/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2008-2010 Sun Microsystems, Inc.
* Portions Copyright 2012 ForgeRock AS
*/
/**
* A set of test cases for the user-defined virtual attribute provider.
*/
public class UserDefinedVirtualAttributeProviderTestCase
extends ExtensionsTestCase
{
// The attribute type for the description attribute.
// The attribute type for the ds-privilege-name attribute.
// The attribute type for the ds-pwp-password-policy-dn attribute.
/**
* Ensures that the Directory Server is running.
*
* @throws Exception If an unexpected problem occurs.
*/
@BeforeClass()
public void startServer()
throws Exception
{
}
/**
* Tests the methods which are part of the virtual group API using a
* single-valued virtual attribute.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testRuleAPISingleValued()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: real-overrides-virtual",
"ds-cfg-value: single value");
try
{
{
{
}
}
}
finally
{
}
}
/**
* Tests the methods which are part of the virtual group API using a
* multi-valued virtual attribute.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testRuleAPIMultiValued()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: real-overrides-virtual",
"ds-cfg-value: first value",
"ds-cfg-value: second value");
try
{
{
{
}
}
}
finally
{
}
}
/**
* Tests the creation of a description virtual attribute when there is only a
* single virtual value and no real value.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testSingleDescriptionOnlyVirtual()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: real-overrides-virtual",
"ds-cfg-value: " + value,
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: test");
try
{
.createFilterFromString("(objectClass=*)"));
value)));
}
finally
{
}
}
/**
* Tests the creation of a description virtual attribute when there are
* multiple virtual values and no real value.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testMultipleDescriptionsOnlyVirtual()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: real-overrides-virtual",
"ds-cfg-value: " + value1,
"ds-cfg-value: " + value2,
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: test");
try
{
.createFilterFromString("(objectClass=*)"));
value1)));
value2)));
}
finally
{
}
}
/**
* Tests the creation of a description virtual attribute when real values
* should override virtual values and the entry has a real value.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testSingleDescriptionRealOverridesVirtual()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: real-overrides-virtual",
"ds-cfg-value: " + virtualValue,
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: test",
"description: " + realValue);
try
{
.createFilterFromString("(objectClass=*)"));
realValue)));
}
finally
{
}
}
/**
* Tests the creation of a description virtual attribute when virtual values
* should override real values and the entry has a real value.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testSingleDescriptionVirtualOverridesReal()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: virtual-overrides-real",
"ds-cfg-value: " + virtualValue,
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: test",
"description: " + realValue);
try
{
.createFilterFromString("(objectClass=*)"));
virtualValue)));
}
finally
{
}
}
/**
* Tests the creation of a description virtual attribute when real and virtual
* values should be merged and the entry has a real value.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testSingleDescriptionMergeRealAndVirtual()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: merge-real-and-virtual",
"ds-cfg-value: " + virtualValue,
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: test",
"description: " + realValue);
try
{
.createFilterFromString("(objectClass=*)"));
descriptionType, realValue)));
}
finally
{
}
}
/**
* Tests the creation of a description virtual attribute when real and
* virtual values should be merged and the entry has a real value.
* <p>
* Returning a subset of attributes is handled differently to all
* attributes. This tests fix for issue 3779.
*
* @throws Exception
* If an unexpected problem occurs.
*/
@Test()
public void testSingleDescriptionMergeRealAndVirtualWithAttrList()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: description",
"ds-cfg-conflict-behavior: merge-real-and-virtual",
"ds-cfg-value: " + virtualValue,
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: test",
"description: " + realValue);
try
{
descriptionType, realValue)));
}
finally
{
}
}
/**
* Tests to ensure that the user-defined virtual attribute provider can be
* used to grant a privilege to a user.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testVirtualPrivilege()
throws Exception
{
"dn: cn=Test Policy,cn=Password Policies,cn=config",
"objectClass: top",
"objectClass: ds-cfg-password-policy",
"cn: Test Policy",
"ds-cfg-password-attribute: userPassword",
"ds-cfg-default-password-storage-scheme: " +
"cn=Salted SHA-1,cn=Password Storage Schemes,cn=config",
"ds-cfg-allow-expired-password-changes: false",
"ds-cfg-allow-multiple-password-values: false",
"ds-cfg-allow-pre-encoded-passwords: false",
"ds-cfg-allow-user-password-changes: true",
"ds-cfg-expire-passwords-without-warning: false",
"ds-cfg-force-change-on-add: false",
"ds-cfg-force-change-on-reset: false",
"ds-cfg-grace-login-count: 0",
"ds-cfg-idle-lockout-interval: 0 seconds",
"ds-cfg-lockout-failure-count: 0",
"ds-cfg-lockout-duration: 0 seconds",
"ds-cfg-lockout-failure-expiration-interval: 0 seconds",
"ds-cfg-min-password-age: 0 seconds",
"ds-cfg-max-password-age: 0 seconds",
"ds-cfg-max-password-reset-age: 0 seconds",
"ds-cfg-password-expiration-warning-interval: 5 days",
"ds-cfg-password-change-requires-current-password: true",
"ds-cfg-password-validator: cn=Length-Based Password Validator," +
"cn=Password Validators,cn=config",
"ds-cfg-require-secure-authentication: false",
"ds-cfg-require-secure-password-changes: false",
"ds-cfg-skip-validation-for-administrators: false",
"",
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: ds-pwp-password-policy-dn",
"ds-cfg-conflict-behavior: merge-real-and-virtual",
"ds-cfg-value: " + policyDN,
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: testtest");
try
{
"changetype: modify", "replace: userPassword",
"userPassword: short");
{ "-h", "127.0.0.1", "-p",
"changetype: modify", "replace: ds-cfg-enabled",
"ds-cfg-enabled: false");
"-X", "-D", "cn=Directory Manager", "-w", "password",
"-f", path2 };
}
finally
{
}
}
/**
* Tests to ensure that the user-defined virtual attribute provider can be
* used to apply a custom password policy for a user. The custom password
* policy will reject passwords shorter than six characters, whereas the
* default policy will not.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testVirtualPasswordPolicyDN()
throws Exception
{
"dn: " + ruleDN,
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-user-defined-virtual-attribute",
"cn: User-Defined Test",
"ds-cfg-java-class: org.opends.server.extensions." +
"UserDefinedVirtualAttributeProvider",
"ds-cfg-enabled: false",
"ds-cfg-attribute-type: ds-privilege-name",
"ds-cfg-conflict-behavior: merge-real-and-virtual",
"ds-cfg-value: bypass-acl",
"",
"dn: " + userDN,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"userPassword: password");
try
{
"changetype: modify", "replace: description",
"description: foo");
{ "-h", "127.0.0.1", "-p",
"changetype: modify", "replace: ds-cfg-enabled",
"ds-cfg-enabled: true");
"-X", "-D", "cn=Directory Manager", "-w", "password",
"-f", path2 };
}
finally
{
}
}
}