2043N/A<?
xml version="1.0" encoding="UTF-8" standalone="no"?>
2043N/A ! The contents of this file are subject to the terms of the 2043N/A ! Common Development and Distribution License, Version 1.0 only 2043N/A ! (the "License"). You may not use this file except in compliance 2043N/A ! You can obtain a copy of the license at 2043N/A ! See the License for the specific language governing permissions 2043N/A ! and limitations under the License. 2043N/A ! When distributing Covered Code, include this CDDL HEADER in each 2043N/A ! file and include the License file at 2043N/A ! add the following below this CDDL HEADER, with the fields enclosed 2043N/A ! by brackets "[]" replaced with your own identifying information: 2043N/A ! Portions Copyright [yyyy] [name of copyright owner] 3232N/A ! Copyright 2007-2008 Sun Microsystems, Inc. 5772N/A ! Portions Copyright 2012 ForgeRock AS 2043N/A <
defaultcall function="history_based"/>
2043N/A <
function name="history_based">
3705N/A <!--- Test Suite information 3705N/A #@TestSuiteName History based 3705N/A #@TestSuitePurpose Reject Passwords looking in the History Base 3705N/A #@TestSuiteGroup History Based 3705N/A <!--- Define default value for basedn --> 3705N/A basedn1 = 'ou=people,ou=password tests,'
3705N/A basedn = '%s o=Pwd Validator Tests,dc=example,dc=com' % basedn1
3705N/A msg = 'Security: Pwd Validator: History Based:'
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: Preamble 3705N/A #@TestPurpose Preamble Enabling History Based Validator 3705N/A #@TestStep Admin Enabling History Based Validator set 3705N/A password-history-count to 3 3705N/A #@TestResult Success if the test is PASS 2085N/A <
testcase name="getTestCaseName('History Based: Preamble')">
2043N/A <
call function="'testCase_Preamble'"/>
3705N/A '%s Preamble - Admin Enabling Validator' % msg
2043N/A <
call function="'modifyPwdPolicy'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
2043N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
2043N/A 'propertyName' : 'Default Password Policy' ,
2043N/A 'attributeName' : 'password-history-count' ,
2043N/A <
call function="'testCase_Postamble'"/>
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: user modify password 1 3705N/A #@TestPurpose user modify password 1 3705N/A #@TestStep user modify password 1 from sprain to sprainone 3705N/A #@TestStep user modify password back to old password sprain 3705N/A #@TestStep user binding with password 1 sprainone RC 0 3705N/A #@TestResult Success if the 3 tests are PASS 3705N/A<
testcase name="getTestCaseName('History Based: user modifying password 1')">
2043N/A <
call function="'testCase_Preamble'"/>
3705N/A '%s user modifying password 1' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprain' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
3705N/A 'dsNewPassword' : 'sprainone' }
3705N/A '%s user modifying password back to old password' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainone' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
3705N/A 'dsNewPassword' : 'sprain' ,
3705N/A '%s user binding with password 1' % msg
2043N/A <
call function="'SearchObject'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainone' ,
2043N/A 'dsBaseDN' : 'dc=example,dc=com' ,
2043N/A 'dsFilter' : 'objectclass=*' ,
5771N/A 'extraParams' : '-s base' }
2043N/A <
call function="'testCase_Postamble'"/>
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: user modifying password 2 3705N/A #@TestPurpose user modifying password 2 3705N/A #@TestStep user modify password from sprainone to spraintwo 3705N/A #@TestStep user modify password back to old passwords sprain 3705N/A #@TestStep user binding with password 2 spraintwo RC 0 3814N/A #@TestStep Check manage-account get-password-history 3814N/A #@TestResult Success if the 4 tests are PASS 3705N/A<
testcase name="getTestCaseName('History Based: user modifying password 2')">
2043N/A <
call function="'testCase_Preamble'"/>
3705N/A '%s user modifying password 2' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainone' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
5771N/A 'dsNewPassword' : 'spraintwo' }
3705N/A '%s user modifying password back to old passwords' % msg
2043N/A modify_pwds = ['sprain', 'sprainone']
2043N/A <
iterate var="pwds" in="modify_pwds" indexvar="index">
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'spraintwo' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
