external-software/github_OpenIdentityPlatform_OpenDJ.git

			@@ -30,6 +30,7 @@

			import java.util.ArrayList;
			import java.util.HashMap;
			import java.util.HashSet;
			import java.util.Iterator;
			import java.util.LinkedHashSet;
			import java.util.List;
			@@ -38,7 +39,9 @@

			import org.opends.server.admin.server.ConfigurationChangeListener;
			import org.opends.server.admin.std.meta.PluginCfgDefn;
			import org.opends.server.admin.std.server.PluginCfg;
			import org.opends.server.admin.std.server.PasswordPolicyImportPluginCfg;
			import org.opends.server.api.Backend;
			import org.opends.server.api.ImportTaskListener;
			import org.opends.server.api.PasswordStorageScheme;
			import org.opends.server.api.plugin.DirectoryServerPlugin;
			import org.opends.server.api.plugin.LDIFPluginResult;
			@@ -46,6 +49,7 @@
			import org.opends.server.config.ConfigException;
			import org.opends.server.core.DirectoryServer;
			import org.opends.server.core.PasswordPolicy;
			import org.opends.server.loggers.debug.DebugTracer;
			import org.opends.server.schema.AuthPasswordSyntax;
			import org.opends.server.schema.UserPasswordSyntax;
			import org.opends.server.types.Attribute;
			@@ -53,18 +57,22 @@
			import org.opends.server.types.AttributeValue;
			import org.opends.server.types.ByteString;
			import org.opends.server.types.ConfigChangeResult;
			import org.opends.server.types.DebugLogLevel;
			import org.opends.server.types.DirectoryException;
			import org.opends.server.types.DN;
			import org.opends.server.types.Entry;
			import org.opends.server.types.ErrorLogCategory;
			import org.opends.server.types.ErrorLogSeverity;
			import org.opends.server.types.LDIFImportConfig;
			import org.opends.server.types.ResultCode;

			import org.opends.server.types.DebugLogLevel;
			import static org.opends.server.config.ConfigConstants.*;
			import static org.opends.server.extensions.ExtensionsConstants.*;
			import static org.opends.server.loggers.ErrorLogger.*;
			import static org.opends.server.loggers.debug.DebugLogger.*;
			import org.opends.server.loggers.debug.DebugTracer;
			import static org.opends.server.messages.MessageHandler.*;
			import static org.opends.server.messages.PluginMessages.*;
			import static org.opends.server.schema.SchemaConstants.*;
			import static org.opends.server.util.StaticUtils.*;


			@@ -75,21 +83,37 @@
			* that all of the password values are properly encoded before they are stored.
			*/
			public final class PasswordPolicyImportPlugin
			extends DirectoryServerPlugin<PluginCfg>
			implements ConfigurationChangeListener<PluginCfg>
			extends DirectoryServerPlugin<PasswordPolicyImportPluginCfg>
			implements ConfigurationChangeListener<PasswordPolicyImportPluginCfg>,
			ImportTaskListener
			{
			/**
			* The tracer object for the debug logger.
			*/
			private static final DebugTracer TRACER = getTracer();

			// The sets of password storage schemes for the auth password attributes.
			private final HashMap<AttributeType,PasswordStorageScheme[]>
			authPasswordSchemes;

			// The sets of password storage schemes for the user password attributes.
			private final HashMap<AttributeType,PasswordStorageScheme[]>
			userPasswordSchemes;

			// The attribute type used to specify the password policy for an entry.
			private AttributeType customPolicyAttribute;

			// The set of attribute types defined in the schema with the auth password
			// syntax.
			private AttributeType[] authPasswordTypes;

			// The set of attribute types defined in the schema with the user password
			// syntax.
			private AttributeType[] userPasswordTypes;

			// The set of password storage schemes to use for the various password
			// policies defined in the server.
			private HashMap<DN,PasswordStorageScheme[]> schemesByPolicy;

			// The default password storage schemes for auth password attributes.
			private PasswordStorageScheme[] defaultAuthPasswordSchemes;

			// The default password storage schemes for user password attributes.
			private PasswordStorageScheme[] defaultUserPasswordSchemes;



			@@ -97,82 +121,11 @@
			* Creates a new instance of this Directory Server plugin. Every plugin must
			* implement a default constructor (it is the only one that will be used to
			* create plugins defined in the configuration), and every plugin constructor
			* must call <CODE>super()</CODE> as its first element.
			* must call {@code super()} as its first element.
			*/
			public PasswordPolicyImportPlugin()
			{
			super();


