<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
! add the following below this CDDL HEADER, with the fields enclosed
! by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
! Copyright 2010 Sun Microsystems, Inc.
! -->
<stax>
<defaultcall function="clus_ssl_ldappasswdmodify"/>
<function name="clus_ssl_ldappasswdmodify" scope="local">
<sequence>
<block name="'clus_ssl_ldappasswdmodify'">
<sequence>
<!--- Test Suite information
#@TestSuiteName SSL ldappasswordmodify check behaviors
#@TestSuitePurpose Test the results of ssl ldappasswordmodify
command.
#@TestSuiteGroup ldappasswordmodify check behavior tests
#@TestScript clus_ssl_ldapassmodify.xml
-->
<script>
if not CurrentTestPath.has_key('group'):
CurrentTestPath['group'] = 'clu_secure'
CurrentTestPath['suite'] = STAXCurrentBlock
</script>
<call function="'testSuite_Preamble'"/>
<!--- Test Case information
#@TestMarker SSL ldappasswordmodify check behavior tests
#@TestName Client blind trust : ldappasswordmodify
#@TestIssue none
#@TestPurpose Verify that a user can change his own
password when client trust all server
certificates
#@TestPreamble none
#@TestStep Check that user.200 can do an SSL ldapsearch.
#@TestStep Do an ldappasswordmodify to change user
password
#@TestStep Check that user.200 can't do an ldapsearch
with his old password
#@TestStep Check that user.200 can do an ldapsearch with
his new password
#@TestPostamble none
#@TestResult Success if user200password works.
-->
<testcase name="getTestCaseName('Client blind trust : ldappasswordmodify')">
<sequence>
<call function="'testCase_Preamble'"/>
<call function="'ldapSearchWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsUseSSL' : ' ' ,
'dsTrustAll' : ' ' ,
'dsInstanceDn' : 'uid=user.200,ou=people,dc=com',
'dsInstancePswd' : 'password' ,
'dsTypesOnly' : 'True' ,
'dsBaseDN' : 'dc=com' ,
'dsFilter' : 'uid=user.*'
}
</call>
<call function="'ldapPasswordModifyWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsAuthzID' : 'uid=user.200,ou=people,dc=com' ,
'dsUseSSL' : ' ' ,
'dsTrustAll' : ' ' ,
'dsCurrentPassword' : 'password' ,
'dsNewPassword' : 'user200password'
}
</call>
<call function="'ldapSearchWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsInstanceDn' : 'uid=user.200,ou=people,dc=com' ,
'dsInstancePswd' : 'password' ,
'dsUseSSL' : ' ' ,
'dsTrustAll' : ' ' ,
'dsTypesOnly' : 'True' ,
'dsBaseDN' : 'dc=com' ,
'dsFilter' : 'uid=user.*' ,
'expectedRC' : 49
}
</call>
<call function="'ldapSearchWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsUseSSL' : ' ' ,
'dsTrustAll' : ' ' ,
'dsInstanceDn' : 'uid=user.200,ou=people,dc=com',
'dsInstancePswd' : 'user200password' ,
'dsTypesOnly' : 'True' ,
'dsBaseDN' : 'dc=com' ,
'dsFilter' : 'uid=user.*'
}
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker SSL ldappasswordmodify check behaviors
#@TestName Client blind trust : ldappasswordmodify
#@TestIssue none
#@TestPurpose Verify that a user can change his own
password when client uses a TrustStore file.
#@TestPreamble none
#@TestStep Check that user.201 can do an ssl ldapsearch.
#@TestStep Do an ldappasswordmodify to change user
password.
#@TestStep Check that user.201 can't do an ldapsearch with
his old password.
#@TestStep Check that user.201 can do an ldapsearch with
his new password.
#@TestPostamble none
#@TestResult Success if user201password works.
-->
<testcase name="getTestCaseName('Client trust file : ldappasswordmodify')">
<sequence>
<call function="'testCase_Preamble'"/>
<call function="'ldapSearchWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsUseSSL' : ' ' ,
%InstanceInstallDir,
'dsTrustStorePassword': 'clientruststorepass',
'dsInstanceDn' : 'uid=user.201,ou=people,dc=com',
'dsInstancePswd' : 'password' ,
'dsTypesOnly' : 'True' ,
'dsBaseDN' : 'dc=com' ,
'dsFilter' : 'uid=user.*'
}
</call>
<call function="'ldapPasswordModifyWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsAuthzID' : 'uid=user.201,ou=people,dc=com' ,
'dsUseSSL' : ' ' ,
%InstanceInstallDir,
'dsTrustStorePassword': 'clientruststorepass',
'dsCurrentPassword' : 'password' ,
'dsNewPassword' : 'user201password'
}
</call>
<call function="'ldapSearchWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsInstanceDn' : 'uid=user.201,ou=people,dc=com' ,
'dsInstancePswd' : 'password' ,
'dsUseSSL' : ' ' ,
%InstanceInstallDir,
'dsTrustStorePassword': 'clientruststorepass',
'dsTypesOnly' : 'True' ,
'dsBaseDN' : 'dc=com' ,
'dsFilter' : 'uid=user.*' ,
'expectedRC' : 49
}
</call>
<call function="'ldapSearchWithScript'">
{
'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT ,
'dsUseSSL' : ' ' ,
%InstanceInstallDir,
'dsTrustStorePassword': 'clientruststorepass',
'dsInstanceDn' : 'uid=user.201,ou=people,dc=com',
'dsInstancePswd' : 'user201password' ,
'dsTypesOnly' : 'True' ,
'dsBaseDN' : 'dc=com' ,
'dsFilter' : 'uid=user.*'
}
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<call function="'testSuite_Postamble'"/>
</sequence>
</block>
</sequence>
</function>
</stax>