="I1" initRule="importLdif" />
+ </topology>
+
+ <tree nbOfEntries="200000">
+ <branch name="ou=QA Engineers,dc=com">
+ <subordinateTemplate type="inetOrgPersonEXT_Jpeg_1MB" percentage="100"/>
+ </branch>
+ <branch name="ou=Dev,dc=com">
+ <subordinateTemplate type="inetOrgPersonEXT_Jpeg_1MB" percentage="10"/>
+ </branch>
+ </tree>
+
+ </suffix>
+
+ <!-- ================= Scheduler =========================== -->
+ <!-- [1] duration must be more than 1 minute -->
+ <!-- [2] dependencyId is a list of client id ie : 1,2 -->
+ <!-- if using it, specify id attribute for each clients -->
+
+ <!-- Requirements -->
+ <!-- the certAlias must be unique -->
+
+ <scheduler>
+ <duration unit="m">60</duration>
+
+ <!--== Module 1 ==-->
+ <module name="task_mod" enabled="false">
+
+ <client id="1" name="tasks" host="lehon" start="t0"
+ stop="t50">
+ <serverInstance>I1</serverInstance>
+ <nbTasks>50</nbTasks>
+ <delaySec>5000</delaySec>
+ </client>
+
+ </module>
+
+
+
+ <module name="password" enabled="true">
+
+ <client id="61" name="secureUserpasswordModify" host="nott" start="t0"
+ stop="t20">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>1</nbCnx>
+ <nbMaxOp>450000</nbMaxOp>
+ <attribute>userpassword</attribute>
+ <protocol>ssl</protocol>
+ <certAlias>client-cert-61</certAlias>
+ <delaySec>10</delaySec>
+ </client>
+ </module>
+
+
+ <module name="modify_ssl_sasl" enabled="true">
+
+ <client id="2" name="secureModifyEntries" host="garm" start="t20"
+ stop="t50">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>10</nbCnx>
+ <nbMaxOp>100000</nbMaxOp>
+ <attribute>mailEXT</attribute>
+ <protocol>ssl</protocol>
+ <authentication>EXTERNAL</authentication>
+ <certAlias>client-cert-2</certAlias>
+ <operation>modify</operation>
+ <delaySec>2</delaySec>
+ </client>
+ </module>
+
+ <module name="modify_ssl_bind" enabled="true">
+ <client id="3" name="secureModifyEntries" host="nott" start="t50"
+ stop="t70">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>10</nbCnx>
+ <nbMaxOp>100000</nbMaxOp>
+ <attribute>mailEXT</attribute>
+ <protocol>ssl</protocol>
+ <authentication>simple</authentication>
+ <certAlias>client-cert-3</certAlias>
+ <operation>modify</operation>
+ <delaySec>2</delaySec>
+ </client>
+ </module>
+
+
+ <module name="search_ssl_bind" enabled="true">
+
+ <client id="44" name="secureSearch" host="nott" start="t70"
+ stop="t90">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>6</nbCnx>
+ <nbMaxOp>450000</nbMaxOp>
+ <attribute>description</attribute>
+ <protocol>ssl</protocol>
+ <authentication>simple</authentication>
+ <certAlias>client-cert-44</certAlias>
+ <delaySec>2</delaySec>
+ </client>
+
+ </module>
+
+ <!--== Module 2 ==-->
+ <module name="charge_multipl" enabled="true">
+
+ <client id="40" name="secureSearch" host="garm" start="t90"
+ stop="t100">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>6</nbCnx>
+ <nbMaxOp>450000</nbMaxOp>
+ <attribute>mailEXT</attribute>
+ <protocol>ssl</protocol>
+ <authentication>simple</authentication>
+ <certAlias>client-cert-40</certAlias>
+ <delaySec>2</delaySec>
+ </client>
+
+
+ <client id="41" name="secureModifyEntries" host="aud" start="t80"
+ stop="t100">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>10</nbCnx>
+ <nbMaxOp>100000</nbMaxOp>
+ <attribute>mailEXT</attribute>
+ <protocol>ssl</protocol>
+ <authentication>EXTERNAL</authentication>
+ <certAlias>client-cert-41</certAlias>
+ <operation>modify</operation>
+ <delaySec>2</delaySec>
+ </client>
+
+ <client id="42" name="secureSearch" host="aud" start="t80"
+ stop="t100">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>6</nbCnx>
+ <nbMaxOp>450000</nbMaxOp>
+ <attribute>description</attribute>
+ <protocol>simple</protocol>
+ <authentication>simple</authentication>
+ <certAlias>client-cert-42</certAlias>
+ <delaySec>2</delaySec>
+ </client>
+ </module>
+
+
+ <!--== Module add/delete ==-->
+ <module name="addAndDelete" enabled="false">
+
+ <client id="10" name="addDeleteLoad" host="nott" start="t80"
+ stop="t100">
+ <serverInstance>I1</serverInstance>
+ <baseDn>ou=QA Engineers,dc=com</baseDn>
+ <nbCnx>50</nbCnx>
+ </client>
+ </module>
+
+ </scheduler>
+
+</systemTestConfiguration>
+
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/data/99_ext_schema.ldif b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/data/99_ext_schema.ldif
new file mode 100644
index 0000000..9fbf2b1
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/data/99_ext_schema.ldif
@@ -0,0 +1,28 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright 2008 Sun Microsystems, Inc.
