directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject [1/2] directory-fortress-core git commit: FC-211 - Support apacheds password policies
Date Sat, 10 Jun 2017 15:50:27 GMT
Repository: directory-fortress-core
Updated Branches:
  refs/heads/master 45a693193 -> cec922a81


FC-211 - Support apacheds password policies


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/0b66848d
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/0b66848d
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/0b66848d

Branch: refs/heads/master
Commit: 0b66848d4bac675274528d60cd137d42f479ff5f
Parents: eaff971
Author: Shawn McKinney <smckinney@apache.org>
Authored: Sat Jun 10 10:50:06 2017 -0500
Committer: Shawn McKinney <smckinney@apache.org>
Committed: Sat Jun 10 10:50:06 2017 -0500

----------------------------------------------------------------------
 config/fortress.properties.src                  |   2 +
 .../directory/fortress/core/GlobalIds.java      |   6 +
 .../directory/fortress/core/impl/PolicyDAO.java | 458 +++++++++++++++----
 .../directory/fortress/core/impl/UserDAO.java   |  19 +-
 .../fortress/core/ldap/LdapDataProvider.java    |   2 +-
 .../directory/fortress/core/util/Config.java    |   4 +
 .../fortress/core/impl/FortressJUnitTest.java   |  14 +-
 .../fortress/core/impl/PolicyTestData.java      |   8 +-
 .../core/impl/PswdPolicyMgrImplTest.java        |  25 +-
 9 files changed, 420 insertions(+), 118 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/config/fortress.properties.src
----------------------------------------------------------------------
diff --git a/config/fortress.properties.src b/config/fortress.properties.src
index 3a4ffaa..fac6623 100755
--- a/config/fortress.properties.src
+++ b/config/fortress.properties.src
@@ -26,6 +26,8 @@ port=@LDAP_PORT@
 # Options are openldap or apacheds (default):
 ldap.server.type=@SERVER_TYPE@
 
+apacheds.pwpolicy.root=ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+
 # Audit only works if ldap.server.type == openldap:
 disable.audit=@IS_AUDIT@
 

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
index 0aa24ba..f48834c 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
@@ -200,6 +200,12 @@ public final class GlobalIds
      */
     public static final String GROUP_ROOT = "group.root";
 
+    /**
+     * Specifies the dn of the container where password policies are stored in ApachDS.  This is typically here:
+     * {@code ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config}
+     */
+    public static final String ADS_PPOLICY_ROOT = "apacheds.pwpolicy.root";
+
     /*
       *  *************************************************************************
       *  **  BEGIN LDAP STANDARD ATTRIBUTE NAMES

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/main/java/org/apache/directory/fortress/core/impl/PolicyDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/PolicyDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/PolicyDAO.java
index 6f1fbe9..180b772 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/PolicyDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/PolicyDAO.java
@@ -47,6 +47,8 @@ import org.apache.directory.fortress.core.UpdateException;
 import org.apache.directory.fortress.core.ldap.LdapDataProvider;
 import org.apache.directory.fortress.core.model.ObjectFactory;
 import org.apache.directory.fortress.core.model.PwPolicy;
+import org.apache.directory.fortress.core.model.User;
+import org.apache.directory.fortress.core.util.Config;
 import org.apache.directory.ldap.client.api.LdapConnection;
 
 
@@ -104,10 +106,13 @@ final class PolicyDAO extends LdapDataProvider
       */
     private static final String OLPW_POLICY_EXTENSION = "2.5.4.35";
     private static final String OLPW_POLICY_CLASS = "pwdPolicy";
+    private static final String ADS_POLICY_CLASS = "ads-passwordPolicy";
+    private static final String ADS_BASE_CLASS = "ads-base";
+
     /**
      * This object class combines OpenLDAP PW Policy schema with the Fortress audit context.
      */
-    private static final String OAM_PWPOLICY_OBJ_CLASS[] =
+    private static final String OL_PWPOLICY_OBJ_CLASS[] =
         {
             SchemaConstants.TOP_OC,
             SchemaConstants.DEVICE_OC,
@@ -115,7 +120,14 @@ final class PolicyDAO extends LdapDataProvider
             GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME
     };
 