			// Get the password policies from the Directory Server configuration. This
			// is done in the constructor to allow the instance variables to be declared
			// "final".
			authPasswordSchemes = new HashMap<AttributeType,PasswordStorageScheme[]>();
			userPasswordSchemes = new HashMap<AttributeType,PasswordStorageScheme[]>();
			for (PasswordPolicy p : DirectoryServer.getPasswordPolicies())
			{
			AttributeType t = p.getPasswordAttribute();
			if (p.usesAuthPasswordSyntax())
			{
			PasswordStorageScheme[] schemes = authPasswordSchemes.get(t);
			if (schemes == null)
			{
			CopyOnWriteArrayList<PasswordStorageScheme> defaultSchemes =
			p.getDefaultStorageSchemes();
			schemes = new PasswordStorageScheme[defaultSchemes.size()];
			defaultSchemes.toArray(schemes);
			authPasswordSchemes.put(t, schemes);
			}
			else
			{
			LinkedHashSet<PasswordStorageScheme> newSchemes =
			new LinkedHashSet<PasswordStorageScheme>();
			for (PasswordStorageScheme s : schemes)
			{
			newSchemes.add(s);
			}

			for (PasswordStorageScheme s : p.getDefaultStorageSchemes())
			{
			newSchemes.add(s);
			}

			schemes = new PasswordStorageScheme[newSchemes.size()];
			newSchemes.toArray(schemes);
			authPasswordSchemes.put(t, schemes);
			}
			}
			else
			{
			PasswordStorageScheme[] schemes = userPasswordSchemes.get(t);
			if (schemes == null)
			{
			CopyOnWriteArrayList<PasswordStorageScheme> defaultSchemes =
			p.getDefaultStorageSchemes();
			schemes = new PasswordStorageScheme[defaultSchemes.size()];
			defaultSchemes.toArray(schemes);
			userPasswordSchemes.put(t, schemes);
			}
			else
			{
			LinkedHashSet<PasswordStorageScheme> newSchemes =
			new LinkedHashSet<PasswordStorageScheme>();
			for (PasswordStorageScheme s : schemes)
			{
			newSchemes.add(s);
			}

			for (PasswordStorageScheme s : p.getDefaultStorageSchemes())
			{
			newSchemes.add(s);
			}

			schemes = new PasswordStorageScheme[newSchemes.size()];
			newSchemes.toArray(schemes);
			userPasswordSchemes.put(t, schemes);
			}
			}
			}
			}


			@@ -182,10 +135,14 @@
			*/
			@Override()
			public final void initializePlugin(Set<PluginType> pluginTypes,
			PluginCfg configuration)
			PasswordPolicyImportPluginCfg configuration)
			throws ConfigException
			{
			configuration.addChangeListener(this);
			configuration.addPasswordPolicyImportChangeListener(this);

			customPolicyAttribute =
			DirectoryServer.getAttributeType(OP_ATTR_PWPOLICY_POLICY_DN, true);


			// Make sure that the plugin has been enabled for the appropriate types.
			for (PluginType t : pluginTypes)
			@@ -203,6 +160,166 @@
			throw new ConfigException(msgID, message);
			}
			}


			// Get the set of default password storage schemes for auth password
			// attributes.
			PasswordPolicy defaultPolicy = DirectoryServer.getDefaultPasswordPolicy();
			Set<String> authSchemesSet =
			configuration.getDefaultAuthPasswordStorageScheme();
			if ((authSchemesSet == null) \|\| authSchemesSet.isEmpty())
			{
			if (defaultPolicy.usesAuthPasswordSyntax())
			{
			CopyOnWriteArrayList<PasswordStorageScheme> schemeList =
			defaultPolicy.getDefaultStorageSchemes();
			defaultAuthPasswordSchemes =
			new PasswordStorageScheme[schemeList.size()];
			schemeList.toArray(defaultAuthPasswordSchemes);
			}
			else
			{
			defaultAuthPasswordSchemes = new PasswordStorageScheme[1];
			defaultAuthPasswordSchemes[0] =
			DirectoryServer.getAuthPasswordStorageScheme(
			AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1);
			if (defaultAuthPasswordSchemes[0] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_NO_DEFAULT_AUTH_SCHEMES;
			String message = getMessage(msgID,
			AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1);
			throw new ConfigException(msgID, message);
			}
			}
			}
			else
			{
			defaultAuthPasswordSchemes =
			new PasswordStorageScheme[authSchemesSet.size()];
			int i=0;
			for (String schemeName : authSchemesSet)
			{
			defaultAuthPasswordSchemes[i] =
			DirectoryServer.getAuthPasswordStorageScheme(schemeName);
			if (defaultAuthPasswordSchemes[i] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_INVALID_DEFAULT_AUTH_SCHEME;
			String message = getMessage(msgID, schemeName);
			throw new ConfigException(msgID, message);
			}
			i++;
			}
			}


