security_pwd_SSHA256.xml revision 987a50dfe113ed235d28716ff080b59e8873655c
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift<?xml version="1.0" encoding="UTF-8" standalone="no"?>
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! CDDL HEADER START
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! The contents of this file are subject to the terms of the
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! Common Development and Distribution License, Version 1.0 only
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! (the "License"). You may not use this file except in compliance
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! with the License.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! You can obtain a copy of the license at
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! See the License for the specific language governing permissions
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! and limitations under the License.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! When distributing Covered Code, include this CDDL HEADER in each
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! file and include the License file at
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! add the following below this CDDL HEADER, with the fields enclosed
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! by brackets "[]" replaced with your own identifying information:
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! Portions Copyright [yyyy] [name of copyright owner]
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! CDDL HEADER END
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift ! Portions Copyright 2006-2007 Sun Microsystems, Inc.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift Place suite-specific test information here.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestSuiteName SSHA256 Tests
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestSuitePurpose Test the SSHA256 storage scheme.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestSuiteGroup SSHA256 Storage Scheme Tests
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift <!--- Test case: Admin Change To SSHA256 Storage Scheme -->
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift Place test-specific test information here.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift The tag, TestMarker, must be the same as the tag, TestSuiteName.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestMarker SSHA256 Tests
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestName SSHA256 Preamble
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestIssue 314
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestPurpose Change password storage scheme to SSHA256.
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift #@TestPreamble none
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift #@TestStep Client calls ldapmodify
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift with the filename to the appropriate file.
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift #@TestPostamble none
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift #@TestResult Success if OpenDS returns 0
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift <testcase name="getTestCaseName('SSHA256 - Preamble')">
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift 'Security: Pwd Storage SSHA256: Preamble - Admin Changing to SSHA256 Storage Scheme'
6268e3d1b165bc72bbab62862e9b3b30e8883c97matthew_swift { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
6268e3d1b165bc72bbab62862e9b3b30e8883c97matthew_swift 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
6268e3d1b165bc72bbab62862e9b3b30e8883c97matthew_swift 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift 'propertyName' : 'Default Password Policy' ,
2e334e4f58d7760ed0788f5db5524d87934d6869matthew_swift 'attributeName' : 'default-password-storage-scheme' ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'attributeValue' : 'Salted SHA-256' }
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift <!--- Test Case : User Change Password SSHA256 Scheme-->
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift Place test-specific test information here.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift The tag, TestMarker, must be the same as the tag, TestSuiteName.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestMarker SSHA256 Tests
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestName SSHA256 Test 1
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestIssue 314
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestPurpose Test SSHA256 password storage scheme.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestPreamble none
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestStep Admin changes a user's password to convert
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift so it is stored as SSHA256 scheme.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestStep The user binds with the new password.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestStep Admin retrieves the user's password and
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift checks for the required {SSHA256} prefix.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestPostamble none
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestResult Success if OpenDS returns 0 for the ldap
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift operations and the password has the {SSHA256} prefix.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift <testcase name="getTestCaseName('SSHA256 - Pwd Change')">
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'Security: Pwd Storage SSHA256: User Changing Password'
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'dsInstanceDn' : 'uid=kvaughan,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'dsInstancePswd' : 'bribery' ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'DNToModify' : 'uid=kvaughan,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'attributeName' : 'userpassword' ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'newAttributeValue' : 'SSHA256bribery' ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'changetype' : 'replace' }
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'Security: Pwd Storage SSHA256: User Binding With New Password'
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'dsInstanceDn' : 'uid=kvaughan,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'dsInstancePswd' : 'SSHA256bribery' ,
408b8eb145348cb8f251a8abfec96e7e4e80f630matthew_swift 'dsBaseDN' : 'dc=example,dc=com' ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsFilter' : 'objectclass=*' ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'extraParams' : '-s base' }
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'Security: Pwd Storage SSHA256: Checking for SSHA256 Scheme On New Password'
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsBaseDN' : 'uid=kvaughan,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsFilter' : 'objectclass=*' ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'attributes' : 'userpassword' }
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift returnString = STAXResult[0][1]
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift { 'returnString' : returnString ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'expectedString' : '{SSHA256}' }
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift <!--- Test case: Admin Reset To SSHA Storage Scheme -->
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift Place test-specific test information here.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift The tag, TestMarker, must be the same as the tag, TestSuiteName.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestMarker SSHA256 Tests
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestName SSHA256 Postamble
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestIssue 314
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift #@TestPurpose Reset password storage scheme to the default, SSHA.
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift #@TestPreamble none
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift #@TestStep Client calls ldapmodify
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift with the filename to the appropriate file.
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift #@TestPostamble none
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift #@TestResult Success if OpenDS returns 0
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift <testcase name="getTestCaseName('SSHA256 - Postamble')">
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift 'Security: Pwd Storage SSHA256: Postamble - Admin Resetting to SSHA Storage Scheme'
91940c5122d22be4fd20bc41db2ffc4a9ba4ce59matthew_swift { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'propertyName' : 'Default Password Policy' ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'attributeName' : 'default-password-storage-scheme' ,
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift 'attributeValue' : 'Salted SHA-1' }