-    private static final String OLPW_ATTRIBUTE = "pwdAttribute";
+    private static final String ADS_PWPOLICY_OBJ_CLASS[] =
+        {
+            SchemaConstants.TOP_OC,
+            ADS_BASE_CLASS,
+            ADS_POLICY_CLASS,
+            GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME
+    };
+
     private static final String OLPW_MIN_AGE = "pwdMinAge";
     private static final String OLPW_MAX_AGE = "pwdMaxAge";
     private static final String OLPW_IN_HISTORY = "pwdInHistory";
@@ -130,19 +142,52 @@ final class PolicyDAO extends LdapDataProvider
     private static final String OLPW_MUST_CHANGE = "pwdMustChange";
     private static final String OLPW_ALLOW_USER_CHANGE = "pwdAllowUserChange";
     private static final String OLPW_SAFE_MODIFY = "pwdSafeModify";
-    private static final String[] PASSWORD_POLICY_ATRS =
+    private static final String OLPW_ATTRIBUTE = "pwdAttribute";
+
+    private static final String ADS_PREFIX = "ads-";
+    private static final String ADS_MIN_AGE = ADS_PREFIX + "pwdMinAge";
+    private static final String ADS_MAX_AGE = ADS_PREFIX + "pwdMaxAge";
+    private static final String ADS_IN_HISTORY = ADS_PREFIX + "pwdInHistory";
+    private static final String ADS_CHECK_QUALITY = ADS_PREFIX + "pwdCheckQuality";
+    private static final String ADS_MIN_LENGTH = ADS_PREFIX + "pwdMinLength";
+    private static final String ADS_EXPIRE_WARNING = ADS_PREFIX + "pwdExpireWarning";
+    private static final String ADS_GRACE_LOGIN_LIMIT = ADS_PREFIX + "pwdGraceAuthNLimit";
+    private static final String ADS_LOCKOUT = ADS_PREFIX + "pwdLockout";
+    private static final String ADS_LOCKOUT_DURATION = ADS_PREFIX + "pwdLockoutDuration";
+    private static final String ADS_MAX_FAILURE = ADS_PREFIX + "pwdMaxFailure";
+    private static final String ADS_FAILURE_COUNT_INTERVAL = ADS_PREFIX + "pwdFailureCountInterval";
+    private static final String ADS_MUST_CHANGE = ADS_PREFIX + "pwdMustChange";
+    private static final String ADS_ALLOW_USER_CHANGE = ADS_PREFIX + "pwdAllowUserChange";
+    private static final String ADS_SAFE_MODIFY = ADS_PREFIX + "pwdSafeModify";
+    private static final String ADS_ATTRIBUTE = "ads-pwdAttribute";
+    private static final String ADS_PWD_ID = "ads-pwdid";
+
+    private static final String[] OL_PASSWORD_POLICY_ATRS =
         {
             SchemaConstants.CN_AT, OLPW_MIN_AGE, OLPW_MAX_AGE, OLPW_IN_HISTORY, OLPW_CHECK_QUALITY,
             OLPW_MIN_LENGTH, OLPW_EXPIRE_WARNING, OLPW_GRACE_LOGIN_LIMIT, OLPW_LOCKOUT,
             OLPW_LOCKOUT_DURATION, OLPW_MAX_FAILURE, OLPW_FAILURE_COUNT_INTERVAL,
-            OLPW_MUST_CHANGE, OLPW_ALLOW_USER_CHANGE, OLPW_SAFE_MODIFY,
+            OLPW_MUST_CHANGE, OLPW_ALLOW_USER_CHANGE, OLPW_SAFE_MODIFY, "ads-pwdid"
     };
 
-    private static final String[] PASSWORD_POLICY_NAME_ATR =
+    private static final String[] ADS_PASSWORD_POLICY_ATRS =
+        {
+            ADS_PWD_ID, ADS_MIN_AGE, ADS_MAX_AGE, ADS_IN_HISTORY, ADS_CHECK_QUALITY,
+            ADS_MIN_LENGTH, ADS_EXPIRE_WARNING, ADS_GRACE_LOGIN_LIMIT, ADS_LOCKOUT,
+            ADS_LOCKOUT_DURATION, ADS_MAX_FAILURE, ADS_FAILURE_COUNT_INTERVAL,
+            ADS_MUST_CHANGE, ADS_ALLOW_USER_CHANGE, ADS_SAFE_MODIFY
+    };
+
+    private static final String[] OL_PASSWORD_POLICY_NAME_ATR =
         {
             SchemaConstants.CN_AT
     };
 
+    private static final String[] ADS_PASSWORD_POLICY_NAME_ATR =
+        {
+            ADS_PWD_ID
+    };
+
     /**
      * @param entity
      * @return
@@ -158,43 +203,75 @@ final class PolicyDAO extends LdapDataProvider
         try
         {
             Entry entry = new DefaultEntry( dn );
-            entry.add( SchemaConstants.OBJECT_CLASS_AT, OAM_PWPOLICY_OBJ_CLASS );
-            entry.add( SchemaConstants.CN_AT, entity.getName() );
-            entry.add( OLPW_ATTRIBUTE, OLPW_POLICY_EXTENSION );
+
+
+            if( Config.getInstance().isOpenldap() )
+            {
+                entry.add( SchemaConstants.OBJECT_CLASS_AT, OL_PWPOLICY_OBJ_CLASS );
+                entry.add( SchemaConstants.CN_AT, entity.getName() );
+                entry.add( OLPW_ATTRIBUTE, OLPW_POLICY_EXTENSION );
+            }
+            else
+            {
+                entry.add( SchemaConstants.OBJECT_CLASS_AT, ADS_PWPOLICY_OBJ_CLASS );
+                entry.add( ADS_PWD_ID, entity.getName() );
+                entry.add( ADS_ATTRIBUTE, "userPassword" );
+            }
 
             if ( entity.getMinAge() != null )
             {
-                entry.add( OLPW_MIN_AGE, entity.getMinAge().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_MIN_AGE, entity.getMinAge().toString() );
+                else
+                    entry.add( ADS_MIN_AGE, entity.getMinAge().toString() );
             }
 
             if ( entity.getMaxAge() != null )
             {
-                entry.add( OLPW_MAX_AGE, entity.getMaxAge().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_MAX_AGE, entity.getMaxAge().toString() );
+                else
+                    entry.add( ADS_MAX_AGE, entity.getMaxAge().toString() );
             }
 
