s4-selftest: Demonstrate the correct behaviour between specified usernames and kerber...

This shows that a username/password on the command line must always
override any credentials cache in the environment.

Andrew Bartlett

diff --git a/testprogs/blackbox/test_passwords.sh b/testprogs/blackbox/test_passwords.sh
index fe8386dd3437fed3d85e67eafcab04e2dafae821..822f0fbee6e6fa33e5850592ffbe18fcad061b68 100755 (executable)
--- a/testprogs/blackbox/test_passwords.sh
+++ b/testprogs/blackbox/test_passwords.sh
@@ -72,6 +72,14 @@ testit "kinit with user password" $samba4kinit --password-file=./tmpuserpassfile
 
 test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1`
 
+#
+# These tests demonstrate that a credential cache in the environment does not
+# override a username/password, even an incorrect one, on the command line
+#
+
+testit_expect_failure  "Test login with user kerberos ccache, but wrong password specified" $VALGRIND $smbclient //$SERVER/tmp -c 'ls' -k yes -Unettestuser@$REALM%wrongpass && failed=`expr $failed + 1`
+testit_expect_failure  "Test login with user kerberos ccache, but old password specified" $VALGRIND $smbclient //$SERVER/tmp -c 'ls' -k yes -Unettestuser@$REALM%$USERPASS && failed=`expr $failed + 1`
+
 
 USERPASS=$NEWUSERPASS
 WEAKPASS=testpass1