From 35a408038c1de64a6f13f0e7b246a645e9945e3c Mon Sep 17 00:00:00 2001
From: boli <boli@localhost>
Date: Tue, 18 Mar 2008 22:44:58 +0000
Subject: [PATCH] With this refactoring:
---
opends/src/server/org/opends/server/core/PasswordPolicyState.java | 1115 ++++++++++++++++++++--------------------------------------
1 files changed, 392 insertions(+), 723 deletions(-)
diff --git a/opends/src/server/org/opends/server/core/PasswordPolicyState.java b/opends/src/server/org/opends/server/core/PasswordPolicyState.java
index 6927dcc..8b6e436 100644
--- a/opends/src/server/org/opends/server/core/PasswordPolicyState.java
+++ b/opends/src/server/org/opends/server/core/PasswordPolicyState.java
@@ -104,10 +104,6 @@
// should be stored as modifications.
private final boolean updateEntry;
- // Indicates whether to debug password policy processing performed wth this
- // state object.
- private final boolean debug;
-
// The string representation of the user's DN.
private final String userDNString;
@@ -187,18 +183,15 @@
* @param updateEntry Indicates whether changes should update the provided
* user entry directly or whether they should be
* collected as a set of modifications.
- * @param debug Indicates whether to enable debugging for the
- * operations performed.
*
* @throws DirectoryException If a problem occurs while attempting to
* determine the password policy for the user or
* perform any other state initialization.
*/
- public PasswordPolicyState(Entry userEntry, boolean updateEntry,
- boolean debug)
+ public PasswordPolicyState(Entry userEntry, boolean updateEntry)
throws DirectoryException
{
- this(userEntry, updateEntry, TimeThread.getTime(), false, debug);
+ this(userEntry, updateEntry, TimeThread.getTime(), false);
}
@@ -219,26 +212,22 @@
* @param useDefaultOnError Indicates whether the server should fall back to
* using the default password policy if there is a
* problem with the configured policy for the user.
- * @param debug Indicates whether to enable debugging for the
- * operations performed.
*
* @throws DirectoryException If a problem occurs while attempting to
* determine the password policy for the user or
* perform any other state initialization.
*/
public PasswordPolicyState(Entry userEntry, boolean updateEntry,
- long currentTime, boolean useDefaultOnError,
- boolean debug)
+ long currentTime, boolean useDefaultOnError)
throws DirectoryException
{
this.userEntry = userEntry;
this.updateEntry = updateEntry;
- this.debug = debug;
this.currentTime = currentTime;
userDNString = userEntry.getDN().toString();
passwordPolicy = getPasswordPolicyInternal(this.userEntry,
- useDefaultOnError, this.debug);
+ useDefaultOnError);
// Get the password changed time for the user.
AttributeType type
@@ -266,7 +255,7 @@
{
passwordChangedTime = 0;
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Could not determine password changed time for " +
"user %s.", userDNString);
@@ -287,8 +276,6 @@
* @param useDefaultOnError Indicates whether the server should fall back to
* using the default password policy if there is a
* problem with the configured policy for the user.
- * @param debug Indicates whether to enable debugging for the
- * operations performed.
*
* @return The password policy for the user.
*
@@ -296,7 +283,7 @@
* determine the password policy for the user.
*/
private static PasswordPolicy getPasswordPolicyInternal(Entry userEntry,
- boolean useDefaultOnError, boolean debug)
+ boolean useDefaultOnError)
throws DirectoryException
{
String userDNString = userEntry.getDN().toString();
@@ -323,7 +310,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugError("Could not parse password policy subentry " +
"DN %s for user %s: %s",
@@ -348,7 +335,7 @@
PasswordPolicy policy = DirectoryServer.getPasswordPolicy(subentryDN);
if (policy == null)
{
- if (debug)
+ if (debugEnabled())
{
TRACER.debugError("Password policy subentry %s for user %s " +
"is not defined in the Directory Server.",
@@ -369,27 +356,21 @@
}
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Using password policy subentry %s for user %s.",
- String.valueOf(subentryDN), userDNString);
- }
- }
+ TRACER.debugInfo("Using password policy subentry %s for user %s.",
+ String.valueOf(subentryDN), userDNString);
+ }
return policy;
}
}
// There is no policy subentry defined: use the default.