			// Get the set of default password storage schemes for user password
			// attributes.
			Set<String> userSchemeSet =
			configuration.getDefaultUserPasswordStorageScheme();
			if ((userSchemeSet == null) \|\| userSchemeSet.isEmpty())
			{
			if (! defaultPolicy.usesAuthPasswordSyntax())
			{
			CopyOnWriteArrayList<PasswordStorageScheme> schemeList =
			defaultPolicy.getDefaultStorageSchemes();
			defaultUserPasswordSchemes =
			new PasswordStorageScheme[schemeList.size()];
			schemeList.toArray(defaultUserPasswordSchemes);
			}
			else
			{
			defaultUserPasswordSchemes = new PasswordStorageScheme[1];
			defaultUserPasswordSchemes[0] =
			DirectoryServer.getPasswordStorageScheme(
			toLowerCase(STORAGE_SCHEME_NAME_SALTED_SHA_1));
			if (defaultUserPasswordSchemes[0] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_NO_DEFAULT_USER_SCHEMES;
			String message = getMessage(msgID, STORAGE_SCHEME_NAME_SALTED_SHA_1);
			throw new ConfigException(msgID, message);
			}
			}
			}
			else
			{
			defaultUserPasswordSchemes =
			new PasswordStorageScheme[userSchemeSet.size()];
			int i=0;
			for (String schemeName : userSchemeSet)
			{
			defaultUserPasswordSchemes[i] =
			DirectoryServer.getPasswordStorageScheme(toLowerCase(schemeName));
			if (defaultUserPasswordSchemes[i] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_INVALID_DEFAULT_USER_SCHEME;
			String message = getMessage(msgID, schemeName);
			throw new ConfigException(msgID, message);
			}
			i++;
			}
			}

			processImportBegin(null, null);
			}



			/**
			* {@inheritDoc}
			*/
			public void processImportBegin(Backend backend, LDIFImportConfig config)
			{
			// Find the set of attribute types with the auth password and user password
			// syntax defined in the schema.
			HashSet<AttributeType> authPWTypes = new HashSet<AttributeType>();
			HashSet<AttributeType> userPWTypes = new HashSet<AttributeType>();
			for (AttributeType t : DirectoryServer.getAttributeTypes().values())
			{
			if (t.getSyntaxOID().equals(SYNTAX_AUTH_PASSWORD_OID))
			{
			authPWTypes.add(t);
			}
			else if (t.getSyntaxOID().equals(SYNTAX_USER_PASSWORD_OID))
			{
			userPWTypes.add(t);
			}
			}


			// Get the set of password policies defined in the server and get the
			// attribute types associated with them.
			HashMap<DN,PasswordStorageScheme[]> schemeMap =
			new HashMap<DN,PasswordStorageScheme[]>();
			for (PasswordPolicy p : DirectoryServer.getPasswordPolicies())
			{
			CopyOnWriteArrayList<PasswordStorageScheme> schemeList =
			p.getDefaultStorageSchemes();
			PasswordStorageScheme[] schemeArray =
			new PasswordStorageScheme[schemeList.size()];
			schemeList.toArray(schemeArray);
			schemeMap.put(p.getConfigEntryDN(), schemeArray);
			}


			AttributeType[] authTypesArray = new AttributeType[authPWTypes.size()];
			AttributeType[] userTypesArray = new AttributeType[userPWTypes.size()];
			authPWTypes.toArray(authTypesArray);
			userPWTypes.toArray(userTypesArray);

			schemesByPolicy = schemeMap;
			authPasswordTypes = authTypesArray;
			userPasswordTypes = userTypesArray;
			}



			/**
			* {@inheritDoc}
			*/
			public void processImportEnd(Backend backend, LDIFImportConfig config,
			boolean successful)
			{
			// No implementation is required.
			}


			@@ -218,18 +335,157 @@
			ArrayList<ByteString> encodedValueList = new ArrayList<ByteString>();


