mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/server/org/opends/server/core/PasswordPolicyState.java
@@ -22,7 +22,7 @@ * CDDL HEADER END * * * Portions Copyright 2006 Sun Microsystems, Inc. * Portions Copyright 2006-2007 Sun Microsystems, Inc. */ package org.opends.server.core; @@ -717,7 +717,7 @@ * * @return The password policy associated with this state information. */ public PasswordPolicy getPasswordPolicy() public PasswordPolicy getPolicy() { assert debugEnter(CLASS_NAME, "getPasswordPolicy"); @@ -727,20 +727,6 @@ /** * Retrieves the user entry associated with this state information. * * @return The user entry associated with this state information. */ public Entry getUserEntry() { assert debugEnter(CLASS_NAME, "getUserEntry"); return userEntry; } /** * Retrieves the set of modifications that correspond to changes made in * password policy processing that may need to be applied to the user entry. * @@ -758,20 +744,6 @@ /** * Retrieves the attribute type used to hold user passwords. * * @return The attribute type used to hold user passwords. */ public AttributeType getPasswordAttribute() { assert debugEnter(CLASS_NAME, "getPasswordAttribute"); return passwordPolicy.getPasswordAttribute(); } /** * Retrieves the set of values for the password attribute from the user entry. * * @return The set of values for the password attribute from the user entry. @@ -810,173 +782,6 @@ /** * Indicates whether the associated password policy requires that password * changes be performed in a secure manner. * * @return <CODE>true</CODE> if the associated password policy requires that * password changes be performed in a secure manner, or * <CODE>false</CODE> if not. */ public boolean requireSecurePasswordChanges() { assert debugEnter(CLASS_NAME, "requireSecurePasswordChanges"); return passwordPolicy.requireSecurePasswordChanges(); } /** * Indicates whether the associated password policy allows multiple different * password values to be maintained. * * @return <CODE>true</CODE> if the associated password policy allows * multiple different password values to be maintained, or * <CODE>false</CODE> if it does not. */ public boolean allowMultiplePasswordValues() { assert debugEnter(CLASS_NAME, "allowMultiplePasswordValues"); return passwordPolicy.allowMultiplePasswordValues(); } /** * Indicates whether the associated password policy allows new passwords to be * provided in a pre-encoded form. * * @return <CODE>true</CODE> if the associated password policy allows new * passwords to be provided in a pre-encoded form, or * <CODE>false</CODE> if not. */ public boolean allowPreEncodedPasswords() { assert debugEnter(CLASS_NAME, "allowPreEncodedPasswords"); return passwordPolicy.allowPreEncodedPasswords(); } /** * Indicates whether the associated password policy allows end users to change * their own passwords. * * @return <CODE>true</CODE> if the associated password policy allows end * users to change their own passwords, or <CODE>false</CODE> if not. */ public boolean allowUserPasswordChanges() { assert debugEnter(CLASS_NAME, "allowUserPasswordChanges"); return passwordPolicy.allowUserPasswordChanges(); } /** * Indicates whether users will be required to provide their current password * when choosing a new one. * * @return <CODE>true</CODE> if users will be required to provide their * current password when choosing a new one, or <CODE>false</CODE> * if not. */ public boolean requireCurrentPassword() { assert debugEnter(CLASS_NAME, "requireCurrentPassword"); return passwordPolicy.requireCurrentPassword(); } /** * Indicates whether administrative password resets should be allowed to * bypass validity checks for the new password. * * @return <CODE>true</CODE> if administrative password resets should be * allowed to bypass validity checks for the new password, or * <CODE>false</CODE> if not. */ public boolean skipValidationForAdministrators() { assert debugEnter(CLASS_NAME, "skipValidationForAdministrators"); return passwordPolicy.skipValidationForAdministrators(); } /** * Indicates whether users should be required to change their passwords when * they first authenticate after their account has been added. * * @return <CODE>true</CODE> if users should be required to change their * passwords when they first authenticate after their account has * been added, or <CODE>false</CODE> if not. */ public boolean forceChangeOnAdd() { assert debugEnter(CLASS_NAME, "forceChangeOnAdd"); return passwordPolicy.forceChangeOnAdd(); } /** * Indicates whether users should be required to change their passwords after * they have been reset by an administrator. * * @return <CODE>true</CODE> if users should be required to change their * passwords after they have been reset by an administrator, or * <CODE>false</CODE> if not. */ public boolean forceChangeOnReset() { assert debugEnter(CLASS_NAME, "forceChangeOnReset"); return passwordPolicy.forceChangeOnReset(); } /** * Indicates whether user passwords will be allowed to expire even if the user * has