+#
+dn: cn=schema
+attributeTypes: ( 2.5.4.99 NAME 'descriptionEXT' SUP name X-ORIGIN 'for QA test' )
+attributeTypes: ( 2.5.4.98 NAME 'mailEXT' SUP name X-ORIGIN 'for QA test' )
+objectClasses: ( 2.16.840.1.113730.3.2.99 NAME 'inetOrgPersonEXT' SUP inetOrgPerson STRUCTURAL MAY ( descriptionEXT $ mailEXT ) X-ORIGIN 'for test' )
\ No newline at end of file
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/post_configuration.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/post_configuration.xml
new file mode 100644
index 0000000..de53cba
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/post_configuration.xml
@@ -0,0 +1,968 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+! -->
+<stax>
+
+ <defaultcall function="postConfiguration"/>
+
+
+ <function name="postConfiguration" scope="local">
+ <function-map-args>
+ <function-arg-def name="phase" type="required">
+ <function-arg-description>
+ phase object
+ </function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="instances" type="required">
+ <function-arg-description>
+ list of instances classes
+ </function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="suffix" type="required">
+ <function-arg-description>
+ suffix class
+ </function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="scheduler" type="required">
+ <function-arg-description>
+ suffix class
+ </function-arg-description>
+ </function-arg-def>
+ </function-map-args>
+
+ <sequence>
+ <!-- ================= Call preambule ======================== -->
+ <call function="'phasePreamble'">
+ { 'phase' : phase,
+ 'fileFd' : LOG_MAIN_FD }
+ </call>
+
+ <message>'debug get first instance'</message>
+ <!--
+ <script>
+ res=instances[0]
+ </script>
+ <message>'debug get first instance %s ' % res.getName()</message>
+
+ -->
+ <!-- ================= Display in stance names ================ -->
+ <iterate in="instances" var="instance">
+ <sequence>
+
+ <!-- == Write tag for xml report -->
+ <call function="'writeStartTagInstance'">
+ {
+ 'instance' : instance,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'writeMessage'">
+ {
+ 'fileFd' : LOG_MAIN_FD,
+ 'content' : 'my instance is : %s' % instance.getName()
+ }
+ </call>
+
+
+ <!-- ################################################# -->
+ <!-- Configure Log rotation policy -->
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-log-rotation-policy-prop',
+ 'objectType' : 'policy-name',
+ 'objectName' : 'Size Limit Rotation Policy',
+ 'optionsString' : '--set file-size-limit:15mb',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- ################################################# -->
+ <!-- Activate the plugins Attribut UID -->
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-plugin-prop',
+ 'objectType' : 'plugin-name' ,
+ 'objectName' : 'UID Unique Attribute',
+ 'optionsString' : '--set enabled:true',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ <!-- Activate the plugins Referential Integrity-->
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'set-plugin-prop' ,
+ 'objectType' : 'plugin-name' ,
+ 'objectName' : 'Referential Integrity',
+ 'optionsString' : '--set enabled:true',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD}
+ </call>
+
+
+ <!-- ################################################# -->
+ <!-- CreateDynamic group under ou=QA Engineers,dc=com -->
+ <!-- there is 3 dynamics groups to group all the entries depending-->
+ <!-- on the mailEXT value ; group1, group2 or group3 -->
+ <!-- ################################################# -->
+
+ <!-- =========================== -->
+ <!-- create QA_dynamic_group1_dn -->
+ <!-- =========================== -->
+ <script>
+ QA_dynamic_group1_dn="cn=QA_dynamic_group1,%s" % suffix.getSuffixDn()
+ listAttr = []
+ listAttr.append('objectclass:top')
+ listAttr.append('objectclass:groupOfURLs')
+ listAttr.append('ou:Groups')
+ listAttr.append('memberURL:ldap:///ou=QA Engineers,dc=com??sub?(mailEXT=group1)')
+ </script>
+
+ <call function="'addAnEntry'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToAdd' : QA_dynamic_group1_dn,
+ 'listAttributes' : listAttr,
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+
+
+
+
+ <!-- =========================== -->
+ <!-- create QA_dynamic_group2_dn -->
+ <!-- =========================== -->
+
+ <script>
+ QA_dynamic_group2_dn="cn=QA_dynamic_group2,%s" % suffix.getSuffixDn()
+ listAttr = []
+ listAttr.append('objectclass:top')
+ listAttr.append('objectclass:groupOfURLs')
+ listAttr.append('ou:Groups')
