PasswordStorageSchemeTestCase.java revision ff1293486c5e276c25f0c2c040ffda78520249c5
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2006-2008 Sun Microsystems, Inc.
* Portions Copyright 2010-2015 ForgeRock AS.
*/
/** A set of generic test cases for password storage schemes. */
@SuppressWarnings("javadoc")
public abstract class PasswordStorageSchemeTestCase
extends ExtensionsTestCase
{
/** The configuration entry for this password storage scheme. */
protected ConfigEntry configEntry;
/**
* The string representation of the DN of the configuration entry for this
* password storage scheme.
*/
private String configDNString;
/**
* Creates a new instance of this password storage scheme test case with the
* provided information.
*
* @param configDNString The string representation of the DN of the
* configuration entry, or <CODE>null</CODE> if there
* is none.
*/
{
super();
this.configDNString = configDNString;
this.configEntry = null;
}
/**
* Ensures that the Directory Server is started before running any of these
* tests.
*/
public void startServer() throws Exception
{
if (configDNString != null)
{
}
}
/**
* Retrieves a set of passwords that may be used to test the password storage
* scheme.
*
* @return A set of passwords that may be used to test the password storage
* scheme.
*/
public Object[][] getTestPasswords()
{
return getTestPasswordsStatic();
}
static Object[][] getTestPasswordsStatic()
{
return new Object[][]
{
"The Lazy Dog") },
"ba\u00F1o?") }
};
}
/**
* Creates an instance of the password storage scheme, uses it to encode the
* provided password, and ensures that the encoded value is correct.
*
* @param plaintext The plain-text version of the password to encode.
* @throws Exception If an unexpected problem occurs.
*/
throws Exception
{
}
{
if (scheme.supportsAuthPasswordSyntax())
{
}
else
{
try
{
throw new Exception("Expected encodedAuthPassword to fail for scheme " +
" because it doesn't support auth passwords.");
}
catch (DirectoryException de)
{
// This was expected.
}
}
if (scheme.isReversible())
{
}
else
{
try
{
throw new Exception("Expected getPlaintextValue to fail for scheme " +
" because it is not reversible.");
}
catch (DirectoryException de)
{
// This was expected.
}
}
}
public static Object[][] passwordsForBinding()
{
return new Object[][]
{
// In the case of a clear-text password, these values will be shoved
// un-excaped into an LDIF file, so make sure they don't include \n
// or other characters that will cause LDIF parsing errors.
// We really don't need many test cases here, since that functionality
// is tested above.
};
}
/**
* An end-to-end test that verifies that we can set a pre-encoded password
* in a user entry, and then bind as that user using the cleartext password.
*/
{
}
{
boolean allowPreencodedDefault = setAllowPreencodedPasswords(true);
try {
// This code creates a user with the encoded password,
// and then verifies that they can bind with the raw password.
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"ds-privilege-name: bypass-acl",
"userPassword: " + schemeEncodedPassword);
"Failed to bind when pre-encoded password = \"" +
schemeEncodedPassword + "\" and " +
"plaintext password = \"" +
plainPassword + "\"");
} finally {
}
}
/**
* Sets whether or not to allow pre-encoded password values for the
* current password storage scheme and returns the previous value so that
* it can be restored.
*
* @param allowPreencoded whether or not to allow pre-encoded passwords
* @return the previous value for the allow preencoded passwords
*/
protected static boolean setAllowPreencodedPasswords(boolean allowPreencoded)
throws Exception
{
// This code was borrowed from
// PasswordPolicyTestCase.testAllowPreEncodedPasswordsAuth
boolean previousValue = false;
try {
} catch (Exception e) {
" to " + allowPreencoded);
e.printStackTrace();
throw e;
}
return previousValue;
}
{
boolean allowPreencodedDefault = setAllowPreencodedPasswords(true);
try
{
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"givenName: " + upperName,
"sn: User",
"userPassword: " + encodedPassword);
"Failed to bind when pre-encoded password = \"" + encodedPassword
}
finally
{
}
}
/**
* Tests the <CODE>encodeOffline</CODE> method.
*
* @param plaintext
* The plaintext password to use for the test.
* @throws Exception
* If an unexpected problem occurs.
*/
{
if (passwordString != null)
{
}
}
/**
* Retrieves an initialized instance of this password storage scheme.
*
* @return An initialized instance of this password storage scheme.
* @throws Exception
* If an unexpected problem occurs.
*/
/**
* Encodes the provided plaintext password while offline.
*
* @param plaintextBytes
* The plaintext password in bytes to use for the test.
* @throws DirectoryException
* If an unexpected problem occurs.
*/
{
return null;
}
}