security_force_pwd_change_startTLS.xml revision d81978a0815d5b8a75633c35e3e1f8708d36f017
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "/shared/stax.dtd">
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE
! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
! add the following below this CDDL HEADER, with the fields enclosed
! by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
! Copyright 2008 Sun Microsystems, Inc.
! -->
<stax>
<defaultcall function="force_pwd_change_startTLS"/>
<function name="force_pwd_change_startTLS">
<sequence>
<testcase name="getTestCaseName('Preamble - Force Pwd Change On Add')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Preamble Step 1. Checking existence of ds-cfg-force-change-on-add'
</message>
<call function="'compareEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'attrToBeCompared' : 'ds-cfg-force-change-on-add:false',
'entryToBeCompared' : 'cn=Default Password Policy,cn=Password Policies,cn=config' ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: Preamble Step 2. Admin Enabling Force Password On Add'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_force_pwd_add.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Add Single New User -->
<testcase name="getTestCaseName('Add Single New User')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Adding Single New User'
</message>
<call function="'addEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeAdded' : '%s/security/startTLS/force_pwd_change/add_entry1.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: User Searching With Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mcat,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'pizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' ,
'expectedRC' : 19 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Change Password -->
<testcase name="getTestCaseName('Added User Change Password')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Changing Password'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mcat,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'pizza' ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_force_pwd.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: User Searching With Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mcat,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'newpizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Admin Disable Force Password On Add -->
<testcase name="getTestCaseName('Postamble - Disable Force Pwd On Add')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Postamble Step 1. Admin Disabling Force Password On Add'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_reset_force_pwd_add.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: Postamble Step 2. Adding Single New User'
</message>
<call function="'addEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeAdded' : '%s/security/startTLS/force_pwd_change/add_entry2.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: Postamble Step 3. User Searching With Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'pizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<testcase name="getTestCaseName('Preamble - Force Pwd Change On Reset')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Preamble Step 1. Checking existence of ds-cfg-force-change-on-reset'
</message>
<call function="'compareEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'attrToBeCompared' : 'ds-cfg-force-change-on-reset:false',
'entryToBeCompared' : 'cn=Default Password Policy,cn=Password Policies,cn=config' ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: Preamble Step 2. Admin Enabling Force Password On Reset'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_force_pwd_reset.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Admin Change User Pwd -->
<testcase name="getTestCaseName('Admin Reset User Pwd')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Admin Resetting User Pwd'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_user_pwd.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Search With Old Pwd -->
<testcase name="getTestCaseName('Old Pwd - Search')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Searching With Old Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'pizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' ,
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Add With Old Pwd -->
<testcase name="getTestCaseName('Old Pwd - Add')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Adding Attr With Old Password'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'pizza' ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_add_attr.ldif' % remote.data ,
'extraParams' : '-q -X' ,
'expectedRC' : 49 }
</call>
<message>
'Security: TLS: Checking For Existence of User-added Attribute'
</message>
<call function="'compareEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'attrToBeCompared' : 'pager:+1 999 555-1212',
'entryToBeCompared' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'extraParams' : '-q -X' ,
'expectedRC' : 16 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Delete With Old Pwd -->
<testcase name="getTestCaseName('Old Pwd - Delete')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Deleting Attr With Old Password'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'pizza' ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_del_attr.ldif' % remote.data ,
'extraParams' : '-q -X' ,
'expectedRC' : 49 }
</call>
<message>
'Security: TLS: Checking For Existence of User-deleted Attribute'
</message>
<call function="'compareEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'attrToBeCompared' : 'roomnumber:4612',
'entryToBeCompared' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Delete With Old Pwd -->
<testcase name="getTestCaseName('Old Pwd - Compare')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Checking For Existence of User Attribute'
</message>
<call function="'compareEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'pizza' ,
'attrToBeCompared' : 'l:Sunnyvale',