3705N/A 'dsNewPassword' : '%s' % pwds ,
3705N/A '%s user binding with password 2' % msg
2043N/A <
call function="'SearchObject'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
2043N/A 'dsInstancePswd' : 'spraintwo' ,
2043N/A 'dsBaseDN' : 'dc=example,dc=com' ,
2043N/A 'dsFilter' : 'objectclass=*' ,
5771N/A 'extraParams' : '-s base' }
3951N/A '%s Check manage-account get-password-history ' % msg
3814N/A <
call function="'manageAccountWithScript'">
3814N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
3814N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
3814N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
3814N/A 'subcommand' : 'get-password-history' ,
3814N/A 'targetDn' : 'uid=scarter,%s' % basedn }
3814N/A returnString = STAXResult[0][1]
3814N/A <
call function="'checktestString'">
3814N/A { 'returnString' : returnString ,
3814N/A 'expectedString' : 'Password History: 2' }
2043N/A <
call function="'testCase_Postamble'"/>
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: user modifying password 3 3705N/A #@TestPurpose user modifying password 3 3705N/A #@TestStep user modify password from spraintwo to sprainthree 3705N/A #@TestStep user modify password back to old passwords sprain 5772N/A sprainone and spraintwo RC 19 3705N/A #@TestStep user binding with password 3 sprainthree RC 0 3705N/A #@TestResult Success if the 3 tests are PASS 3705N/A<
testcase name="getTestCaseName('History Based: user modifying password 3')">
2043N/A <
call function="'testCase_Preamble'"/>
3705N/A '%s user modifying password 3' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'spraintwo' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
5771N/A 'dsNewPassword' : 'sprainthree' }
3705N/A '%s user modifying password back to old passwords' % msg
2043N/A modify_pwds = ['sprain', 'sprainone', 'spraintwo']
2043N/A <
iterate var="pwds" in="modify_pwds" indexvar="index">
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainthree' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
3705N/A 'dsNewPassword' : '%s' % pwds ,
3705N/A '%s user binding with password 3' % msg
2043N/A <
call function="'SearchObject'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainthree' ,
2043N/A 'dsBaseDN' : 'dc=example,dc=com' ,
2043N/A 'dsFilter' : 'objectclass=*' ,
5771N/A 'extraParams' : '-s base' }
2043N/A <
call function="'testCase_Postamble'"/>
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: user modifying password 4 3705N/A #@TestPurpose user modifying password 4 3705N/A #@TestStep user modify password from sprainthree to sprainfour 3705N/A #@TestStep user modify password back to last 3 passwords 5772N/A sprainone spraintwo and sprainthree RC 19 3705N/A #@TestStep user modify password back to original password 3705N/A #@TestStep user binding with original password sprain RC 0 3705N/A #@TestResult Success if the 4 tests are PASS 3705N/A<
testcase name="getTestCaseName('History Based: user modifying password 4')">
2043N/A <
call function="'testCase_Preamble'"/>
3705N/A '%s user modifying password 4' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainthree' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn ,
5771N/A 'dsNewPassword' : 'sprainfour' }
3705N/A '%s user modifying password back to old passwords' % msg
2043N/A modify_pwds = ['sprainone', 'spraintwo', 'sprainthree']
2043N/A <
iterate var="pwds" in="modify_pwds" indexvar="index">
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainfour' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
3705N/A 'dsNewPassword' : '%s' % pwds ,
3705N/A '%s user modifying password to original one' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn ,
2043N/A 'dsInstancePswd' : 'sprainfour' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
5771N/A 'dsNewPassword' : 'sprain' }
3705N/A '%s user binding with original password' % msg
2043N/A <
call function="'SearchObject'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprain' ,
2043N/A 'dsBaseDN' : 'dc=example,dc=com' ,
2043N/A 'dsFilter' : 'objectclass=*' ,
2043N/A 'extraParams' : '-s base' }
2043N/A <
call function="'testCase_Postamble'"/>
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: Modify password history duration 3705N/A #@TestPurpose user modifying password history duration 3705N/A #@TestStep set password-history-duration to 10 s 3705N/A #@TestResult Success if the test is PASS 3705N/A <