             if ( entity.getInHistory() != null )
             {
-                entry.add( OLPW_IN_HISTORY, entity.getInHistory().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_IN_HISTORY, entity.getInHistory().toString() );
+                else
+                    entry.add( ADS_IN_HISTORY, entity.getInHistory().toString() );
             }
 
             if ( entity.getCheckQuality() != null )
             {
-                entry.add( OLPW_CHECK_QUALITY, entity.getCheckQuality().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_CHECK_QUALITY, entity.getCheckQuality().toString() );
+                else
+                    entry.add( ADS_CHECK_QUALITY, entity.getCheckQuality().toString() );
             }
 
             if ( entity.getMinLength() != null )
             {
-                entry.add( OLPW_MIN_LENGTH, entity.getMinLength().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_MIN_LENGTH, entity.getMinLength().toString() );
+                else
+                    entry.add( ADS_MIN_LENGTH, entity.getMinLength().toString() );
             }
 
             if ( entity.getExpireWarning() != null )
             {
-                entry.add( OLPW_EXPIRE_WARNING, entity.getExpireWarning().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_EXPIRE_WARNING, entity.getExpireWarning().toString() );
+                else
+                    entry.add( ADS_EXPIRE_WARNING, entity.getExpireWarning().toString() );
             }
 
             if ( entity.getGraceLoginLimit() != null )
             {
-                entry.add( OLPW_GRACE_LOGIN_LIMIT, entity.getGraceLoginLimit().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_GRACE_LOGIN_LIMIT, entity.getGraceLoginLimit().toString() );
+                else
+                    entry.add( ADS_GRACE_LOGIN_LIMIT, entity.getGraceLoginLimit().toString() );
             }
 
             if ( entity.getLockout() != null )
@@ -202,22 +279,34 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * For some reason OpenLDAP requires the pwdLockout boolean value to be upper case:
                  */
-                entry.add( OLPW_LOCKOUT, entity.getLockout().toString().toUpperCase() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_LOCKOUT, entity.getLockout().toString().toUpperCase() );
+                else
+                    entry.add( ADS_LOCKOUT, entity.getLockout().toString().toUpperCase() );
             }
 
             if ( entity.getLockoutDuration() != null )
             {
-                entry.add( OLPW_LOCKOUT_DURATION, entity.getLockoutDuration().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_LOCKOUT_DURATION, entity.getLockoutDuration().toString() );
+                else
+                    entry.add( ADS_LOCKOUT_DURATION, entity.getLockoutDuration().toString() );
             }
 
             if ( entity.getMaxFailure() != null )
             {
-                entry.add( OLPW_MAX_FAILURE, entity.getMaxFailure().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_MAX_FAILURE, entity.getMaxFailure().toString() );
+                else
+                    entry.add( ADS_MAX_FAILURE, entity.getMaxFailure().toString() );
             }
 
             if ( entity.getFailureCountInterval() != null )
             {
-                entry.add( OLPW_FAILURE_COUNT_INTERVAL, entity.getFailureCountInterval().toString() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_FAILURE_COUNT_INTERVAL, entity.getFailureCountInterval().toString() );
+                else
+                    entry.add( ADS_FAILURE_COUNT_INTERVAL, entity.getFailureCountInterval().toString() );
             }
 
             if ( entity.getMustChange() != null )
@@ -225,7 +314,10 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * OpenLDAP requires the boolean values to be upper case:
                  */
-                entry.add( OLPW_MUST_CHANGE, entity.getMustChange().toString().toUpperCase() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_MUST_CHANGE, entity.getMustChange().toString().toUpperCase() );
+                else
+                    entry.add( ADS_MUST_CHANGE, entity.getMustChange().toString().toUpperCase() );
             }
 
             if ( entity.getAllowUserChange() != null )
@@ -233,8 +325,12 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * OpenLDAP requires the boolean values to be upper case:
                  */
-                entry.add( OLPW_ALLOW_USER_CHANGE, entity.getAllowUserChange().toString()
-                    .toUpperCase() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_ALLOW_USER_CHANGE, entity.getAllowUserChange().toString()
+                        .toUpperCase() );
+                else
+                    entry.add( ADS_ALLOW_USER_CHANGE, entity.getAllowUserChange().toString()
+                        .toUpperCase() );
             }
 
             if ( entity.getSafeModify() != null )
@@ -242,7 +338,10 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * OpenLDAP requires the boolean values to be upper case:
                  */
-                entry.add( OLPW_SAFE_MODIFY, entity.getSafeModify().toString().toUpperCase() );
+                if( Config.getInstance().isOpenldap() )
+                    entry.add( OLPW_SAFE_MODIFY, entity.getSafeModify().toString().toUpperCase() );
+                else
+                    entry.add( ADS_SAFE_MODIFY, entity.getSafeModify().toString().toUpperCase() );
             }
 
             ld = getAdminConnection();
@@ -278,51 +377,86 @@ final class PolicyDAO extends LdapDataProvider
 
             if ( entity.getMinAge() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_MIN_AGE, entity.getMinAge().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_MIN_AGE, entity.getMinAge().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_MIN_AGE, entity.getMinAge().toString() ) );
             }
 
