directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r1128768 - in /directory/apacheds/trunk: core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/ core-integ/src/test/java/org/apache/directory/server/core/suites/ core/src/main/java/org/apache/directory/server/core/authn/
Date Sat, 28 May 2011 20:24:26 GMT
Author: kayyagari
Date: Sat May 28 20:24:26 2011
New Revision: 1128768

URL: http://svn.apache.org/viewvc?rev=1128768&view=rev
Log:
o fetch operational attributes also while loading the user entry for authentication to check
against the password policy
o fixed the ppolicy test for account locking
o uncommented ppolicy test in suite

Modified:
    directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
    directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/suites/MigratedStockCoreISuite.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java

Modified: directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java?rev=1128768&r1=1128767&r2=1128768&view=diff
==============================================================================
--- directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
(original)
+++ directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
Sat May 28 20:24:26 2011
@@ -32,6 +32,7 @@ import static org.junit.Assert.assertNul
 import static org.junit.Assert.assertTrue;
 
 import org.apache.directory.ldap.client.api.LdapConnection;
+import org.apache.directory.ldap.client.api.LdapNetworkConnection;
 import org.apache.directory.server.annotations.CreateLdapServer;
 import org.apache.directory.server.annotations.CreateTransport;
 import org.apache.directory.server.core.annotations.CreateDS;
@@ -55,6 +56,8 @@ import org.apache.directory.shared.ldap.
 import org.apache.directory.shared.ldap.model.message.AddRequest;
 import org.apache.directory.shared.ldap.model.message.AddRequestImpl;
 import org.apache.directory.shared.ldap.model.message.AddResponse;
+import org.apache.directory.shared.ldap.model.message.BindRequest;
+import org.apache.directory.shared.ldap.model.message.BindRequestImpl;
 import org.apache.directory.shared.ldap.model.message.Control;
 import org.apache.directory.shared.ldap.model.message.ModifyRequest;
 import org.apache.directory.shared.ldap.model.message.ModifyRequestImpl;
@@ -210,16 +213,17 @@ public class PasswordPolicyTest extends 
         policyConfig.setPwdLockout( true );
         policyConfig.setPwdLockoutDuration( 0 );
         policyConfig.setPwdGraceAuthNLimit( 2 );
-        policyConfig.setPwdFailureCountInterval( 1 );
+        policyConfig.setPwdFailureCountInterval( 60 );
+        policyConfig.setPwdLockoutDuration( 0 );
         
-        LdapConnection connection = getAdminNetworkConnection( getLdapServer() );
+        LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer() );
         
-        Dn userDn = new Dn( "cn=user,ou=system" );
+        Dn userDn = new Dn( "cn=user2,ou=system" );
         Entry userEntry = new DefaultEntry( 
             userDn.toString(), 
             "ObjectClass: top", 
             "ObjectClass: person", 
-            "cn: user",
+            "cn: user2",
             "sn: user_sn", 
             "userPassword: 12345" );
 
@@ -227,21 +231,38 @@ public class PasswordPolicyTest extends 
         addRequest.setEntry( userEntry );
         addRequest.addControl( PP_REQ_CTRL );
 
-        AddResponse addResp = connection.add( addRequest );
+        AddResponse addResp = adminConnection.add( addRequest );
         assertEquals( ResultCodeEnum.SUCCESS, addResp.getLdapResult().getResultCode() );
         PasswordPolicy respCtrl = getPwdRespCtrl( addResp );
         assertNull( respCtrl );
 
+        BindRequest bindReq = new BindRequestImpl();
+        bindReq.setName( userDn );
+        bindReq.setCredentials( "1234" ); // wrong password
+        bindReq.addControl( PP_REQ_CTRL );
+        
+        LdapConnection userConnection = new LdapNetworkConnection( "localhost", ldapServer.getPort()
);
+
         for( int i=0; i< 4; i++ )
         {
-            LdapConnection userConnection = getNetworkConnectionAs( getLdapServer(), userDn.getName(),
"1234" );// wrong password
-            assertNotNull( userConnection );
+            Thread.sleep( 1000 );
+            userConnection.bind( bindReq );
             assertFalse( userConnection.isAuthenticated() );
         }
         
-        userEntry = connection.lookup( userDn, "+" );
+        userEntry = adminConnection.lookup( userDn, "+" );
         Attribute pwdAccountLockedTime = userEntry.get( PasswordPolicySchemaConstants.PWD_ACCOUNT_LOCKED_TIME_AT
);
         assertNotNull( pwdAccountLockedTime );
+        assertEquals( "000001010000Z", pwdAccountLockedTime.getString() );
+        
+        bindReq = new BindRequestImpl();
+        bindReq.setName( userDn );
+        bindReq.setCredentials( "12345" ); // correct password
+        bindReq.addControl( PP_REQ_CTRL );
+        userConnection.bind( bindReq );
+        assertFalse( userConnection.isAuthenticated() ); // but still fails cause account
is locked
+        
+        userConnection.close();
     }
 
     

Modified: directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/suites/MigratedStockCoreISuite.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/suites/MigratedStockCoreISuite.java?rev=1128768&r1=1128767&r2=1128768&view=diff
==============================================================================
--- directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/suites/MigratedStockCoreISuite.java
(original)
+++ directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/suites/MigratedStockCoreISuite.java
Sat May 28 20:24:26 2011
@@ -21,6 +21,7 @@ package org.apache.directory.server.core
 
 import org.apache.directory.server.core.annotations.CreateDS;
 import org.apache.directory.server.core.authn.SimpleAuthenticationIT;
+import org.apache.directory.server.core.authn.ppolicy.PasswordPolicyTest;
 import org.apache.directory.server.core.authz.AddAuthorizationIT;
 import org.apache.directory.server.core.authz.AdministratorsGroupIT;
 import org.apache.directory.server.core.authz.AuthorizationServiceAsAdminIT;
@@ -51,7 +52,7 @@ import org.junit.runners.Suite;
 
         // authn
         SimpleAuthenticationIT.class,
-        //PasswordPolicyTest.class,
+        PasswordPolicyTest.class,
         PasswordHashingInterceptorTest.class,
 
         // authz

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java?rev=1128768&r1=1128767&r2=1128768&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
Sat May 28 20:24:26 2011
@@ -265,8 +265,10 @@ public class SimpleAuthenticator extends
             LookupOperationContext lookupContext = new LookupOperationContext( getDirectoryService().getAdminSession(),
                 bindContext.getDn() );
             lookupContext.setByPassed( USERLOOKUP_BYPASS );
-            lookupContext.setAttrsId( SchemaConstants.ALL_USER_ATTRIBUTES_ARRAY );
-
+            lookupContext.addAttrsId( SchemaConstants.ALL_USER_ATTRIBUTES );
+            // OP attributes required for ppolicy
+            lookupContext.addAttrsId( SchemaConstants.ALL_OPERATIONAL_ATTRIBUTES );
+            
             userEntry = getDirectoryService().getOperationManager().lookup( lookupContext
);
 
             if ( userEntry == null )



Mime
View raw message