security_skip_val_for_admins.xml revision d25372dc8e65a9ed019a88fdf659ca61313f1b31
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "/shared/stax.dtd">
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE
! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
! add the following below this CDDL HEADER, with the fields enclosed
! by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
! Copyright 2006-2008 Sun Microsystems, Inc.
! -->
<stax>
<defaultcall function="skip_val_for_admins"/>
<function name="skip_val_for_admins">
<sequence>
<!--- Test Suite information
#@TestSuiteName Skip Validation for Administrators
#@TestSuitePurpose Test the Skip Validation for Administrators
#@TestSuiteGroup Skip Validation for Administrators
#@TestScript security_skip_val_for_admins_chars.xml
-->
<!--- Define default value for basedn -->
<script>
msg = 'Security: Pwd Validator: Root User Bypass Valid'
msg1 = 'Pwd Length Validator On Root Users'
msg2 = 'Bypass Enabled'
msg3 = 'Step 1. Admin Enabling'
msg4 = 'Step 1. Admin Changing'
msg5 = 'Root Changing Password'
msg6 = 'Bypass For Pwd Validator'
msg7 = 'skip-validation-for-administrators'
pwddn = 'cn=Sales Admin,cn=Root DNs,cn=config'
msg8 = 'Password Validator'
ldiffile = 'admin_disable_pwd_length_validator.ldif'
ldifpath = 'security/pwd_validator/%s' % ldiffile
</script>
<!--- Test Case information
#@TestMarker Skip Validation for Administrators
#@TestName Root User Bypass Valid: Preamble Setup
#@TestIssue none
#@TestPurpose Preamble Setup
#@TestPreamble none
#@TestStep Admin Enabling Length Validator On Root Users
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Root User Bypass Valid: Preamble Setup')">
<sequence>
<call function="'testCase_Preamble'"/>
<!--- Admin Enable Pwd Length Validator -->
<message>
'%s: Preamble - Step 1. Admin Enabling %s' % (msg,msg1)
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : 'password-validator' ,
'attributeValue' : 'Length-Based %s' % msg8 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Skip Validation for Administrators
#@TestName Root Change Password - Too Short
#@TestIssue none
#@TestPurpose Root Change Password - Too Short
#@TestPreamble none
#@TestStep Root Changing Pwd to grape- Too Short RC 53
#@TestStep Root Searching With Password RC 49
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<!--- Root Change Password - Too Short-->
<testcase name="getTestCaseName('Root User Bypass Valid: No Bypass')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s: No Bypass - Step 1. Root Changing Pwd - Too Short' % msg
</message>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'DNToModify' : pwddn ,
'attributeName' : 'userpassword' ,
'newAttributeValue' : 'grape' ,
'changetype' : 'replace' ,
'expectedRC' : 53 }
</call>
<!--- Root Search With Password -->
<message>
'%s No Bypass - Step 2. Root Searching With Password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'cn=Sales Admin' ,
'dsInstancePswd' : 'grape' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Skip Validation for Administrators
#@TestName Root User Bypass Valid: Bypass Enabled 1
#@TestIssue none
#@TestPurpose Root User Bypass Valid: Bypass Enabled 1
#@TestPreamble none
#@TestStep Admin Enabling Bypass For Pwd Validator set
skip-validation-for-administrators to true
#@TestStep Root Changing Password - Too Short RC 0
#@TestStep Root Searching With Pwd RC 0
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Root User Bypass Valid: Bypass Enabled 1')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s %s 1 - %s Bypass For Pwd Validator' % (msg,msg2,msg3)
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : msg7 ,
'attributeValue' : 'true' }
</call>
<message>
'%s %s 1 - Step 2. %s - Too Short' % (msg,msg2,msg5)
</message>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'DNToModify' : pwddn ,
'attributeName' : 'userpassword' ,
'newAttributeValue' : 'grape' ,
'changetype' : 'replace' }
</call>
<!--- Root Search With Password -->
<message>
'%s Bypass Enabled 1 - Step 3. Root Searching With Pwd' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'cn=Sales Admin' ,