             if ( entity.getMaxAge() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_MAX_AGE, entity.getMaxAge().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_MAX_AGE, entity.getMaxAge().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_MAX_AGE, entity.getMaxAge().toString() ) );
             }
 
             if ( entity.getInHistory() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_IN_HISTORY, entity.getInHistory().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_IN_HISTORY, entity.getInHistory().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_IN_HISTORY, entity.getInHistory().toString() ) );
             }
 
             if ( entity.getCheckQuality() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_CHECK_QUALITY, entity.getCheckQuality().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_CHECK_QUALITY, entity.getCheckQuality().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_CHECK_QUALITY, entity.getCheckQuality().toString() ) );
             }
 
             if ( entity.getMinLength() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_MIN_LENGTH, entity.getMinLength().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_MIN_LENGTH, entity.getMinLength().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_MIN_LENGTH, entity.getMinLength().toString() ) );
             }
 
             if ( entity.getExpireWarning() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_EXPIRE_WARNING, entity.getExpireWarning().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_EXPIRE_WARNING, entity.getExpireWarning().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_EXPIRE_WARNING, entity.getExpireWarning().toString() ) );
             }
 
             if ( entity.getGraceLoginLimit() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_GRACE_LOGIN_LIMIT, entity.getGraceLoginLimit().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_GRACE_LOGIN_LIMIT, entity.getGraceLoginLimit().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_GRACE_LOGIN_LIMIT, entity.getGraceLoginLimit().toString() ) );
             }
 
             if ( entity.getLockout() != null )
@@ -330,30 +464,50 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * OpenLDAP requires the boolean values to be upper case:
                  */
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_LOCKOUT, entity.getLockout().toString().toUpperCase() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_LOCKOUT, entity.getLockout().toString().toUpperCase() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_LOCKOUT, entity.getLockout().toString().toUpperCase() ) );
             }
 
             if ( entity.getLockoutDuration() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_LOCKOUT_DURATION, entity.getLockoutDuration().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_LOCKOUT_DURATION, entity.getLockoutDuration().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_LOCKOUT_DURATION, entity.getLockoutDuration().toString() ) );
             }
 
             if ( entity.getMaxFailure() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_MAX_FAILURE, entity.getMaxFailure().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_MAX_FAILURE, entity.getMaxFailure().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_MAX_FAILURE, entity.getMaxFailure().toString() ) );
             }
 
             if ( entity.getFailureCountInterval() != null )
             {
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_FAILURE_COUNT_INTERVAL, entity.getFailureCountInterval().toString() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_FAILURE_COUNT_INTERVAL, entity.getFailureCountInterval().toString() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_FAILURE_COUNT_INTERVAL, entity.getFailureCountInterval().toString() ) );
             }
 
             if ( entity.getMustChange() != null )
@@ -361,9 +515,14 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * OpenLDAP requires the boolean values to be upper case:
                  */
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_MUST_CHANGE, entity.getMustChange().toString().toUpperCase() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_MUST_CHANGE, entity.getMustChange().toString().toUpperCase() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_MUST_CHANGE, entity.getMustChange().toString().toUpperCase() ) );
             }
 
             if ( entity.getAllowUserChange() != null )
@@ -371,9 +530,14 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * OpenLDAP requires the boolean values to be upper case:
                  */
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_ALLOW_USER_CHANGE, entity.getAllowUserChange().toString().toUpperCase() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_ALLOW_USER_CHANGE, entity.getAllowUserChange().toString().toUpperCase() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_ALLOW_USER_CHANGE, entity.getAllowUserChange().toString().toUpperCase() ) );
             }
 
             if ( entity.getSafeModify() != null )
@@ -381,9 +545,14 @@ final class PolicyDAO extends LdapDataProvider
                 /**
                  * OpenLDAP requires the boolean values to be upper case:
                  */
-                mods.add( new DefaultModification(
-                    ModificationOperation.REPLACE_ATTRIBUTE,
-                    OLPW_SAFE_MODIFY, entity.getSafeModify().toString().toUpperCase() ) );
+                if( Config.getInstance().isOpenldap() )
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        OLPW_SAFE_MODIFY, entity.getSafeModify().toString().toUpperCase() ) );
+                else
+                    mods.add( new DefaultModification(
+                        ModificationOperation.REPLACE_ATTRIBUTE,
+                        ADS_SAFE_MODIFY, entity.getSafeModify().toString().toUpperCase() ) );
             }
 
