directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject [directory-server] 06/09: Merge branch 'master' of https://gitbox.apache.org/repos/asf/directory-server
Date Wed, 06 Nov 2019 14:33:04 GMT
This is an automated email from the ASF dual-hosted git repository.

elecharny pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-server.git

commit d422c960252db69fe67d8d358fd42f57efc677b4
Merge: be31471 c42030f
Author: emmanuel lecharny <emmanuel.lecharny@busit.com>
AuthorDate: Tue Sep 17 00:51:19 2019 +0200

    Merge branch 'master' of
    https://gitbox.apache.org/repos/asf/directory-server
    
    # Conflicts:
    #	protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/extended/PwdModifyHandler.java
    #	server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyNoPPNoPasswordHashingIT.java

 .../ldap/handlers/extended/PwdModifyHandler.java   |    2 +-
 .../extended/PwdModifyNoPPNoPasswordHashingIT.java | 1834 ++++++++++++--------
 2 files changed, 1096 insertions(+), 740 deletions(-)

diff --cc server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyNoPPNoPasswordHashingIT.java
index 1dd8a77,29607d2..4e6ea1c
--- a/server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyNoPPNoPasswordHashingIT.java
+++ b/server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyNoPPNoPasswordHashingIT.java
@@@ -49,9 -49,9 +49,6 @@@ import org.apache.directory.ldap.client
  import org.apache.directory.server.annotations.CreateLdapServer;
  import org.apache.directory.server.annotations.CreateTransport;
  import org.apache.directory.server.core.annotations.CreateDS;
--import org.apache.directory.server.core.api.InterceptorEnum;
--import org.apache.directory.server.core.authn.AuthenticationInterceptor;
--import org.apache.directory.server.core.authn.ppolicy.PpolicyConfigContainer;
  import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
  import org.apache.directory.server.core.integ.FrameworkRunner;
  import org.apache.directory.server.ldap.handlers.extended.PwdModifyHandler;
@@@ -60,7 -60,8 +57,12 @@@ import org.junit.runner.RunWith
  
  
  /**
++<<<<<<< HEAD
 + * Test the PwdModify extended operation
++=======
+  * Test the PwdModify extended operation, when no PasswordPolicy or PasswordHashing interceptor
+  * are present.
++>>>>>>> c42030f59692518133715f0a4753ce24bb63b2d8
   * 
   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
   */
@@@ -1062,18 -1347,118 +1348,119 @@@ public class PwdModifyNoPPNoPasswordHas
       * At the same time, PP and passwordHashing interceptor are disabled
       */
      @Test
-     public void testAdminModifyPasswordNoOldNew() throws Exception
+     public void testAdminModifyPasswordOldNewExists() throws Exception
+     {
+         try ( LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer()
) )
+         {
+             // Create a user
+             addUser( adminConnection, "User1", "secret1" );
+     
+             // Now change the password
+             PasswordModifyRequest pwdModifyRequest = new PasswordModifyRequestImpl();
+             pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User1,ou=system"
) );
+             pwdModifyRequest.setOldPassword( Strings.getBytesUtf8( "secret1" ) );
+             pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret1" ) );
+     
+             // Send the request
+             PasswordModifyResponse pwdModifyResponse = ( PasswordModifyResponse ) adminConnection.extended(
pwdModifyRequest );
+     
+             assertEquals( ResultCodeEnum.SUCCESS, pwdModifyResponse.getLdapResult().getResultCode()
);
+     
+             try ( LdapConnection userConnection = getNetworkConnectionAs( getLdapServer(),

+                 "cn=user1,ou=system", "secret1" ) )
+             {
+                 Entry entry = userConnection.lookup( "cn=User1,ou=system", "userPassword",
"modifyTimestamp" );
+             
+                 assertNotNull( entry );
+                 assertTrue( entry.containsAttribute( "userPassword" ) );
+                 Attribute userPassword = entry.get( "userPassword" );
+                 
+                 assertNull( PasswordUtil.findAlgorithm( userPassword.getBytes() ) );
+             
+                 assertEquals( 1, userPassword.size() );
+                 assertEquals( "secret1", userPassword.getString() );
+                 assertFalse( entry.containsAttribute( "modifyTimestamp" ) );
+             }
+         }
+     }
++    
++    
+     //-----------------------------------------------------------------------------------
+     // Admin password modification with two passwords
+     //-----------------------------------------------------------------------------------
+     /**
+      * Modify an existing user password with an admin account:
+      * o the userIdentity is provided
+      * o the old password is not provided
+      * o the new password is not provided
+      * o the entry has a userPassword attribute
+      * o the userPassword attribute contains two values
+      * 
+      * At the same time, PP and passwordHashing interceptor are disabled
+      */
+     @Test
+     public void testAdminPasswordModify2PasswordsNoOldNoNew() throws Exception
+     {
+         try ( LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer()
) )
+         {
+             // Create a user
+             addUser2Passwords( adminConnection, "User1", "secret1", "other" );
+     
+             // Now change the password
+             PasswordModifyRequest pwdModifyRequest = new PasswordModifyRequestImpl();
+             pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User1,ou=system"
) );
+     
+             // Send the request
+             PasswordModifyResponse pwdModifyResponse = 
+                     ( PasswordModifyResponse ) adminConnection.extended( pwdModifyRequest
);
+     
+             assertEquals( ResultCodeEnum.UNWILLING_TO_PERFORM, pwdModifyResponse.getLdapResult().getResultCode()
);
+     
+             // Rebind with the original password
+             try ( LdapConnection userConnection = getNetworkConnectionAs( ldapServer, "cn=User1,ou=system",
"secret1" ) )
+             {
+                 Entry entry = userConnection.lookup( "cn=User1,ou=system" );
+         
+                 assertNotNull( entry );
+                 assertTrue( entry.containsAttribute( "userPassword" ) );
+                 Attribute userPassword = entry.get( "userPassword" );
+                 
+                 assertNull( PasswordUtil.findAlgorithm( userPassword.getBytes() ) );
+         
+                 assertEquals( 2, userPassword.size() );
+                 assertTrue( userPassword.contains( "secret1", "other" ) );
+             }
+         }
+     }
+ 
+     
+     /**
+      * Modify an existing user password with an admin account:
+      * o the userIdentity is provided
+      * o the old password is not provided
+      * o the new password is new
+      * o the entry has a userPassword attribute
+      * o the userPassword attribute contains two values
+      * 
+      * At the end, we will have only one password remaining
+      * 
+      * At the same time, PP and passwordHashing interceptor are disabled
+      */
+     @Test
+     public void testAdminPasswordModify2PassworsdNoOldNew() throws Exception
      {
-         // Create a user
          try ( LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer()
) )
          {
-             addUser( adminConnection, "User1", "secret1" );
-     
+             // Create a user
+             addUser2Passwords( adminConnection, "User1", "secret1", "other" );
+ 
+             Entry user = adminConnection.lookup( "cn=User1,ou=system", "userPassword", "modifyTimestamp"
);
+ 
              // Now change the password
              PasswordModifyRequest pwdModifyRequest = new PasswordModifyRequestImpl();
              pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User1,ou=system"
) );
              pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret1Bis" ) );
-     
+ 
 -            
              // Send the request
              PasswordModifyResponse pwdModifyResponse = ( PasswordModifyResponse ) adminConnection.extended(
pwdModifyRequest );
      


Mime
View raw message