You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2013/08/13 16:51:14 UTC
svn commit: r1513518 - in /directory/apacheds/trunk:
protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/extended/PwdModifyHandler.java
server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyIT.java
Author: elecharny
Date: Tue Aug 13 14:51:14 2013
New Revision: 1513518
URL: http://svn.apache.org/r1513518
Log:
o Fixed the pwdModify tests
o Generated a UNWILLING_TO_PERFORM error when we try to generate a new password on the server
Modified:
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/extended/PwdModifyHandler.java
directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyIT.java
Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/extended/PwdModifyHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/extended/PwdModifyHandler.java?rev=1513518&r1=1513517&r2=1513518&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/extended/PwdModifyHandler.java (original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/extended/PwdModifyHandler.java Tue Aug 13 14:51:14 2013
@@ -149,6 +149,19 @@ public class PwdModifyHandler implements
modifications.add( modification );
}
+ else
+ {
+ // In this case, we could either generate a new password, or return an error
+ // Atm, we will return an unwillingToPerform error
+ LOG.error( "Cannot create a new password for user " + userDn + ", exception : " + userDn );
+
+ // We can't modify the password
+ requestor.getIoSession().write( new PwdModifyResponseImpl(
+ req.getMessageId(), ResultCodeEnum.UNWILLING_TO_PERFORM, "Cannot generate a new password for user "
+ + userDn ) );
+
+ return;
+ }
modifyContext.setModItems( modifications );
Modified: directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyIT.java?rev=1513518&r1=1513517&r2=1513518&view=diff
==============================================================================
--- directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyIT.java (original)
+++ directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/operations/extended/PwdModifyIT.java Tue Aug 13 14:51:14 2013
@@ -184,15 +184,15 @@ public class PwdModifyIT extends Abstrac
{
LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer() );
- addUser( adminConnection, "User", "secret" );
+ addUser( adminConnection, "User1", "secret1" );
// Bind as the user
- LdapConnection userConnection = getNetworkConnectionAs( getLdapServer(), "cn=user,ou=system", "secret" );
+ LdapConnection userConnection = getNetworkConnectionAs( getLdapServer(), "cn=user1,ou=system", "secret1" );
userConnection.setTimeOut( 0L );
// Now change the password
PwdModifyRequestImpl pwdModifyRequest = new PwdModifyRequestImpl();
- pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secretBis" ) );
+ pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret1Bis" ) );
// Send the request
PwdModifyResponse pwdModifyResponse = ( PwdModifyResponse ) userConnection.extended( pwdModifyRequest );
@@ -200,9 +200,9 @@ public class PwdModifyIT extends Abstrac
assertEquals( ResultCodeEnum.SUCCESS, pwdModifyResponse.getLdapResult().getResultCode() );
// Now try to bind with the new password
- userConnection = getNetworkConnectionAs( ldapServer, "cn=User,ou=system", "secretBis" );
+ userConnection = getNetworkConnectionAs( ldapServer, "cn=User1,ou=system", "secret1Bis" );
- Entry entry = userConnection.lookup( "cn=User,ou=system" );
+ Entry entry = userConnection.lookup( "cn=User1,ou=system" );
assertNotNull( entry );
@@ -219,11 +219,11 @@ public class PwdModifyIT extends Abstrac
{
LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer() );
- addUser( adminConnection, "User1", "secret1" );
+ addUser( adminConnection, "User2", "secret2" );
- LdapConnection userConnection = getNetworkConnectionAs( ldapServer, "cn=User1,ou=system", "secret1" );
+ LdapConnection userConnection = getNetworkConnectionAs( ldapServer, "cn=User2,ou=system", "secret2" );
- Entry entry = userConnection.lookup( "cn=User1,ou=system" );
+ Entry entry = userConnection.lookup( "cn=User2,ou=system" );
assertNotNull( entry );
@@ -235,9 +235,9 @@ public class PwdModifyIT extends Abstrac
// Now change the password
PwdModifyRequestImpl pwdModifyRequest = new PwdModifyRequestImpl();
- pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User1,ou=system" ) );
- pwdModifyRequest.setOldPassword( Strings.getBytesUtf8( "secret1" ) );
- pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret1Bis" ) );
+ pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User2,ou=system" ) );
+ pwdModifyRequest.setOldPassword( Strings.getBytesUtf8( "secret2" ) );
+ pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret2Bis" ) );
// Send the request
PwdModifyResponse pwdModifyResponse = ( PwdModifyResponse ) anonymousConnection.extended( pwdModifyRequest );
@@ -245,9 +245,9 @@ public class PwdModifyIT extends Abstrac
assertEquals( ResultCodeEnum.SUCCESS, pwdModifyResponse.getLdapResult().getResultCode() );
// Check that we can now bind using the new credentials
- userConnection = getNetworkConnectionAs( ldapServer, "cn=User1,ou=system", "secret1Bis" );
+ userConnection = getNetworkConnectionAs( ldapServer, "cn=User2,ou=system", "secret2Bis" );
- entry = userConnection.lookup( "cn=User1,ou=system" );
+ entry = userConnection.lookup( "cn=User2,ou=system" );
assertNotNull( entry );
@@ -267,12 +267,12 @@ public class PwdModifyIT extends Abstrac
policyConfig.setPwdCheckQuality( CheckQualityEnum.CHECK_ACCEPT ); // allow the password if its quality can't be checked
LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer() );
- addUser( adminConnection, "User2", "secret2" );
- Dn userDn = new Dn( "cn=User2,ou=system" );