			// See if the entry explicitly states the password policy that it should
			// use. If so, then only use it to perform the encoding.
			List<Attribute> attrList = entry.getAttribute(customPolicyAttribute);
			if (attrList != null)
			{
			DN policyDN = null;
			PasswordPolicy policy = null;
			policyLoop:
			for (Attribute a : attrList)
			{
			for (AttributeValue v : a.getValues())
			{
			try
			{
			policyDN = DN.decode(v.getValue());
			policy = DirectoryServer.getPasswordPolicy(policyDN);
			if (policy == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_NO_SUCH_POLICY;
			String message = getMessage(msgID, String.valueOf(entry.getDN()),
			String.valueOf(policyDN));
			logError(ErrorLogCategory.PLUGIN, ErrorLogSeverity.SEVERE_WARNING,
			message, msgID);
			}
			break policyLoop;
			}
			catch (DirectoryException de)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_CANNOT_DECODE_POLICY_DN;
			String message = getMessage(msgID, String.valueOf(entry.getDN()),
			de.getErrorMessage());
			logError(ErrorLogCategory.PLUGIN, ErrorLogSeverity.SEVERE_WARNING,
			message, msgID);
			break policyLoop;
			}
			}
			}

			if (policy != null)
			{
			PasswordStorageScheme[] schemes = schemesByPolicy.get(policyDN);
			if (schemes != null)
			{
			attrList = entry.getAttribute(policy.getPasswordAttribute());
			if (attrList == null)
			{
			return LDIFPluginResult.SUCCESS;
			}

			for (Attribute a : attrList)
			{
			encodedValueList.clear();

			LinkedHashSet<AttributeValue> values = a.getValues();
			Iterator<AttributeValue> iterator = values.iterator();
			while (iterator.hasNext())
			{
			AttributeValue v = iterator.next();
			ByteString value = v.getValue();

			if (policy.usesAuthPasswordSyntax())
			{
			if (! AuthPasswordSyntax.isEncoded(value))
			{
			try
			{
			for (PasswordStorageScheme s : schemes)
			{
			encodedValueList.add(s.encodeAuthPassword(value));
			}

			iterator.remove();
			}
			catch (Exception e)
			{
			if (debugEnabled())
			{
			TRACER.debugCaught(DebugLogLevel.ERROR, e);
			}

			int msgID = MSGID_PLUGIN_PWPIMPORT_ERROR_ENCODING_PASSWORD;
			String message = getMessage(msgID,
			policy.getPasswordAttribute().getNameOrOID(),
			String.valueOf(entry.getDN()),
			stackTraceToSingleLineString(e));
			logError(ErrorLogCategory.PLUGIN,
			ErrorLogSeverity.SEVERE_ERROR, message, msgID);

			encodedValueList.clear();
			break;
			}
			}
			}
			else
			{
			if (! UserPasswordSyntax.isEncoded(value))
			{
			try
			{
			for (PasswordStorageScheme s : schemes)
			{
			encodedValueList.add(s.encodePasswordWithScheme(value));
			}

			iterator.remove();
			}
			catch (Exception e)
			{
			if (debugEnabled())
			{
			TRACER.debugCaught(DebugLogLevel.ERROR, e);
			}

			int msgID = MSGID_PLUGIN_PWPIMPORT_ERROR_ENCODING_PASSWORD;
			String message = getMessage(msgID,
			policy.getPasswordAttribute().getNameOrOID(),
			String.valueOf(entry.getDN()),
			stackTraceToSingleLineString(e));
			logError(ErrorLogCategory.PLUGIN,
			ErrorLogSeverity.SEVERE_ERROR, message, msgID);

			encodedValueList.clear();
			break;
			}
			}
			}
			}

			for (ByteString s : encodedValueList)
			{
			values.add(new AttributeValue(policy.getPasswordAttribute(), s));
			}
			}

			return LDIFPluginResult.SUCCESS;
			}
			}
			}


			// Iterate through the list of auth password attributes. If any of them
			// are present and their values are not encoded, then encode them with all
			// appropriate schemes.
			for (AttributeType t : authPasswordSchemes.keySet())
			for (AttributeType t : authPasswordTypes)
			{
			List<Attribute> attrList = entry.getAttribute(t);
			attrList = entry.getAttribute(t);
			if ((attrList == null) \|\| attrList.isEmpty())
			{
			continue;
			}

