<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
! add the following below this CDDL HEADER, with the fields enclosed
! by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
! Copyright 2006-2010 Sun Microsystems, Inc.
! Portions Copyright 2012-2013 ForgeRock AS
! -->
<stax>
<!--- Test Case information
#@TestMarker Lockout Duration
#@TestName Default Lockout Duration
#@TestIssue None
#@TestPurpose Verify that the default lockout duration is working
#@TestPreamble None
#@TestStep Step 1. Get Lockout Duration
#@TestStep Step 2. Set Lockout Failure Count to 3
#@TestStep Step 3. User Lockout With Bad Password 3x
#@TestStep Step 4. Admin Resets User Password
#@TestStep Step 5. User Bind With New Password
#@TestPostamble None
#@TestResult Success if the 5 steps are PASS
-->
<function name="pwp_lockout_duration_001" scope="local">
<testcase name="getTestCaseName('PWP Default Lockout Duration')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Get Lockout Duration.' % msg1 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--property "lockout-duration"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'get-password-policy-prop',
'optionsString' : dsconfigOptions,
'expectedString' : 'lockout-duration : 0 s'
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Compare Lockout Duration Attribute.' % msg1 }
</call>
<call function="'compareEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'attrToBeCompared' : 'ds-cfg-lockout-duration:0 seconds',
'entryToBeCompared' : basepwp }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Set Lockout Failure Count.' % msg1 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--set "lockout-failure-count:3"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'set-password-policy-prop',
'optionsString' : dsconfigOptions
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
</call>
<script>
search_pwds = ['bad', 'bad', 'bad', 'normal']
</script>
<iterate var="pwds" in="search_pwds" indexvar="index">
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mward,%s' % basedn ,
'dsInstancePswd' : '%s' % pwds,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
</iterate>
<call function="'testStep'">
{ 'stepMessage' : '%s Admin Resetting User Password.' % msg1 }
</call>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
'dsNewPassword' : 'adminnormal' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Bind With New Password.' % msg1 }
</call>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mward,%s' % basedn ,
'dsInstancePswd' : 'adminnormal' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
<!--- Test Case information
#@TestMarker Lockout Duration
#@TestName Lockout Duration Short
#@TestIssue None
#@TestPurpose Lockout Duration Short
#@TestPreamble None
#@TestStep Step 1. User Lockout with Bad Password 3x
SearchObject returns 49 (3x with bad,
1x with correct one)
Sleeping sleepForMilliSeconds 8000
#@TestStep Step 2. User Changing Password returns 0
#@TestStep Step 3. Admin Resetting User Password
#@TestStep Step 4. User Bind With New Password
SearchObject returns 0
#@TestPostamble None
#@TestResult Success if the 4 steps are PASS
-->
<function name="pwp_lockout_duration_002" scope="local">
<testcase name="getTestCaseName('PWP Short Lockout Duration')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Set Lockout Duration to 10s.' % msg1 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--set "lockout-duration:10s"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'set-password-policy-prop',
'optionsString' : dsconfigOptions
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
</call>
<script>
search_pwds = ['bad', 'bad', 'bad', 'adminnormal']
</script>
<iterate var="pwds" in="search_pwds" indexvar="index">
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mward,%s' % basedn ,
'dsInstancePswd' : '%s' % pwds,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
</iterate>
<call function="'testStep'">
{ 'stepMessage' : '%s Sleeping 8s.' % msg1 }
</call>
<call function="'Sleep'">
{ 'sleepForMilliSeconds' : '8000' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Changing Password.' % msg1 }
</call>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mward,%s' % basedn ,
'dsInstancePswd' : 'adminnormal' ,
'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
'dsNewPassword' : 'newnormal' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Bind With New Password.' % msg1 }
</call>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mward,%s' % basedn ,
'dsInstancePswd' : 'newnormal' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
<!--- Test Case information
#@TestMarker Lockout Duration
#@TestName Testing Lockout Duration Long
#@TestIssue None
