'---- Configure the SASL EXTERNAL mechanism -----' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'subcommand' : 'set-sasl-mechanism-handler-prop' , 'objectType' : 'handler-name' , 'objectName' : 'EXTERNAL', 'optionsString' : '--set certificate-mapper:"Subject Equals DN"', 'expectedRC' : 0 } '--- Check SSL communication with SASL EXTERNAL authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseSSL' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_1_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_1_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseSSL' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_2_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_2_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 } '--- Check StartTLS communication with SASL EXTERNAL authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseStartTLS' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_1_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_1_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsFilter' : 'objectclass=*' , 'dsKeyStorePassword' : CLIENT_STOREPASS, 'dsUseStartTLS' : ' ', 'dsUseSASLExternal' : ' ', 'dsCertNickname' : USER_2_CERT, 'dsTrustStorePath' : CLIENT_KEYSTORE, 'dsKeyStorePath' : CLIENT_KEYSTORE, 'dsReportAuthzID' : ' ', 'dsScope' : 'base', 'expectedRC' : 0 } { 'string2find' : USER_2_DN , 'mainString' : ldapSearchResult , 'nbExpected' : 1 }