Example 81 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class AbstractIntegrationTest method assertUserPassword.
protected void assertUserPassword(PrismObject<UserType> user, String expectedClearPassword, CredentialsStorageTypeType storageType) throws EncryptionException, SchemaException {
UserType userType = user.asObjectable();
CredentialsType creds = userType.getCredentials();
assertNotNull("No credentials in " + user, creds);
PasswordType password = creds.getPassword();
assertNotNull("No password in " + user, password);
ProtectedStringType protectedActualPassword = password.getValue();
assertProtectedString("Password for " + user, expectedClearPassword, protectedActualPassword, storageType);
}
Also used :
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
Example 82 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class AbstractIntegrationTest method assertPassword.
protected void assertPassword(ShadowType shadow, String expectedPassword) throws SchemaException, EncryptionException {
CredentialsType credentials = shadow.getCredentials();
assertNotNull("No credentials in " + shadow, credentials);
PasswordType password = credentials.getPassword();
assertNotNull("No password in " + shadow, password);
ProtectedStringType passwordValue = password.getValue();
assertNotNull("No password value in " + shadow, passwordValue);
protector.decrypt(passwordValue);
assertEquals("Wrong password in " + shadow, expectedPassword, passwordValue.getClearValue());
}
Also used :
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
Example 83 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class AbstractAdLdapMultidomainTest method test620ModifyUserSubmanPassword.
@Test
public void test620ModifyUserSubmanPassword() throws Exception {
final String TEST_NAME = "test620ModifyUserSubmanPassword";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = taskManager.createTaskInstance(this.getClass().getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
ProtectedStringType userPasswordPs = new ProtectedStringType();
userPasswordPs.setClearValue("SuB.321");
// WHEN
TestUtil.displayWhen(TEST_NAME);
modifyUserReplace(USER_SUBMAN_OID, new ItemPath(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE), task, result, userPasswordPs);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
Entry entry = assertLdapSubAccount(USER_SUBMAN_USERNAME, USER_SUBMAN_FULL_NAME);
assertAttribute(entry, "title", "Underdog");
assertLdapPassword(getSubLdapConnectionConfig(), USER_SUBMAN_USERNAME, USER_SUBMAN_FULL_NAME, "SuB.321");
assertAttribute(entry, ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, "512");
PrismObject<UserType> user = getUser(USER_SUBMAN_OID);
String shadowOid = getSingleLinkOid(user);
assertEquals("Shadows have moved", accountSubmanOid, shadowOid);
// assertLdapConnectorInstances(2);
}
Also used :
Task(com.evolveum.midpoint.task.api.Task)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Test(org.testng.annotations.Test)
Example 84 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class TestSanityLegacy method test502NotifyChangeModifyAccountPassword.
@Test
public void test502NotifyChangeModifyAccountPassword() throws Exception {
TestUtil.displayTestTile("test502NotifyChangeModifyAccountPassword");
OperationResult parentResult = new OperationResult("test500notifyChange.addAngelicaAccount");
PrismObject<UserType> userAngelika = findUserByUsername(ANGELIKA_NAME);
assertNotNull("User with the name angelika must exist.", userAngelika);
UserType user = userAngelika.asObjectable();
assertNotNull("User with the name angelika must have one link ref.", user.getLinkRef());
assertEquals("Expected one account ref in user", 1, user.getLinkRef().size());
String oid = user.getLinkRef().get(0).getOid();
// PrismObject<ShadowType> angelicaAcc = modelService.getObject(ShadowType.class, oid, null, taskManager.createTaskInstance(), parentResult);
// ShadowType angelicaShadowType = angelicaAcc.asObjectable();
String newPassword = "newPassword";
// ProtectedStringType decrypted= ModelClientUtil.createProtectedString(newPassword);
// protector.encrypt(decrypted);
// angelicaShadowType.getCredentials().getPassword().setValue(decrypted);
ResourceObjectShadowChangeDescriptionType changeDescription = new ResourceObjectShadowChangeDescriptionType();
ObjectDeltaType delta = new ObjectDeltaType();
delta.setChangeType(ChangeTypeType.MODIFY);
delta.setObjectType(ShadowType.COMPLEX_TYPE);
Document doc = DOMUtil.getDocument();
ItemDeltaType passwordDelta = new ItemDeltaType();
passwordDelta.setModificationType(ModificationTypeType.REPLACE);
passwordDelta.setPath(ModelClientUtil.createItemPathType("credentials/password/value"));
RawType passwordValue = new RawType(((PrismContextImpl) prismContext).getBeanMarshaller().marshall(ModelClientUtil.createProtectedString(newPassword)), prismContext);
passwordDelta.getValue().add(passwordValue);
// ItemDeltaType mod1 = new ItemDeltaType();
// mod1.setModificationType(ModificationTypeType.REPLACE);
// ModelClientUtil.createProtectedString(clearValue)
// XPathHolder xpath = new XPathHolder(SchemaConstants.PATH_PASSWORD);
// Element path = xpath.toElement(SchemaConstantsGenerated.NS_TYPES, "path");
// mod1.setPath(path);
// String newPassword = "newPassword";
// ItemDeltaType.Value value = new ItemDeltaType.Value();
// Document doc = DOMUtil.getDocument();
// Element el = DOMUtil.createElement(doc, SchemaConstantsGenerated.C_VALUE);