testcase name="getTestCaseName 3705N/A ('History Based: Modify password history duration')">
2043N/A <
call function="'testCase_Preamble'"/>
3705N/A '%s Admin modifying password history duration' % msg
2043N/A <
call function="'modifyPwdPolicy'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
2043N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
2043N/A 'propertyName' : 'Default Password Policy' ,
2043N/A 'attributeName' : 'password-history-duration' ,
2043N/A 'attributeValue' : '10 s' }
2043N/A <
call function="'testCase_Postamble'"/>
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: user modifying password after 3705N/A #@TestPurpose The "Password History Duration" property specifies 3705N/A the maximum length of time that a formerly-used 3705N/A password should remain in the user's password 3705N/A #@TestStep Sleep of 15 seconds 3705N/A #@TestStep user modifying password after duration RC 0 3705N/A #@TestStep user binding with password after duration RC 0 3705N/A #@TestResult Success if the 3 tests are PASS 3705N/A <
testcase name="getTestCaseName 3705N/A ('History Based: user modifying password after duration')">
2043N/A <
call function="'testCase_Preamble'"/>
2043N/A 'Security: Pwd Validator: History Based: - Sleeping'
2043N/A { 'sleepForMilliSeconds' : '15000' }
3705N/A '%s user modifying password after duration' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprain' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn ,
3705N/A 'dsNewPassword' : 'sprainone' , }
3705N/A '%s user binding with password after duration' % msg
2043N/A <
call function="'SearchObject'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainone' ,
2043N/A 'dsBaseDN' : 'dc=example,dc=com' ,
2043N/A 'dsFilter' : 'objectclass=*' ,
2043N/A 'extraParams' : '-s base' }
2043N/A <
call function="'testCase_Postamble'"/>
3705N/A <!--- Test Case information 3705N/A #@TestName History Based: Postamble 3705N/A #@TestPurpose Postamble Admin resetting password history duration 3705N/A #@TestStep reset password-history-duration to 0 d 3705N/A #@TestStep reset password-history-count to 0 3705N/A #@TestStep user modifying password back to old passwords RC 0 3705N/A #@TestStep user Searching With Password sprain RC 0 3705N/A #@TestResult Success if the 3 tests are PASS 2085N/A <
testcase name="getTestCaseName('History Based: Postamble')">
2043N/A <
call function="'testCase_Preamble'"/>
3705N/A '%s Postamble Step 1. Admin resets password history duration' % msg
2043N/A <
call function="'modifyPwdPolicy'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
2043N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
2043N/A 'propertyName' : 'Default Password Policy' ,
2043N/A 'attributeName' : 'password-history-duration' ,
3705N/A '%s Postamble Step 2. Admin resetting password history count' % msg
2043N/A <
call function="'modifyPwdPolicy'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
2043N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
2043N/A 'propertyName' : 'Default Password Policy' ,
2043N/A 'attributeName' : 'password-history-count' ,
2043N/A <!--- User Change Password --> 3705N/A '%s Postamble Step 3. user modify pwd back to old passwords' % msg
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
3705N/A 'dsInstancePswd' : 'sprainone' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
3705N/A 'dsNewPassword' : 'spraintwo' }
3705N/A <
call function="'ldapPasswordModifyWithScript'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
3705N/A 'dsInstancePswd' : 'spraintwo' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn ,
3705N/A 'dsNewPassword' : 'sprainthree' }
3705N/A <
call function="'ldapPasswordModifyWithScript'">
3705N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
3705N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprainthree' ,
3705N/A 'dsAuthzID' : 'dn:uid=scarter, %s' % basedn,
3705N/A 'dsNewPassword' : 'sprain' }
3705N/A '%s Postamble Step 4. User Searching With Password' % msg
2043N/A <
call function="'SearchObject'">
2043N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
2043N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
3705N/A 'dsInstanceDn' : 'uid=scarter,%s' % basedn,
2043N/A 'dsInstancePswd' : 'sprain' ,
2043N/A 'dsBaseDN' : 'dc=example,dc=com' ,
2043N/A 'dsFilter' : 'objectclass=*' ,
2043N/A 'extraParams' : '-s base' }
2043N/A <
call function="'testCase_Postamble'"/>