             if ( mods != null && mods.size() > 0 )
@@ -445,7 +614,13 @@ final class PolicyDAO extends LdapDataProvider
         try
         {
             ld = getAdminConnection();
-            Entry findEntry = read( ld, dn, PASSWORD_POLICY_ATRS );
+            String pattr[];
+            if( Config.getInstance().isOpenldap() )
+                pattr = OL_PASSWORD_POLICY_ATRS;
+            else
+                pattr = ADS_PASSWORD_POLICY_ATRS;
+
+            Entry findEntry = read( ld, dn, pattr );
             entity = unloadLdapEntry( findEntry, 0 );
         }
         catch ( LdapNoSuchObjectException e )
@@ -480,85 +655,127 @@ final class PolicyDAO extends LdapDataProvider
     {
         PwPolicy entity = new ObjectFactory().createPswdPolicy();
         entity.setSequenceId( sequence );
-        entity.setName( getAttribute( le, SchemaConstants.CN_AT ) );
-        String val = getAttribute( le, OLPW_MIN_AGE );
+
+        if( Config.getInstance().isOpenldap() )
+            entity.setName( getAttribute( le, SchemaConstants.CN_AT ) );
+        else
+            entity.setName( getAttribute( le, ADS_PWD_ID ) );
+        String val;
+
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_MIN_AGE );
+        else
+            val = getAttribute( le, ADS_MIN_AGE );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setMinAge( Integer.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_MAX_AGE );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_MAX_AGE );
+        else
+            val = getAttribute( le, ADS_MAX_AGE );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setMaxAge( Long.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_IN_HISTORY );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_IN_HISTORY );
+        else
+            val = getAttribute( le, ADS_IN_HISTORY );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setInHistory( Short.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_CHECK_QUALITY );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_CHECK_QUALITY );
+        else
+            val = getAttribute( le, ADS_CHECK_QUALITY );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setCheckQuality( Short.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_MIN_LENGTH );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_MIN_LENGTH );
+        else
+            val = getAttribute( le, ADS_MIN_LENGTH );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setMinLength( Short.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_EXPIRE_WARNING );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_EXPIRE_WARNING );
+        else
+            val = getAttribute( le, ADS_EXPIRE_WARNING );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setExpireWarning( Long.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_GRACE_LOGIN_LIMIT );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_GRACE_LOGIN_LIMIT );
+        else
+            val = getAttribute( le, ADS_GRACE_LOGIN_LIMIT );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setGraceLoginLimit( Short.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_LOCKOUT );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_LOCKOUT );
+        else
+            val = getAttribute( le, ADS_LOCKOUT );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setLockout( Boolean.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_LOCKOUT_DURATION );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_LOCKOUT_DURATION );
+        else
+            val = getAttribute( le, ADS_LOCKOUT_DURATION );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setLockoutDuration( Integer.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_MAX_FAILURE );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_MAX_FAILURE );
+        else
+            val = getAttribute( le, ADS_MAX_FAILURE );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setMaxFailure( Short.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_FAILURE_COUNT_INTERVAL );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_FAILURE_COUNT_INTERVAL );
+        else
+            val = getAttribute( le, ADS_FAILURE_COUNT_INTERVAL );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
-            entity.setFailureCountInterval( Short.valueOf( val ) );
+           entity.setFailureCountInterval( Short.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_MUST_CHANGE );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_MUST_CHANGE );
+        else
+            val = getAttribute( le, ADS_MUST_CHANGE );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
@@ -566,14 +783,20 @@ final class PolicyDAO extends LdapDataProvider
             entity.setMustChange( Boolean.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_ALLOW_USER_CHANGE );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_ALLOW_USER_CHANGE );
+        else
+            val = getAttribute( le, ADS_ALLOW_USER_CHANGE );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
             entity.setAllowUserChange( Boolean.valueOf( val ) );
         }
 
-        val = getAttribute( le, OLPW_SAFE_MODIFY );
+        if( Config.getInstance().isOpenldap() )
+            val = getAttribute( le, OLPW_SAFE_MODIFY );
+        else
+            val = getAttribute( le, ADS_SAFE_MODIFY );
 
         if ( StringUtils.isNotEmpty( val ) )
         {
@@ -600,11 +823,23 @@ final class PolicyDAO extends LdapDataProvider
         try
         {
             searchVal = encodeSafeText( policy.getName(), GlobalIds.PWPOLICY_NAME_LEN );
-            String filter = GlobalIds.FILTER_PREFIX + OLPW_POLICY_CLASS + ")("
-                + GlobalIds.POLICY_NODE_TYPE + "=" + searchVal + "*))";
+            String szFilter;
+            String attrs[];
+
+            if( Config.getInstance().isOpenldap() )
+            {
+                szFilter = GlobalIds.FILTER_PREFIX + OLPW_POLICY_CLASS + ")(" + GlobalIds.POLICY_NODE_TYPE + "=" + searchVal + "*))";
+                attrs = OL_PASSWORD_POLICY_ATRS;
+            }
+            else
+            {
+                szFilter = GlobalIds.FILTER_PREFIX + ADS_POLICY_CLASS + ")(" + ADS_PWD_ID + "=" + searchVal + "*))";
+                attrs = ADS_PASSWORD_POLICY_ATRS;
+            }
+
             ld = getAdminConnection();
             SearchCursor searchResults = search( ld, policyRoot,
-                SearchScope.ONELEVEL, filter, PASSWORD_POLICY_ATRS, false, GlobalIds.BATCH_SIZE );
+                SearchScope.ONELEVEL, szFilter, attrs, false, GlobalIds.BATCH_SIZE );
             long sequence = 0;
 
             while ( searchResults.next() )
@@ -644,14 +879,33 @@ final class PolicyDAO extends LdapDataProvider
 