// Element passwdEl = DOMUtil.createElement(doc, new QName(SchemaConstants.NS_C, "clearValue"));
// passwdEl.setTextContent(newPassword);
// el.appendChild(passwdEl);
// value.getAny().add(el);
// mod1.setValue(value);
// delta.getModification().add(mod1);
delta.getItemDelta().add(passwordDelta);
delta.setOid(oid);
LOGGER.info("item delta: {}", SchemaDebugUtil.prettyPrint(passwordDelta));
LOGGER.info("delta: {}", DebugUtil.dump(passwordDelta));
changeDescription.setObjectDelta(delta);
changeDescription.setOldShadowOid(oid);
// changeDescription.setCurrentShadow(angelicaShadowType);
changeDescription.setChannel(SchemaConstants.CHANNEL_WEB_SERVICE_URI);
TaskType task = modelWeb.notifyChange(changeDescription);
OperationResult result = OperationResult.createOperationResult(task.getResult());
display(result);
assertSuccess(result);
PrismObject<UserType> userAngelikaAfterSync = findUserByUsername(ANGELIKA_NAME);
assertNotNull("User with the name angelika must exist.", userAngelikaAfterSync);
assertPassword(userAngelikaAfterSync, newPassword);
// UserType userAfterSync = userAngelikaAfterSync.asObjectable();
// PrismAsserts.assertEqualsPolyString("wrong given name in user angelika", PrismTestUtil.createPolyStringType("newAngelika"), userAfterSync.getGivenName());
}
Also used :
ObjectDeltaType(com.evolveum.prism.xml.ns._public.types_3.ObjectDeltaType)
TaskType(com.evolveum.midpoint.xml.ns._public.common.common_3.TaskType)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
PrismAsserts.assertEqualsPolyString(com.evolveum.midpoint.prism.util.PrismAsserts.assertEqualsPolyString)
RawType(com.evolveum.prism.xml.ns._public.types_3.RawType)
ResourceObjectShadowChangeDescriptionType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectShadowChangeDescriptionType)
Document(org.w3c.dom.Document)
UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)
ItemDeltaType(com.evolveum.prism.xml.ns._public.types_3.ItemDeltaType)
Test(org.testng.annotations.Test)
AbstractModelIntegrationTest(com.evolveum.midpoint.model.test.AbstractModelIntegrationTest)
Example 85 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class TestWSSecurity method test162ChangeDarthAdderPasswordViolatesPolicy.
@Test
public void test162ChangeDarthAdderPasswordViolatesPolicy() throws Exception {
final String TEST_NAME = "test162ChangeDarthAdderPasswordViolatesPolicy";
displayTestTitle(TEST_NAME);
LogfileTestTailer tailer = createLogTailer();
ProtectedStringType protectedString = ModelClientUtil.createProtectedString("x");
ObjectDeltaListType deltaList = ModelClientUtil.createModificationDeltaList(UserType.class, USER_DARTHADDER_OID, "credentials/password/value", ModificationTypeType.REPLACE, protectedString);
try {
// WHEN
modelPort.executeChanges(deltaList, null);
AssertJUnit.fail("Unexpected success");
} catch (FaultMessage e) {
assertFaultMessage(e, PolicyViolationFaultType.class, "password does not satisfy password policies");
}
// THEN
tailer.tail();
displayAudit(tailer);
assertAuditLoginLogout(tailer);
assertAuditIds(tailer);
assertAuditOperation(tailer, "MODIFY_OBJECT", OperationResultStatusType.FATAL_ERROR, "password does not satisfy password policies");
tailer.assertAudit(4);
UserType user = getObject(UserType.class, USER_DARTHADDER_OID);
display(user);
PasswordType dartAdderPassword = user.getCredentials().getPassword();
assertEquals("Password of DarthAdder has changed", ModelClientUtil.marshallToSting(new QName("http://whatever/", "fake"), dartAdderLastPassword, false), ModelClientUtil.marshallToSting(new QName("http://whatever/", "fake"), dartAdderPassword, false));
assertPasswordModifyMetadata(user, USER_DARTHADDER_OID, dartAdderLastPasswordChangeStartTs, dartAdderLastPasswordChangeEndTs);
}
Also used :
LogfileTestTailer(com.evolveum.midpoint.test.util.LogfileTestTailer)
FaultMessage(com.evolveum.midpoint.xml.ns._public.common.fault_3.FaultMessage)
QName(javax.xml.namespace.QName)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
ObjectDeltaListType(com.evolveum.midpoint.xml.ns._public.common.api_types_3.ObjectDeltaListType)
UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)
PasswordType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType)
PolicyViolationFaultType(com.evolveum.midpoint.xml.ns._public.common.fault_3.PolicyViolationFaultType)
Test(org.testng.annotations.Test)
Aggregations
ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)120
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)48
Test (org.testng.annotations.Test)48
Task (com.evolveum.midpoint.task.api.Task)39
UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)25
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)24
QName (javax.xml.namespace.QName)20
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)18
PasswordType (com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType)18
CredentialsType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType)15
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)13
ObjectDelta (com.evolveum.midpoint.prism.delta.ObjectDelta)11
ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)10
AbstractInitializedModelIntegrationTest (com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest)9
AbstractModelIntegrationTest (com.evolveum.midpoint.model.test.AbstractModelIntegrationTest)9
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)9
MapXNode (com.evolveum.midpoint.prism.xnode.MapXNode)9
Document (org.w3c.dom.Document)8
ArrayList (java.util.ArrayList)7
Entry (org.apache.directory.api.ldap.model.entry.Entry)7
