1 13 14 package se.anatom.ejbca.ra.raadmin; 15 16 import junit.framework.TestCase; 17 18 import org.apache.log4j.Level; 19 import org.apache.log4j.Logger; 20 import org.ejbca.core.model.SecConst; 21 import org.ejbca.core.model.ra.raadmin.EndEntityProfile; 22 import org.ejbca.core.model.ra.raadmin.UserDoesntFullfillEndEntityProfile; 23 import org.ejbca.util.dn.DnComponents; 24 25 26 27 32 public class TestUserFullfillEndEntityProfile extends TestCase { 33 private static Logger log = Logger.getLogger(TestUserFullfillEndEntityProfile.class); 34 35 36 41 public TestUserFullfillEndEntityProfile(String name) { 42 super(name); 43 } 44 45 protected void setUp() throws Exception { 46 log.debug(">setUp()"); 47 log.setLevel(Level.DEBUG); 48 log.debug("<setUp()"); 49 } 50 51 protected void tearDown() throws Exception { 52 } 53 54 59 public void test01fulfillEndEntityProfiles() throws Exception { 60 log.debug(">test01fulfillEndEntityProfiles()"); 61 62 EndEntityProfile profile = new EndEntityProfile(); 63 64 int testca1 = 2; 66 int testca2 = 3; 67 68 profile.addField(DnComponents.ORGANIZATIONUNIT); 70 profile.addField(DnComponents.ORGANIZATIONUNIT); 71 profile.addField(DnComponents.COUNTRY); 72 73 profile.setRequired(DnComponents.ORGANIZATIONUNIT,0,true); 74 profile.setRequired(DnComponents.ORGANIZATIONUNIT,1,true); 75 76 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,0,false); 77 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,1,false); 78 profile.setModifyable(DnComponents.COUNTRY,0,false); 79 80 profile.setValue(DnComponents.ORGANIZATIONUNIT,0,"DEP1_1;DEP1_2"); 81 profile.setValue(DnComponents.ORGANIZATIONUNIT,1,"DEP2_1;DEP2_2"); 82 profile.setValue(DnComponents.COUNTRY,0,"SE;DK"); 83 84 profile.setValue(EndEntityProfile.AVAILCAS,0,""+testca1); 85 86 87 try{ 89 profile.doesUserFullfillEndEntityProfile("username","password","blabla","","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 90 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 91 assertTrue("Profile does not check DN at all.", false); 92 }catch(UserDoesntFullfillEndEntityProfile e){ 93 log.debug("End Entity Fulfill Profile Test 1 " + " = OK"); 94 } 95 96 try{ 98 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 99 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 100 log.debug("End Entity Profile Fulfill Test 2 " + " = OK"); 101 }catch(UserDoesntFullfillEndEntityProfile e){ 102 assertTrue(e.getMessage(), false); 103 } 104 105 try{ 107 profile.doesUserFullfillEndEntityProfile("","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 108 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 109 assertTrue("UserName is not checked even though it's required", false); 110 }catch(UserDoesntFullfillEndEntityProfile e){ 111 log.debug("End Entity Profile Fulfill Test 3 " + e.getMessage() + " = OK"); 112 } 113 114 try{ 116 profile.doesUserFullfillEndEntityProfile("username","","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 117 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 118 assertTrue("Password is not checked even though it's required", false); 119 }catch(UserDoesntFullfillEndEntityProfile e){ 120 log.debug("End Entity Profile Test Fulfill 4 " + e.getMessage() + " = OK"); 121 } 122 123 try{ 125 profile.doesUserFullfillEndEntityProfile("username","password","OU=DEP1_1,OU=DEP2_1,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 126 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 127 assertTrue("Error Required CN field wasn't checked", false); 128 }catch(UserDoesntFullfillEndEntityProfile e){ 129 log.debug("End Entity Fulfill Profile Test 5 " + e.getMessage() + " = OK"); 130 } 131 132 try{ 134 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP2_1,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 135 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 136 assertTrue("Error Required OU field wasn't checked", false); 137 }catch(UserDoesntFullfillEndEntityProfile e){ 138 log.debug("End Entity Fulfill Profile Test 6 " + e.getMessage() + " = OK"); 139 } 140 141 try{ 143 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_3,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 144 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 