+ listAttr.append('memberURL:ldap:///ou=QA Engineers,dc=com??sub?(mailEXT=group2)')
+ </script>
+
+ <call function="'addAnEntry'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToAdd' : QA_dynamic_group2_dn,
+ 'listAttributes' : listAttr,
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- =========================== -->
+ <!-- create QA_dynamic_group2_dn -->
+ <!-- =========================== -->
+ <script>
+ QA_dynamic_group3_dn="cn=QA_dynamic_group3,%s" % suffix.getSuffixDn()
+ listAttr = []
+ listAttr.append('objectclass:top')
+ listAttr.append('objectclass:groupOfURLs')
+ listAttr.append('ou:Groups')
+ listAttr.append('memberURL:ldap:///ou=QA Engineers,dc=com??sub?(mailEXT=group3)')
+ </script>
+
+ <call function="'addAnEntry'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToAdd' : QA_dynamic_group3_dn,
+ 'listAttributes' : listAttr,
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+
+
+ <!-- =============================== -->
+ <!-- Define ACI for dynamic group 1 -->
+ <!-- =============================== -->
+
+ <!-- Set Aci to allow read and write access on ou=QA Engineers,dc=com for attribut mailEXT -->
+ <script>
+ curr_aci="(targetattr=\"mailEXT\")(version 3.0; acl \" mailEXT add_aci_for_dyn_group1_QA\"; allow (all) groupdn=\"ldap:///%s\";)" % QA_dynamic_group1_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ <!-- Set Aci to allow read access on ou=QA Engineers,dc=com for all attributs except mailEXT -->
+ <script>
+ curr_aci="(targetattr!=\"mailEXT\")(version 3.0; acl \" not mailEXT read add_aci_for_dyn_group1_QA\"; allow (read,search) groupdn=\"ldap:///%s\";)" % QA_dynamic_group1_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ <!-- Set Aci to allow write and delete access on ou=QA Engineers,dc=com for all attributs except mailEXT -->
+ <script>
+ curr_aci="(targetattr!=\"mailEXT\")(version 3.0; acl \" not mailEXT write add_aci_for_dyn_group1_QA\"; allow (write,add,delete) groupdn=\"ldap:///%s\";)" % QA_dynamic_group1_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ <!-- =============================== -->
+ <!-- Define ACI for dynamic group 2 -->
+ <!-- =============================== -->
+
+
+ <!-- Set Aci to allow read and write access on attribut descriptionEXT -->
+ <!-- access on ou=QA Engineers,dc=com -->
+ <script>
+ curr_aci="(targetattr=\"descriptionEXT\")(version 3.0; acl \"aci_1_for_dyn_group2_QA\"; allow (read,search,write,add) groupdn=\"ldap:///%s\";)" % QA_dynamic_group2_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+
+ <!-- Set Aci to allow all access on all the attributs except descriptionEXT -->
+ <!-- access on ou=QA Engineers,dc=com -->
+ <script>
+ curr_aci="(targetattr!=\"descriptionEXT\")(version 3.0; acl \"aci_2_for_dyn_group2_QA\"; allow (all) groupdn=\"ldap:///%s\";)" % QA_dynamic_group2_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+
+ <!-- Set Aci to Deny all access on attributs postalCode -->
+ <!-- access on ou=QA Engineers,dc=com -->
+ <script>
+ curr_aci="(targetattr=\"postalCode\")(version 3.0; acl \"aci_2_for_dyn_group2_QA\"; allow (all) groupdn=\"ldap:///%s\";)" % QA_dynamic_group2_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- =============================== -->
+ <!-- Define ACI for dynamic group 3 -->
+ <!-- =============================== -->
+
+
+ <!-- Set Aci to allow all access on attributs jpegPhoto -->
+ <script>
+ curr_aci="(targetattr=\"jpegPhoto\")(version 3.0; acl \"aci_1_for_dyn_group3_QA\"; allow (all) groupdn=\"ldap:///%s\";)" % QA_dynamic_group3_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+
+ <!-- Set Aci to allow all access on all attributs except jpegPhoto -->
+ <script>
+ curr_aci="(targetattr!=\"jpegPhoto\")(version 3.0; acl \"aci_2_for_dyn_group3_QA\"; allow (all) groupdn=\"ldap:///%s\";)" % QA_dynamic_group3_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : "ou=QA Engineers,dc=com",
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+
+
+ <!-- =========================== -->
+ <!-- Password policy -->
+ <!-- =========================== -->
+
+ <!-- Create a password policy for group1-->
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'create-password-policy',
+ 'objectType' : 'policy-name',
+ 'objectName' : 'password_policy_group1',
+ 'optionsString' : '--set allow-user-password-changes:true \
+ --type generic \
+ --set default-password-storage-scheme:"Salted SHA-1" \
+ --set password-attribute:userpassword',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ <message>'debug %s' % QA_dynamic_group1_dn</message>
+