			PasswordStorageScheme[] schemes = authPasswordSchemes.get(t);
			for (Attribute a : attrList)
			{
			encodedValueList.clear();
			@@ -244,7 +500,7 @@
			{
			try
			{
			for (PasswordStorageScheme s : schemes)
			for (PasswordStorageScheme s : defaultAuthPasswordSchemes)
			{
			encodedValueList.add(s.encodeAuthPassword(value));
			}
			@@ -282,15 +538,14 @@
			// Iterate through the list of user password attributes. If any of them
			// are present and their values are not encoded, then encode them with all
			// appropriate schemes.
			for (AttributeType t : userPasswordSchemes.keySet())
			for (AttributeType t : userPasswordTypes)
			{
			List<Attribute> attrList = entry.getAttribute(t);
			attrList = entry.getAttribute(t);
			if ((attrList == null) \|\| attrList.isEmpty())
			{
			continue;
			}

			PasswordStorageScheme[] schemes = userPasswordSchemes.get(t);
			for (Attribute a : attrList)
			{
			encodedValueList.clear();
			@@ -305,7 +560,7 @@
			{
			try
			{
			for (PasswordStorageScheme s : schemes)
			for (PasswordStorageScheme s : defaultUserPasswordSchemes)
			{
			encodedValueList.add(s.encodePasswordWithScheme(value));
			}
			@@ -348,7 +603,8 @@
			/**
			* {@inheritDoc}
			*/
			public boolean isConfigurationChangeAcceptable(PluginCfg configuration,
			public boolean isConfigurationChangeAcceptable(
			PasswordPolicyImportPluginCfg configuration,
			List<String> unacceptableReasons)
			{
			boolean configAcceptable = true;
			@@ -371,6 +627,86 @@
			}
			}


			// Get the set of default password storage schemes for auth password
			// attributes.
			Set<String> authSchemesSet =
			configuration.getDefaultAuthPasswordStorageScheme();
			if ((authSchemesSet == null) \|\| authSchemesSet.isEmpty())
			{
			PasswordStorageScheme[] defaultAuthSchemes = new PasswordStorageScheme[1];
			defaultAuthSchemes[0] =
			DirectoryServer.getAuthPasswordStorageScheme(
			AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1);
			if (defaultAuthSchemes[0] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_NO_DEFAULT_AUTH_SCHEMES;
			String message = getMessage(msgID,
			AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1);
			unacceptableReasons.add(message);
			configAcceptable = false;
			}
			}
			else
			{
			PasswordStorageScheme[] defaultAuthSchemes =
			new PasswordStorageScheme[authSchemesSet.size()];
			int i=0;
			for (String schemeName : authSchemesSet)
			{
			defaultAuthSchemes[i] =
			DirectoryServer.getAuthPasswordStorageScheme(schemeName);
			if (defaultAuthSchemes[i] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_INVALID_DEFAULT_AUTH_SCHEME;
			String message = getMessage(msgID, schemeName);
			unacceptableReasons.add(message);
			configAcceptable = false;
			}
			i++;
			}
			}


			// Get the set of default password storage schemes for user password
			// attributes.
			Set<String> userSchemeSet =
			configuration.getDefaultUserPasswordStorageScheme();
			if ((userSchemeSet == null) \|\| userSchemeSet.isEmpty())
			{
			PasswordStorageScheme[] defaultUserSchemes = new PasswordStorageScheme[1];
			defaultUserSchemes[0] =
			DirectoryServer.getPasswordStorageScheme(
			toLowerCase(STORAGE_SCHEME_NAME_SALTED_SHA_1));
			if (defaultUserSchemes[0] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_NO_DEFAULT_USER_SCHEMES;
			String message = getMessage(msgID, STORAGE_SCHEME_NAME_SALTED_SHA_1);
			unacceptableReasons.add(message);
			configAcceptable = false;
			}
			}
			else
			{
			PasswordStorageScheme[] defaultUserSchemes =
			new PasswordStorageScheme[userSchemeSet.size()];
			int i=0;
			for (String schemeName : userSchemeSet)
			{
			defaultUserSchemes[i] =
			DirectoryServer.getPasswordStorageScheme(toLowerCase(schemeName));
			if (defaultUserSchemes[i] == null)
			{
			int msgID = MSGID_PLUGIN_PWIMPORT_INVALID_DEFAULT_USER_SCHEME;
			String message = getMessage(msgID, schemeName);
			unacceptableReasons.add(message);
			configAcceptable = false;
			}
			i++;
			}
			}


			return configAcceptable;
			}

			@@ -379,10 +715,115 @@
			/**
			* {@inheritDoc}
			*/
			public ConfigChangeResult applyConfigurationChange(PluginCfg configuration)
			public ConfigChangeResult applyConfigurationChange(
			PasswordPolicyImportPluginCfg configuration)
			{
			// No implementation is required.
			return new ConfigChangeResult(ResultCode.SUCCESS, false);
			ResultCode resultCode = ResultCode.SUCCESS;
			boolean adminActionRequired = false;
			ArrayList<String> messages = new ArrayList<String>();


