security_similarity_based.xml revision d25372dc8e65a9ed019a88fdf659ca61313f1b31
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
! add the following below this CDDL HEADER, with the fields enclosed
! by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
! Copyright 2007-2008 Sun Microsystems, Inc.
! -->
<stax>
<defaultcall function="similarity_based"/>
<function name="similarity_based">
<sequence>
<!--- Test Suite information
#@TestSuiteName Similarity Based
#@TestSuitePurpose Test the Password Policy On Pwd Similarity
#@TestSuiteGroup Similarity Based
#@TestScript security_similarity_based.xml
-->
<!--- Define default value for basedn -->
<script>
basedn1 = 'ou=People, ou=password tests,'
basedn = '%s o=Pwd Validator Tests,dc=example,dc=com' % basedn1
msg = 'Security: Pwd Validator: Similarity Based:'
msg1 = 'Password Validator'
msg2 ='requires-current-password'
msg3 = 'password-change-requires-current-password'
</script>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName Similarity Based Test Preamble
#@TestIssue none
#@TestPurpose Preamble
#@TestPreamble none
#@TestStep Admin enabling validator
#@TestStep Admin modifying password history count to 0
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName('Similarity Based: Preamble')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s Preamble - Admin enabling validator' % msg
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : 'password-validator' ,
'attributeValue' : 'Similarity-Based %s' % msg1 }
</call>
<message>
'%s Preamble - Admin modifying password history count' % msg
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : 'password-history-count' ,
'attributeValue' : '0' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName New password with 1 letter change, valid
#@TestIssue none
#@TestPurpose New password with 1 letter change, valid
#@TestPreamble none
#@TestStep user modifying pwd with 1 letter change RC 0
#@TestStep user binding with new password RC 0
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Similarity Based: new password with 1 letter change, valid')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password' % msg
</message>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'bribery' ,
'DNToModify' : 'uid=kvaughan, %s' % basedn ,
'attributeName' : 'userpassword' ,
'newAttributeValue' : 'brobery' ,
'changetype' : 'replace' }
</call>
<message>
'%s user binding with new password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'brobery' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName Enable requires-current-password
#@TestIssue none
#@TestPurpose Enable requires-current-password
#@TestPreamble none
#@TestStep Admin enabling
password-change-requires-current-password
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Similarity Based: Enable requires-current-password')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s Admin enabling %s' % (msg,msg3)
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : msg3 ,
'attributeValue' : 'true' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName New password with 1 letter change, invalid
#@TestIssue none
#@TestPurpose New password with 1 letter change, invalid
#@TestPreamble none
#@TestStep user modifying pwd with 1 letter change RC 53
#@TestStep user binding with new password RC 49
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Similarity Based: new password with 1 letter change, invalid')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password' % msg
</message>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'brobery' ,
'DNToModify' : 'uid=kvaughan,%s' % basedn ,
'attributeName' : 'userpassword' ,
'newAttributeValue' : 'probery' ,
'changetype' : 'replace' ,
'expectedRC' : 53 }
</call>
<message>
'%s user binding with invalid password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'probery' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base',
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName New password with 1 letter change, invalid 2
#@TestIssue none
#@TestPurpose New password with 1 letter change, invalid 2
#@TestPreamble none
#@TestStep user modifying pwd with 1 letter change RC 49
#@TestStep user binding with new password RC 49
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Similarity Based: new password with 1 letter change, invalid 2')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'brobery' ,
'dsAuthzID' : 'dn:uid=kvaughan, %s' % basedn ,
'dsNewPassword' : 'probery' ,
'dsCurrentPassword' : 'brobery' ,
'expectedRC' : 49 }
</call>
<message>
'%s user binding with invalid password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'probery' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName New password with 2 letters change, invalid
#@TestIssue none
#@TestPurpose New password with 2 letters change, invalid
#@TestPreamble none
#@TestStep user modifying pwd with 2 letter change RC 49
#@TestStep user binding with new password RC 49
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Similarity Based: new password with 2 letter change, invalid')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'brobery' ,
'dsAuthzID' : 'dn:uid=kvaughan, %s' % basedn ,
'dsNewPassword' : 'phobery' ,
'dsCurrentPassword' : 'brobery' ,
'expectedRC' : 49 }
</call>
<message>
'%s user binding with invalid password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'phobery' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base',
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName New password with 3 letters change, valid
#@TestIssue none
#@TestPurpose New password with 3 letters change, valid
#@TestPreamble none
#@TestStep user modifying pwd with 3 letter change RC 0
#@TestStep user binding with new password RC 0
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Similarity Based: new password with 3 letter change, valid')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s user modifying password' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'brobery' ,
'dsAuthzID' : 'dn:uid=kvaughan, %s' % basedn ,
'dsNewPassword' : 'phibery' ,
'dsCurrentPassword' : 'brobery' }
</call>
<message>
'%s user binding with new password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'phibery' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Similarity Based
#@TestName Postamble
#@TestIssue none
#@TestPurpose Postamble
#@TestPreamble none
#@TestStep Admin disabling password validator
#@TestStep User Changing Pwd with 1 letter change RC 0
#@TestStep User Searching With Password RC 0
#@TestStep Admin disabling
password-change-requires-current-password
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName('Similarity Based: Postamble')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s Postamble Step 1. Admin disabling password validator' % msg
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : 'password-validator' ,
'attributeValue' : 'Similarity-Based %s' % msg1 ,
'modifyType' : 'remove' }
</call>
<!--- User Change Password -->
<message>
'%s Postamble Step 2. User Changing Password' % msg
</message>
<call function="'ldapPasswordModifyWithScript'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'phibery' ,
'dsAuthzID' : 'dn:uid=kvaughan, %s' % basedn ,
'dsNewPassword' : 'phibary' ,
'dsCurrentPassword' : 'phibery' }
</call>
<message>
'%s Postamble Step 3. User Searching With Password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=kvaughan,%s' % basedn ,
'dsInstancePswd' : 'phibary' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<message>
'%s Postamble Step 4. Admin disabling %s' % (msg,msg2)
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : msg3 ,
'attributeValue' : 'false' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
</sequence>
</function>
</stax>