Issue : 3006 : replication of userPassword does not work

gbellato

11.38.2008 fbf4b7ed95646469009315c37a05a005d0e29e7f

 opendj-sdk/opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendModifyOperation.java

@@ -1293,60 +1293,63 @@
      // skipped for synchronization operations.
      boolean isPassword =
              t.equals(pwPolicyState.getPolicy().getPasswordAttribute());
      if (isPassword && (!(isSynchronizationOperation())))
      if (isPassword)
      {
        // If the attribute contains any options, then reject it.  Passwords
        // will not be allowed to have options. Skipped for internal operations.
        if(! isInternalOperation())
        if (!isSynchronizationOperation())
        {
          if (a.hasOptions())
          // If the attribute contains any options, then reject it.  Passwords
          // will not be allowed to have options.
          // Skipped for internal operations.
          if (!isInternalOperation())
          {
            throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                    ERR_MODIFY_PASSWORDS_CANNOT_HAVE_OPTIONS.get());
            if (a.hasOptions())
            {
              throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                  ERR_MODIFY_PASSWORDS_CANNOT_HAVE_OPTIONS.get());
            }


            // If it's a self change, then see if that's allowed.
            if (selfChange &&
                (! pwPolicyState.getPolicy().allowUserPasswordChanges()))
            {
              pwpErrorType = PasswordPolicyErrorType.PASSWORD_MOD_NOT_ALLOWED;
              throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                  ERR_MODIFY_NO_USER_PW_CHANGES.get());
            }


            // If we require secure password changes, then makes sure it's a
            // secure communication channel.
            if (pwPolicyState.getPolicy().requireSecurePasswordChanges() &&
                (! clientConnection.isSecure()))
            {
              pwpErrorType = PasswordPolicyErrorType.PASSWORD_MOD_NOT_ALLOWED;
              throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                  ERR_MODIFY_REQUIRE_SECURE_CHANGES.get());
            }


            // If it's a self change and it's not been long enough since the
            // previous change, then reject it.
            if (selfChange && pwPolicyState.isWithinMinimumAge())
            {
              pwpErrorType = PasswordPolicyErrorType.PASSWORD_TOO_YOUNG;
              throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                  ERR_MODIFY_WITHIN_MINIMUM_AGE.get());
            }
          }


          // If it's a self change, then see if that's allowed.
          if (selfChange &&
                  (! pwPolicyState.getPolicy().allowUserPasswordChanges()))
          // Check to see whether this will adding, deleting, or replacing
          // password values (increment doesn't make any sense for passwords).
          // Then perform the appropriate type of processing for that kind of
          // modification.
          boolean isAdd = (m.getModificationType() == ModificationType.ADD);
          LinkedHashSet<AttributeValue> pwValues = a.getValues();
          LinkedHashSet<AttributeValue> encodedValues =
            new LinkedHashSet<AttributeValue>();
          switch (m.getModificationType())
          {
            pwpErrorType = PasswordPolicyErrorType.PASSWORD_MOD_NOT_ALLOWED;
            throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                    ERR_MODIFY_NO_USER_PW_CHANGES.get());
          }


          // If we require secure password changes, then makes sure it's a
          // secure communication channel.
          if (pwPolicyState.getPolicy().requireSecurePasswordChanges() &&
                  (! clientConnection.isSecure()))
          {
            pwpErrorType = PasswordPolicyErrorType.PASSWORD_MOD_NOT_ALLOWED;
            throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                    ERR_MODIFY_REQUIRE_SECURE_CHANGES.get());
          }


          // If it's a self change and it's not been long enough since the
          // previous change, then reject it.
          if (selfChange && pwPolicyState.isWithinMinimumAge())
          {
            pwpErrorType = PasswordPolicyErrorType.PASSWORD_TOO_YOUNG;
            throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                    ERR_MODIFY_WITHIN_MINIMUM_AGE.get());
          }
        }

        // Check to see whether this will adding, deleting, or replacing
        // password values (increment doesn't make any sense for passwords).
        // Then perform the appropriate type of processing for that kind of
        // modification.
        boolean isAdd = (m.getModificationType() == ModificationType.ADD);
        LinkedHashSet<AttributeValue> pwValues = a.getValues();
        LinkedHashSet<AttributeValue> encodedValues =
                new LinkedHashSet<AttributeValue>();
        switch (m.getModificationType())
        {
          case ADD:
          case REPLACE:
            processInitialAddOrReplacePW(isAdd, pwValues, encodedValues, a);
@@ -1358,13 +1361,14 @@

          default:
            throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM,
                    ERR_MODIFY_INVALID_MOD_TYPE_FOR_PASSWORD.get(
                            String.valueOf(m.getModificationType()),
                            a.getName()));
                ERR_MODIFY_INVALID_MOD_TYPE_FOR_PASSWORD.get(
                    String.valueOf(m.getModificationType()),
                    a.getName()));
          }
        }

      switch (m.getModificationType())
      {
        switch (m.getModificationType())
        {
        case ADD:
          processInitialAddSchema(a);
          break;
@@ -1380,8 +1384,8 @@
        case INCREMENT:
          processInitialIncrementSchema(a);
          break;
        }
      }
     }
    }
  }