         try
         {
-            String filter = "(objectclass=" + OLPW_POLICY_CLASS + ")";
+            //String filter = "(objectclass=" + OLPW_POLICY_CLASS + ")";
+            String szFilter;
+            String attrs[];
+
+            if( Config.getInstance().isOpenldap() )
+            {
+                szFilter = "(objectclass=" + OLPW_POLICY_CLASS + ")";
+                attrs = OL_PASSWORD_POLICY_NAME_ATR;
+            }
+            else
+            {
+                szFilter = "(objectclass=" + ADS_POLICY_CLASS + ")";
+                attrs = ADS_PASSWORD_POLICY_NAME_ATR;
+            }
+
+
             ld = getAdminConnection();
             SearchCursor searchResults = search( ld, policyRoot,
-                SearchScope.ONELEVEL, filter, PASSWORD_POLICY_NAME_ATR, false, GlobalIds.BATCH_SIZE );
+                SearchScope.ONELEVEL, szFilter, attrs, false, GlobalIds.BATCH_SIZE );
 
             while ( searchResults.next() )
             {
-                policySet.add( getAttribute( searchResults.getEntry(), SchemaConstants.CN_AT ) );
+                Entry entry = searchResults.getEntry();
+                if( Config.getInstance().isOpenldap() )
+                    policySet.add( getAttribute( searchResults.getEntry(), SchemaConstants.CN_AT ) );
+                else
+                    policySet.add( getAttribute( entry, ADS_PWD_ID ) );
             }
         }
         catch ( LdapException e )
@@ -675,12 +929,34 @@ final class PolicyDAO extends LdapDataProvider
 
     private String getDn( PwPolicy policy )
     {
-        return GlobalIds.POLICY_NODE_TYPE + "=" + policy.getName() + "," + getPolicyRoot( policy.getContextId() );
+        String szDn;
+        if( Config.getInstance().isOpenldap() )
+            szDn = GlobalIds.POLICY_NODE_TYPE + "=" + policy.getName() + "," + getPolicyRoot( policy.getContextId() );
+        else
+            szDn = ADS_PWD_ID + "=" + policy.getName() + "," + getPolicyRoot( policy.getContextId() );
+
+        return szDn;
     }
 
+    static String getPolicyDn( User user )
+    {
+        String szDn;
+        if( Config.getInstance().isOpenldap() )
+            szDn = GlobalIds.POLICY_NODE_TYPE + "=" + user.getPwPolicy() + "," + getPolicyRoot( user.getContextId() );
+        else
+            szDn = ADS_PWD_ID + "=" + user.getPwPolicy() + "," + getPolicyRoot( user.getContextId() );
 
-    private String getPolicyRoot( String contextId )
+        return szDn;
+    }
+
+    private static String getPolicyRoot( String contextId )
     {
-        return getRootDn( contextId, GlobalIds.PPOLICY_ROOT );
+        String szDn;
+        if( Config.getInstance().isOpenldap() )
+            szDn = getRootDn( contextId, GlobalIds.PPOLICY_ROOT );
+        else
+            szDn = getRootDn( contextId, GlobalIds.ADS_PPOLICY_ROOT );
+
+        return szDn;
     }
 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
index 9fe4c8f..dba2f56 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
@@ -278,11 +278,10 @@ final class UserDAO extends LdapDataProvider
                 myEntry.add( SYSTEM_USER, entity.isSystem().toString().toUpperCase() );
             }
 
-            if ( Config.getInstance().isOpenldap() && StringUtils.isNotEmpty( entity.getPwPolicy() ) )
+            // If password policy is set and either openldap or apacheds in use:
+            if ( ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) && StringUtils.isNotEmpty( entity.getPwPolicy() ) )
             {
-                String pwdPolicyDn = GlobalIds.POLICY_NODE_TYPE + "=" + entity.getPwPolicy() + "," + getRootDn(
-                    entity.getContextId(), GlobalIds.PPOLICY_ROOT );
-                myEntry.add( OPENLDAP_POLICY_SUBENTRY, pwdPolicyDn );
+                myEntry.add( OPENLDAP_POLICY_SUBENTRY, PolicyDAO.getPolicyDn( entity ) );
             }
 
             if ( StringUtils.isNotEmpty( entity.getOu() ) )
@@ -383,12 +382,11 @@ final class UserDAO extends LdapDataProvider
                     entity.getTitle() ) );
             }
 
-            if ( Config.getInstance().isOpenldap() && StringUtils.isNotEmpty( entity.getPwPolicy() ) )
+            // If password policy is set and either openldap or apacheds in use:
+            if ( ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) && StringUtils.isNotEmpty( entity.getPwPolicy() ) )
             {
-                String szDn = GlobalIds.POLICY_NODE_TYPE + "=" + entity.getPwPolicy() + "," + getRootDn( entity
-                    .getContextId(), GlobalIds.PPOLICY_ROOT );
                 mods.add( new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE, OPENLDAP_POLICY_SUBENTRY,
-                    szDn ) );
+                    PolicyDAO.getPolicyDn( entity ) ) );
             }
 
             if ( entity.isSystem() != null )
@@ -1940,7 +1938,7 @@ final class UserDAO extends LdapDataProvider
 
         entity.addProperties( PropUtil.getProperties( getAttributes( entry, GlobalIds.PROPS ) ) );
 
-        if ( Config.getInstance().isOpenldap() )
+        if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
         {
             szBoolean = getAttribute( entry, OPENLDAP_PW_RESET );
             if ( szBoolean != null && szBoolean.equalsIgnoreCase( "true" ) )
@@ -2406,8 +2404,7 @@ final class UserDAO extends LdapDataProvider
 
     private void initAttrArrays()
     {
-        boolean isOpenldap = Config.getInstance().isOpenldap();
-        if ( isOpenldap )
+        if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
         {
             // This default set of attributes contains all and is used for search operations.
             defaultAtrs = new String[]