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Using the default password policy for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Using the default password policy for user %s",
+ userDNString);
}
return DirectoryServer.getDefaultPasswordPolicy();
@@ -421,24 +402,21 @@
}
}
- if (debug)
+ if (stringValue == null)
{
- if (stringValue == null)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning null because attribute %s does not " +
- "exist in user entry %s",
- attributeType.getNameOrOID(), userDNString);
- }
+ TRACER.debugInfo("Returning null because attribute %s does not " +
+ "exist in user entry %s",
+ attributeType.getNameOrOID(), userDNString);
}
- else
+ }
+ else
+ {
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning value %s for user %s",
- stringValue, userDNString);
- }
+ TRACER.debugInfo("Returning value %s for user %s",
+ stringValue, userDNString);
}
}
@@ -482,14 +460,11 @@
if (debugEnabled())
{
TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
- if (debug)
- {
TRACER.debugWarning("Unable to decode value %s for attribute %s " +
- "in user entry %s: %s",
- v.getStringValue(), attributeType.getNameOrOID(),
- userDNString, stackTraceToSingleLineString(e));
+ "in user entry %s: %s",
+ v.getStringValue(), attributeType.getNameOrOID(),
+ userDNString, stackTraceToSingleLineString(e));
}
Message message = ERR_PWPSTATE_CANNOT_DECODE_GENERALIZED_TIME.
@@ -502,19 +477,16 @@
}
}
- if (debug)
+ if (timeValue == -1)
{
- if (timeValue == -1)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning -1 because attribute %s does not " +
- "exist in user entry %s",
- attributeType.getNameOrOID(), userDNString);
- }
+ TRACER.debugInfo("Returning -1 because attribute %s does not " +
+ "exist in user entry %s",
+ attributeType.getNameOrOID(), userDNString);
}
- // FIXME: else to be consistent...
}
+ // FIXME: else to be consistent...
return timeValue;
}
@@ -556,14 +528,11 @@
if (debugEnabled())
{
TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
- if (debug)
- {
TRACER.debugWarning("Unable to decode value %s for attribute %s" +
- "in user entry %s: %s",
- v.getStringValue(), attributeType.getNameOrOID(),
- userDNString, stackTraceToSingleLineString(e));
+ "in user entry %s: %s",
+ v.getStringValue(), attributeType.getNameOrOID(),
+ userDNString, stackTraceToSingleLineString(e));
}
Message message = ERR_PWPSTATE_CANNOT_DECODE_GENERALIZED_TIME.
@@ -576,16 +545,13 @@
}
}
- if (debug)
+ if (timeValues.isEmpty())
{
- if (timeValues.isEmpty())
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning an empty list because attribute %s " +
- "does not exist in user entry %s",
- attributeType.getNameOrOID(), userDNString);
- }
+ TRACER.debugInfo("Returning an empty list because attribute %s " +
+ "does not exist in user entry %s",
+ attributeType.getNameOrOID(), userDNString);
}
}
return timeValues;
@@ -622,13 +588,10 @@
if (valueString.equals("true") || valueString.equals("yes") ||
valueString.equals("on") || valueString.equals("1"))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Attribute %s resolves to true for user entry " +
- "%s", attributeType.getNameOrOID(), userDNString);
- }
+ TRACER.debugInfo("Attribute %s resolves to true for user entry " +
+ "%s", attributeType.getNameOrOID(), userDNString);
}
return ConditionResult.TRUE;
@@ -637,42 +600,36 @@
if (valueString.equals("false") || valueString.equals("no") ||
valueString.equals("off") || valueString.equals("0"))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Attribute %s resolves to false for user " +
- "entry %s", attributeType.getNameOrOID(), userDNString);
- }
+ TRACER.debugInfo("Attribute %s resolves to false for user " +
+ "entry %s", attributeType.getNameOrOID(), userDNString);
}
return ConditionResult.FALSE;
}
- if (debug)
+ if(debugEnabled())
{
- TRACER.debugError("Unable to resolve value %s for attribute %s " +
- "in user entry %s as a Boolean.",
- valueString, attributeType.getNameOrOID(),
- userDNString);
+ TRACER.debugError("Unable to resolve value %s for attribute %s " +
+ "in user entry %s as a Boolean.",
+ valueString, attributeType.getNameOrOID(),
+ userDNString);
}
Message message = ERR_PWPSTATE_CANNOT_DECODE_BOOLEAN.get(
valueString, attributeType.getNameOrOID(), userDNString);
throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX,
- message);
+ message);
}
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning %s because attribute %s does not exist " +
- "in user entry %s",
