7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * CDDL HEADER START
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * The contents of this file are subject to the terms of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Common Development and Distribution License, Version 1.0 only
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * (the "License"). You may not use this file except in compliance
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * with the License.
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac * or http://forgerock.org/license/CDDLv1.0.html.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * See the License for the specific language governing permissions
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * and limitations under the License.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * When distributing Covered Code, include this CDDL HEADER in each
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac * file and include the License file at legal-notices/CDDLv1_0.txt.
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac * If applicable, add the following below this CDDL HEADER, with the
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac * fields enclosed by brackets "[]" replaced with your own identifying
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac * information:
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Portions Copyright [yyyy] [name of copyright owner]
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * CDDL HEADER END
05b42f00b813c3dc70cbb80d62089f9cc0f6f549ludovicp * Copyright 2006-2008 Sun Microsystems, Inc.
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swiftimport org.opends.server.admin.server.AdminTestCaseUtils;
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilsonimport org.opends.server.config.ConfigException;
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilsonimport org.opends.server.protocols.internal.InternalClientConnection;
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilsonimport static org.opends.server.util.ServerConstants.*;
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * A set of test cases for the CRAM-MD5 SASL mechanism handler.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilsonpublic class CRAMMD5SASLMechanismHandlerTestCase
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Ensures that the Directory Server is running.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Retrieves a set of invvalid configuration entries.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson List<Entry> entries = TestCaseUtils.makeEntries(
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: cn=CRAM-MD5,cn=SASL Mechanisms,cn=config",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: ds-cfg-sasl-mechanism-handler",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: ds-cfg-cram-md5-sasl-mechanism-handler",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: CRAM-MD5",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-java-class: org.opends.server.extensions." +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "CRAMMD5SASLMechanismHandler",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-enabled: true",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: cn=CRAM-MD5,cn=SASL Mechanisms,cn=config",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: ds-cfg-sasl-mechanism-handler",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: ds-cfg-cram-md5-sasl-mechanism-handler",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: CRAM-MD5",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-java-class: org.opends.server.extensions." +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "CRAMMD5SASLMechanismHandler",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-enabled: true",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-identity-mapper: not a DN",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: cn=CRAM-MD5,cn=SASL Mechanisms,cn=config",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: ds-cfg-sasl-mechanism-handler",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: ds-cfg-cram-md5-sasl-mechanism-handler",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: CRAM-MD5",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-java-class: org.opends.server.extensions." +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "CRAMMD5SASLMechanismHandler",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-enabled: true",
987a50dfe113ed235d28716ff080b59e8873655cmatthew_swift "ds-cfg-identity-mapper: cn=does not exist");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson Object[][] array = new Object[entries.size()][1];
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Tests the process of initializing the handler with invalid configurations.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @param entry The configuration entry to use for the initialization.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testInitializeWithInvalidConfigs(Entry e)
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift CramMD5SASLMechanismHandlerCfg configuration =
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift CramMD5SASLMechanismHandlerCfgDefn.getInstance(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson CRAMMD5SASLMechanismHandler handler = new CRAMMD5SASLMechanismHandler();
bb8874d71cdd8e5288297b9727703437c6dfcfedmatthew_swift handler.initializeSASLMechanismHandler(configuration);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Tests the <CODE>isPasswordBased</CODE> method.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson DirectoryServer.getSASLMechanismHandler(SASL_MECHANISM_CRAM_MD5);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertTrue(handler.isPasswordBased(SASL_MECHANISM_CRAM_MD5));
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Tests the <CODE>isSecure</CODE> method.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson DirectoryServer.getSASLMechanismHandler(SASL_MECHANISM_CRAM_MD5);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertTrue(handler.isSecure(SASL_MECHANISM_CRAM_MD5));
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a successful LDAP bind using CRAM-MD5 using the u: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password",
3db2e9f24cf5ad9cf80a5d1390c49e478f61d65fneil_a_wilson "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn=Password Policies,cn=config");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
80806023d36ac7397f356b6cda9cd0ea0e8d0f7dneil_a_wilson assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a successful LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password",
3db2e9f24cf5ad9cf80a5d1390c49e478f61d65fneil_a_wilson "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn=Password Policies,cn=config");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
80806023d36ac7397f356b6cda9cd0ea0e8d0f7dneil_a_wilson assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a successful LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID using a long password (longer than 64 bytes).
