security_dictionary.xml revision d25372dc8e65a9ed019a88fdf659ca61313f1b31
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
! add the following below this CDDL HEADER, with the fields enclosed
! by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
! Copyright 2007-2008 Sun Microsystems, Inc.
! -->
<stax>
<defaultcall function="dictionary"/>
<function name="dictionary">
<sequence>
<!--- Test Suite information
#@TestSuiteName Dictionary
#@TestSuitePurpose Reject Passwords Matching Dictionary
#@TestSuiteGroup Dictionary
#@TestScript security_dictionary.xml
-->
<!--- Define default value for basedn -->
<script>
basedn1 = 'ou=people,ou=password tests,'
basedn = '%s o=Pwd Validator Tests,dc=example,dc=com' % basedn1
msg = 'Security: Pwd Validator: Dictionary:'
</script>
<!--- Test Case information
#@TestMarker Dictionary
#@TestName Dictionary: Preamble
#@TestIssue none
#@TestPurpose Preamble Enabling Dictionary Validator
#@TestPreamble none
#@TestStep Admin Enabling Dictionary modifyPwdValidator
#@TestStep Admin Enabling Validator modifyPwdPolicy
password-validator:Dictionary
#@TestPostamble none
#@TestResult Success if the 2 tests are PASS
-->
<testcase name="getTestCaseName('Dictionary: Preamble')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s Preamble - Admin Enabling Dictionary' % msg
</message>
<call function="'modifyPwdValidator'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Dictionary' ,
'attributeName' : 'enabled' ,
'attributeValue' : 'true' ,
'modifyType' : 'set' }
</call>
<message>
'%s Preamble - Admin Enabling Validator' % msg
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : 'password-validator' ,
'attributeValue' : 'Dictionary' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Dictionary
#@TestName Dictionary: user modifying password to a
dictionary letter string
string with all letters
#@TestIssue none
#@TestPurpose dictionary string with all letters
#@TestPreamble none
#@TestStep user modifying password to string with all letters
matching a dictionary word zymochemistry RC 53
#@TestStep user binding with invalid password RC 49
#@TestPostamble none
#@TestResult Success if the 2 tests are PASS
-->
<testcase name="getTestCaseName
('Dictionary: user modifying password to string with all letters')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password to string with all letters' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=abergin,%s' % basedn,
'dsInstancePswd' : 'inflict' ,
'dsAuthzID' : 'dn:uid=abergin, %s' % basedn,
'dsNewPassword' : 'zymochemistry' ,
'expectedRC' : 53 }
</call>
<message>
'%s user binding with invalid password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=abergin,%s' % basedn,
'dsInstancePswd' : 'zymochemistry' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base',
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Dictionary
#@TestName Dictionary: user modifying password to a Reverse
password
#@TestIssue none
#@TestPurpose dictionary string with reverse password
(set to true by default)
#@TestPreamble none
#@TestStep user modifying password to a reverse password
from inflict to tcilfni RC 53
#@TestStep user binding with invalid password RC 49
#@TestPostamble none
#@TestResult Success if the 2 tests are PASS
-->
<testcase name="getTestCaseName('Dictionary: Using Using Reverse Password')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password to reverse password' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=abergin,%s' % basedn,
'dsInstancePswd' : 'inflict' ,
'dsAuthzID' : 'dn:uid=abergin, %s' % basedn ,
'dsNewPassword' : 'tcilfni' ,
'expectedRC' : 53 }
</call>
<message>
'%s user binding with invalid password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=abergin,%s' % basedn ,
'dsInstancePswd' : 'tcilfni' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base',
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Dictionary
#@TestName Dictionary: Disable Reverse Password
#@TestIssue none
#@TestPurpose Disable Reverse Password and test
#@TestPreamble none
#@TestStep Disable Reverse Password set test-reversed-password
to false
#@TestStep user modifying password to a reverse password
from inflict to tcilfni RC 0
#@TestStep user binding with valid password RC 0
#@TestPostamble none
#@TestResult Success if the 3 tests are PASS
-->
<testcase name="getTestCaseName('Dictionary: Disable Reverse Password')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: Pwd Validator: Dictionary: Disable Reverse Password'
</message>
<call function="'modifyPwdValidator'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Dictionary' ,
'attributeName' : 'test-reversed-password' ,
'attributeValue' : 'false' ,
'modifyType' : 'set' }
</call>
<script>
knownIssue(2361)
</script>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<testcase name="getTestCaseName('Dictionary: Using Reverse Password 2')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password to reverse password 2' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=abergin,%s' % basedn,
'dsInstancePswd' : 'inflict' ,
'dsAuthzID' : 'dn:uid=abergin, %s' % basedn ,
'dsNewPassword' : 'tcilfni' }
</call>
<message>
'%s user binding with valid password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=abergin,%s' % basedn ,
'dsInstancePswd' : 'tcilfni' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<script>
knownIssue(2361)
</script>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Dictionary
#@TestName Dictionary: Postamble
#@TestIssue none
#@TestPurpose Postamble Disabling Dictionary Validator
#@TestPreamble none
#@TestStep Admin Disabling Validator modifyPwdPolicy
remove password-validator:Dictionary
#@TestStep User Changing Password with zymochemistry RC 0
#@TestStep User Searching with valid Password RC 0
#@TestPostamble none
#@TestResult Success if the 2 tests are PASS
-->
<testcase name="getTestCaseName('Dictionary: Postamble')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s Postamble Step 1. Admin Disabling Validator' % msg
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : 'password-validator' ,
'attributeValue' : 'Dictionary' ,
'modifyType' : 'remove' }
</call>
<!--- User Change Password -->
<message>
'%s Postamble Step 2. User Changing Password' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'dn:uid=abergin,%s' % basedn ,
'dsInstancePswd' : 'tcilfni' ,
'dsAuthzID' : 'dn:uid=abergin, %s' % basedn,
'dsNewPassword' : 'zymochemistry' }
</call>
<message>
'%s Postamble Step 3. User Searching With Password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=abergin,%s' % basedn ,
'dsInstancePswd' : 'zymochemistry' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<!--
On Windows platforms:
"Dictionary: Using Using Reverse Password 2" testcase failed due
to issue 2361 and the password for user "uid=abergin" is not
changed => so this testcase failed for this reason
-->
<script>
knownIssue(2361)
</script>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
</sequence>
</function>
</stax>