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
index 383d525..8139025 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
@@ -98,7 +98,7 @@ public abstract class LdapDataProvider
      * @param root      contains the fortress parameter name that corresponds with a particular LDAP container.
      * @return String contains the dn to use for operation.
      */
-    protected String getRootDn( String contextId, String root )
+    protected static String getRootDn( String contextId, String root )
     {
         String szDn = Config.getInstance().getProperty( root );
 

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/main/java/org/apache/directory/fortress/core/util/Config.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/util/Config.java b/src/main/java/org/apache/directory/fortress/core/util/Config.java
index 7bcfc9e..dd3f771 100755
--- a/src/main/java/org/apache/directory/fortress/core/util/Config.java
+++ b/src/main/java/org/apache/directory/fortress/core/util/Config.java
@@ -369,6 +369,10 @@ public final class Config
     {
         return ( ( getProperty( GlobalIds.SERVER_TYPE ) != null ) && ( getProperty( GlobalIds.SERVER_TYPE ).equalsIgnoreCase( "openldap" ) ) );
     }
+    public boolean isApacheds()
+    {
+        return ( ( getProperty( GlobalIds.SERVER_TYPE ) != null ) && ( getProperty( GlobalIds.SERVER_TYPE ).equalsIgnoreCase( "apacheds" ) ) );
+    }
     public boolean isRealm()
     {
         return GlobalIds.REALM_TYPE.equalsIgnoreCase( getProperty( GlobalIds.AUTHENTICATION_TYPE ) );

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java b/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
index 66c071f..2419782 100755
--- a/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
+++ b/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
@@ -105,7 +105,7 @@ public class FortressJUnitTest extends TestCase
         if ( !isFirstRun() )
         {
             // PwPolicyMgr PW Policy Teardown:
-            if ( Config.getInstance().isOpenldap() )
+            if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
             {
                 suite.addTest( new PswdPolicyMgrImplTest( "testDeletePasswordPolicy" ) );
             }
@@ -132,7 +132,7 @@ public class FortressJUnitTest extends TestCase
             suite.addTest( new AdminMgrImplTest( "testDelRoleDescendant" ) );
             suite.addTest( new AdminMgrImplTest( "testDelRoleAscendant" ) );
             suite.addTest( new AdminMgrImplTest( "testDeleteRole" ) );
-            if ( Config.getInstance().isOpenldap() )
+            if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
             {
                 suite.addTest( new PswdPolicyMgrImplTest( "testDelete" ) );
             }
@@ -157,7 +157,7 @@ public class FortressJUnitTest extends TestCase
         /* 2. Build Up                                             */
         /***********************************************************/
         // PW PolicyMgr APIs:
-        if ( Config.getInstance().isOpenldap() )
+        if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
         {
             suite.addTest( new PswdPolicyMgrImplTest( "testAdd" ) );
             suite.addTest( new PswdPolicyMgrImplTest( "testUpdate" ) );
@@ -194,7 +194,7 @@ public class FortressJUnitTest extends TestCase
         suite.addTest( new AdminMgrImplTest( "testUpdateRole" ) );
         suite.addTest( new AdminMgrImplTest( "testAddUser" ) );
         suite.addTest( new AdminMgrImplTest( "testUpdateUser" ) );
-        if ( Config.getInstance().isOpenldap() )
+        if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
         {
             suite.addTest( new PswdPolicyMgrImplTest( "testUpdatePasswordPolicy" ) );
         }
@@ -232,7 +232,7 @@ public class FortressJUnitTest extends TestCase
         suite.addTest( new DelegatedMgrImplTest( "testSearchAdminRole" ) );
 
         // ReviewMgr RBAC:
-        if ( Config.getInstance().isOpenldap() )
+        if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
         {
             suite.addTest( new PswdPolicyMgrImplTest( "testRead" ) );
             suite.addTest( new PswdPolicyMgrImplTest( "testSearch" ) );
@@ -281,7 +281,7 @@ public class FortressJUnitTest extends TestCase
         // AccessMgr RBAC:
         suite.addTest( new AccessMgrImplTest( "testGetUserId" ) );
         suite.addTest( new AccessMgrImplTest( "testGetUser" ) );
-        if ( Config.getInstance().isOpenldap() )
+        if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
         {
             // These tests are reliant on OpenLDAP's pwpolicy overlay:
             suite.addTest( new AdminMgrImplTest( "testResetPassword" ) );
@@ -307,7 +307,7 @@ public class FortressJUnitTest extends TestCase
         suite.addTest( new AccessMgrImplTest( "testCreateSessionWithRolesTrusted" ) );
 
         // PwPolicyMgr PW Policy checks:
-        if ( Config.getInstance().isOpenldap() )
+        if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() )
         {
             // These tests are reliant on OpenLDAP's pwpolicy overlay:
             suite.addTest( new PswdPolicyMgrImplTest( "testMinAge" ) );