- ConditionResult.UNDEFINED.toString(),
- attributeType.getNameOrOID(), userDNString);
- }
+ TRACER.debugInfo("Returning %s because attribute %s does not exist " +
+ "in user entry %s",
+ ConditionResult.UNDEFINED.toString(),
+ attributeType.getNameOrOID(), userDNString);
}
return ConditionResult.UNDEFINED;
@@ -759,13 +716,10 @@
*/
public void setPasswordChangedTime(long passwordChangedTime)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Setting password changed time for user %s to " +
- "current time of %d", userDNString, currentTime);
- }
+ TRACER.debugInfo("Setting password changed time for user %s to " +
+ "current time of %d", userDNString, currentTime);
}
// passwordChangedTime is computed in the constructor from values in the
@@ -811,13 +765,10 @@
*/
public void clearPasswordChangedTime()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing password changed time for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Clearing password changed time for user %s",
+ userDNString);
}
AttributeType type =
@@ -865,13 +816,10 @@
{
if (isDisabled != ConditionResult.UNDEFINED)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning stored result of %b for user %s",
- (isDisabled == ConditionResult.TRUE), userDNString);
- }
+ TRACER.debugInfo("Returning stored result of %b for user %s",
+ (isDisabled == ConditionResult.TRUE), userDNString);
}
return isDisabled == ConditionResult.TRUE;
@@ -891,7 +839,7 @@
}
isDisabled = ConditionResult.TRUE;
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("User %s is considered administratively " +
"disabled because an error occurred while attempting to make " +
@@ -905,26 +853,20 @@
if (isDisabled == ConditionResult.UNDEFINED)
{
isDisabled = ConditionResult.FALSE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("User %s is not administratively disabled since " +
- "the attribute \"%s\" is not present in the entry.",
- userDNString, OP_ATTR_ACCOUNT_DISABLED);
- }
+ TRACER.debugInfo("User %s is not administratively disabled since " +
+ "the attribute \"%s\" is not present in the entry.",
+ userDNString, OP_ATTR_ACCOUNT_DISABLED);
}
return false;
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("User %s %s administratively disabled.",
- userDNString,
- ((isDisabled == ConditionResult.TRUE) ? " is" : " is not"));
- }
+ TRACER.debugInfo("User %s %s administratively disabled.",
+ userDNString,
+ ((isDisabled == ConditionResult.TRUE) ? " is" : " is not"));
}
return isDisabled == ConditionResult.TRUE;
@@ -941,13 +883,10 @@
*/
public void setDisabled(boolean isDisabled)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updating user %s to set the disabled flag to %b",
- userDNString, isDisabled);
- }
+ TRACER.debugInfo("Updating user %s to set the disabled flag to %b",
+ userDNString, isDisabled);
}
@@ -1006,13 +945,10 @@
{
if (isAccountExpired != ConditionResult.UNDEFINED)
{
- if(debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning stored result of %b for user %s",
- (isAccountExpired == ConditionResult.TRUE), userDNString);
- }
+ TRACER.debugInfo("Returning stored result of %b for user %s",
+ (isAccountExpired == ConditionResult.TRUE), userDNString);
}
return isAccountExpired == ConditionResult.TRUE;
@@ -1034,7 +970,7 @@
}
isAccountExpired = ConditionResult.TRUE;
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("User %s is considered to have an expired " +
"account because an error occurred while attempting to make " +
@@ -1049,26 +985,20 @@
{
// The user does have an expiration time, but it hasn't arrived yet.
isAccountExpired = ConditionResult.FALSE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("The account for user %s is not expired because " +
- "the expiration time has not yet arrived.", userDNString);
- }
+ TRACER.debugInfo("The account for user %s is not expired because " +
+ "the expiration time has not yet arrived.", userDNString);
}
}
else if (accountExpirationTime >= 0)
{
// The user does have an expiration time, and it is in the past.
isAccountExpired = ConditionResult.TRUE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("The account for user %s is expired because the " +
- "expiration time in that account has passed.", userDNString);
- }
+ TRACER.debugInfo("The account for user %s is expired because the " +
+ "expiration time in that account has passed.", userDNString);
}
}
else
@@ -1076,14 +1006,11 @@
// The user doesn't have an expiration time in their entry, so it
// can't be expired.
