5789N/A<?
xml version="1.0" encoding="UTF-8" standalone="no"?>
5789N/A ! The contents of this file are subject to the terms of the 5789N/A ! Common Development and Distribution License, Version 1.0 only 5789N/A ! (the "License"). You may not use this file except in compliance 5789N/A ! You can obtain a copy of the license at 5789N/A ! See the License for the specific language governing permissions 5789N/A ! and limitations under the License. 5789N/A ! When distributing Covered Code, include this CDDL HEADER in each 5789N/A ! file and include the License file at 5789N/A ! add the following below this CDDL HEADER, with the fields enclosed 5789N/A ! by brackets "[]" replaced with your own identifying information: 5789N/A ! Portions Copyright [yyyy] [name of copyright owner] 5789N/A ! Copyright 2006-2010 Sun Microsystems, Inc. 6049N/A ! Portions Copyright 2012-2013 ForgeRock AS 5789N/A <!--- Test Case information 5789N/A #@TestMarker Lockout Duration 5789N/A #@TestName Default Lockout Duration 5789N/A #@TestPurpose Verify that the default lockout duration is working 5789N/A #@TestStep Step 1. Get Lockout Duration 5789N/A #@TestStep Step 2. Set Lockout Failure Count to 3 5789N/A #@TestStep Step 3. User Lockout With Bad Password 3x 5789N/A #@TestStep Step 4. Admin Resets User Password 5789N/A #@TestStep Step 5. User Bind With New Password 5789N/A #@TestResult Success if the 5 steps are PASS 5789N/A <
function name="pwp_lockout_duration_001" scope="local">
5789N/A <
testcase name="getTestCaseName('PWP Default Lockout Duration')">
5789N/A <
call function="'testCase_Preamble'"/>
5789N/A 'Test Name = %s' % STAXCurrentTestcase
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Get Lockout Duration.' % msg1 }
5789N/A dsconfigOptions=' '.join(options)
5789N/A <
call function="'dsconfig'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5789N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5789N/A 'subcommand' : 'get-password-policy-prop',
5789N/A 'optionsString' : dsconfigOptions,
5789N/A 'expectedString' : 'lockout-duration : 0 s'
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Compare Lockout Duration Attribute.' % msg1 }
5789N/A <
call function="'compareEntry'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5789N/A 'attrToBeCompared' : 'ds-cfg-lockout-duration:0 seconds',
5789N/A 'entryToBeCompared' : basepwp }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Set Lockout Failure Count.' % msg1 }
5789N/A dsconfigOptions=' '.join(options)
5789N/A <
call function="'dsconfig'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5789N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5789N/A 'subcommand' : 'set-password-policy-prop',
5789N/A 'optionsString' : dsconfigOptions
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
5789N/A search_pwds = ['bad', 'bad', 'bad', 'normal']
5789N/A <
iterate var="pwds" in="search_pwds" indexvar="index">
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
5789N/A 'dsInstancePswd' : '%s' % pwds,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' ,
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Admin Resetting User Password.' % msg1 }
5789N/A <
call function="'ldapPasswordModifyWithScript'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5789N/A 'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
5789N/A 'dsNewPassword' : 'adminnormal' }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Bind With New Password.' % msg1 }
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
5789N/A 'dsInstancePswd' : 'adminnormal' ,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' }
5789N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5789N/A <
message log="1" level="'fatal'">
5789N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5789N/A <
call function="'testCase_Postamble'"/>
5789N/A <!--- Test Case information 5789N/A #@TestMarker Lockout Duration 5789N/A #@TestName Lockout Duration Short 5789N/A #@TestPurpose Lockout Duration Short 5789N/A #@TestStep Step 1. User Lockout with Bad Password 3x 5789N/A SearchObject returns 49 (3x with bad, 5789N/A Sleeping sleepForMilliSeconds 8000 5789N/A #@TestStep Step 2. User Changing Password returns 0 5789N/A #@TestStep Step 3. Admin Resetting User Password 5789N/A #@TestStep Step 4. User Bind With New Password 5789N/A #@TestResult Success if the 4 steps are PASS 5789N/A <
function name="pwp_lockout_duration_002" scope="local">
5789N/A <
testcase name="getTestCaseName('PWP Short Lockout Duration')">
5789N/A <
call function="'testCase_Preamble'"/>
5789N/A 'Test Name = %s' % STAXCurrentTestcase
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Set Lockout Duration to 10s.' % msg1 }
5789N/A dsconfigOptions=' '.join(options)
5789N/A <
call function="'dsconfig'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5789N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5789N/A 'subcommand' : 'set-password-policy-prop',
5789N/A 'optionsString' : dsconfigOptions
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
5789N/A search_pwds = ['bad', 'bad', 'bad', 'adminnormal']
5789N/A <
iterate var="pwds" in="search_pwds" indexvar="index">
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
5789N/A 'dsInstancePswd' : '%s' % pwds,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' ,
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Sleeping 8s.' % msg1 }
5789N/A { 'sleepForMilliSeconds' : '8000' }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Changing Password.' % msg1 }
5789N/A <
call function="'ldapPasswordModifyWithScript'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
5789N/A 'dsInstancePswd' : 'adminnormal' ,
5789N/A 'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
5789N/A 'dsNewPassword' : 'newnormal' }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Bind With New Password.' % msg1 }
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
5789N/A 'dsInstancePswd' : 'newnormal' ,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' }
5789N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5789N/A <
message log="1" level="'fatal'">
5789N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5789N/A <