+ <!-- Assign this password policy to the group1-->
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'create-virtual-attribute',
+ 'objectType' : 'name',
+ 'objectName' : 'virtual attribute for password_policy_group1',
+ 'optionsString' : '--type user-defined \
+ --set enabled:true \
+ --set attribute-type:ds-pwp-password-policy-dn \
+ --set group-dn:%s \
+ --set conflict-behavior:real-overrides-virtual \
+ --set value:"cn=password_policy_group1,cn=Password Policies,cn=config"' % QA_dynamic_group1_dn,
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+
+ <!-- Create a password policy for group2-->
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'create-password-policy',
+ 'objectType' : 'policy-name',
+ 'objectName' : 'password_policy_group2',
+ 'optionsString' : '--set allow-user-password-changes:true \
+ --type generic \
+ --set default-password-storage-scheme:"Salted MD5" \
+ --set password-attribute:userpassword',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ <message>'debug %s' % QA_dynamic_group2_dn</message>
+
+ <!-- Assign this password policy to the group2-->
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'create-virtual-attribute',
+ 'objectType' : 'name',
+ 'objectName' : 'virtual attribute for password_policy_group2',
+ 'optionsString' : '--type user-defined \
+ --set enabled:true \
+ --set attribute-type:ds-pwp-password-policy-dn \
+ --set group-dn:%s \
+ --set conflict-behavior:real-overrides-virtual \
+ --set value:"cn=password_policy_group1,cn=Password Policies,cn=config"' % QA_dynamic_group2_dn,
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- =========================== -->
+ <!-- Manage certificates -->
+ <!-- =========================== -->
+
+ <!-- Get the keystore password from keystore.pin file -->
+ <call function="'getFile'">
+ {
+ 'location' : instance.getHost(),
+ 'filename' : '%s/config/keystore.pin' % instance.getInstallDir(),
+ 'format' : '""'
+ }
+ </call>
+
+ <script>
+ # getFile returns: STAXResult = [cmdRC, cmdResult]
+ server_storepass = STAXResult[1]
+
+ SERVER_CERT_DIR = '%s/CERT_%s' % (instance.getLogDir(),instance.getHost())
+ SERVER_CERT_FILE = '%s/server_cert.txt' % SERVER_CERT_DIR
+ SERVER_STOREPASS = server_storepass
+ </script>
+
+ <!-- Create a directory to store the server certificate-->
+ <call function="'createFolder'">
+ { 'location' : instance.getHost(),
+ 'foldername' : SERVER_CERT_DIR,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- Export the server Cert -->
+ <message>'---- Export the Server Certicate ----'</message>
+ <call function="'ExportCertificate'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'location' : instance.getHost(),
+ 'certAlias' : 'server-cert' ,
+ 'outputfile' : SERVER_CERT_FILE,
+ 'storepass' : server_storepass,
+ 'storetype' : 'JKS',
+ 'fileFd' : LOG_MAIN_FD,
+ }
+ </call>
+
+ <!-- == Wrcd pluite tag for xml report -->
+ <call function="'writeEndTagInstance'">
+ { 'fileFd' : LOG_MAIN_FD }
+ </call>
+
+ </sequence>
+ </iterate>
+
+
+ <!--== Get the enabled clients list from all modules ==-->
+ <call function="'getEnabledClients'">{'scheduler':scheduler}</call>
+ <script>clients = STAXResult </script>
+
+
+ <!--======= Create instance log dir on instance's host =====-->
+ <iterate in="clients" var="client">
+ <sequence>
+
+ <if expr="client.getName() == 'secureSearch' or client.getName() == 'secureModifyEntries' or client.getName() == 'secureUserpasswordModify'">
+ <sequence>
+
+ <!-- == Write tag for xml report -->
+ <call function="'writeStartTagClient'">
+ {
+ 'client' : client,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- Get the informations about the Server Instance for this client -->
+ <script>
+ cParams = client.getParams()
+ serverInstanceFromClient = cParams[0][1]
+ baseDN_for_userMapping = cParams[1][1]
+ certAlias = cParams[7][1]
+
+ sys.path.append("%s/phases/scheduler" % TESTS_DIR )
+ from scheduler import getInstance
+ serverInstance = getInstance(serverInstanceFromClient,instances)
+ </script>
+
+
+ <!-- informations about the Client certificate DB -->
+ <!-- The client certificate DB is generated on the client host -->
+ <script>
+ CLIENT_CERT_TMP="%s/CERT_%s_%s" % \
+ (client.getLogDir(),client.getName(),client.getId())
+ CLIENT_KEYSTORE_DIR="%s/config" % (CLIENT_CERT_TMP)
+ CLIENT_KEYSTORE="%s/keystore" % CLIENT_KEYSTORE_DIR
+ USER_DN ="uid=%s,%s" % (certAlias,baseDN_for_userMapping)
+ USER_CERT_FILE_RFC="%s/client_cert_rfc.txt" % CLIENT_CERT_TMP
+ USER_CERT_FILE="%s/client_cert.txt" % CLIENT_CERT_TMP
