Update the password policy state management code to take more information into
account when determining whether users must change their passwords. In
particular, make sure that at least one of the "force change on add" and
"force change on reset" features are enabled, and also make sure that users are
allowed to change their passwords.
OpenDS Issue Number: 555
| | |
|---|
| | | { |
|---|
| | | assert debugEnter(CLASS_NAME, "mustChangePassword"); |
|---|
| | | |
|---|
| | | // If the password policy doesn't use force change on add or force change on |
|---|
| | | // reset, or if it forbits the user from changing their password, then this |
|---|
| | | // must return false. |
|---|
| | | if (! passwordPolicy.allowUserPasswordChanges()) |
|---|
| | | { |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | else if (! (passwordPolicy.forceChangeOnAdd() || |
|---|
| | | passwordPolicy.forceChangeOnReset())) |
|---|
| | | { |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | if ((mustChangePassword == null) || |
|---|
| | | (mustChangePassword == ConditionResult.UNDEFINED)) |
|---|
| | | { |
|---|