'dsInstancePswd' : 'grape' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Skip Validation for Administrators
#@TestName Root User Bypass Valid: Bypass Enabled 2
#@TestIssue none
#@TestPurpose Root User Bypass Valid: Bypass Enabled 2
#@TestPreamble none
#@TestStep Admin Changing Minimum Pwd Length to 4
#@TestStep Root Changing Password - Too Short RC 0
#@TestStep Root Searching With Pwd RC 0
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Root User Bypass Valid: Bypass Enabled 2')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'%s %s 2 - %s Minimum Pwd Length' % (msg,msg2,msg4)
</message>
<call function="'dsconfigSet'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'objectName' : 'password-validator' ,
'propertyType' : 'validator' ,
'propertyName' : 'Length-Based %s' % msg8,
'attributeName' : 'min-password-length' ,
'attributeValue' : '4' }
</call>
<!--- User Change Password - Too Short-->
<message>
'%s %s 2 - Step 2. %s - Too Short' % (msg,msg2,msg5)
</message>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'DNToModify' : pwddn ,
'attributeName' : 'userpassword' ,
'newAttributeValue' : 'goo' ,
'changetype' : 'replace' }
</call>
<!--- Root Search With Password -->
<message>
'%s %s 2 - Step 3. Root Searching With Pwd' % (msg,msg2)
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'cn=Sales Admin' ,
'dsInstancePswd' : 'goo' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Skip Validation for Administrators
#@TestName Root User Bypass Valid: Self-Change Pwd
#@TestIssue none
#@TestPurpose Root User Bypass Valid: Self-Change Pwd
#@TestPreamble none
#@TestStep User Self-Change Pwd Too Short RC 53
#@TestStep User Searching With Password RC 49
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Root User Bypass Valid: Self-Change Pwd')">
<sequence>
<call function="'testCase_Preamble'"/>
<!--- Sales Admin Self-Change Pwd-->
<message>
'%s Self-Change Pwd - Step 1. %s - Too Short' % (msg,msg5)
</message>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'cn=Sales Admin' ,
'dsInstancePswd' : 'goo' ,
'DNToModify' : pwddn ,
'attributeName' : 'userpassword' ,
'newAttributeValue' : 'gaa' ,
'changetype' : 'replace' ,
'expectedRC' : 53 }
</call>
<!--- Root Search With Password -->
<message>
'%s Self-Change Pwd - Step 2. Root Searching With Password' % msg
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'cn=Sales Admin' ,
'dsInstancePswd' : 'gaa' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base' ,
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case information
#@TestMarker Skip Validation for Administrators
#@TestName Postamble Admin Reset Minimum Pwd Length
#@TestIssue none
#@TestPurpose Postamble Admin Reset Minimum Pwd Length
#@TestPreamble none
#@TestStep Admin Disabling Bypass For Pwd Validator set
skip-validation-for-administrators to false
#@TestStep Admin Resetting Minimum Pwd Length to 6
#@TestStep Root Changing Password - Too Short RC 0
#@TestStep Root Searching With Pwd RC 0
#@TestPostamble none
#@TestResult Success if all tests are PASS.
-->
<testcase name="getTestCaseName
('Root User Bypass Valid: Postamble Teardown')">
<sequence>
<call function="'testCase_Preamble'"/>
<!--- Root Search With Original Password -->
<message>
'%s Postamble - Step 1. Admin Disabling %s' % (msg,msg6)
</message>
<call function="'modifyPwdPolicy'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'propertyName' : 'Default Password Policy' ,
'attributeName' : msg7 ,
'attributeValue' : 'false' }
</call>
<message>
'%s Postamble - Step 2. Admin Resetting Minimum Pwd Length' % msg
</message>
<call function="'dsconfigSet'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'objectName' : 'password-validator' ,
'propertyType' : 'validator' ,
'propertyName' : 'Length-Based %s' % msg8,
'attributeName' : 'min-password-length' ,
'attributeValue' : '6' }
</call>
<!--
<message>
'%s Postamble - Step 3. Admin Disabling %s' % (msg,msg1)
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/%s' % (remote.data,ldifpath) }
</call>
-->
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
</sequence>
</function>
</stax>