From fd7683685f79827de798b52c9566d6a70d8e9e34 Mon Sep 17 00:00:00 2001
From: el_kaboing <el_kaboing@localhost>
Date: Mon, 13 Nov 2006 16:35:42 +0000
Subject: [PATCH] New functional tests for Issue 342.
---
opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short.ldif | 29 ++
opends/tests/functional-tests/shared/data/security/pwd_validator/add_sales_admin.ldif | 12 +
opends/tests/functional-tests/testcases/security/pwd_validator/security_skip_val_for_admins.xml | 359 +++++++++++++++++++++++++++++++++++
opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_pwd_length_validator.ldif | 28 ++
opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short3.ldif | 29 ++
opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml | 4
opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short2.ldif | 29 ++
opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_bypass_pwd_validator.ldif | 29 ++
opends/tests/functional-tests/shared/data/security/pwd_validator/admin_enable_bypass_pwd_validator.ldif | 29 ++
opends/tests/functional-tests/shared/data/security/pwd_validator/delete_sales_admin.ldif | 27 ++
10 files changed, 575 insertions(+), 0 deletions(-)
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/add_sales_admin.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/add_sales_admin.ldif
new file mode 100644
index 0000000..93e4976
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/add_sales_admin.ldif
@@ -0,0 +1,12 @@
+dn: cn=Sales Admin,cn=Root DNs,cn=config
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: top
+objectClass: organizationalPerson
+objectClass: ds-cfg-root-dn
+userPassword: password
+cn: Sales Admin
+givenName: Sales
+sn: Admin
+ds-cfg-alternate-bind-dn: cn=Sales Admin
+
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_bypass_pwd_validator.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_bypass_pwd_validator.ldif
new file mode 100644
index 0000000..9ffe59d
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_bypass_pwd_validator.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-skip-validation-for-administrators
+ds-cfg-skip-validation-for-administrators: false
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_pwd_length_validator.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_pwd_length_validator.ldif
new file mode 100644
index 0000000..517de94
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_disable_pwd_length_validator.ldif
@@ -0,0 +1,28 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+delete: ds-cfg-password-validator-dn
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_enable_bypass_pwd_validator.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_enable_bypass_pwd_validator.ldif
new file mode 100644
index 0000000..7c6fad3
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/admin_enable_bypass_pwd_validator.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Default Password Policy,cn=Password Policies,cn=config
+changetype: modify
+replace: ds-cfg-skip-validation-for-administrators
+ds-cfg-skip-validation-for-administrators: true
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/delete_sales_admin.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/delete_sales_admin.ldif
new file mode 100644
index 0000000..8be2a27
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/delete_sales_admin.ldif
@@ -0,0 +1,27 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Sales Admin,cn=Root DNs,cn=config
+changetype: delete
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short.ldif
new file mode 100644
index 0000000..9b8791d
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Sales Admin,cn=Root DNs,cn=config
+changetype: modify
+replace: userpassword
+userpassword: grape
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short2.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short2.ldif
new file mode 100644
index 0000000..4776424
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short2.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Sales Admin,cn=Root DNs,cn=config
+changetype: modify
+replace: userpassword
+userpassword: goo
diff --git a/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short3.ldif b/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short3.ldif
new file mode 100644
index 0000000..e852615
--- /dev/null
+++ b/opends/tests/functional-tests/shared/data/security/pwd_validator/root_change_pwd_too_short3.ldif
@@ -0,0 +1,29 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying * information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2006 Sun Microsystems, Inc.
+#
+
+dn: cn=Sales Admin,cn=Root DNs,cn=config
+changetype: modify
+replace: userpassword
+userpassword: gaa
diff --git a/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml b/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml
index d124ac1..e5145bd 100755
--- a/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml
+++ b/opends/tests/functional-tests/testcases/security/pwd_validator/security_pwd_validator.xml
@@ -79,6 +79,10 @@
file="'%s/testcases/security/pwd_validator/security_pwd_length.xml' % (TESTS_DIR)"/>
<call function="'pwd_length'" />
+ <import machine="'%s' % (STAF_LOCAL_HOSTNAME)"
+ file="'%s/testcases/security/pwd_validator/security_skip_val_for_admins.xml' % (TESTS_DIR)"/>
+ <call function="'skip_val_for_admins'" />
+
<!--- Test Case : Stop DS -->
<testcase name="'StopDS'">
<sequence>
diff --git a/opends/tests/functional-tests/testcases/security/pwd_validator/security_skip_val_for_admins.xml b/opends/tests/functional-tests/testcases/security/pwd_validator/security_skip_val_for_admins.xml
new file mode 100755
index 0000000..119545e
--- /dev/null
+++ b/opends/tests/functional-tests/testcases/security/pwd_validator/security_skip_val_for_admins.xml
@@ -0,0 +1,359 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE stax SYSTEM "stax.dtd">
+<!---
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License"). You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at
+ * trunk/opends/resource/legal-notices/OpenDS.LICENSE
+ * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at
+ * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+ * add the following below this CDDL HEADER, with the fields enclosed
+ * by brackets "[]" replaced with your own identifying * information:
+ * Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ *
+ *
+ * Portions Copyright 2006 Sun Microsystems, Inc.