145 assertTrue("Error value of second OU field wasn't checked", false); 146 }catch(UserDoesntFullfillEndEntityProfile e){ 147 log.debug("End Entity Fulfill Profile Test 7 " + e.getMessage()+ " = OK"); 148 } 149 150 try{ 152 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_2","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 153 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 154 log.debug("End Entity Fulfill Profile Test 8 " + " = OK"); 155 }catch(UserDoesntFullfillEndEntityProfile e){ 156 assertTrue(e.getMessage(), false); 157 } 158 159 try{ 161 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_2, C=NO","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 162 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 163 assertTrue("Inproper check of C value.", false); 164 }catch(UserDoesntFullfillEndEntityProfile e){ 165 log.debug("End Entity Fulfill Profile Test 9 " + e.getMessage() + " = OK"); 166 } 167 168 profile.addField(DnComponents.RFC822NAME); 170 profile.addField(DnComponents.DNSNAME); 171 profile.addField(DnComponents.UPN); 172 profile.addField(DnComponents.IPADDRESS); 173 174 profile.setRequired(DnComponents.RFC822NAME,0,true); 175 profile.setRequired(DnComponents.DNSNAME,0,true); 176 profile.setRequired(DnComponents.UPN,0,true); 177 profile.setRequired(DnComponents.IPADDRESS,0,true); 178 179 profile.setModifyable(DnComponents.RFC822NAME,0,false); 180 profile.setModifyable(DnComponents.DNSNAME,0,false); 181 profile.setModifyable(DnComponents.UPN,0,false); 182 profile.setModifyable(DnComponents.IPADDRESS,0,true); 183 184 185 profile.setValue(DnComponents.DNSNAME,0,"test.primekey.se"); 186 profile.setValue(DnComponents.UPN,0,"test.com;primekey.se"); 187 profile.setValue(DnComponents.IPADDRESS,0,"11.11.1.1"); 188 189 profile.setRequired(EndEntityProfile.EMAIL,0,true); 190 profile.setModifyable(EndEntityProfile.EMAIL,0,false); 191 profile.setValue(EndEntityProfile.EMAIL,0,"test.com;primekey.se"); 192 193 try{ 195 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","blabla","","test@test.com",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 196 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 197 assertTrue("Profile does not check altname at all.", false); 198 }catch(UserDoesntFullfillEndEntityProfile e){ 199 log.debug("End Entity Fulfill Profile Test 10 " + " = OK"); 200 } 201 202 try{ 204 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","RFC822NAME=test@test.com, dnsname=test.primekey.se, Upn=test@primekey.se, ipaddress=11.11.1.2","","test@test.com",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 205 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 206 log.debug("End Entity Profile Fulfill Test 11 " + " = OK"); 207 }catch(UserDoesntFullfillEndEntityProfile e){ 208 assertTrue(e.getMessage(), false); 209 } 210 211 212 try{ 214 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","dnsname=test.primekey.se, Upn=test@primekey.se, ipaddress=11.11.1.2","","test@test.com",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 215 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 216 assertTrue("Error Required RFC822NAME field wasn't checked", false); 217 }catch(UserDoesntFullfillEndEntityProfile e){ 218 log.debug("End Entity Fulfill Profile Test 12 " + e.getMessage() + " = OK"); 219 } 220 221 try{ 223 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE", "rfc822name=test@test.com, rfc822name=test@primekey.se, dnsname=test.primekey.se, Upn=test@primekey.se, ipaddress=11.11.1.2","","test@test.com",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 224 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 225 assertTrue("To many RFC822 names fields wasn't checked", false); 226 }catch(UserDoesntFullfillEndEntityProfile e){ 227 log.debug("End Entity Fulfill Profile Test 13 " + e.getMessage() + " = OK"); 228 } 229 230 try{ 232 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE", "rfc822name=test@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se, ipaddress=11.11.1.2","","test@test.com",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 233 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 234 log.debug("End Entity Fulfill Profile Test 14 = OK"); 235 }catch(UserDoesntFullfillEndEntityProfile e){ 236 assertTrue("Not only domains of RFC822NAME and UPN where checked: " + e.getMessage() , false); 237 } 238 239 try{ 241 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test@test.com, dnsname=test2.primekey.se, Upn=test12@primekey.se, ipaddress=11.11.1.2","","test@test.com",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 242 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 243 assertTrue("Error value of DNS not checked.", false); 244 }catch(UserDoesntFullfillEndEntityProfile e){ 245 log.debug("End Entity Fulfill Profile Test 15 " + e.getMessage()+ " = OK"); 246 } 247 248 try{ 250 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 251 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 252 assertTrue("Error not checking number of IPADDRESS properly.", false); 253 }catch(UserDoesntFullfillEndEntityProfile e){ 254 log.debug("End Entity Fulfill Profile Test 16 " + " = OK"); 255 256 } 257 258 259 try{ 261 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se, ipaddress=11.11.1.1","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 262 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 263 assertTrue("Inproper check of email field.", false); 264 }catch(UserDoesntFullfillEndEntityProfile e){ 265 log.debug("End Entity Fulfill Profile Test 17 " + e.getMessage() + " = OK"); 266 } 267 268 try{ 270 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se, ipaddress=11.11.1.1","","null",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 271 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 272 assertTrue("Inproper check of email field.", false); 273 }catch(UserDoesntFullfillEndEntityProfile e){ 274 log.debug("End Entity Fulfill Profile Test 18 " + e.getMessage() + " = OK"); 275 } 276 277 try{ 279 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se,ipaddress=11.11.1.1","",null,SecConst.CERTPROFILE_FIXED_ENDUSER, false, 280 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 281 assertTrue("Inproper check of email field.", false); 282 }catch(UserDoesntFullfillEndEntityProfile e){ 283 log.debug("End Entity Fulfill Profile Test 19 " + e.getMessage() + " = OK"); 284 } 285 286 try{ 288 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test11@test1.com, dnsname=test.primekey.se, Upn=test12@primekey.se,ipaddress=11.11.1.1","","test11@test1.com",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 289 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 290 assertTrue("Inproper check of email field values.", false); 291 }catch(UserDoesntFullfillEndEntityProfile e){ 292 log.debug("End Entity Fulfill Profile Test 20 " + e.getMessage() + " = OK"); 293 } 294 295 profile.setValue(EndEntityProfile.AVAILCERTPROFILES,0, SecConst.CERTPROFILE_FIXED_ENDUSER + ";" + SecConst.CERTPROFILE_FIXED_SUBCA); 296 297 try{ 299 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test11@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se,ipaddress=11.11.1.1","","test11@test.com",SecConst.CERTPROFILE_FIXED_ROOTCA, false, 300 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 301 assertTrue("Inproper check of certificate profile values.", false); 302 }catch(UserDoesntFullfillEndEntityProfile e){ 303 log.debug("End Entity Fulfill Profile Test 21 " + e.getMessage() + " = OK"); 304 } 305 306 profile.setUse(EndEntityProfile.ADMINISTRATOR,0, true); 307 profile.setValue(EndEntityProfile.ADMINISTRATOR,0, EndEntityProfile.TRUE); 308 profile.setRequired(EndEntityProfile.ADMINISTRATOR,0, true); 309 profile.setModifyable(EndEntityProfile.ADMINISTRATOR,0, true); 310 311 try{ 313 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test11@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se,ipaddress=11.11.1.1","","test11@test.com",SecConst.CERTPROFILE_FIXED_SUBCA, false, 314 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 315 assertTrue("Inproper check of administrator flag.", false); 316 }catch(UserDoesntFullfillEndEntityProfile e){ 317 log.debug("End Entity Fulfill Profile Test 22 " + e.getMessage() + " = OK"); 318 } 319 320 try{ 322 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test11@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se,ipaddress=11.11.1.1","","test11@test.com",SecConst.CERTPROFILE_FIXED_SUBCA, false, 