+ CLIENT_KEYPASS="password"
+ CLIENT_STOREPASS="password"
+ </script>
+
+ <call function="'writeMessage'">
+ {
+ 'fileFd' : LOG_MAIN_FD,
+ 'content' : 'Create folder %s on %s ' %
+ (CLIENT_CERT_TMP,client.getHost())
+ }
+ </call>
+
+ <!-- Create folder on the client host where are store client keystore
+ and certificate-->
+ <call function="'createFolder'">
+ { 'location' : client.getHost(),
+ 'foldername' : CLIENT_KEYSTORE_DIR,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ <!-- On the client Host, generate a JKS client certificate : certAlias -->
+ <call function="'genCertificate'">
+ { 'dsPath' : CLIENT_CERT_TMP,
+ 'location' : client.getHost(),
+ 'certAlias' : certAlias,
+ 'dname' : USER_DN,
+ 'storepass' : CLIENT_STOREPASS,
+ 'keystore' : CLIENT_KEYSTORE,
+ 'keypass' : CLIENT_KEYPASS,
+ 'storetype' : 'JKS',
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- Self-Sign client Certificate : certAlias -->
+ <message>'---- Self-Signing client Certificate : %s ---- ' % (certAlias)</message>
+
+ <call function="'SelfSignCertificate'">
+ { 'dsPath' : CLIENT_CERT_TMP,
+ 'location' : client.getHost(),
+ 'certAlias' : certAlias,
+ 'storepass' : CLIENT_STOREPASS,
+ 'keypass' : CLIENT_KEYPASS,
+ 'keystore' : CLIENT_KEYSTORE,
+ 'storetype' : 'JKS' ,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- export client certificate : certAlias -->
+ <message> '---- Export the client certificate : %s ---- ' % (certAlias)</message>
+ <call function="'ExportCertificate'">
+ { 'dsPath' : CLIENT_CERT_TMP,
+ 'location' : client.getHost(),
+ 'certAlias' : certAlias,
+ 'outputfile' : USER_CERT_FILE,
+ 'storepass' : CLIENT_STOREPASS,
+ 'keystore' : CLIENT_KEYSTORE,
+ 'storetype' : 'JKS',
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- export client certificate RFC format : certAlias -->
+ <message> '---- Export the client certificate in RFC : %s ---- ' % (certAlias)</message>
+
+ <call function="'ExportCertificate'">
+ { 'dsPath' : CLIENT_CERT_TMP,
+ 'location' : client.getHost(),
+ 'certAlias' : certAlias,
+ 'outputfile' : USER_CERT_FILE_RFC,
+ 'storepass' : CLIENT_STOREPASS,
+ 'keystore' : CLIENT_KEYSTORE,
+ 'format' : 'rfc',
+ 'storetype' : 'JKS',
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- Get the keystore password from keystore.pin file -->
+ <call function="'getFile'">
+ {
+ 'location' : serverInstance.getHost(),
+ 'filename' : '%s/config/keystore.pin' % serverInstance.getInstallDir(),
+ 'format' : '""'
+ }
+ </call>
+ <script>
+ # getFile returns: STAXResult = [cmdRC, cmdResult]
+ server_storepass = STAXResult[1]
+ </script>
+
+ <!-- The directory containing the client certificates DB
+ is copied on the server instance -->
+ <!-- and the directory containing the server certificate DB
+ is copied on the associated client -->
+ <script>
+
+ REMOTE_CLIENT_CERT_TMP="%s/CERT_%s_%s" % (serverInstance.getLogDir(),client.getName(),client.getId())
+ REMOTE_USER_CERT_FILE="%s/client_cert.txt" % REMOTE_CLIENT_CERT_TMP
+
+ REMOTE_SERVER_CERT_TMP = "%s/CERT_%s" % (client.getLogDir(),serverInstance.getHost())
+ REMOTE_SERVER_CERT_FILE = '%s/server_cert.txt' % REMOTE_SERVER_CERT_TMP
+
+ SERVER_CERT_TMP = "%s/CERT_%s" % (serverInstance.getLogDir(),serverInstance.getHost())
+ SERVER_STOREPASS = server_storepass
+ </script>
+
+
+ <!--== Copy the directory containing the server cert DB on the Client host -->
+ <call function="'copyFolder'">
+ { 'location' : serverInstance.getHost(),
+ 'remoteHost' : client.getHost(),
+ 'fromDirectory' : SERVER_CERT_TMP,
+ 'toDirectory' : REMOTE_SERVER_CERT_TMP,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!--== Copy the directory containing the client cert DB on the Server Host -->
+ <call function="'copyFolder'">
+ { 'location' : client.getHost(),
+ 'remoteHost' : serverInstance.getHost(),
+ 'fromDirectory' : CLIENT_CERT_TMP,
+ 'toDirectory' : REMOTE_CLIENT_CERT_TMP,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'writeMessage'">
+ {
+ 'fileFd' : LOG_MAIN_FD,
+ 'content' : 'Import server certificate under %s on %s ' % (CLIENT_KEYSTORE,client.getHost())
+ }
+ </call>
+
+ <!-- Import the server Certificate in the client database -->
+ <message>'---- Import the Server Certificate in the client keystore----'</message>
+ <call function="'ImportCertificate'">
+ { 'dsPath' : CLIENT_CERT_TMP,
+ 'location' : client.getHost(),
+ 'certAlias' : 'server-cert',
+ 'inputfile' : REMOTE_SERVER_CERT_FILE,
+ 'storepass' : CLIENT_STOREPASS,
+ 'keystore' : CLIENT_KEYSTORE,
+ 'storetype' : 'JKS',
