/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* or http://forgerock.org/license/CDDLv1.0.html.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2008 Sun Microsystems, Inc.
* Portions Copyright 2014-2015 ForgeRock AS
*/
package org.opends.server.plugins;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.opends.server.TestCaseUtils;
import org.forgerock.opendj.ldap.ResultCode;
import org.opends.server.tools.LDAPModify;
import static org.testng.Assert.*;
/**
* This class defines a set of tests for the
* org.opends.server.plugins.SevenBitCleanPlugin class.
*/
public class SevenBitCleanPluginTestCase
extends PluginTestCase
{
/**
* The base64-encoded value that will be used as the password for entries that
* are not 7-bit clean.
*/
public static final String BASE64_DIRTY_PASSWORD = "cORzc3f2cmQ=";
/**
* Ensures that the Directory Server is running.
*
* @throws Exception If an unexpected problem occurs.
*/
@BeforeClass
public void startServer()
throws Exception
{
TestCaseUtils.startServer();
}
/**
* Tests to ensure that it is possible to add a clean entry when the plugin
* is disabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testAddCleanAllowedDisabled()
throws Exception
{
TestCaseUtils.initializeTestBackend(true);
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: add",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword: password");
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err), 0);
}
/**
* Tests to ensure that it is possible to add a dirty entry when the plugin
* is disabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testAddDirtyAllowedDisabled()
throws Exception
{
TestCaseUtils.initializeTestBackend(true);
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: add",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err), 0);
}
/**
* Tests to ensure that it is possible to add a clean entry when the plugin
* is enabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testAddCleanAllowedEnabled()
throws Exception
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true");
try
{
TestCaseUtils.initializeTestBackend(true);
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: add",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword: password");
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
0);
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false");
}
}
/**
* Tests to ensure that it is not possible to add a dirty entry when the
* plugin is enabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testAddDirtyRejectedEnabled()
throws Exception
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true");
try
{
TestCaseUtils.initializeTestBackend(true);
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: add",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
ResultCode.CONSTRAINT_VIOLATION.intValue());
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false");
}
}
/**
* Tests to ensure that it is not possible to add a dirty entry when the
* plugin is enabled but the entry being added is outside of the scope of the
* plugin.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testAddDirtyAcceptedEnabledOutsideScope()
throws Exception
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true",
"--set", "base-dn:dc=example,dc=com");
try
{
TestCaseUtils.initializeTestBackend(true);
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: add",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
0);
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false",
"--remove", "base-dn:dc=example,dc=com");
}
}
/**
* Tests to ensure that it is possible to modify an entry to have a dirty
* password value with the plugin disabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testModifyDirtyAllowedDisabled()
throws Exception
{
TestCaseUtils.initializeTestBackend(true);
TestCaseUtils.addEntry(
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword: password");
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: modify",
"replace: userPassword",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err), 0);
}
/**
* Tests to ensure that it is not possible to modify an entry to have a dirty
* password value with the plugin enabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testModifyDirtyRejectedEnabled()
throws Exception
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true");
try
{
TestCaseUtils.initializeTestBackend(true);
TestCaseUtils.addEntry(
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword: password");
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: modify",
"replace: userPassword",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
ResultCode.CONSTRAINT_VIOLATION.intValue());
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false");
}
}
/**
* Tests to ensure that it is possible to modify an entry containing a dirty
* password value when changing that value to be clean.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testModifyDirtyToCleanAllowedEnabled()
throws Exception
{
TestCaseUtils.initializeTestBackend(true);
TestCaseUtils.addEntry(
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true");
try
{
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: modify",
"replace: userPassword",
"userPassword: clean");
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
0);
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false");
}
}
/**
* Tests to ensure that it is possible to modify an entry containing a dirty
* password in order to remove that value.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testModifyRemoveDirtyValueAllowedEnabled()
throws Exception
{
TestCaseUtils.initializeTestBackend(true);
TestCaseUtils.addEntry(
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true");
try
{
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: modify",
"delete: userPassword",
"userPassword:: " + BASE64_DIRTY_PASSWORD);
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
0);
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false");
}
}
/**
* Tests to ensure that it is possible to perform a modify DN operation to
* provide a dirty new RDN with the plugin disabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testModifyDNDirtyAllowedDisabled()
throws Exception
{
TestCaseUtils.initializeTestBackend(true);
TestCaseUtils.addEntry(
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword: password");
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: modrdn",
"newrdn: uid=Lu\\C4\\8Di\\C4\\87",
"deleteoldrdn: 1");
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err), 0);
}
/**
* Tests to ensure that it is not possible to perform a modify DN operation to
* provide a dirty new RDN with the plugin enabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testModifyDNDirtyRejectedEnabled()
throws Exception
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true");
try
{
TestCaseUtils.initializeTestBackend(true);
TestCaseUtils.addEntry(
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: test.user",
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword: password");
String path = TestCaseUtils.createTempFile(
"dn: uid=test.user,o=test",
"changetype: modrdn",
"newrdn: uid=Lu\\C4\\8Di\\C4\\87",
"deleteoldrdn: 1");
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
ResultCode.CONSTRAINT_VIOLATION.intValue());
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false");
}
}
/**
* Tests to ensure that it is possible to perform a modify DN operation to
* provide a clean new RDN for a dirty entry with the plugin enabled.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test
public void testModifyDNDirtyToCleanAllowedEnabled()
throws Exception
{
TestCaseUtils.initializeTestBackend(true);
TestCaseUtils.addEntry(
"dn: uid=Lu\\C4\\8Di\\C4\\87,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
//"uid:: " + BASE64_DIRTY_PASSWORD,
"givenName: Test",
"sn: User",
"cn: Test User",
"mail: test.user@example.com",
"userPassword: password");
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:true");
try
{
String path = TestCaseUtils.createTempFile(
"dn: uid=Lu\\C4\\8Di\\C4\\87,o=test",
"changetype: modrdn",
"newrdn: uid=test.user",
"deleteoldrdn: 1");
String[] args =
{
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-D", "cn=Directory Manager",
"-w", "password",
"-f", path
};
assertEquals(LDAPModify.mainModify(args, false, System.out, System.err),
0);
}
finally
{
TestCaseUtils.dsconfig(
"set-plugin-prop",
"--plugin-name", "7-Bit Clean",
"--set", "enabled:false");
}
}
}