323 true, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 324 log.debug("End Entity Fulfill Profile Test 23 = OK"); 325 }catch(UserDoesntFullfillEndEntityProfile e){ 326 assertTrue("Inproper check of administrator flag. " + e.getMessage(), false); 327 } 328 329 try{ 331 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,C=SE","rfc822name=test11@test.com, dnsname=test.primekey.se, Upn=test12@primekey.se,ipaddress=11.11.1.1","","test11@test.com",SecConst.CERTPROFILE_FIXED_SUBCA, false, 332 true, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca2); 333 assertTrue("Inproper check of available ca's.", false); 334 }catch(UserDoesntFullfillEndEntityProfile e){ 335 log.debug("End Entity Fulfill Profile Test 24 " + e.getMessage() + " = OK"); 336 } 337 338 339 profile = new EndEntityProfile(); 341 342 343 profile.addField(DnComponents.ORGANIZATIONUNIT); 345 profile.addField(DnComponents.ORGANIZATIONUNIT); 346 profile.addField(DnComponents.ORGANIZATIONUNIT); 347 profile.addField(DnComponents.COUNTRY); 348 349 profile.setRequired(DnComponents.ORGANIZATIONUNIT,0,true); 350 profile.setRequired(DnComponents.ORGANIZATIONUNIT,1,true); 351 profile.setRequired(DnComponents.ORGANIZATIONUNIT,2,false); 352 353 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,0,false); 354 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,1,false); 355 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,2,true); 356 profile.setModifyable(DnComponents.COUNTRY,0,false); 357 358 profile.setValue(DnComponents.ORGANIZATIONUNIT,0,"DEP1_1;DEP1_2"); 359 profile.setValue(DnComponents.ORGANIZATIONUNIT,1,"DEP2_1;DEP2_2"); 360 profile.setValue(DnComponents.ORGANIZATIONUNIT,2,"DEP3_1;DEP3_2"); 361 profile.setValue(DnComponents.COUNTRY,0,"SE;DK"); 362 363 profile.setValue(EndEntityProfile.AVAILCAS,0,""+testca1); 364 365 try{ 367 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_2,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 368 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 369 log.debug("End Entity Fulfill Profile Test 25 = OK"); 370 }catch(UserDoesntFullfillEndEntityProfile e){ 371 assertTrue("Error Required OU fields wasn't checked propertly: " + e.getMessage(), false); 372 373 } 374 375 try{ 377 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_2,OU=DEP3_1,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 378 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 379 log.debug("End Entity Fulfill Profile Test 26 = OK"); 380 }catch(UserDoesntFullfillEndEntityProfile e){ 381 assertTrue("Error Required OU fields wasn't checked propertly: " + e.getMessage(), false); 382 } 383 384 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,2,false); 385 try{ 387 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_2,OU=DEP3_1,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 388 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 389 log.debug("End Entity Fulfill Profile Test 27 = OK"); 390 }catch(UserDoesntFullfillEndEntityProfile e){ 391 assertTrue("Error Required OU fields wasn't checked propertly: " + e.getMessage(), false); 392 } 393 394 try{ 396 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_2,OU=DEP3_3,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 397 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 398 assertTrue("Error Required OU fields wasn't checked propertly " , false); 399 }catch(UserDoesntFullfillEndEntityProfile e){ 400 log.debug("End Entity Fulfill Profile Test 28 = OK"); 401 } 402 403 profile = new EndEntityProfile(); 406 profile.setReverseFieldChecks(true); 407 408 profile.addField(DnComponents.ORGANIZATIONUNIT); 410 profile.addField(DnComponents.ORGANIZATIONUNIT); 411 profile.addField(DnComponents.ORGANIZATIONUNIT); 412 profile.addField(DnComponents.COUNTRY); 413 414 profile.setRequired(DnComponents.ORGANIZATIONUNIT,0,false); 415 profile.setRequired(DnComponents.ORGANIZATIONUNIT,1,false); 416 profile.setRequired(DnComponents.ORGANIZATIONUNIT,2,true); 417 418 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,0,true); 419 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,1,true); 420 