directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1183593 - /directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
Date Sat, 15 Oct 2011 07:43:50 GMT
Author: elecharny
Date: Sat Oct 15 07:43:50 2011
New Revision: 1183593

URL: http://svn.apache.org/viewvc?rev=1183593&view=rev
Log:
Applied Kiran's changes

Modified:
    directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java

Modified: directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java?rev=1183593&r1=1183592&r2=1183593&view=diff
==============================================================================
--- directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
(original)
+++ directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authn/ppolicy/PasswordPolicyTest.java
Sat Oct 15 07:43:50 2011
@@ -24,7 +24,7 @@ import static org.apache.directory.serve
 import static org.apache.directory.server.core.integ.IntegrationUtils.getNetworkConnectionAs;
 import static org.apache.directory.shared.ldap.extras.controls.ppolicy.PasswordPolicyErrorEnum.INSUFFICIENT_PASSWORD_QUALITY;
 import static org.apache.directory.shared.ldap.extras.controls.ppolicy.PasswordPolicyErrorEnum.PASSWORD_TOO_SHORT;
-import static org.apache.directory.shared.ldap.extras.controls.ppolicy.PasswordPolicyErrorEnum.*;
+import static org.apache.directory.shared.ldap.extras.controls.ppolicy.PasswordPolicyErrorEnum.PASSWORD_EXPIRED;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
@@ -368,8 +368,8 @@ public class PasswordPolicyTest extends 
     @Test
     public void testPwdMaxAgeAndGraceAuth() throws Exception
     {
-    	policyConfig.setPwdMaxAge( 5 );
-    	policyConfig.setPwdExpireWarning( 4 );
+        policyConfig.setPwdMaxAge( 5 );
+        policyConfig.setPwdExpireWarning( 4 );
         policyConfig.setPwdGraceAuthNLimit( 2 );
         
         LdapConnection connection = getAdminNetworkConnection( getLdapServer() );
@@ -499,6 +499,122 @@ public class PasswordPolicyTest extends 
     }
     
     
+    @Test
+    public void testPwdLength() throws Exception
+    {
+       policyConfig.setPwdMinLength( 5 );
+       policyConfig.setPwdMaxLength( 7 );
+       policyConfig.setPwdCheckQuality( 2 );
+       
+        LdapConnection connection = getAdminNetworkConnection( getLdapServer() );
+
+        Dn userDn = new Dn( "cn=userLen,ou=system" );
+        Entry userEntry = new DefaultEntry(
+            userDn.toString(), 
+            "ObjectClass: top", 
+            "ObjectClass: person", 
+            "cn: userLen",
+            "sn: userLen_sn", 
+            "userPassword: 1234");
+
+        AddRequest addRequest = new AddRequestImpl();
+        addRequest.setEntry( userEntry );
+        addRequest.addControl( PP_REQ_CTRL );
+
+        AddResponse addResp = connection.add( addRequest );
+        assertEquals( ResultCodeEnum.CONSTRAINT_VIOLATION, addResp.getLdapResult().getResultCode()
);
+
+        PasswordPolicy respCtrl = getPwdRespCtrl( addResp );
+        assertNotNull( respCtrl );
+        assertEquals( PASSWORD_TOO_SHORT, respCtrl.getResponse().getPasswordPolicyError()
);
+        
+        Attribute pwdAt = userEntry.get( SchemaConstants.USER_PASSWORD_AT );
+        pwdAt.clear();
+        pwdAt.add( "12345678" );
+        
+        addResp = connection.add( addRequest );
+        assertEquals( ResultCodeEnum.CONSTRAINT_VIOLATION, addResp.getLdapResult().getResultCode()
);
+        
+        respCtrl = getPwdRespCtrl( addResp );
+        assertNotNull( respCtrl );
+        assertEquals( INSUFFICIENT_PASSWORD_QUALITY, respCtrl.getResponse().getPasswordPolicyError()
);
+        
+        pwdAt = userEntry.get( SchemaConstants.USER_PASSWORD_AT );
+        pwdAt.clear();
+        pwdAt.add( "123456" );
+        
+        addResp = connection.add( addRequest );
+        assertEquals( ResultCodeEnum.SUCCESS, addResp.getLdapResult().getResultCode() );
+    }
+     
+
+    @Test
+    public void testPwdMaxAgeAndGraceAuth() throws Exception
+    {
+        policyConfig.setPwdMaxAge( 5 );
+        policyConfig.setPwdExpireWarning( 4 );
+        policyConfig.setPwdGraceAuthNLimit( 2 );
+        
+        LdapConnection connection = getAdminNetworkConnection( getLdapServer() );
+
+        Dn userDn = new Dn( "cn=userMaxAge,ou=system" );
+        String password = "12345";
+        Entry userEntry = new DefaultEntry(
+            userDn.toString(), 
+            "ObjectClass: top", 
+            "ObjectClass: person", 
+            "cn: userMaxAge",
+            "sn: userMaxAge_sn", 
+            "userPassword: " + password );
+
+        AddRequest addRequest = new AddRequestImpl();
+        addRequest.setEntry( userEntry );
+        addRequest.addControl( PP_REQ_CTRL );
+
+        connection.add( addRequest );
+
+        BindRequest bindReq = new BindRequestImpl();
+        bindReq.setName( userDn );
+        bindReq.setCredentials( password.getBytes() );
+        bindReq.addControl( PP_REQ_CTRL );
+        
+        LdapConnection userCon= new LdapNetworkConnection( "localhost", ldapServer.getPort()
);
+        userCon.setTimeOut(0);
+
+        Thread.sleep( 1000 ); // sleep for one second so that the password expire warning
will be sent
+        
+        BindResponse bindResp = userCon.bind( bindReq );
+        assertEquals( ResultCodeEnum.SUCCESS, bindResp.getLdapResult().getResultCode() );
+        
+        PasswordPolicy respCtrl = getPwdRespCtrl( bindResp );
+        assertNotNull( respCtrl );
+        assertTrue( respCtrl.getResponse().getTimeBeforeExpiration() > 0 );
+        
+        Thread.sleep( 4000 ); // sleep for four seconds so that the password expires
+        
+        // bind for two more times, should succeed
+        bindResp = userCon.bind( bindReq );
+        assertEquals( ResultCodeEnum.SUCCESS, bindResp.getLdapResult().getResultCode() );
+        respCtrl = getPwdRespCtrl( bindResp );
+        assertNotNull( respCtrl );
+        assertEquals( 1, respCtrl.getResponse().getGraceAuthNsRemaining() );
+        
+        // this extra second sleep is necessary to modify pwdGraceUseTime attribute with
a different timestamp
+        Thread.sleep( 1000 );
+        bindResp = userCon.bind( bindReq );
+        assertEquals( ResultCodeEnum.SUCCESS, bindResp.getLdapResult().getResultCode() );
+        respCtrl = getPwdRespCtrl( bindResp );
+        assertEquals( 0, respCtrl.getResponse().getGraceAuthNsRemaining() );
+        
+        // this time it should fail
+        bindResp = userCon.bind( bindReq );
+        assertEquals( ResultCodeEnum.INVALID_CREDENTIALS, bindResp.getLdapResult().getResultCode()
);
+
+        respCtrl = getPwdRespCtrl( bindResp );
+        assertEquals( PASSWORD_EXPIRED, respCtrl.getResponse().getPasswordPolicyError() );
+    }
+
+    
     private PasswordPolicy getPwdRespCtrl( Response resp ) throws Exception
     {
         Control control = resp.getControls().get( PP_REQ_CTRL.getOid() );



Mime
View raw message