Fix OPENDJ-350: ldaptools with --usePasswordPolicyControl don't display pas...

Matthew Swift

08.21.2012 889d0dee661b46c8dde1bff0cddcb5699f841d51

Fix OPENDJ-350: ldaptools with --usePasswordPolicyControl don't display password policy response warning

Switch back to using tool specified authenticated connection provided and ensure that required controls are added to the bind request.

 opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/AuthenticatedConnectionFactory.java

@@ -64,7 +64,7 @@
  /**
   * An authenticated connection supports all operations except Bind operations.
   */
  public static final class AuthenticatedConnection extends ConnectionDecorator
  static final class AuthenticatedConnection extends ConnectionDecorator
  {

    private final BindRequest request;
@@ -129,7 +129,7 @@
     * @return The Bind result which was returned from the server after
     *         authentication.
     */
    public BindResult getAuthenticatedBindResult()
    BindResult getAuthenticatedBindResult()
    {
      return result;
    }
@@ -151,7 +151,7 @@
     *           If this connection has already been closed, i.e. if
     *           {@code isClosed() == true}.
     */
    public FutureResult<BindResult> rebindAsync(
    FutureResult<BindResult> rebindAsync(
        final ResultHandler<? super BindResult> handler)
    {
      if (request == null)
@@ -299,7 +299,7 @@
   * @throws NullPointerException
   *           If {@code factory} or {@code request} was {@code null}.
   */
  public AuthenticatedConnectionFactory(final ConnectionFactory factory,
  AuthenticatedConnectionFactory(final ConnectionFactory factory,
      final BindRequest request)
  {
    Validator.ensureNotNull(factory, request);
@@ -362,7 +362,7 @@
   * @return allowRebinds {@code true} if the {@code rebind} operation is to be
   *         supported, otherwise {@code false}.
   */
  public boolean isRebindAllowed()
  boolean isRebindAllowed()
  {
    return allowRebinds;
  }
@@ -382,7 +382,7 @@
   *          otherwise {@code false}.
   * @return A reference to this connection factory.
   */
  public AuthenticatedConnectionFactory setRebindAllowed(
  AuthenticatedConnectionFactory setRebindAllowed(
      final boolean allowRebinds)
  {
    this.allowRebinds = allowRebinds;

 opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java

@@ -23,7 +23,7 @@
 *
 *
 *      Copyright 2010 Sun Microsystems, Inc.
 *      Portions copyright 2011 ForgeRock AS
 *      Portions copyright 2011-2012 ForgeRock AS
 */

package com.forgerock.opendj.ldap.tools;
@@ -51,6 +51,8 @@

import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.opendj.ldap.*;
import org.forgerock.opendj.ldap.controls.AuthorizationIdentityRequestControl;
import org.forgerock.opendj.ldap.controls.PasswordPolicyRequestControl;
import org.forgerock.opendj.ldap.requests.*;


@@ -155,12 +157,12 @@
   * Whether to request that the server return the authorization ID in the bind
   * response.
   */
  private final BooleanArgument reportAuthzID;
  private final BooleanArgument reportAuthzIDArg;

  /**
   * Whether to use the password policy control in the bind request.
   */
  private final BooleanArgument usePasswordPolicyControl;
  private final BooleanArgument usePasswordPolicyControlArg;

  private int port = 389;

@@ -317,15 +319,15 @@
    certNicknameArg.setPropertyName(OPTION_LONG_CERT_NICKNAME);
    argumentParser.addLdapConnectionArgument(certNicknameArg);

    reportAuthzID = new BooleanArgument("reportauthzid", 'E',
    reportAuthzIDArg = new BooleanArgument("reportauthzid", 'E',
        OPTION_LONG_REPORT_AUTHZ_ID, INFO_DESCRIPTION_REPORT_AUTHZID.get());
    reportAuthzID.setPropertyName(OPTION_LONG_REPORT_AUTHZ_ID);
    argumentParser.addArgument(reportAuthzID);
    reportAuthzIDArg.setPropertyName(OPTION_LONG_REPORT_AUTHZ_ID);
    argumentParser.addArgument(reportAuthzIDArg);

    usePasswordPolicyControl = new BooleanArgument("usepwpolicycontrol", null,
    usePasswordPolicyControlArg = new BooleanArgument("usepwpolicycontrol", null,
        OPTION_LONG_USE_PW_POLICY_CTL, INFO_DESCRIPTION_USE_PWP_CONTROL.get());
    usePasswordPolicyControl.setPropertyName(OPTION_LONG_USE_PW_POLICY_CTL);
    argumentParser.addArgument(usePasswordPolicyControl);
    usePasswordPolicyControlArg.setPropertyName(OPTION_LONG_USE_PW_POLICY_CTL);
    argumentParser.addArgument(usePasswordPolicyControlArg);
  }


@@ -474,9 +476,8 @@
      BindRequest bindRequest = getBindRequest();
      if(bindRequest != null)
      {
        authenticatedConnFactory =
            Connections.newAuthenticatedConnectionFactory(
                authenticatedConnFactory, bindRequest);
        authenticatedConnFactory = new AuthenticatedConnectionFactory(
            authenticatedConnFactory, bindRequest);
      }
    }
    return authenticatedConnFactory;
@@ -648,6 +649,18 @@
        throw new ArgumentException(ERR_LDAPAUTH_UNSUPPORTED_SASL_MECHANISM
            .get(mech));
      }

      if (reportAuthzIDArg.isPresent())
      {
        bindRequest.addControl(AuthorizationIdentityRequestControl
            .newControl(false));
      }

      if (usePasswordPolicyControlArg.isPresent())
      {
        bindRequest.addControl(PasswordPolicyRequestControl
            .newControl(false));
      }
    }
    return bindRequest;
  }