profile.setModifyable(DnComponents.ORGANIZATIONUNIT,2,false); 421 profile.setModifyable(DnComponents.COUNTRY,0,false); 422 423 profile.setValue(DnComponents.ORGANIZATIONUNIT,0,""); 424 profile.setValue(DnComponents.ORGANIZATIONUNIT,1,""); 425 profile.setValue(DnComponents.ORGANIZATIONUNIT,2,"HARD;SOFT"); 426 profile.setValue(DnComponents.COUNTRY,0,"SE;DK"); 427 428 profile.setValue(EndEntityProfile.AVAILCAS,0,""+testca1); 429 430 try{ 432 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 433 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 434 log.debug("End Entity Fulfill Profile Test 29 = OK"); 435 }catch(UserDoesntFullfillEndEntityProfile e){ 436 assertTrue("Error Reverse OU fields wasn't checked propertly: " + e.getMessage(), false); 437 438 } 439 440 try{ 442 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP2_1,OU=HARD,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 443 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 444 log.debug("End Entity Fulfill Profile Test 30 = OK"); 445 }catch(UserDoesntFullfillEndEntityProfile e){ 446 assertTrue("Error Reverse OU fields wasn't checked propertly: " + e.getMessage(), false); 447 448 } 449 450 try{ 452 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,OU=HARD,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 453 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 454 log.debug("End Entity Fulfill Profile Test 31 = OK"); 455 }catch(UserDoesntFullfillEndEntityProfile e){ 456 assertTrue("Error Reverse OU fields wasn't checked propertly: " + e.getMessage(), false); 457 458 } 459 460 try{ 462 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP0_1,OU=DEP1_1,OU=DEP2_1,OU=HARD,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 463 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 464 assertTrue("Error Reverse OU fields wasn't checked propertly" ,false); 465 }catch(UserDoesntFullfillEndEntityProfile e){ 466 log.debug("End Entity Fulfill Profile Test 32 = OK"); 467 468 } 469 470 472 try{ 473 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,OU=HARD2,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 474 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 475 assertTrue("Error Reverse OU fields wasn't checked propertly", false); 476 }catch(UserDoesntFullfillEndEntityProfile e){ 477 log.debug("End Entity Fulfill Profile Test 33 = OK"); 478 479 } 480 481 482 484 try{ 485 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 486 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 487 log.debug("End Entity Fulfill Profile Test 34 = OK"); 488 }catch(UserDoesntFullfillEndEntityProfile e){ 489 assertTrue("Error Reverse OU fields wasn't checked propertly: " + e.getMessage(), false); 490 } 491 492 494 try{ 495 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD2,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 496 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 497 assertTrue("Error Reverse OU fields wasn't checked propertly", false); 498 }catch(UserDoesntFullfillEndEntityProfile e){ 499 log.debug("End Entity Fulfill Profile Test 35 = OK"); 500 501 } 502 503 505 try{ 506 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,C=SE","null","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 507 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 508 assertTrue("Error Reverse OU fields wasn't checked propertly", false); 509 }catch(UserDoesntFullfillEndEntityProfile e){ 510 log.debug("End Entity Fulfill Profile Test 36 = OK"); 511 512 } 513 514 516 517 profile.addField(DnComponents.IPADDRESS); 519 profile.addField(DnComponents.IPADDRESS); 520 profile.addField(DnComponents.IPADDRESS); 521 profile.addField(DnComponents.DNSNAME); 522 523 profile.setRequired(DnComponents.IPADDRESS,0,false); 524 profile.setRequired(DnComponents.IPADDRESS,1,false); 525 profile.setRequired(DnComponents.IPADDRESS,2,true); 526 527 profile.setModifyable(DnComponents.IPADDRESS,0,true); 528 profile.setModifyable(DnComponents.IPADDRESS,1,true); 529 profile.setModifyable(DnComponents.IPADDRESS,2,false); 530 profile.setModifyable(DnComponents.DNSNAME,0,false); 531 532 profile.setValue(DnComponents.IPADDRESS,0,""); 533 profile.setValue(DnComponents.IPADDRESS,1,""); 534 