'---- Configure the SASL EXTERNAL mechanism -----' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'cn=EXTERNAL,cn=SASL Mechanisms,cn=config', 'attributeName' : 'ds-cfg-certificate-mapper-dn', 'newAttributeValue' : 'cn=Subject Equals DN,cn=Certificate Mappers,cn=config', 'changetype' : 'replace', 'expectedRC' : 0 } '--- Check SSL communication with SASL EXTERNAL authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseSSL' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_1_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_1_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseSSL' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_2_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_2_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 } '--- Check StartTLS communication with SASL EXTERNAL authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseStartTLS' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_1_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_1_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseStartTLS' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_2_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_2_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 }