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- Import the client Certificates in the server trustore -->
+ <message> '---- Import the client Certificates %s in the server trustore' % (certAlias)</message>
+
+ <call function="'ImportCertificate'">
+ { 'dsPath' : serverInstance.getInstallDir(),
+ 'location' : serverInstance.getHost(),
+ 'certAlias' : certAlias,
+ 'keystore' : 'truststore',
+ 'inputfile' : REMOTE_USER_CERT_FILE,
+ 'storepass' : server_storepass,
+ 'storetype' : 'JKS',
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'create_mapping_user'">
+ { 'instance' : serverInstance,
+ 'certAlias' : certAlias,
+ 'client_cert_directory' : REMOTE_CLIENT_CERT_TMP,
+ 'user_dn' : USER_DN,
+ 'base_dn' : baseDN_for_userMapping,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- == Write tag for xml report -->
+ <call function="'writeEndTagClient'">
+ { 'fileFd' : LOG_MAIN_FD }
+ </call>
+ </sequence>
+ </if>
+ </sequence>
+ </iterate>
+
+
+
+ <!-- ================= Call postambule ======================= -->
+ <call function="'phasePostamble'">
+ { 'phase' : phase,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+ </sequence>
+ </function>
+
+
+
+
+
+ <!-- ************************************************************ -->
+ <function name="create_mapping_user" scope="local">
+ <function-map-args>
+ <function-arg-def name="instance" type="required">
+ </function-arg-def>
+ <function-arg-def name="certAlias" type="required">
+ </function-arg-def>
+ <function-arg-def name="client_cert_directory" type="required">
+ </function-arg-def>
+ <function-arg-def name="base_dn" type="required">
+ </function-arg-def>
+ <function-arg-def name="user_dn" type="required">
+ </function-arg-def>
+ <function-arg-def name="fileFd" type="required">
+ </function-arg-def>
+ </function-map-args>
+
+ <sequence>
+
+ <call function="'writeMessage'">
+ {
+ 'fileFd' : fileFd,
+ 'content' : 'Create the user %s' % user_dn
+ }
+ </call>
+ <!-- create user entry on the Instance server -->
+ <message>'###### Add an entry ###### '</message>
+ <script>
+ listAttr = []
+ listAttr.append('objectclass:top')
+ listAttr.append('objectclass:organizationalperson')
+ listAttr.append('objectclass:inetorgperson')
+ listAttr.append('objectclass:person')
+ listAttr.append('objectclass:ds-certificate-user')
+ listAttr.append('objectclass:strongAuthenticationUser')
+ listAttr.append('objectclass:inetorgpersonext')
+ listAttr.append('userCertificate;binary: bad_certificate')
+ listAttr.append('givenname:%s' % certAlias)
+ listAttr.append('userpassword:userpassword')
+ listAttr.append('mailEXT: group1')
+ listAttr.append('descriptionEXT: this is mapping client description')
+ listAttr.append('sn:%s' % certAlias)
+ listAttr.append('cn:%s' % certAlias)
+ </script>
+
+ <call function="'addAnEntry'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToAdd' : user_dn,
+ 'listAttributes' : listAttr,
+ 'expectedRC' : 0,
+ 'fileFd' : fileFd
+ }
+ </call>
+
+ <call function="'ldapSearch'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : serverInstance.getLDAPPort(),
+ 'dsBaseDN' : suffix.getSuffixDn(),
+ 'dsScope' : 'base',
+ 'dsFilter' : 'objectclass=*',
+ 'dsInstanceDn' : user_dn,
+ 'dsInstancePswd' : "userpassword",
+ 'expectedRC' : 0,
+ 'fileFd' : fileFd
+ }
+ </call>
+
+ <call function="'writeMessage'">
+ {
+ 'fileFd' : fileFd,
+ 'content' : 'Add the aci to the user %s' % user_dn
+ }
+ </call>
+ <script>
+ curr_aci="(targetattr=\"*\")(version 3.0; acl \"add_aci\"; allow (search,read,write) userdn=\"ldap:///%s\";)" % user_dn
+ </script>
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : base_dn,
+ 'attributeName' : 'aci',
+ 'newAttributeValue' : curr_aci,
+ 'changetype' : 'add',
+ 'expectedRC' : 0,
+ 'fileFd' : fileFd
+ }
+ </call>
+
+ <!-- Read the certificate exported as RFC -->
+ <call function="'getFile'">
+ { 'location' : instance.getHost(),
+ 'filename' : '%s/client_cert_rfc.txt ' % (client_cert_directory)
+ }
+ </call>
+ <message>
+ 'Certificate contents:\n %s' % cmdResult
+ </message>
+
+ <!-- Extract BEGIN CERTIFICATE and END CERTIFICATE -->
+ <script>
+ certList=cmdResult.split('\n')
+ ret_str = ""
+ for line in certList:
+ index_cert = line.find("CERTIFICATE")
+ if index_cert == -1:
+ ret_str+=line.strip()
+ </script>
+
+ <script>
+ listAttr = []
+ listAttr.append('dn: %s' % user_dn)
+ listAttr.append('changetype: modify')
+ listAttr.append('replace: userCertificate;binary')
+ listAttr.append('userCertificate;binary:: %s' % ret_str)
+ </script>
+
+ <!-- Write out the ldif -->