			// Get the set of default password storage schemes for auth password
			// attributes.
			PasswordPolicy defaultPolicy = DirectoryServer.getDefaultPasswordPolicy();
			PasswordStorageScheme[] defaultAuthSchemes;
			Set<String> authSchemesSet =
			configuration.getDefaultAuthPasswordStorageScheme();
			if ((authSchemesSet == null) \|\| authSchemesSet.isEmpty())
			{
			if (defaultPolicy.usesAuthPasswordSyntax())
			{
			CopyOnWriteArrayList<PasswordStorageScheme> schemeList =
			defaultPolicy.getDefaultStorageSchemes();
			defaultAuthSchemes =
			new PasswordStorageScheme[schemeList.size()];
			schemeList.toArray(defaultAuthSchemes);
			}
			else
			{
			defaultAuthSchemes = new PasswordStorageScheme[1];
			defaultAuthSchemes[0] =
			DirectoryServer.getAuthPasswordStorageScheme(
			AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1);
			if (defaultAuthSchemes[0] == null)
			{
			resultCode = DirectoryServer.getServerErrorResultCode();

			int msgID = MSGID_PLUGIN_PWIMPORT_NO_DEFAULT_AUTH_SCHEMES;
			messages.add(getMessage(msgID,
			AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1));
			}
			}
			}
			else
			{
			defaultAuthSchemes = new PasswordStorageScheme[authSchemesSet.size()];
			int i=0;
			for (String schemeName : authSchemesSet)
			{
			defaultAuthSchemes[i] =
			DirectoryServer.getAuthPasswordStorageScheme(schemeName);
			if (defaultAuthSchemes[i] == null)
			{
			resultCode = DirectoryServer.getServerErrorResultCode();

			int msgID = MSGID_PLUGIN_PWIMPORT_INVALID_DEFAULT_AUTH_SCHEME;
			messages.add(getMessage(msgID, schemeName));
			}
			i++;
			}
			}


			// Get the set of default password storage schemes for user password
			// attributes.
			PasswordStorageScheme[] defaultUserSchemes;
			Set<String> userSchemeSet =
			configuration.getDefaultUserPasswordStorageScheme();
			if ((userSchemeSet == null) \|\| userSchemeSet.isEmpty())
			{
			if (! defaultPolicy.usesAuthPasswordSyntax())
			{
			CopyOnWriteArrayList<PasswordStorageScheme> schemeList =
			defaultPolicy.getDefaultStorageSchemes();
			defaultUserSchemes =
			new PasswordStorageScheme[schemeList.size()];
			schemeList.toArray(defaultUserSchemes);
			}
			else
			{
			defaultUserSchemes = new PasswordStorageScheme[1];
			defaultUserSchemes[0] = DirectoryServer.getPasswordStorageScheme(
			toLowerCase(STORAGE_SCHEME_NAME_SALTED_SHA_1));
			if (defaultUserSchemes[0] == null)
			{
			resultCode = DirectoryServer.getServerErrorResultCode();

			int msgID = MSGID_PLUGIN_PWIMPORT_NO_DEFAULT_USER_SCHEMES;
			messages.add(getMessage(msgID, STORAGE_SCHEME_NAME_SALTED_SHA_1));
			}
			}
			}
			else
			{
			defaultUserSchemes = new PasswordStorageScheme[userSchemeSet.size()];
			int i=0;
			for (String schemeName : userSchemeSet)
			{
			defaultUserSchemes[i] =
			DirectoryServer.getPasswordStorageScheme(toLowerCase(schemeName));
			if (defaultUserSchemes[i] == null)
			{
			resultCode = DirectoryServer.getServerErrorResultCode();

			int msgID = MSGID_PLUGIN_PWIMPORT_INVALID_DEFAULT_USER_SCHEME;
			messages.add(getMessage(msgID, schemeName));
			}
			i++;
			}
			}

			return new ConfigChangeResult(resultCode, adminActionRequired, messages);
			}
			}