+ -->
+<stax>
+
+ <defaultcall function="skip_val_for_admins"/>
+
+ <function name="skip_val_for_admins">
+
+ <sequence>
+
+ <!--- Test Case : Setup -->
+ <testcase name="'Security: Root User Bypass Valid: Preamble Setup'">
+ <sequence>
+
+ <!--- Add Sales Admin -->
+ <message>
+ 'Security: Root User Bypass Valid: Preamble - Step 1. Add Sales Admin'
+ </message>
+
+ <call function="'addEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeAdded' : '%s/security/pwd_validator/add_sales_admin.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <!--- Admin Enable Pwd Length Validator -->
+ <message>
+ 'Security: Root User Bypass Valid: Preamble - Step 2. Admin Enabling Pwd Length Validator On Root Users'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/admin_enable_pwd_length_validator.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Root Change Password - Too Short-->
+ <testcase name="'Security: Root User Bypass Valid: No Bypass'">
+ <sequence>
+ <message>
+ 'Security: Root User Bypass Valid: No Bypass - Step 1. Root Changing Password - Too Short'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/root_change_pwd_too_short.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 53">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <!--- Root Search With Password -->
+ <message>
+ 'Security: Root User Bypass Valid: No Bypass - Step 2. Root Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'cn=Sales Admin' ,
+ 'dsInstancePswd' : 'grape' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 1 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Enable Bypass Validator-->
+ <testcase name="'Security: Root User Bypass Valid: Bypass Enabled 1'">
+ <sequence>
+ <message>
+ 'Security: Root User Bypass Valid: Bypass Enabled 1 - Step 1. Admin Enabling Bypass For Pwd Validator'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/admin_enable_bypass_pwd_validator.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: Root User Bypass Valid: Bypass Enabled 1 - Step 2. Root Changing Password - Too Short'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/root_change_pwd_too_short.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <!--- Root Search With Password -->
+ <message>
+ 'Security: Root User Bypass Valid: Bypass Enabled 1 - Step 3. Root Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'cn=Sales Admin' ,
+ 'dsInstancePswd' : 'grape' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Admin Change Minimum Pwd Length -->
+ <testcase name="'Security: Root User Bypass Valid: Bypass Enabled 2'">
+ <sequence>
+ <message>
+ 'Security: Root User Bypass Valid: Bypass Enabled 2 - Step 1. Admin Changing Minimum Pwd Length'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/admin_change_min_pwd_length.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <!--- User Change Password - Too Short-->
+ <message>
+ 'Security: Root User Bypass Valid: Bypass Enabled 2 - Step 2. Root Changing Password - Too Short'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/root_change_pwd_too_short2.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <!--- Root Search With Password -->
+ <message>
+ 'Security: Root User Bypass Valid: Bypass Enabled 2 - Step 3. Root Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'cn=Sales Admin' ,
+ 'dsInstancePswd' : 'goo' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Check Self-Change Pwd -->
+ <testcase name="'Security: Root User Bypass Valid: Self-Change Pwd'">
+ <sequence>
+
+ <!--- Sales Admin Self-Change Pwd-->
+ <message>
+ 'Security: Root User Bypass Valid: Self-Change Pwd - Step 1. Root Changing Password - Too Short'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'cn=Sales Admin' ,
+ 'dsInstancePswd' : 'goo' ,
+ 'entryToBeModified' : '%s/security/pwd_validator/root_change_pwd_too_short3.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 53">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <!--- Root Search With Password -->
+ <message>
+ 'Security: Root User Bypass Valid: Self-Change Pwd - Step 2. Root Searching With Password'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'cn=Sales Admin' ,
+ 'dsInstancePswd' : 'gaa' ,
+ 'dsBaseDN' : 'dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-s base' }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult ,
+ 'expected' : 1 }
+ </call>
+ </sequence>
+ </testcase>
+
+ <!--- Test Case : Admin Reset Minimum Pwd Length -->
+ <testcase name="'Security: Root User Bypass Valid: Postamble Teardown'">
+ <sequence>
+
+ <!--- Root Reset Password-->
+ <message>
+ 'Security: Root User Bypass Valid: Postamble - Step 1. Delete Sales Admin'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/delete_sales_admin.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <!--- Root Search With Original Password -->
+ <message>
+ 'Security: Root User Bypass Valid: Postamble - Step 2. Admin Disabling Bypass For Pwd Validator'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/admin_disable_bypass_pwd_validator.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: Root User Bypass Valid: Postamble - Step 3. Admin Resetting Minimum Pwd Length'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/admin_reset_min_pwd_length.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'Security: Root User Bypass Valid: Postamble - Step 4. Admin Disabling Pwd Length Validator On Root Users'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/security/pwd_validator/admin_disable_pwd_length_validator.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <call function="'checktestRC'">
+ { 'returncode' : RC ,
+ 'result' : STAXResult }
+ </call>
+
+ </sequence>
+ </testcase>
+
+ <return>RC</return>
+
+ </sequence>
+
+ </function>
+
+</stax>
--
Gitblit v1.10.0