#@TestPurpose Testing Lockout Duration Long
#@TestPreamble None
#@TestStep Step 1. User Initial Bind returns 0
#@TestStep Step 2. User Lockout with Bad Password 3x
SearchObject returns 49 (3x with bad,
1x with correct one)
Sleeping sleepForMilliSeconds 8000
#@TestStep Step 3. User Changing Password returns 49
#@TestStep Step 4. User Bind With New Password
SearchObject returns 49
#@TestPostamble None
#@TestResult Success if the 4 steps are PASS
-->
<function name="pwp_lockout_duration_003" scope="local">
<testcase name="getTestCaseName('PWP Long Lockout Duration')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Set Lockout Duration to 5d.' % msg1 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--set "lockout-duration:5d"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'set-password-policy-prop',
'optionsString' : dsconfigOptions
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Get get-seconds-until-password-reset-lockout.' % msg1 }
</call>
<call function="'manageAccountWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'subcommand' : 'get-seconds-until-password-reset-lockout' ,
'targetDn' : 'uid=scarter,%s' % basedn }
</call>
<script>
returnString = STAXResult[0][1]
</script>
<call function="'searchString'">
{ 'returnString' : returnString ,
'expectedString' : 'Seconds Until Password Reset Lockout:' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Initial Bind.' % msg1 }
</call>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
'dsInstancePswd' : 'strawberry' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
</call>
<script>
search_pwds = ['bad', 'bad', 'bad', 'strawberry']
</script>
<iterate var="pwds" in="search_pwds" indexvar="index">
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
'dsInstancePswd' : '%s' % pwds,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
</iterate>
<call function="'testStep'">
{ 'stepMessage' : '%s Sleeping 8s.' % msg1 }
</call>
<call function="'Sleep'">
{ 'sleepForMilliSeconds' : '8000' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Changing Password.' % msg1 }
</call>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
'dsInstancePswd' : 'strawberry' ,
'dsAuthzID' : 'dn:uid=bjablons,%s' % basedn ,
'dsNewPassword' : 'newberry' ,
'expectedRC' : 49 }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Bind With New Password.' % msg1 }
</call>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
'dsInstancePswd' : 'newberry' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base',
'expectedRC' : 49 }
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
<!--- Test Case information
#@TestMarker Lockout Duration
#@TestName Reset Lockout Properties
#@TestIssue None
#@TestPurpose Verify that lockout properties can be reset
#@TestPreamble None
#@TestStep Step 1. Reset Lockout Duration to 0
#@TestStep Step 2. User Lockout with Bad Password 3x
#@TestStep Stpe 4. Sleeping sleepForMilliSeconds 8000
#@TestStep Step 5. User Changing Password returns 0
#@TestStep Step 6. User Bind With New Password
SearchObject returns 0
#@TestPostamble None
#@TestResult Success if the 4 steps are PASS
-->
<function name="pwp_lockout_duration_004" scope="local">
<testcase name="getTestCaseName('PWP Reset Lockout Duration Properties')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Reset Lockout Duration.' % msg1 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--reset "lockout-duration"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'set-password-policy-prop',
'optionsString' : dsconfigOptions
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
</call>
<script>
search_pwds = ['bad', 'bad', 'bad', 'newnormal']
</script>
<iterate var="pwds" in="search_pwds" indexvar="index">
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mward,%s' % basedn ,
'dsInstancePswd' : '%s' % pwds,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
</iterate>
<call function="'testStep'">
{ 'stepMessage' : '%s Admin Resetting User Password.' % msg1 }
</call>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
'dsNewPassword' : 'normal' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s User Bind With New Password.' % msg1 }
</call>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mward,%s' % basedn ,
'dsInstancePswd' : 'normal' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<message>
'%s Postamble Step 5. Admin Resetting Lockout Count' % msg1
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Reset Lockout Failure Count.' % msg1 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--reset "lockout-failure-count"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'set-password-policy-prop',
'optionsString' : dsconfigOptions
}
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
</stax>