+ <script>
+ LdifFile = '%s/cert_ldif' % instance.getLogDir()
+ outfile = open(LdifFile,"w")
+
+ for line in listAttr:
+ outfile.write("%s\n" % line)
+
+ outfile.close()
+ </script>
+
+ <call function="'modifyEntry'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s' % LdifFile,
+ 'expectedRC' : 0,
+ 'fileFd' : fileFd
+ }
+ </call>
+
+
+ <call function="'modifyAnAttribute'">
+ { 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'DNToModify' : user_dn,
+ 'attributeName' : 'userCertificate;binary',
+ 'newAttributeValue' : ret_str,
+ 'changetype' : 'modify',
+ 'expectedRC' : 0,
+ 'fileFd' : fileFd
+ }
+ </call>
+
+ </sequence>
+ </function>
+
+
+</stax>
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/pre_configuration.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/pre_configuration.xml
new file mode 100644
index 0000000..bc3458b
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/pre_configuration.xml
@@ -0,0 +1,183 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+! -->
+<stax>
+
+ <defaultcall function="preConfiguration"/>
+
+ <function name="preConfiguration" scope="local">
+ <function-map-args>
+ <function-arg-def name="phase" type="required">
+ <function-arg-description>
+ phase object
+ </function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="instances" type="required">
+ <function-arg-description>
+ list of instances classes
+ </function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="suffix" type="required">
+ <function-arg-description>
+ suffix class
+ </function-arg-description>
+ </function-arg-def>
+ <function-arg-def name="scheduler" type="required">
+ <function-arg-description>
+ suffix class
+ </function-arg-description>
+ </function-arg-def>
+ </function-map-args>
+
+ <sequence>
+
+ <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
+ file="'%s/opendscfg.xml' % (SHARED_FUNC_DIR)"/>
+
+ <!-- ================= Call preambule ======================== -->
+ <call function="'phasePreamble'">
+ { 'phase' : phase,
+ 'fileFd' : LOG_MAIN_FD }
+ </call>
+
+
+ <!-- ================= Display instance names ================ -->
+ <iterate in="instances" var="instance">
+ <sequence>
+ <!-- == Write tag for xml report -->
+ <call function="'writeStartTagInstance'">
+ {
+ 'instance' : instance,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'writeMessage'">
+ {
+ 'fileFd' : LOG_MAIN_FD,
+ 'content' : 'my instance is : %s' % instance.getName()
+ }
+ </call>
+
+ <!--================== Import schema extension ldif file =======================-->
+ <message>'debug copy %s/scenario/%s/data/99_ext_schema.ldif' % (LOCAL_TESTS_DIR,DIR_NAME)</message>
+ <call function="'writeMessage'">
+ {
+ 'fileFd' : LOG_MAIN_FD,
+ 'content' : '%s/scenario/%s/data' % (LOCAL_TESTS_DIR,DIR_NAME)
+ }
+ </call>
+
+ <call function="'copyFile'">
+ {
+ 'srcFile' : '%s/scenario/%s/data/99_ext_schema.ldif' % (LOCAL_TESTS_DIR,DIR_NAME),
+ 'destFile' : '%s/config/schema/99_ext_schema.ldif' % instance.getInstallDir(),
+ 'remoteHost' : '%s' % instance.getHost(),
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <message>'debug to %s/config/schema/99_ext_schema.ldif' % instance.getInstallDir()</message>
+ <call function="'StartDsWithScript'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'instance' : instance,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'create-local-db-index',
+ 'objectType' : 'backend-name',
+ 'objectName' : 'userRoot',
+ 'optionsString' : '--index-name mailEXT --set index-type:equality --set index-type:substring',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'dsconfig'">
+ { 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsInstanceHost' : instance.getHost(),
+ 'dsInstancePort' : instance.getLDAPPort(),
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'subcommand' : 'create-local-db-index',
+ 'objectType' : 'backend-name',
+ 'objectName' : 'userRoot',
+ 'optionsString' : '--index-name descriptionEXT --set index-type:equality --set index-type:substring',
+ 'expectedRC' : 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'StopDsWithScript'">
+ {
+ 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'expectedRC': 0,
+ 'dsRestart' : ' ',
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <call function="'StopDsWithScript'">
+ {
+ 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'expectedRC': 0,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ <!-- == Write tag for xml report -->
+ <call function="'writeEndTagInstance'">
+ { 'fileFd' : LOG_MAIN_FD }
+ </call>
+