profile.setValue(DnComponents.IPADDRESS,2,"10.1.1.1;10.2.2.2"); 535 profile.setValue(DnComponents.DNSNAME,0,"test1.se;test2.se"); 536 537 538 539 try{ 541 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 542 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 543 log.debug("End Entity Fulfill Profile Test 37 = OK"); 544 }catch(UserDoesntFullfillEndEntityProfile e){ 545 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly: " + e.getMessage(), false); 546 547 } 548 549 try{ 551 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP2_1,OU=HARD,C=SE","dnsname=test1.se,ipaddress=11.1.1.1,ipaddress=10.1.1.1","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 552 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 553 log.debug("End Entity Fulfill Profile Test 38 = OK"); 554 }catch(UserDoesntFullfillEndEntityProfile e){ 555 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly: " + e.getMessage(), false); 556 557 } 558 559 try{ 561 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,OU=HARD,C=SE","dnsname=test1.se,ipaddress=12.1.1.1,ipaddress=11.1.1.1,ipaddress=10.1.1.1","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 562 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 563 log.debug("End Entity Fulfill Profile Test 39 = OK"); 564 }catch(UserDoesntFullfillEndEntityProfile e){ 565 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly: " + e.getMessage(), false); 566 567 } 568 569 try{ 571 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP0_1,OU=DEP1_1,OU=DEP2_1,OU=HARD,C=SE","dnsname=test1.se,ipaddress=12.1.1.1,ipaddress=12.1.1.1,ipaddress=11.1.1.1,ipaddress=10.1.1.1","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 572 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 573 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly" ,false); 574 }catch(UserDoesntFullfillEndEntityProfile e){ 575 log.debug("End Entity Fulfill Profile Test 40 = OK"); 576 577 } 578 579 581 try{ 582 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=DEP1_1,OU=DEP2_1,OU=HARD2,C=SE","dnsname=test1.se,ipaddress=12.1.1.1,ipaddress=11.1.1.1,ipaddress=10.1.1.2","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 583 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 584 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly", false); 585 }catch(UserDoesntFullfillEndEntityProfile e){ 586 log.debug("End Entity Fulfill Profile Test 41 = OK"); 587 588 } 589 590 591 593 try{ 594 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 595 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 596 log.debug("End Entity Fulfill Profile Test 42 = OK"); 597 }catch(UserDoesntFullfillEndEntityProfile e){ 598 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly: " + e.getMessage(), false); 599 } 600 601 603 try{ 604 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD2,C=SE","dnsname=test1.se,ipaddress=11.1.1.1","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 605 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 606 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly", false); 607 }catch(UserDoesntFullfillEndEntityProfile e){ 608 log.debug("End Entity Fulfill Profile Test 43 = OK"); 609 610 } 611 612 614 try{ 615 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,C=SE","dnsname=test1.se","","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 616 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 617 assertTrue("Error Reverse IPADDRESS fields wasn't checked propertly", false); 618 }catch(UserDoesntFullfillEndEntityProfile e){ 619 log.debug("End Entity Fulfill Profile Test 44 = OK"); 620 621 } 622 623 624 profile.addField(DnComponents.DATEOFBIRTH); 627 profile.addField(DnComponents.PLACEOFBIRTH); 628 profile.addField(DnComponents.GENDER); 629 profile.addField(DnComponents.COUNTRYOFCITIZENSHIP); 630 profile.addField(DnComponents.COUNTRYOFRESIDENCE); 631 632 profile.setRequired(DnComponents.DATEOFBIRTH,0,false); 633 profile.setRequired(DnComponents.PLACEOFBIRTH,0,false); 634 profile.setRequired(DnComponents.GENDER,0,false); 635 profile.setRequired(DnComponents.COUNTRYOFCITIZENSHIP,0,false); 636 profile.setRequired(DnComponents.COUNTRYOFRESIDENCE,0,false); 637 638 profile.setModifyable(DnComponents.DATEOFBIRTH,0,true); 