'entryToBeCompared' : 'uid=mdog,ou=people,ou=password tests,o=Pwd Policy Tests,dc=example,dc=com' ,
'extraParams' : '-q -X' ,
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Search With Assigned Pwd -->
<testcase name="getTestCaseName('Search With Assigned Pwd')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Searching With Assigned Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'adminpizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' ,
'expectedRC' : 19 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Change Password -->
<testcase name="getTestCaseName('User Change Password After Reset')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Changing Password'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'adminpizza' ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_pwd1.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: User Searching With Assigned Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'adminpizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' ,
'expectedRC' : 49 }
</call>
<message>
'Security: TLS: User Searching With New Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'newpizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Disable startTLS extop -->
<testcase name="getTestCaseName('Disable startTLS extop')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Disabling StartTLS'
</message>
<script>
deny_aci='(extop=\"1.3.6.1.4.1.1466.20037\") (version 3.0; acl \"Deny extended operation access\"; deny(read) userdn=\"ldap:///anyone\";)'
</script>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'DNToModify' : 'cn=Access Control Handler,cn=config' ,
'attributeName' : 'ds-cfg-global-aci' ,
'newAttributeValue' : deny_aci ,
'changetype' : 'add' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User search with disabled startTLS -->
<testcase name="getTestCaseName('User search with disabled startTLS')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Searching With Password with Disabled StartTLS'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'newpizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' ,
'expectedRC' : 50 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<testcase name="getTestCaseName('Enable startTLS extop')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Enabling StartTLS'
</message>
<call function="'modifyAnAttribute'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'DNToModify' : 'cn=Access Control Handler,cn=config' ,
'attributeName' : 'ds-cfg-global-aci' ,
'newAttributeValue' : deny_aci ,
'changetype' : 'delete' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Admin Enable Maximum Reset Age -->
<testcase name="getTestCaseName('Admin Enable Max Reset Age Long')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Admin Enabling Maximum Reset Age Long'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_enable_max_reset_age_long.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Admin Change User Pwd -->
<testcase name="getTestCaseName('Admin Reset User Pwd - Long Reset Time')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Admin Changing User Pwd'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_user_pwd2.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Change Password -->
<testcase name="getTestCaseName('User Change Password - Long Reset Time')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Changing Password'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'adminlongpizza' ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_pwd2.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: User Searching With Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'newlongpizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Admin Enable Maxmimum Reset Age -->
<testcase name="getTestCaseName('Admin Enable Max Reset Age Short')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Admin Enabling Maximum Reset Age Short'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_enable_max_reset_age_short.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Admin Change User Pwd -->
<testcase name="getTestCaseName('Admin Reset User Pwd - Short Reset Time')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Admin Changing User Pwd'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_change_user_pwd3.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : User Change Password -->
<testcase name="getTestCaseName('User Change Password - Short Reset Time')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: User Change Password - Short Reset Time - Sleeping'
</message>
<call function="'Sleep'">
{ 'sleepForMilliSeconds' : '12000' }
</call>
<message>
'Security: TLS: User Changing Password'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'adminshortpizza' ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/user_change_pwd3.ldif' % remote.data ,
'extraParams' : '-q -X' ,
'expectedRC' : 49 }
</call>
<message>
'Security: TLS: User Searching With Password'
</message>
<call function="'SearchObject'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : 'uid=mdog,ou=people,ou=startTLS tests,o=SSL Tests,dc=example,dc=com' ,
'dsInstancePswd' : 'newshortpizza' ,
'dsBaseDN' : 'dc=example,dc=com' ,
'dsFilter' : 'objectclass=*' ,
'extraParams' : '-s base -q -X' ,
'expectedRC' : 49 }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
<!--- Test Case : Admin Disable Force Password On Reset -->
<testcase name="getTestCaseName('Postamble - Disable Force Pwd On Reset')">
<sequence>
<call function="'testCase_Preamble'"/>
<message>
'Security: TLS: Postamble Step 1. Admin Disabling Max Pwd Age'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_disable_max_reset_age.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<message>
'Security: TLS: Postamble Step 2. Admin Disabling Force Password On Reset'
</message>
<call function="'modifyEntry'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
'entryToBeModified' : '%s/security/startTLS/force_pwd_change/admin_reset_force_pwd_reset.ldif' % remote.data ,
'extraParams' : '-q -X' }
</call>
<call function="'testCase_Postamble'"/>
</sequence>
</testcase>
</sequence>
</function>
</stax>