clu_secure/clus_starttls/clus_starttls_ldapcompare.xml

6031e9c7eb72435516a6828deb2e97533ed0382dludovicp<?xml version="1.0" encoding="UTF-8" standalone="no"?>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp<!DOCTYPE stax SYSTEM "/shared/stax.dtd">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp<!--
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! CDDL HEADER START
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp !
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! The contents of this file are subject to the terms of the
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! Common Development and Distribution License, Version 1.0 only
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! (the "License").  You may not use this file except in compliance
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! with the License.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp !
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! or http://forgerock.org/license/CDDLv1.0.html.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! See the License for the specific language governing permissions
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! and limitations under the License.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp !
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! When distributing Covered Code, include this CDDL HEADER in each
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! file and include the License file at legal-notices/CDDLv1_0.txt.
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! If applicable, add the following below this CDDL HEADER, with the
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! fields enclosed by brackets "[]" replaced with your own identifying
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! information:
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp !      Portions Copyright [yyyy] [name of copyright owner]
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp !
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! CDDL HEADER END
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp !
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp !      Copyright 2010 Sun Microsystems, Inc.
aeea90de0b669f9f6fe3ae9aede72a212a7dfb12csovant !      Portions Copyright 2013 ForgeRock AS
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp ! -->
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp<stax>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp  <defaultcall function="clus_starttls_ldapcompare"/>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp  <function name="clus_starttls_ldapcompare" scope="local">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp    <sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp      <block name="'clus_starttls_ldapcompare'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp        <sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <!--- Test Suite information
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestSuiteName       StartTLS ldapcompare check behaviors
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestSuitePurpose    Test the results of StartTLS ldapcompare command.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestSuiteGroup      ldapcompare check behavior tests
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestScript          clus_startTLS_ldapcompare.xml
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          -->
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            if not CurrentTestPath.has_key('group'):
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              CurrentTestPath['group'] = 'clu_secure'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            CurrentTestPath['suite'] = STAXCurrentBlock
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          </script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <call function="'testSuite_Preamble'"/>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <!--- Test Case information
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            #@TestMarker          StartTLS ldapcompare check behavior tests
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            #@TestName            Client use blind trust : ldapcompare successful
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            #@TestPurpose         Verify that the operation is successful and
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                  that the comparison is successful when client
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                  trust all server certificates.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            #@TestPreamble        none
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            #@TestStep            Do an ldapcompare with correct options.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            #@TestPostamble       none
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            #@TestResult          Success if ldapcompare return true
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          -->
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <testcase name="getTestCaseName ('Client use blind trust : ldapcompare successful')">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            <sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'testCase_Preamble'"/>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <message>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'Security: StartTLS Check behaviors : ldapcompare, client trustall\
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                 server cert'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </message>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                dncompare = 'uid=user.310,ou=people,dc=com'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'ldapCompareWithScript'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsUseStartTLS'    : ' ' ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsTrustAll'       : ' ' ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsDn'             : ['postalCode:6728' ,'%s' %dncompare],
aeea90de0b669f9f6fe3ae9aede72a212a7dfb12csovant                'expectedRC'       : 5
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                returnString = STAXResult[0][1]
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'checktestString'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'returnString'     : returnString ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'expectedString'   : 'Compare operation returned false'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'ldapCompareWithScript'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsUseStartTLS'    : ' ' ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsTrustAll'       : ' ' ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsDn'             : ['postalCode:67258' ,'%s' %dncompare],
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                returnString = STAXResult[0][1]
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'checktestString'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'returnString'     : returnString ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'expectedString'   : 'Compare operation returned true'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'testCase_Postamble'"/>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            </sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          </testcase>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <!--- Test Case information
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestMarker          StartTLS ldapcompare check behaviors
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestName            Client use TrustStore file :
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                ldapcompare successful
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestPurpose         Verify that the operation is successful and
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                that the comparison is successful when client
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                uses TrustStore file.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestPreamble        none
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestStep            Do an ldapcompare with correct options.
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestPostamble       none
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          #@TestResult          Success if ldapcompare return true
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          -->
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <testcase name="getTestCaseName ('Client use TrustStore file : ldapcompare successful')">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            <sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'testCase_Preamble'"/>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <message>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'Security:startTLS Check behaviors: ldapcompare, client trust \
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                 store file'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </message>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                dncompare2 = 'uid=user.311,ou=people,dc=com'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'ldapCompareWithScript'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsUseStartTLS'    : ' ' ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsTrustStorePath' : '%s/client_cert/clientruststore' \
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                      % InstanceInstallDir,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsTrustStorePassword': 'clientruststorepass',
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsDn'           : ['description: This is for Amber Arbuckle.',\
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                   '%s' %dncompare2] ,
aeea90de0b669f9f6fe3ae9aede72a212a7dfb12csovant                'expectedRC'     : 5
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                returnString = STAXResult[0][1]
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'checktestString'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'returnString'     : returnString ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'expectedString'   : 'Compare operation returned false'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'ldapCompareWithScript'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstanceHost'  : DIRECTORY_INSTANCE_HOST ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsInstancePort'  : DIRECTORY_INSTANCE_PORT ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsUseStartTLS'   : ' ' ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsTrustStorePath': '%s/client_cert/clientruststore' \
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                                      % InstanceInstallDir,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsTrustStorePassword': 'clientruststorepass',
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'dsDn'            : ['description: This is the description for \
aeea90de0b669f9f6fe3ae9aede72a212a7dfb12csovant                                   Amber Arbuckle.' ,'%s' %dncompare2]
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                returnString = STAXResult[0][1]
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </script>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'checktestString'">
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                {
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'returnString'     : returnString ,
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                'expectedString'   : 'Compare operation returned true'
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp                }
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              </call>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp              <call function="'testCase_Postamble'"/>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp            </sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          </testcase>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp          <call function="'testSuite_Postamble'"/>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp        </sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp      </block>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp    </sequence>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp  </function>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp</stax>
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp
6031e9c7eb72435516a6828deb2e97533ed0382dludovicp