Hi!

I need to test, if a user has been granted an entitlement by the
UserApp/Role Service Driver.


My Test action in Validator 1.4:
373

The variables:
${TestObject-DN} = cn=e_0000000011,ou=users-external,o=idvault (a
valid user DN)
${IDV-WURM-Ent-Login} = cn=Login,cn=WURM-DB,cn=DriverSet,o=system


The user has mutiple DirXML-EntitlementRef values including last one
that should pass the test in IDV:

cn=Account,cn=WURM-DB,cn=DriverSet,o=system#1#<?xml version="1.0"
encoding="UTF-8"?><ref>
<src>UA</src>
<id/>
<param/>
</ref>

cn=Feature,cn=WURM-DB,cn=DriverSet,o=system#0#<?xml version="1.0"
encoding="UTF-8"?><ref>
<src>UA</src>
<id/>
<param>{"ID":"5"}</param>
</ref>

cn=Feature,cn=WURM-DB,cn=DriverSet,o=system#1#<?xml version="1.0"
encoding="UTF-8"?><ref>
<src>UA</src>
<id/>
<param>{"ID":"1"}</param>
</ref>

cn=Feature,cn=WURM-DB,cn=DriverSet,o=system#1#<?xml version="1.0"
encoding="UTF-8"?><ref>
<src>UA</src>
<id/>
<param>{"ID":"2"}</param>
</ref>

-cn=Login,cn=WURM-DB,cn=DriverSet,o=system#1#<?xml version="1.0"
encoding="UTF-8"?><ref>
<src>UA</src>
<id/>
<param>{"ID":"1"}</param>
</ref>-



But the test fails:

11/09/2015 17:45:18 INFO: -------------------------------- TEST ACTION
---------------------------------
11/09/2015 17:45:18 INFO: IDV: assertAttributesValues (equals case
ignore) - targetFdn: cn=e_0000000011,ou=users-external,o=idvault
11/09/2015 17:45:18 INFO: IDV: assertAttributesValues (equals case
ignore) - attributesValues:
{DirXML-EntitlementRef=[Y249TG9naW4sY249V1VSTS1EQixjbj1Ecml2ZXJTZXQsbz1zeX N0ZW0jMSM8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJV VEYtOCI/PjxyZWY+DQo8c3JjPlVBPC9zcmM+DQo8aWQvPg0KPHBhcmFtPn siSUQiOiIxIn08L3BhcmFtPg0KPC9yZWY+DQo=]}
11/09/2015 17:45:18 INFO: Attribute: 'DirXML-EntitlementRef' Value:
'Y249TG9naW4sY249V1VSTS1EQixjbj1Ecml2ZXJTZXQsbz1ze XN0ZW0jMSM8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ VVEYtOCI/PjxyZWY+DQo8c3JjPlVBPC9zcmM+DQo8aWQvPg0KPHBhcmFtPn siSUQiOiIxIn08L3BhcmFtPg0KPC9yZWY+DQo='
(equals case ignore) not found in object. Current values:
[Y249QWNjb3VudCxjbj1XVVJNLURCLGNuPURyaXZlclNldCxvPX N5c3RlbSMxIzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+PH JlZj4NCjxzcmM+VUE8L3NyYz4NCjxpZC8+DQo8cGFyYW0vPg0K PC9yZWY+DQo=,
Y249QWNjb3VudCxjbj1XVVJNLURCLGNuPURyaXZlclNldCxvPX N5c3RlbSMxIzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+PH JlZj4NCjxzcmM+VUE8L3NyYz4NCjxpZC8+DQo8cGFyYW0vPg0K PC9yZWY+DQo=,
Y249QWNjb3VudCxjbj1XVVJNLURCLGNuPURyaXZlclNldCxvPX N5c3RlbSMxIzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+PH JlZj4NCjxzcmM+VUE8L3NyYz4NCjxpZC8+DQo8cGFyYW0vPg0K PC9yZWY+DQo=,
Y249QWNjb3VudCxjbj1XVVJNLURCLGNuPURyaXZlclNldCxvPX N5c3RlbSMxIzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+PH JlZj4NCjxzcmM+VUE8L3NyYz4NCjxpZC8+DQo8cGFyYW0vPg0K PC9yZWY+DQo=,
Y249QWNjb3VudCxjbj1XVVJNLURCLGNuPURyaXZlclNldCxvPX N5c3RlbSMxIzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+PH JlZj4NCjxzcmM+VUE8L3NyYz4NCjxpZC8+DQo8cGFyYW0vPg0K PC9yZWY+DQo=]
11/09/2015 17:45:18 INFO: IDV: assertAttributesValues (equals case
ignore) - retry 1 of 5

.... repeated 5 times ...

11/09/2015 17:46:08 INFO: Error while executing action method
assertAttributesValues: junit.framework.AssertionFailedError:
11/09/2015 17:46:08 INFO: *********** FAILING TEST Add Login to User in
MSSQL Check in IDV - CONTINUE TO NEXT TEST ***********
11/09/2015 17:46:08 INFO: FAILED - Add Login to User in MSSQL Check in
IDV



To me it looks like only the first DirXML-EntitlementRef value is read
from eDir as Base64 encoded value and this one value
(Y249QWNjb3VudCxjbj1XVVJNLURCLGNuPURyaXZlclNldCxvP X
N5c3RlbSMxIzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+PH
JlZj4NCjxzcmM+VUE8L3NyYz4NCjxpZC8+DQo8cGFyYW0vPg0K PC9yZWY+DQo=) is used
5 times. It decodes to the first DirXML-EntitlementRef value:

cn=Account,cn=WURM-DB,cn=DriverSet,o=system#1#<?xml version="1.0"
encoding="UTF-8"?><ref>
<src>UA</src>
<id/>
<param/>
</ref>


Therefore the other entitelements are never found.

Did someone get it working?


greetings,
Thomas


+----------------------------------------------------------------------+
|Filename: Validator-Entitlement-Test.PNG |
|Download: https://forums.netiq.com/attachment....tachmentid=373 |
+----------------------------------------------------------------------+

--
reibenwein
------------------------------------------------------------------------
reibenwein's Profile: https://forums.netiq.com/member.php?userid=1382
View this thread: https://forums.netiq.com/showthread.php?t=54616