<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
! add the following below this CDDL HEADER, with the fields enclosed
! by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
! Copyright 2006-2008 Sun Microsystems, Inc.
! Portions Copyright 2012 ForgeRock AS
! -->
<stax>
<!--- Test Case information
#@TestMarker Lockout Failure Count
#@TestName Default Lockout Failure Count
#@TestIssue None
#@TestPurpose Verify that by default the lockout failure count is not active
#@TestPreamble None
#@TestStep Step 1. Get lockout-failure-count and value is 0
#@TestStep Step 2. Default Bind With Bad Pwd 3x RC 49
#@TestStep Step 3 User search with good password returns 0
#@TestStep Step 4. Get manage-account get-remaining-authentication-failure-count
#@TestPostamble None
#@TestResult Success if the 3 steps are PASS
-->
<function name="pwp_lockout_failure_count_001" scope="local">
<testcase name="getTestCaseName('PWP Default Lockout Failure Count')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Get Lockout Failure Count.' % msg2 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--property "lockout-failure-count"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'get-password-policy-prop',
'optionsString' : dsconfigOptions,
'expectedString' : 'lockout-failure-count : 0'
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Compare Lockout Failure Count Attribute.' % msg2 }
</call>
<call function="'compareEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'attrToBeCompared' : 'ds-cfg-lockout-failure-count:0',
'entryToBeCompared' : basepwp ,
'expectedRC' : 16 }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Default Bind With Bad Pwd 3x.' % msg2 }
</call>
<script>
search_pwds = ['bad', 'bad', 'bad']
</script>
<iterate var="pwds" in="search_pwds" indexvar="index">
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
'dsInstancePswd' : '%s' % pwds,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
</iterate>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
'dsInstancePswd' : 'oranges',
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Get manage-account get-remaining-authentication-failure-count.' % msg2 }
</call>
<call function="'manageAccountWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'subcommand' : 'get-remaining-authentication-failure-count' ,
'targetDn' : 'uid=bhall,%s' % basedn }
</call>
<script>
returnString = STAXResult[0][1]
</script>
<call function="'searchString'">
{ 'returnString' : returnString ,
'expectedString' : 'Remaining Authentication Failure Count' }
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
<!--- Test Case information
#@TestMarker Lockout Failure Count
#@TestName Set Lockout Failure Count
#@TestIssue None
#@TestPurpose Verify that lockout failure count can be activated
#@TestPreamble None
#@TestStep Setlockout-failure-count to 3
#@TestStep get-remaining-authentication-failure-count
#@TestPostamble None
#@TestResult Success if all tests are PASS
-->
<function name="pwp_lockout_failure_count_002" scope="local">
<testcase name="getTestCaseName('PWP Set Lockout Failure Count')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Set Lockout Failure Count.' % msg2 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--set "lockout-failure-count:3"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'set-password-policy-prop',
'optionsString' : dsconfigOptions
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Get manage-account get-remaining-authentication-failure-count.' % msg2 }
</call>
<call function="'manageAccountWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'subcommand' : 'get-remaining-authentication-failure-count' ,
'targetDn' : 'uid=bhall,%s' % basedn }
</call>
<script>
returnString = STAXResult[0][1]
</script>
<call function="'searchString'">
{ 'returnString' : returnString ,
'expectedString' : 'Remaining Authentication Failure Count: 3' }
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
<!--- Test Case information
#@TestMarker Lockout Failure Count
#@TestName Lockout With Bad Pwd 3x
#@TestIssue None
#@TestPurpose Lockout With Bad Pwd 3x
#@TestPreamble None
#@TestStep Lockout With Bad Pwd 3x SearchObject RC 49 3x
#@TestStep get-remaining-authentication-failure-count
#@TestPostamble None
#@TestResult Success if all tests are PASS
-->
<function name="pwp_lockout_failure_count_003" scope="local">
<testcase name="getTestCaseName('PWP Lockout With Bad Pwd 3x')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Lockout With Bad Pwd 3x.' % msg2 }
</call>
<script>
search_pwds = ['bad', 'bad', 'bad', 'oranges']
</script>
<iterate var="pwds" in="search_pwds" indexvar="index">
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
'dsInstancePswd' : '%s' % pwds,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
</iterate>
<call function="'testStep'">
{ 'stepMessage' : '%s Get manage-account get-remaining-authentication-failure-count.' % msg2 }
</call>
<call function="'manageAccountWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'subcommand' : 'get-remaining-authentication-failure-count' ,
'targetDn' : 'uid=bhall,%s' % basedn }
</call>
<script>
returnString = STAXResult[0][1]
</script>
<call function="'searchString'">
{ 'returnString' : returnString ,
'expectedString' : 'Remaining Authentication Failure Count: 0' }
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
<!--- Test Case information
#@TestMarker Lockout Failure Count
#@TestName Reset Lockout Failure Count Properties
#@TestIssue None
#@TestPurpose Reseting the Password policy and verify it
#@TestPreamble None
#@TestStep Step 1. Set lockout-failure-count to 0
#@TestStep Step 2. Check Bind With Previous User Lockout RC 0
#@TestStep Step 3. Check Bind With Bad Pwd 3x RC 49 3x
#@TestStep Step 4: User search with good password returns 0
#@TestPostamble None
#@TestResult Success if the 3 steps are PASS
-->
<function name="pwp_lockout_failure_count_004" scope="local">
<testcase name="getTestCaseName('PWP Reset Lockout Failure Count Properties')">
<sequence>
<try>
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Test Name = %s' % STAXCurrentTestcase
</message>
<call function="'testStep'">
{ 'stepMessage' : '%s Reset Lockout Failure Count.' % msg2 }
</call>
<script>
options=[]
options.append('--policy-name "Default Password Policy"')
options.append('--reset "lockout-failure-count"')
dsconfigOptions=' '.join(options)
</script>
<call function="'dsconfig'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
'subcommand' : 'set-password-policy-prop',
'optionsString' : dsconfigOptions
}
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Check Bind With Previous User Lockout.' % msg2 }
</call>
<!--- Check Locked Out User -->
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=bhall,%s' % basedn ,
'dsInstancePswd' : 'oranges' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<call function="'testStep'">
{ 'stepMessage' : '%s Check Bind With Bad Pwd 3x.' % msg2 }
</call>
<script>
search_pwds = ['bad', 'bad', 'bad']
</script>
<iterate var="pwds" in="search_pwds" indexvar="index">
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=gfarmer,%s' % basedn ,
'dsInstancePswd' : '%s' % pwds,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base',
'expectedRC' : 49 }
</call>
</iterate>
<call function="'testStep'">
{ 'stepMessage' : '%s Check Bind With Valid Password.' % msg2 }
</call>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=gfarmer,%s' % basedn ,
'dsInstancePswd' : 'ruling',
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base'}
</call>
</sequence>
<catch exception="'STAXException'" typevar="eType" var="eInfo">
<message log="1" level="'fatal'">
'%s: Test failed. eInfo(%s)' % (eType,eInfo)
</message>
</catch>
<finally>
<sequence>
<call function="'testCase_Postamble'"/>
</sequence>
</finally>
</try>
</sequence>
</testcase>
</function>
</stax>