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/test/java/org/apache/directory/fortress/core/impl/PolicyTestData.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/core/impl/PolicyTestData.java b/src/test/java/org/apache/directory/fortress/core/impl/PolicyTestData.java
index 0c9f803..ebd0a02 100755
--- a/src/test/java/org/apache/directory/fortress/core/impl/PolicyTestData.java
+++ b/src/test/java/org/apache/directory/fortress/core/impl/PolicyTestData.java
@@ -73,7 +73,7 @@ public class PolicyTestData extends TestCase
                 "0", /* LOCKDURATION_COL */
                 "3", /* MAXFAIL_COL */
                 "0", /* INTERVAL_COL */
-                "TRUE", /* MUSTCHG_COL */
+                "FALSE", /* MUSTCHG_COL */
                 "TRUE", /* ALLOWCHG_COL */
                 "FALSE" /* SAFEMODIFY_COL */
             },
@@ -137,7 +137,7 @@ public class PolicyTestData extends TestCase
                 "0", /* LOCKDURATION_COL */
                 "3", /* MAXFAIL_COL */
                 "0", /* INTERVAL_COL */
-                "TRUE", /* MUSTCHG_COL */
+                "FALSE", /* MUSTCHG_COL */
                 "TRUE", /* ALLOWCHG_COL */
                 "FALSE" /* SAFEMODIFY_COL */
 },
@@ -155,7 +155,7 @@ public class PolicyTestData extends TestCase
                 "0", /* LOCKDURATION_COL */
                 "3", /* MAXFAIL_COL */
                 "0", /* INTERVAL_COL */
-                "TRUE", /* MUSTCHG_COL */
+                "FALSE", /* MUSTCHG_COL */
                 "TRUE", /* ALLOWCHG_COL */
                 "FALSE" /* SAFEMODIFY_COL */
 },
@@ -479,7 +479,7 @@ public class PolicyTestData extends TestCase
                 "0", /* LOCKDURATION_COL */
                 "3", /* MAXFAIL_COL */
                 "0", /* INTERVAL_COL */
-                "FALSE", /* MUSTCHG_COL */
+                "TRUE", /* MUSTCHG_COL */
                 "TRUE", /* ALLOWCHG_COL */
                 "FALSE" /* SAFEMODIFY_COL */
 },

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0b66848d/src/test/java/org/apache/directory/fortress/core/impl/PswdPolicyMgrImplTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/core/impl/PswdPolicyMgrImplTest.java b/src/test/java/org/apache/directory/fortress/core/impl/PswdPolicyMgrImplTest.java
index b9363de..49a6e18 100755
--- a/src/test/java/org/apache/directory/fortress/core/impl/PswdPolicyMgrImplTest.java
+++ b/src/test/java/org/apache/directory/fortress/core/impl/PswdPolicyMgrImplTest.java
@@ -75,13 +75,15 @@ public class PswdPolicyMgrImplTest extends TestCase
     }
 
 
-    public static Test suiteX()
+    public static Test suite()
     {
         TestSuite suite = new TestSuite();
         suite.addTest( new PswdPolicyMgrImplTest( "testDelete" ) );
-        suite.addTest( new AdminMgrImplTest( "testDeleteUser" ) );
+        suite.addTest( new PswdPolicyMgrImplTest( "testDeleteUser" ) );
         suite.addTest( new PswdPolicyMgrImplTest( "testAdd" ) );
-        suite.addTest( new AdminMgrImplTest( "testAddUser" ) );
+        suite.addTest( new PswdPolicyMgrImplTest( "testAddUser" ) );
+
+/*
         suite.addTest( new PswdPolicyMgrImplTest( "testMinAge" ) );
         suite.addTest( new PswdPolicyMgrImplTest( "testMaxAge" ) );
         suite.addTest( new PswdPolicyMgrImplTest( "testInHistory" ) );
@@ -92,6 +94,8 @@ public class PswdPolicyMgrImplTest extends TestCase
         suite.addTest( new PswdPolicyMgrImplTest( "testLockoutDuration" ) );
         suite.addTest( new PswdPolicyMgrImplTest( "testLockout" ) );
         suite.addTest( new PswdPolicyMgrImplTest( "testFailureCountInterval" ) );
+*/
+
         suite.addTest( new PswdPolicyMgrImplTest( "testMustChange" ) );
         suite.addTest( new PswdPolicyMgrImplTest( "testAllowUserChange" ) );
         suite.addTest( new PswdPolicyMgrImplTest( "testSafeModify" ) );
@@ -99,7 +103,7 @@ public class PswdPolicyMgrImplTest extends TestCase
     }
 
 
-    public static Test suite()
+    public static Test suitex()
     {
         TestSuite suite = new TestSuite();
         suite.addTest( new PswdPolicyMgrImplTest( "testDelete" ) );
@@ -152,6 +156,19 @@ public class PswdPolicyMgrImplTest extends TestCase
     }
 
 
+    public void testAddUser()
+    {
+
+        AdminMgrImplTest.addUsers( "ADD-USRS TU5", UserTestData.USERS_TU5, true );
+    }
+
+
+    public void testDeleteUser()
+    {
+        //     public void disableUser(User user)
+        AdminMgrImplTest.deleteUsers( "DEL-USRS TU5", UserTestData.USERS_TU5, true, true );
+    }
+
     /**
      * @throws SecurityException
      */


Mime
View raw message