+ addUser( adminConnection, "User3", "secret3" );
+ Dn userDn = new Dn( "cn=User3,ou=system" );
- LdapConnection userConnection = getNetworkConnectionAs( ldapServer, "cn=User2,ou=system", "secret2" );
+ LdapConnection userConnection = getNetworkConnectionAs( ldapServer, "cn=User3,ou=system", "secret3" );
- Entry entry = userConnection.lookup( "cn=User2,ou=system" );
+ Entry entry = userConnection.lookup( "cn=User3,ou=system" );
assertNotNull( entry );
@@ -280,7 +280,7 @@ public class PwdModifyIT extends Abstrac
// almost lock the user now
checkBind( userConnection, userDn, "badPassword", 2,
- "INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user cn=User2,ou=system" );
+ "INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user cn=User3,ou=system" );
// Bind as the user
LdapConnection anonymousConnection = getAnonymousNetworkConnection( getLdapServer() );
@@ -288,9 +288,9 @@ public class PwdModifyIT extends Abstrac
// Now change the password
PwdModifyRequestImpl pwdModifyRequest = new PwdModifyRequestImpl();
- pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User2,ou=system" ) );
- pwdModifyRequest.setOldPassword( Strings.getBytesUtf8( "secret2" ) );
- pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret2Bis" ) );
+ pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User3,ou=system" ) );
+ pwdModifyRequest.setOldPassword( Strings.getBytesUtf8( "secret3" ) );
+ pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret3Bis" ) );
// Send the request
PwdModifyResponse pwdModifyResponse = ( PwdModifyResponse ) anonymousConnection.extended( pwdModifyRequest );
@@ -298,15 +298,15 @@ public class PwdModifyIT extends Abstrac
assertEquals( ResultCodeEnum.SUCCESS, pwdModifyResponse.getLdapResult().getResultCode() );
// Check that we can now bind using the new credentials
- userConnection = getNetworkConnectionAs( ldapServer, "cn=User2,ou=system", "secret2Bis" );
+ userConnection = getNetworkConnectionAs( ldapServer, "cn=User3,ou=system", "secret3Bis" );
- entry = userConnection.lookup( "cn=User2,ou=system" );
+ entry = userConnection.lookup( "cn=User3,ou=system" );
assertNotNull( entry );
// almost lock the user now, the count should be reset
checkBind( userConnection, userDn, "badPassword", 2,
- "INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user cn=User2,ou=system" );
+ "INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user cn=User3,ou=system" );
userConnection.close();
anonymousConnection.close();
@@ -322,14 +322,14 @@ public class PwdModifyIT extends Abstrac
{
LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer() );
- addUser( adminConnection, "User3", "secret3" );
+ addUser( adminConnection, "User4", "secret4" );
// Modify the user with the admin account
// Now change the password
PwdModifyRequestImpl pwdModifyRequest = new PwdModifyRequestImpl();
- pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User3,ou=system" ) );
- pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret3Bis" ) );
+ pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User4,ou=system" ) );
+ pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret4Bis" ) );
// Send the request
PwdModifyResponse pwdModifyResponse = ( PwdModifyResponse ) adminConnection.extended( pwdModifyRequest );
@@ -337,13 +337,67 @@ public class PwdModifyIT extends Abstrac
assertEquals( ResultCodeEnum.SUCCESS, pwdModifyResponse.getLdapResult().getResultCode() );
// Now try to bind with the new password
- LdapConnection userConnection = getNetworkConnectionAs( ldapServer, "cn=User3,ou=system", "secret3Bis" );
+ LdapConnection userConnection = getNetworkConnectionAs( ldapServer, "cn=User4,ou=system", "secret4Bis" );
- Entry entry = userConnection.lookup( "cn=User3,ou=system" );
+ Entry entry = userConnection.lookup( "cn=User4,ou=system" );
assertNotNull( entry );
userConnection.close();
adminConnection.close();
}
+
+
+ /**
+ * Modify an existing user password with a bad account
+ */
+ @Test
+ public void testAdminModifyPasswordBadUser() throws Exception
+ {
+ LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer() );
+
+ addUser( adminConnection, "User5", "secret5" );
+
+ // Modify the user with the admin account
+
+ // Now change the password
+ PwdModifyRequestImpl pwdModifyRequest = new PwdModifyRequestImpl();
+ pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=baduser,ou=system" ) );
+ pwdModifyRequest.setNewPassword( Strings.getBytesUtf8( "secret5Bis" ) );
+
+ // Send the request
+ PwdModifyResponse pwdModifyResponse = ( PwdModifyResponse ) adminConnection.extended( pwdModifyRequest );
+
+ assertEquals( ResultCodeEnum.NO_SUCH_OBJECT, pwdModifyResponse.getLdapResult().getResultCode() );
+ assertEquals( "Cannot find an entry for DN cn=baduser,ou=system", pwdModifyResponse.getLdapResult()
+ .getDiagnosticMessage() );
+
+ adminConnection.close();
+ }
+
+
+ /**
+ * Test that the server generates a new password when required
+ */
+ @Test
+ public void testAdminGenPassword() throws Exception
+ {
+ LdapConnection adminConnection = getAdminNetworkConnection( getLdapServer() );
+
+ addUser( adminConnection, "User6", "secret6" );
+
+ // Modify the user with the admin account
+
+ // Now request a new password
+ PwdModifyRequestImpl pwdModifyRequest = new PwdModifyRequestImpl();
+ pwdModifyRequest.setUserIdentity( Strings.getBytesUtf8( "cn=User6,ou=system" ) );
+
+ // Send the request
+ PwdModifyResponse pwdModifyResponse = ( PwdModifyResponse ) adminConnection.extended( pwdModifyRequest );
+
+ // We should not be allowed to do that, as the operation is not yet implemented
+ assertEquals( ResultCodeEnum.UNWILLING_TO_PERFORM, pwdModifyResponse.getLdapResult().getResultCode() );
+
+ adminConnection.close();
+ }
}