DictionaryPasswordValidatorTestCase.java revision ea1068c292e9b341af6d6b563cd8988a96be20a9
* The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * See the License for the specific language governing permissions * and limitations under the License. * When distributing Covered Code, include this CDDL HEADER in each * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * Portions Copyright [yyyy] [name of copyright owner] * Copyright 2006-2008 Sun Microsystems, Inc. * Portions Copyright 2011 profiq, s.r.o. * Portions Copyright 2014-2015 ForgeRock AS * A set of test cases for the dictionary password validator. * The path to the dictionary file that we have created for the purposes of * Ensures that the Directory Server is running. Also, create a very small * test dictionary file to use for the test cases so we don't suffer from * loading the real word list every time. * @throws Exception If an unexpected problem occurs. * The Dictionary can take up a lot of memory, so we restart the server to * implicitly unregister the validator and free the memory. * Retrieves a set of valid configuration entries that may be used to * initialize the validator. * @throws Exception If an unexpected problem occurs. "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: true",
"ds-cfg-check-substrings: true",
"ds-cfg-min-substring-length: 3",
"dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: true",
"ds-cfg-test-reversed-password: true",
"ds-cfg-check-substrings: false",
"dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: true",
"ds-cfg-check-substrings: true");
* Tests the process of initializing the server with valid configurations. * @param entry The configuration entry to use for the initialization. * @throws Exception If an unexpected problem occurs. * Retrieves a set of invalid configuration entries. * @throws Exception If an unexpected problem occurs. // Invalid dictionary file "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-dictionary-file: invalid",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: true",
"ds-cfg-check-substrings: false",
// Dictionary file not a file. "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-dictionary-file: config",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: true",
"ds-cfg-check-substrings: false",
// Invalid case-sensitive-validation "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: invalid",
"ds-cfg-test-reversed-password: true",
"ds-cfg-check-substrings: false",
// Invalid test-reversed-password "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: invalid",
"ds-cfg-check-substrings: false",
// Invalid check-substrings "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: invalid",
"ds-cfg-check-substrings: invalid",
// Invalid min-substring-length "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: invalid",
"ds-cfg-check-substrings: true",
"ds-cfg-min-substring-length: invalid");
* Tests the process of initializing the server with invalid configurations. * @param entry The configuration entry to use for the initialization. * @throws Exception If an unexpected problem occurs. * Retrieves a set of data to use when testing a given password with a * provided configuration. Each element of the returned array should be an * array of a configuration entry, a test password string, and an indication * as to whether the provided password should be acceptable. * @throws Exception If an unexpected problem occurs. // Default configuration with a word not in the dictionary. "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-check-substrings: false",
"ds-cfg-test-reversed-password: true"),
// Default configuration with a word in the dictionary "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-check-substrings: false",
"ds-cfg-test-reversed-password: true"),
// Default configuration with a word in the dictionary, case-insensitive "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-check-substrings: false",
"ds-cfg-test-reversed-password: true"),
// Default configuration with a word in the dictionary, case-insensitive "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: true",
"ds-cfg-check-substrings: false",
"ds-cfg-test-reversed-password: true"),
// Default configuration with a reverse of a word in the dictionary, // reversed matching enabled "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: true"),
// Default configuration with a reverse of a word in the dictionary, // reversed matching disabled "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: false"),
// Default configuration with a reverse of a word in the dictionary, // reversed matching enabled and case-insensitive matching enabled "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: true"),
// Default configuration with a reverse of a word in the dictionary, // reversed matching enabled and case-insensitive matching disabled "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: true",
"ds-cfg-test-reversed-password: true"),
// Substrings checking configuration with a word in the dictionary, // case-sensitive matching enabled "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: true",
"ds-cfg-check-substrings: true",
"ds-cfg-min-substring-length: 3",
"ds-cfg-test-reversed-password: true"),
// Substrings checking configuration with a word in the dictionary, // case-sensitive matching disabled "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-check-substrings: true",
"ds-cfg-min-substring-length: 3",
"ds-cfg-test-reversed-password: true"),
// Substrings checking configuration with a word in the dictionary, // case-sensitive matching enabled (dictionary word is lower case) "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: true",
"ds-cfg-check-substrings: true",
"ds-cfg-min-substring-length: 3",
"ds-cfg-test-reversed-password: true"),
// Substrings checking configuration with a word in the dictionary, // case-sensitive matching disabled, and minimal substring length // of 5 while the password is only 3 characters "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-check-substrings: true",
"ds-cfg-min-substring-length: 5",
"ds-cfg-test-reversed-password: true"),
// Substrings checking configuration with a word in the dictionary, // case-sensitive matching disabled, and minimal substring length // of 5 while the word in the dictionary is only 3 characters "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-check-substrings: true",
"ds-cfg-min-substring-length: 5",
"ds-cfg-test-reversed-password: true"),
// Substring checking configuration with a reverse of a word in the // dictionary, reversed matching enabled and case-insensitive "dn: cn=Dictionary,cn=Password Validators,cn=config",
"objectClass: ds-cfg-password-validator",
"objectClass: ds-cfg-dictionary-password-validator",
"ds-cfg-java-class: org.opends.server.extensions." +
"DictionaryPasswordValidator",
"ds-cfg-case-sensitive-validation: false",
"ds-cfg-test-reversed-password: true",
"ds-cfg-check-substrings: true"),
* Tests the {@code passwordIsAcceptable} method using the provided * @param configEntry The configuration entry to use for the password * @param password The password to test with the validator. * @param acceptable Indicates whether the provided password should be * @throws Exception If an unexpected problem occurs. "dn: uid=test.user,o=test",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"userPassword: doesntmatter");