+ </sequence>
+ </iterate>
+
+
+ <!-- ================= Call postambule ======================= -->
+ <call function="'phasePostamble'">
+ { 'phase' : phase,
+ 'fileFd' : LOG_MAIN_FD
+ }
+ </call>
+
+ </sequence>
+ </function>
+
+</stax>
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/security_lib.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/security_lib.xml
new file mode 100755
index 0000000..e3fb27a
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/security_lib.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2007-2008 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+
+ <!-- **************************************************** -->
+ <!-- load variables -->
+ <!-- **************************************************** -->
+
+ <function name="loadVariables">
+ <function-prolog>
+ This function loads variables used by the client_auth testsuite
+ </function-prolog>
+
+ <sequence>
+ <!-- Local variables -->
+ <script>
+ SERVER_KEYPASS="servercert"
+ SERVER_STOREPASS="servercert"
+ CERT_TMP="%s/CERT_%s" % (logsRemoteDataDir,DIRECTORY_INSTANCE_PORT)
+ CLIENT_KEYSTORE="%s/keystore" % (CERT_TMP)
+ CLIENT_KEYPASS="password"
+ CLIENT_STOREPASS="password"
+ USER_1_CERT="client-cert-1"
+ USER_1_CERT_FILE="%s/client_cert_1.txt" % (CERT_TMP)
+ USER_1_DN ="uid=%s,%s" % (USER_1_CERT,[suffix.getSuffixDn()])
+ USER_1_CERT_FILE_RFC="%s/client_cert_1_rfc.txt" % (CERT_TMP)
+ USER_2_CERT="client-cert-2"
+ USER_2_CERT_FILE_RFC="%s/client_cert_2_rfc.txt" % (CERT_TMP)
+ USER_2_CERT_FILE="%s/client_cert_2.txt" % (CERT_TMP)
+ USER_2_DN ="uid=%s,%s" % (USER_2_CERT,[suffix.getSuffixDn()])
+ SERVER_CERT_FILE="%s/server_cert.txt" % (CERT_TMP)
+ user1LdifFileName='user1_cert.ldif'
+ user2LdifFileName='user2_cert.ldif'
+<!--
+ remoteUser1LdifFile='%s/%s/../%s/%s' % (DIRECTORY_INSTANCE_DIR,OPENDSNAME,relativeDataDir,user1LdifFileName)
+ remoteUser2LdifFile='%s/%s/../%s/%s' % (DIRECTORY_INSTANCE_DIR,OPENDSNAME,relativeDataDir,user2LdifFileName)
+ localUser1LdifFile='%s/%s' % (logsTempDir,user1LdifFileName)
+ localUser2LdifFile='%s/%s' % (logsTempDir,user2LdifFileName)
+ -->
+ </script>
+ </sequence>
+ </function>
+
+</stax>
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/singleServer/single.xml b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/single.xml
new file mode 100755
index 0000000..bc84ad6
--- /dev/null
+++ b/opendj-sdk/opends/tests/system-tests/scenario/singleServer/single.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
+<!--
+ ! CDDL HEADER START
+ !
+ ! The contents of this file are subject to the terms of the
+ ! Common Development and Distribution License, Version 1.0 only
+ ! (the "License"). You may not use this file except in compliance
+ ! with the License.
+ !
+ ! You can obtain a copy of the license at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ ! See the License for the specific language governing permissions
+ ! and limitations under the License.
+ !
+ ! When distributing Covered Code, include this CDDL HEADER in each
+ ! file and include the License file at
+ ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ ! add the following below this CDDL HEADER, with the fields enclosed
+ ! by brackets "[]" replaced with your own identifying information:
+ ! Portions Copyright [yyyy] [name of copyright owner]
+ !
+ ! CDDL HEADER END
+ !
+ ! Copyright 2008 Sun Microsystems, Inc.
+ ! -->
+<stax>
+
+ <defaultcall function="mainSingle"/>
+
+ <function name="mainSingle">
+ <sequence>
+
+ <script>
+ SHARED_FUNC_DIR = '%s/phases/shared/functions' % TESTS_DIR
+ </script>
+ <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
+ file="'%s/phases/main_run.xml' % (TESTS_DIR)"/>
+
+ <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
+ file="'%s/opendssecurity.xml' % (SHARED_FUNC_DIR)"/>
+
+ <!-- directoryName must have the name of the current directory -->
+
+ <script>
+ DIR_NAME = 'single'
+ fConf = '%s/scenario/%s/conf.xml' % (TESTS_DIR,DIR_NAME)
+ fPreConf = '%s/scenario/%s/pre_configuration.xml' % \
+ (TESTS_DIR,DIR_NAME)
+ fPostConf = '%s/scenario/%s/post_configuration.xml' % \
+ (TESTS_DIR,DIR_NAME)
+ </script>
+
+
+ <call function="'main_run'">
+ {
+ 'configurationFile' : fConf,
+ 'preConfigurationFile' : fPreConf,
+ 'postConfigurationFile' : fPostConf,
+ 'runInstallation' : 'true',
+ 'runGenerateLdif' : 'true',
+ 'runPreConfiguration' : 'true',
+ 'runConfiguration' : 'true',
+ 'runPostConfiguration' : 'true',
+ 'runScheduler' : 'true'
+ }
+ </call>
+ </sequence>
+ </function>
+
+</stax>
--
Gitblit v1.10.0