isAccountExpired = ConditionResult.FALSE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("The account for user %s is not expired because " +
- "there is no expiration time in the user's entry.",
- userDNString);
- }
+ TRACER.debugInfo("The account for user %s is not expired because " +
+ "there is no expiration time in the user's entry.",
+ userDNString);
}
}
@@ -1126,13 +1053,10 @@
{
String timeStr = GeneralizedTimeSyntax.format(accountExpirationTime);
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Setting account expiration time for user %s to %s",
- userDNString, timeStr);
- }
+ TRACER.debugInfo("Setting account expiration time for user %s to %s",
+ userDNString, timeStr);
}
this.accountExpirationTime = accountExpirationTime;
@@ -1167,13 +1091,10 @@
*/
public void clearAccountExpirationTime()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing account expiration time for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Clearing account expiration time for user %s",
+ userDNString);
}
accountExpirationTime = -1;
@@ -1209,14 +1130,11 @@
{
if (authFailureTimes != null)
{
- if(debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning stored auth failure time list of %d " +
- "elements for user %s" +
- authFailureTimes.size(), userDNString);
- }
+ TRACER.debugInfo("Returning stored auth failure time list of %d " +
+ "elements for user %s" +
+ authFailureTimes.size(), userDNString);
}
return authFailureTimes;
@@ -1241,7 +1159,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Error while processing auth failure times " +
"for user %s: %s",
@@ -1265,14 +1183,11 @@
if (authFailureTimes.isEmpty())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning an empty auth failure time list for " +
- "user %s because the attribute is absent from the entry.",
- userDNString);
- }
+ TRACER.debugInfo("Returning an empty auth failure time list for " +
+ "user %s because the attribute is absent from the entry.",
+ userDNString);
}
return authFailureTimes;
@@ -1291,13 +1206,10 @@
long l = iterator.next();
if (l < expirationTime)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Removing expired auth failure time %d for " +
- "user %s", l, userDNString);
- }
+ TRACER.debugInfo("Removing expired auth failure time %d for " +
+ "user %s", l, userDNString);
}
iterator.remove();
@@ -1345,13 +1257,10 @@
}
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning auth failure time list of %d elements " +
- "for user %s", authFailureTimes.size(), userDNString);
- }
+ TRACER.debugInfo("Returning auth failure time list of %d elements " +
+ "for user %s", authFailureTimes.size(), userDNString);
}
return authFailureTimes;
@@ -1371,13 +1280,10 @@
return;
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updating authentication failure times for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Updating authentication failure times for user %s",
+ userDNString);
}
@@ -1440,13 +1346,10 @@
if ((lockoutCount > 0) && (lockoutCount <= authFailureTimes.size()))
{
setFailureLockedTime(highestFailureTime);
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Locking user account %s due to too many failures.",
- userDNString);
- }
+ TRACER.debugInfo("Locking user account %s due to too many failures.",
+ userDNString);
}
}
}
@@ -1507,13 +1410,10 @@
if ((lockoutCount > 0) && (lockoutCount <= authFailureTimes.size()))
{
setFailureLockedTime(highestFailureTime);
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Locking user account %s due to too many failures.",
- userDNString);
- }
+ TRACER.debugInfo("Locking user account %s due to too many failures.",
+ userDNString);
}
}
}
@@ -1526,13 +1426,10 @@
*/
private void clearAuthFailureTimes()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing authentication failure times for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Clearing authentication failure times for user %s",
+ userDNString);
}
List<Long> failureTimes = getAuthFailureTimes();
@@ -1596,7 +1493,7 @@
}
failureLockedTime = currentTime;
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Returning current time for user %s because an " +
"error occurred: %s",
@@ -1659,13 +1556,10 @@
*/
private void clearFailureLockedTime()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing failure lockout time for user %s.",
- userDNString);
- }
+ TRACER.debugInfo("Clearing failure lockout time for user %s.",
+ userDNString);
}
if (-1L == getFailureLockedTime())
@@ -1719,13 +1613,10 @@
final int maxFailures = passwordPolicy.getLockoutFailureCount();
if (maxFailures <= 0)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false for user %s because lockout due " +
- "to failures is not enabled.", userDNString);
- }
+ TRACER.debugInfo("Returning false for user %s because lockout due " +
+ "to failures is not enabled.", userDNString);
}
return false;
@@ -1750,13 +1641,10 @@
// failure times might have accumulated to trigger a lockout.
if (getAuthFailureTimes().size() < maxFailures)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false for user %s because there is " +
- "no locked time.", userDNString);
- }
+ TRACER.debugInfo("Returning false for user %s because there is " +
+ "no locked time.", userDNString);
}
return false;
@@ -1765,14 +1653,11 @@
// The account isn't locked but should be, so do so now.
setFailureLockedTime(currentTime);// FIXME: set to max(failureTimes)?
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Locking user %s because there were enough " +
- "existing failures even though there was no account locked time.",
- userDNString);
- }
+ TRACER.debugInfo("Locking user %s because there were enough " +
+ "existing failures even though there was no account locked time.",
+ userDNString);
}
// Fall through...