call function="'testCase_Postamble'"/>
5789N/A <!--- Test Case information 5789N/A #@TestMarker Lockout Duration 5789N/A #@TestName Testing Lockout Duration Long 5789N/A #@TestPurpose Testing Lockout Duration Long 5789N/A #@TestStep Step 1. User Initial Bind returns 0 5789N/A #@TestStep Step 2. User Lockout with Bad Password 3x 5789N/A SearchObject returns 49 (3x with bad, 5789N/A Sleeping sleepForMilliSeconds 8000 5789N/A #@TestStep Step 3. User Changing Password returns 49 5789N/A #@TestStep Step 4. User Bind With New Password 5789N/A #@TestResult Success if the 4 steps are PASS 5789N/A <
function name="pwp_lockout_duration_003" scope="local">
5789N/A <
testcase name="getTestCaseName('PWP Long Lockout Duration')">
5789N/A <
call function="'testCase_Preamble'"/>
5789N/A 'Test Name = %s' % STAXCurrentTestcase
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Set Lockout Duration to 5d.' % msg1 }
5789N/A dsconfigOptions=' '.join(options)
5789N/A <
call function="'dsconfig'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5789N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5789N/A 'subcommand' : 'set-password-policy-prop',
5789N/A 'optionsString' : dsconfigOptions
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Get get-seconds-until-password-reset-lockout.' % msg1 }
5789N/A <
call function="'manageAccountWithScript'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5789N/A 'subcommand' : 'get-seconds-until-password-reset-lockout' ,
5789N/A 'targetDn' : 'uid=scarter,%s' % basedn }
5789N/A returnString = STAXResult[0][1]
5789N/A <
call function="'searchString'">
5789N/A { 'returnString' : returnString ,
5789N/A 'expectedString' : 'Seconds Until Password Reset Lockout:' }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Initial Bind.' % msg1 }
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
5789N/A 'dsInstancePswd' : 'strawberry' ,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
5789N/A search_pwds = ['bad', 'bad', 'bad', 'strawberry']
5789N/A <
iterate var="pwds" in="search_pwds" indexvar="index">
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
5789N/A 'dsInstancePswd' : '%s' % pwds,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' ,
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Sleeping 8s.' % msg1 }
5789N/A { 'sleepForMilliSeconds' : '8000' }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Changing Password.' % msg1 }
5789N/A <
call function="'ldapPasswordModifyWithScript'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
5789N/A 'dsInstancePswd' : 'strawberry' ,
5789N/A 'dsAuthzID' : 'dn:uid=bjablons,%s' % basedn ,
5789N/A 'dsNewPassword' : 'newberry' ,
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Bind With New Password.' % msg1 }
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=bjablons,%s' % basedn ,
5789N/A 'dsInstancePswd' : 'newberry' ,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5789N/A <
message log="1" level="'fatal'">
5789N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5789N/A <
call function="'testCase_Postamble'"/>
5789N/A <!--- Test Case information 5789N/A #@TestMarker Lockout Duration 5789N/A #@TestName Reset Lockout Properties 5789N/A #@TestPurpose Verify that lockout properties can be reset 5789N/A #@TestStep Step 1. Reset Lockout Duration to 0 5789N/A #@TestStep Step 2. User Lockout with Bad Password 3x 5789N/A #@TestStep Stpe 4. Sleeping sleepForMilliSeconds 8000 5789N/A #@TestStep Step 5. User Changing Password returns 0 5789N/A #@TestStep Step 6. User Bind With New Password 5789N/A #@TestResult Success if the 4 steps are PASS 5789N/A <
function name="pwp_lockout_duration_004" scope="local">
6049N/A <
testcase name="getTestCaseName('PWP Reset Lockout Duration Properties')">
5789N/A <
call function="'testCase_Preamble'"/>
5789N/A 'Test Name = %s' % STAXCurrentTestcase
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Reset Lockout Duration.' % msg1 }
5789N/A dsconfigOptions=' '.join(options)
5789N/A <
call function="'dsconfig'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5789N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5789N/A 'subcommand' : 'set-password-policy-prop',
5789N/A 'optionsString' : dsconfigOptions
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Lockout With Bad Password 3x.' % msg1 }
5789N/A search_pwds = ['bad', 'bad', 'bad', 'newnormal']
5789N/A <
iterate var="pwds" in="search_pwds" indexvar="index">
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
5789N/A 'dsInstancePswd' : '%s' % pwds,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' ,
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Admin Resetting User Password.' % msg1 }
5789N/A <
call function="'ldapPasswordModifyWithScript'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5789N/A 'dsAuthzID' : 'dn:uid=mward,%s' % basedn ,
5789N/A 'dsNewPassword' : 'normal' }
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s User Bind With New Password.' % msg1 }
5789N/A <
call function="'SearchObject'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5789N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5789N/A 'dsInstanceDn' : 'uid=mward,%s' % basedn ,
5789N/A 'dsInstancePswd' : 'normal' ,
5789N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5789N/A 'dsFilter' : 'objectclass=*' ,
5789N/A 'extraParams' : '-s base' }
5789N/A '%s Postamble Step 5. Admin Resetting Lockout Count' % msg1
5789N/A <
call function="'testStep'">
5789N/A { 'stepMessage' : '%s Reset Lockout Failure Count.' % msg1 }
5789N/A dsconfigOptions=' '.join(options)
5789N/A <
call function="'dsconfig'">
5789N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5789N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5789N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5789N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5789N/A 'subcommand' : 'set-password-policy-prop',
5789N/A 'optionsString' : dsconfigOptions
5789N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5789N/A <
message log="1" level="'fatal'">
5789N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5789N/A <
call function="'testCase_Postamble'"/>