From c9da9e4bd4a115a646dfb846972126ca8eef1158 Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Thu, 18 Aug 2011 17:43:22 +0000
Subject: [PATCH] Initial checkpoint of work for OPENDJ-262: Implement pass through authentication (PTA)

---
 opends/src/server/org/opends/server/core/CoreConfigManager.java |   16 ++++++++++++++++
 1 files changed, 16 insertions(+), 0 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/CoreConfigManager.java b/opends/src/server/org/opends/server/core/CoreConfigManager.java
index 5542b69..2aebb66 100644
--- a/opends/src/server/org/opends/server/core/CoreConfigManager.java
+++ b/opends/src/server/org/opends/server/core/CoreConfigManager.java
@@ -23,6 +23,7 @@
  *
  *
  *      Copyright 2006-2010 Sun Microsystems, Inc.
+ *      Portions copyright 2011 ForgeRock AS.
  */
 package org.opends.server.core;
 import org.opends.messages.Message;
@@ -41,6 +42,7 @@
 import org.opends.server.admin.std.server.GlobalCfg;
 import org.opends.server.admin.std.server.RootCfg;
 import org.opends.server.admin.server.ServerManagementContext;
+import org.opends.server.api.AuthenticationPolicy;
 import org.opends.server.config.ConfigException;
 import org.opends.server.types.*;
 
@@ -413,6 +415,20 @@
       }
     }
 
+    // Ensure that the default password policy always points to a password
+    // policy and not another type of authentication policy.
+    DN defaultPasswordPolicyDN = configuration.getDefaultPasswordPolicyDN();
+    AuthenticationPolicy policy = DirectoryServer
+        .getAuthenticationPolicy(defaultPasswordPolicyDN);
+    if (!(policy instanceof PasswordPolicy))
+    {
+      Message message =
+        ERR_CONFIG_PWPOLICY_CANNOT_CHANGE_DEFAULT_POLICY_WRONG_TYPE
+          .get(configuration.getDefaultPasswordPolicy());
+      unacceptableReasons.add(message);
+      configAcceptable = false;
+    }
+
     return configAcceptable;
   }
 

--
Gitblit v1.10.0