}
@@ -1786,14 +1671,11 @@
{
secondsUntilUnlock = (int) ((unlockTime - currentTime) / 1000);
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true for user %s because there is a " +
- "locked time and the lockout duration has not been reached.",
- userDNString);
- }
+ TRACER.debugInfo("Returning true for user %s because there is a " +
+ "locked time and the lockout duration has not been reached.",
+ userDNString);
}
return true;
@@ -1802,27 +1684,21 @@
// The lockout in the entry has expired...
clearFailureLockout();
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false for user %s " +
- "because the existing lockout has expired.", userDNString);
- }
+ TRACER.debugInfo("Returning false for user %s " +
+ "because the existing lockout has expired.", userDNString);
}
assert -1L == getFailureLockedTime();
return false;
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true for user %s " +
- "because there is a locked time and no lockout duration.",
- userDNString);
- }
+ TRACER.debugInfo("Returning true for user %s " +
+ "because there is a locked time and no lockout duration.",
+ userDNString);
}
assert -1L <= getFailureLockedTime();
@@ -1875,13 +1751,10 @@
{
if (lastLoginTime != Long.MIN_VALUE)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning stored last login time of %d for " +
- "user %s.", lastLoginTime, userDNString);
- }
+ TRACER.debugInfo("Returning stored last login time of %d for " +
+ "user %s.", lastLoginTime, userDNString);
}
return lastLoginTime;
@@ -1895,13 +1768,10 @@
if ((type == null) || (format == null))
{
lastLoginTime = -1;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning -1 for user %s because no last login " +
- "time will be maintained.", userDNString);
- }
+ TRACER.debugInfo("Returning -1 for user %s because no last login " +
+ "time will be maintained.", userDNString);
}
return lastLoginTime;
@@ -1923,14 +1793,11 @@
SimpleDateFormat dateFormat = new SimpleDateFormat(format);
lastLoginTime = dateFormat.parse(valueString).getTime();
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning last login time of %d for user %s" +
- "decoded using current last login time format.",
- lastLoginTime, userDNString);
- }
+ TRACER.debugInfo("Returning last login time of %d for user %s" +
+ "decoded using current last login time format.",
+ lastLoginTime, userDNString);
}
return lastLoginTime;
@@ -1951,14 +1818,11 @@
SimpleDateFormat dateFormat = new SimpleDateFormat(f);
lastLoginTime = dateFormat.parse(valueString).getTime();
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning last login time of %d for " +
- "user %s decoded using previous last login time format " +
- "of %s.", lastLoginTime, userDNString, f);
- }
+ TRACER.debugInfo("Returning last login time of %d for " +
+ "user %s decoded using previous last login time format " +
+ "of %s.", lastLoginTime, userDNString, f);
}
return lastLoginTime;
@@ -1973,7 +1837,7 @@
}
assert lastLoginTime == -1;
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Returning -1 for user %s because the " +
"last login time value %s could not be parsed using any " +
@@ -1986,13 +1850,10 @@
}
assert lastLoginTime == -1;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning %d for user %s because no last " +
- "login time value exists.", lastLoginTime, userDNString);
- }
+ TRACER.debugInfo("Returning %d for user %s because no last " +
+ "login time value exists.", lastLoginTime, userDNString);
}
return lastLoginTime;
@@ -2041,7 +1902,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Unable to set last login time for user %s " +
"because an error occurred: %s",
@@ -2055,14 +1916,11 @@
String existingTimestamp = getValue(type);
if ((existingTimestamp != null) && timestamp.equals(existingTimestamp))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Not updating last login time for user %s " +
- "because the new value matches the existing value.",
- userDNString);
- }
+ TRACER.debugInfo("Not updating last login time for user %s " +
+ "because the new value matches the existing value.",
+ userDNString);
}
return;
@@ -2085,13 +1943,10 @@
modifications.add(new Modification(ModificationType.REPLACE, a, true));
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updated the last login time for user %s to %s",
- userDNString, timestamp);
- }
+ TRACER.debugInfo("Updated the last login time for user %s to %s",
+ userDNString, timestamp);
}
}
@@ -2103,12 +1958,9 @@
*/
public void clearLastLoginTime()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing last login time for user %s", userDNString);
- }
+ TRACER.debugInfo("Clearing last login time for user %s", userDNString);
}
lastLoginTime = -1;
@@ -2140,13 +1992,10 @@
{
if (isIdleLocked != ConditionResult.UNDEFINED)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning stored result of %b for user %s",
- (isIdleLocked == ConditionResult.TRUE), userDNString);