639 profile.setModifyable(DnComponents.PLACEOFBIRTH,0,true); 640 profile.setModifyable(DnComponents.GENDER,0,true); 641 profile.setModifyable(DnComponents.COUNTRYOFCITIZENSHIP,0,true); 642 profile.setModifyable(DnComponents.COUNTRYOFRESIDENCE,0,false); 643 644 profile.setValue(DnComponents.DATEOFBIRTH,0,""); 645 profile.setValue(DnComponents.PLACEOFBIRTH,0,""); 646 profile.setValue(DnComponents.GENDER,0,""); 647 profile.setValue(DnComponents.COUNTRYOFCITIZENSHIP,0,""); 648 profile.setValue(DnComponents.COUNTRYOFRESIDENCE,0,"SE"); 649 650 try{ 651 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","CountryOfCitizenship=FOO","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 652 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 653 assertTrue("Error CountryOfCitizenship wasn't checked propertly", false); 654 }catch(UserDoesntFullfillEndEntityProfile e){ 655 assertEquals("Invalid COUNTRYOFCITIZENSHIP. Must be of length two.", e.getMessage()); 656 log.debug("End Entity Fulfill Profile Test 45 = OK"); 657 } 658 try{ 659 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","CountryOfCitizenship=SE, CountryOfResidence=Foo","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 660 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 661 assertTrue("Error CountryOfCitizenship wasn't checked propertly", false); 662 }catch(UserDoesntFullfillEndEntityProfile e){ 663 assertEquals("Invalid COUNTRYOFRESIDENCE. Must be of length two.", e.getMessage()); 664 log.debug("End Entity Fulfill Profile Test 46 = OK"); 665 } 666 try{ 667 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","CountryOfCitizenship=SE, CountryOfResidence=TR","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 668 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 669 assertTrue("Error CountryOfCitizenship wasn't checked propertly", false); 670 }catch(UserDoesntFullfillEndEntityProfile e){ 671 assertEquals("Field COUNTRYOFRESIDENCE data didn't match requirement of end entity profile.", e.getMessage()); 672 log.debug("End Entity Fulfill Profile Test 47 = OK"); 673 } 674 try{ 675 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","CountryOfCitizenship=SE, CountryOfResidence=SE, Gender=M, PlaceOfBirth=Stockholm","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 676 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 677 log.debug("End Entity Fulfill Profile Test 48 = OK"); 678 }catch(UserDoesntFullfillEndEntityProfile e){ 679 assertTrue("Error Subject Dir Attributes wasn't checked propertly", false); 680 } 681 try{ 682 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","DateOfBirth=189901, CountryOfCitizenship=SE, CountryOfResidence=SE","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 683 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 684 assertTrue("Error DateOfBirth wasn't checked propertly", false); 685 }catch(UserDoesntFullfillEndEntityProfile e){ 686 assertEquals("Invalid DATEOFBIRTH. Must be of length eight.", e.getMessage()); 687 log.debug("End Entity Fulfill Profile Test 49 = OK"); 688 } 689 try{ 690 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","DateOfBirth=189901AA, CountryOfCitizenship=SE, CountryOfResidence=SE","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 691 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 692 assertTrue("Error DateOfBirth wasn't checked propertly", false); 693 }catch(UserDoesntFullfillEndEntityProfile e){ 694 assertEquals("Invalid DATEOFBIRTH. Must be only numbers.", e.getMessage()); 695 log.debug("End Entity Fulfill Profile Test 50 = OK"); 696 } 697 try{ 698 profile.doesUserFullfillEndEntityProfile("username","password","CN=John Smith,OU=HARD,C=SE","dnsname=test1.se,ipaddress=10.1.1.1","DateOfBirth=18990101, CountryOfCitizenship=SE, CountryOfResidence=SE","",SecConst.CERTPROFILE_FIXED_ENDUSER, false, 699 false, false,false,SecConst.TOKEN_SOFT_BROWSERGEN, 0, testca1); 700 log.debug("End Entity Fulfill Profile Test 51 = OK"); 701 }catch(UserDoesntFullfillEndEntityProfile e){ 702 assertTrue("Error DateOfBirth wasn't checked propertly", false); 703 } 704 705 log.debug("<test01fulfillEndEntityProfiles()"); 706 } 707 708 709 710 711 712 } 713 | Popular Tags |