never seen an expiration warning notification. * * @return <CODE>true</CODE> if user passwords will be allowed to expire even * if the user has never seen an expiration warning notification, or * <CODE>false</CODE> if they will always be guaranteed at least one * warning before the password expires. */ public boolean expirePasswordsWithoutWarning() { assert debugEnter(CLASS_NAME, "expirePasswordsWithoutWarning"); return passwordPolicy.expirePasswordsWithoutWarning(); } /** * Retrieves the time that the user's password was last changed. * * @return The time that the user's password was last changed. */ public long getPasswordChangedTime() { assert debugEnter(CLASS_NAME, "getPasswordChangedTime"); return passwordChangedTime; } /** * Retrieves time that this password policy state object was created. * * @return The time that this password policy state object was created. @@ -1593,22 +1398,6 @@ /** * Retrieves the maximum number of password failures that will be allowed * before a user account is locked. * * @return The maximum number of password failures that will be allowed * before a user account is locked, or zero if there is no maximum. */ public int getMaxAllowedFailures() { assert debugEnter(CLASS_NAME, "getMaxAllowedFailures"); return passwordPolicy.getLockoutFailureCount(); } /** * Indicates whether the associated user should be considered locked out as a * result of too many authentication failures. * @@ -1768,23 +1557,6 @@ /** * Retrieves the length of time in seconds that a user's account will be * locked due to failed attempts before it will be automatically unlocked. * * @return The length of time in seconds that a user's account will be * locked due to failed attempts before it will be automatically * unlocked, or zero if accounts will not be automatically unlocked. */ public int getLockoutDuration() { assert debugEnter(CLASS_NAME, "getLockoutDuration"); return passwordPolicy.getLockoutDuration(); } /** * Retrieves the length of time in seconds until the user's account is * automatically unlocked. This should only be called after calling * <CODE>lockedDueToFailures</CODE>. @@ -2397,6 +2169,13 @@ " to set the reset flag to " + mustChangePassword); } if (mustChangePassword == (this.mustChangePassword == ConditionResult.TRUE)){ return; // requested state matches current state } this.mustChangePassword = ConditionResult.inverseOf(this.mustChangePassword); AttributeType type = DirectoryServer.getAttributeType(OP_ATTR_PWPOLICY_RESET_REQUIRED_LC); @@ -2408,23 +2187,16 @@ if (mustChangePassword) { if (this.mustChangePassword == ConditionResult.TRUE) { return; } this.mustChangePassword = ConditionResult.TRUE; LinkedHashSet<AttributeValue> values = new LinkedHashSet<AttributeValue>(1); values.add(new AttributeValue(type, String.valueOf(mustChangePassword))); values.add(new AttributeValue(type, String.valueOf(true))); Attribute a = new Attribute(type, OP_ATTR_PWPOLICY_RESET_REQUIRED, values); ArrayList<Attribute> attrList = new ArrayList<Attribute>(1); attrList.add(a); if (updateEntry) { ArrayList<Attribute> attrList = new ArrayList<Attribute>(1); attrList.add(a); userEntry.putAttribute(type, attrList); } else @@ -2434,13 +2206,6 @@ } else { if (this.mustChangePassword == ConditionResult.FALSE) { return; } this.mustChangePassword = ConditionResult.FALSE; if (updateEntry) { userEntry.removeAttribute(type); @@ -2736,22 +2501,6 @@ /** * Indicates whether users will be allowed to change their passwords if they * are expired. * * @return <CODE>true</CODE> if users will be allowed to change their * passwords if they are expired, or <CODE>false</CODE> if not. */ public boolean allowExpiredPasswordChanges() { assert debugEnter(CLASS_NAME, "allowExpiredPasswordChanges"); return passwordPolicy.allowExpiredPasswordChanges(); } /** * Indicates whether the user's last password change was within the minimum * password age. * @@ -3170,22 +2919,6 @@ /** * Retrieves the maximum number of grace logins that the user will be allowed * according to the associated password policy. * * @return The maximum number of grace logins that the user will be allowed * according to the associated password policy. */ public int getMaxAllowedGraceLogins() { assert debugEnter(CLASS_NAME, "getMaxAllowedGraceLogins"); return passwordPolicy.getGraceLoginCount(); } /** * Retrieves the times that the user has authenticated to the server using a * grace login. * @@ -3680,23 +3413,6 @@ /** * Indicates whether the user's password is stored using the auth password * syntax or the user password syntax. * * @return <CODE>true</CODE> if the user's password is stored using the auth * password syntax, or <CODE>false</CODE> if it is stored using the * user password syntax. */ public boolean usesAuthPasswordSyntax() { assert debugEnter(CLASS_NAME, "usesAuthPasswordSyntax"); return passwordPolicy.usesAuthPasswordSyntax(); } /** * Indicates whether the provided password value is pre-encoded. * * @param passwordValue The value for which to make the determination.