- }
+ TRACER.debugInfo("Returning stored result of %b for user %s",
+ (isIdleLocked == ConditionResult.TRUE), userDNString);
}
return isIdleLocked == ConditionResult.TRUE;
@@ -2158,15 +2007,11 @@
{
isIdleLocked = ConditionResult.FALSE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false for user %s because no idle " +
- "lockout interval is defined.", userDNString);
- }
+ TRACER.debugInfo("Returning false for user %s because no idle " +
+ "lockout interval is defined.", userDNString);
}
-
return false;
}
@@ -2178,44 +2023,38 @@
if (lastLoginTime > lockTime || passwordChangedTime > lockTime)
{
isIdleLocked = ConditionResult.FALSE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
+ StringBuilder reason = new StringBuilder();
+ if(lastLoginTime > lockTime)
{
- StringBuilder reason = new StringBuilder();
- if(lastLoginTime > lockTime)
- {
- reason.append("the last login time is in an acceptable window");
- }
- else
- {
- if(lastLoginTime < 0)
- {
- reason.append("there is no last login time, but ");
- }
- reason.append(
- "the password changed time is in an acceptable window");
- }
- TRACER.debugInfo("Returning false for user %s because %s.",
- userDNString, reason.toString());
+ reason.append("the last login time is in an acceptable window");
}
+ else
+ {
+ if(lastLoginTime < 0)
+ {
+ reason.append("there is no last login time, but ");
+ }
+ reason.append(
+ "the password changed time is in an acceptable window");
+ }
+ TRACER.debugInfo("Returning false for user %s because %s.",
+ userDNString, reason.toString());
}
}
else
{
isIdleLocked = ConditionResult.TRUE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- String reason = (lastLoginTime < 0)
- ? "there is no last login time and the password " +
- "changed time is not in an acceptable window"
- : "neither last login time nor password " +
- "changed time are in an acceptable window";
- TRACER.debugInfo("Returning true for user %s because %s.",
- userDNString, reason);
- }
+ String reason = (lastLoginTime < 0)
+ ? "there is no last login time and the password " +
+ "changed time is not in an acceptable window"
+ : "neither last login time nor password " +
+ "changed time are in an acceptable window";
+ TRACER.debugInfo("Returning true for user %s because %s.",
+ userDNString, reason);
}
}
@@ -2235,13 +2074,10 @@
{
if(mustChangePassword != ConditionResult.UNDEFINED)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning stored result of %b for user %s.",
- (mustChangePassword == ConditionResult.TRUE), userDNString);
- }
+ TRACER.debugInfo("Returning stored result of %b for user %s.",
+ (mustChangePassword == ConditionResult.TRUE), userDNString);
}
return mustChangePassword == ConditionResult.TRUE;
@@ -2258,16 +2094,13 @@
|| passwordPolicy.forceChangeOnReset())))
{
mustChangePassword = ConditionResult.FALSE;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false for user %s because neither " +
- "force change on add nor force change on reset is enabled, " +
- "or users are not allowed to self-modify passwords.",
- userDNString);
+ TRACER.debugInfo("Returning false for user %s because neither " +
+ "force change on add nor force change on reset is enabled, " +
+ "or users are not allowed to self-modify passwords.",
+ userDNString);
- }
}
return false;
@@ -2290,41 +2123,33 @@
if (debugEnabled())
{
TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
- mustChangePassword = ConditionResult.TRUE;
- if (debug)
- {
TRACER.debugWarning("Returning true for user %s because an error " +
"occurred: %s", userDNString, stackTraceToSingleLineString(e));
}
+ mustChangePassword = ConditionResult.TRUE;
+
return true;
}
if(mustChangePassword == ConditionResult.UNDEFINED)
{
mustChangePassword = ConditionResult.FALSE;
- if(debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning %b for user since the attribute \"%s\"" +
- " is not present in the entry.",
- false, userDNString, OP_ATTR_PWPOLICY_RESET_REQUIRED);
- }
+ TRACER.debugInfo("Returning %b for user since the attribute \"%s\"" +
+ " is not present in the entry.",
+ false, userDNString, OP_ATTR_PWPOLICY_RESET_REQUIRED);
}
return false;
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning %b for user %s.",
- (mustChangePassword == ConditionResult.TRUE), userDNString);
- }
+ TRACER.debugInfo("Returning %b for user %s.",
+ (mustChangePassword == ConditionResult.TRUE), userDNString);
}
return mustChangePassword == ConditionResult.TRUE;
@@ -2341,13 +2166,10 @@
*/
public void setMustChangePassword(boolean mustChangePassword)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updating user %s to set the reset flag to %b",
- userDNString, mustChangePassword);
- }
+ TRACER.debugInfo("Updating user %s to set the reset flag to %b",
+ userDNString, mustChangePassword);
}
if (mustChangePassword == mustChangePassword())
@@ -2416,13 +2238,10 @@
// attribute.