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testLDAPBindSuccessWithDNAndLongPassword()
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "reallyreallyreallyreallyreallyreallyreallyreallyreallylongpassword";
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
3db2e9f24cf5ad9cf80a5d1390c49e478f61d65fneil_a_wilson "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn=Password Policies,cn=config");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
80806023d36ac7397f356b6cda9cd0ea0e8d0f7dneil_a_wilson assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the u: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with the wrong password.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testLDAPBindFailWrongPasswordWithUID()
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password",
3db2e9f24cf5ad9cf80a5d1390c49e478f61d65fneil_a_wilson "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn=Password Policies,cn=config");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with the wrong password.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testLDAPBindFailWrongPasswordWithDN()
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password",
3db2e9f24cf5ad9cf80a5d1390c49e478f61d65fneil_a_wilson "ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn=Password Policies,cn=config");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the u: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with a stored password that's not reversible.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testLDAPBindFailIrreversiblePasswordWithUID()
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with a stored password that's not reversible.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testLDAPBindFailIrreversiblePasswordWithDN()
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with an invalid DN.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with the DN of a user that doesn't exist.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "dn: uid=test.user,o=test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: top",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: person",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: organizationalPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "objectClass: inetOrgPerson",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "uid: test.user",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "givenName: Test",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "cn: Test User",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "userPassword: password");
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson conn.processAdd(e.getDN(), e.getObjectClasses(),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson e.getUserAttributes(), e.getOperationalAttributes());
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with the null DN.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Performs a failed LDAP bind using CRAM-MD5 using the dn: form of the
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * authentication ID with the root DN (which has a stored password that's not
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * reversible).
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testLDAPBindFailIrreversiblePasswordWithRootDN()
62625611993cc177eb95fb726fc137dbba01d6d2mmarie "--noPropertiesFile",
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "(objectClass=*)"
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(LDAPSearch.mainSearch(args, false, null, null) == 0);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Verifies that the server will reject a CRAM-MD5 bind in which the first
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * message contains SASL credentials (which isn't allowed).
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson new InternalClientConnection(new AuthenticationInfo());
42f79a857231e854fe5c5832942a193cd49fd9b1matthew_swift conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5,
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(bindOperation.getResultCode() == ResultCode.SUCCESS);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Verifies that the server will reject a CRAM-MD5 bind with malformed
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * credentials.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson new InternalClientConnection(new AuthenticationInfo());
42f79a857231e854fe5c5832942a193cd49fd9b1matthew_swift conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, null);
42f79a857231e854fe5c5832942a193cd49fd9b1matthew_swift conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5,
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(bindOperation.getResultCode() == ResultCode.SUCCESS);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Verifies that the server will reject a CRAM-MD5 bind with credentials
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * containing a malformed digest.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson new InternalClientConnection(new AuthenticationInfo());
42f79a857231e854fe5c5832942a193cd49fd9b1matthew_swift conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, null);
7185b49f58c4cdb16d035ecc45e38ec9b1cd9bd0matthew_swift ByteString.valueOf("dn:cn=Directory Manager malformeddigest");
42f79a857231e854fe5c5832942a193cd49fd9b1matthew_swift conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, creds);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson assertFalse(bindOperation.getResultCode() == ResultCode.SUCCESS);
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * Verifies that the server will reject a CRAM-MD5 bind with credentials
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * containing a malformed digest with the correct length but not only hex
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * characters.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson * @throws Exception If an unexpected problem occurs.
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson public void testMalformedDigestWithCorrectLength()
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson new InternalClientConnection(new AuthenticationInfo());
42f79a857231e854fe5c5832942a193cd49fd9b1matthew_swift conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, null);
7185b49f58c4cdb16d035ecc45e38ec9b1cd9bd0matthew_swift ByteString.valueOf("dn:cn=Directory Manager " +
7ea3e4667fd4a40f7792638bc429b36d8066557aneil_a_wilson "malformedcredswiththerightlength");
42f79a857231e854fe5c5832942a193cd49fd9b1matthew_swift conn.processSASLBind(DN.nullDN(), SASL_MECHANISM_CRAM_MD5, creds);