if (passwordPolicy.getMaximumPasswordResetAge() <= 0)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false for user %s because there is no " +
- "maximum reset age.", userDNString);
- }
+ TRACER.debugInfo("Returning false for user %s because there is no " +
+ "maximum reset age.", userDNString);
}
return false;
@@ -2430,13 +2249,10 @@
if (! mustChangePassword())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false for user %s because the user's " +
- "password has not been reset.", userDNString);
- }
+ TRACER.debugInfo("Returning false for user %s because the user's " +
+ "password has not been reset.", userDNString);
}
return false;
@@ -2446,13 +2262,10 @@
(1000L * passwordPolicy.getMaximumPasswordResetAge());
boolean locked = (maxResetTime < currentTime);
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning %b for user %s after comparing the " +
- "current and max reset times.", locked, userDNString);
- }
+ TRACER.debugInfo("Returning %b for user %s after comparing the " +
+ "current and max reset times.", locked, userDNString);
}
return locked;
@@ -2642,13 +2455,10 @@
}
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning password expiration time of %d for user " +
- "%s.", passwordExpirationTime, userDNString);
- }
+ TRACER.debugInfo("Returning password expiration time of %d for user " +
+ "%s.", passwordExpirationTime, userDNString);
}
return passwordExpirationTime;
@@ -2691,12 +2501,9 @@
if (minAge <= 0)
{
// There is no minimum age, so the user isn't in it.
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because there is no minimum age.");
- }
+ TRACER.debugInfo("Returning false because there is no minimum age.");
}
return false;
@@ -2704,13 +2511,10 @@
else if ((passwordChangedTime + (minAge*1000L)) < currentTime)
{
// It's been long enough since the user changed their password.
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the minimum age has " +
- "expired.");
- }
+ TRACER.debugInfo("Returning false because the minimum age has " +
+ "expired.");
}
return false;
@@ -2718,13 +2522,10 @@
else if (mustChangePassword())
{
// The user is in a must-change mode, so the minimum age doesn't apply.
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the account is in a " +
- "must-change state.");
- }
+ TRACER.debugInfo("Returning false because the account is in a " +
+ "must-change state.");
}
return false;
@@ -2732,12 +2533,9 @@
else
{
// The user is within the minimum age.
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true.");
- }
+ TRACER.debugInfo("Returning true.");
}
return true;
@@ -2849,13 +2647,10 @@
{
if (requiredChangeTime != Long.MIN_VALUE)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning stored required change time of %d for " +
- "user %s", requiredChangeTime, userDNString);
- }
+ TRACER.debugInfo("Returning stored required change time of %d for " +
+ "user %s", requiredChangeTime, userDNString);
}
return requiredChangeTime;
@@ -2876,7 +2671,7 @@
}
requiredChangeTime = -1;
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Returning %d for user %s because an error " +
"occurred: %s", requiredChangeTime, userDNString,
@@ -2886,13 +2681,10 @@
return requiredChangeTime;
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning required change time of %d for user %s",
- requiredChangeTime, userDNString);
- }
+ TRACER.debugInfo("Returning required change time of %d for user %s",
+ requiredChangeTime, userDNString);
}
return requiredChangeTime;
@@ -2924,13 +2716,10 @@
*/
public void setRequiredChangeTime(long requiredChangeTime)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updating required change time for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Updating required change time for user %s",
+ userDNString);
}
if (getRequiredChangeTime() != requiredChangeTime)
@@ -2968,13 +2757,10 @@
*/
public void clearRequiredChangeTime()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing required change time for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Clearing required change time for user %s",
+ userDNString);
}
AttributeType type = DirectoryServer.getAttributeType(
@@ -3016,7 +2802,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Unable to decode the warned time for user %s: " +
"%s", userDNString, stackTraceToSingleLineString(e));
@@ -3027,13 +2813,10 @@
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning a warned time of %d for user %s",
- warnedTime, userDNString);
- }
+ TRACER.debugInfo("Returning a warned time of %d for user %s",
+ warnedTime, userDNString);
}
return warnedTime;
@@ -3063,14 +2846,11 @@
long warnTime = getWarnedTime();
if (warnTime == warnedTime)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Not updating warned time for user %s because " +
- "the warned time is the same as the specified time.",
- userDNString);
- }
+ TRACER.debugInfo("Not updating warned time for user %s because " +
+ "the warned time is the same as the specified time.",
+ userDNString);
}
return;
@@ -3096,12 +2876,9 @@
modifications.add(new Modification(ModificationType.REPLACE, a, true));
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updated the warned time for user %s", userDNString);
- }
+ TRACER.debugInfo("Updated the warned time for user %s", userDNString);
}
}
@@ -3112,12 +2889,9 @@
*/
public void clearWarnedTime()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing warned time for user %s", userDNString);
- }
+ TRACER.debugInfo("Clearing warned time for user %s", userDNString);
}
if (getWarnedTime() < 0)
@@ -3138,12 +2912,9 @@
modifications.add(new Modification(ModificationType.REPLACE, a, true));
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Cleared the warned time for user %s", userDNString);
- }
+ TRACER.debugInfo("Cleared the warned time for user %s", userDNString);
}
}
@@ -3179,7 +2950,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Error while processing grace login times " +
"for user %s: %s",
@@ -3201,13 +2972,10 @@
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning grace login times for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Returning grace login times for user %s",
+ userDNString);
}
return graceLoginTimes;
@@ -3241,16 +3009,12 @@
*/
public void updateGraceLoginTimes()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updating grace login times for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Updating grace login times for user %s",
+ userDNString);
}
-
List<Long> graceTimes = getGraceLoginTimes();
long highestGraceTime = -1;
for (Long l : graceTimes)
@@ -3321,17 +3085,12 @@
return;
}
-
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updating grace login times for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Updating grace login times for user %s",
+ userDNString);
}
-
AttributeType type =
DirectoryServer.getAttributeType(OP_ATTR_PWPOLICY_GRACE_LOGIN_TIME_LC,
true);
@@ -3364,13 +3123,10 @@
*/
public void clearGraceLoginTimes()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing grace login times for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Clearing grace login times for user %s",
+ userDNString);
}
List<Long> graceTimes = getGraceLoginTimes();
@@ -3450,7 +3206,7 @@
: DirectoryServer.getPasswordStorageScheme(schemeName);
if (scheme == null)
{
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("User entry %s contains a password with " +
"scheme %s that is not defined in the server.",
@@ -3478,7 +3234,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Cannot get clear password value foruser %s: " +
"%s", userDNString, e);
@@ -3507,14 +3263,11 @@
userEntry.getAttribute(passwordPolicy.getPasswordAttribute());
if ((attrList == null) || attrList.isEmpty())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because user %s does not have " +
- "any values for password attribute %s", userDNString,
- passwordPolicy.getPasswordAttribute().getNameOrOID());
- }
+ TRACER.debugInfo("Returning false because user %s does not have " +
+ "any values for password attribute %s", userDNString,
+ passwordPolicy.getPasswordAttribute().getNameOrOID());
}
return false;
@@ -3551,7 +3304,7 @@
: DirectoryServer.getPasswordStorageScheme(schemeName);
if (scheme == null)
{
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("User entry %s contains a password with " +
"scheme %s that is not defined in the server.",
@@ -3569,14 +3322,11 @@
new ASN1OctetString(pwComponents[1].toString()));
if (passwordMatches)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true for user %s because the " +
- "provided password matches a value encoded with scheme %s",
- userDNString, schemeName);
- }
+ TRACER.debugInfo("Returning true for user %s because the " +
+ "provided password matches a value encoded with scheme %s",
+ userDNString, schemeName);
}
return true;
@@ -3589,7 +3339,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("An error occurred while attempting to " +
"process a password value for user %s: %s",
@@ -3600,14 +3350,11 @@
}
// If we've gotten here, then we couldn't find a match.
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the provided password does " +
- "not match any of the stored password values for user %s",
- userDNString);
- }
+ TRACER.debugInfo("Returning false because the provided password does " +
+ "not match any of the stored password values for user %s",
+ userDNString);
}
return false;
@@ -3706,28 +3453,22 @@
if (! validator.passwordIsAcceptable(newPassword, currentPasswords,
operation, userEntry, invalidReason))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("The password provided for user %s failed " +
- "the %s password validator.",
- userDNString, validatorDN.toString());
- }
+ TRACER.debugInfo("The password provided for user %s failed " +
+ "the %s password validator.",
+ userDNString, validatorDN.toString());
}
return false;
}
else
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("The password provided for user %s passed " +
- "the %s password validator.",
- userDNString, validatorDN.toString());
- }
+ TRACER.debugInfo("The password provided for user %s passed " +
+ "the %s password validator.",
+ userDNString, validatorDN.toString());
}
}
}
@@ -3748,13 +3489,10 @@
{
if (passwordPolicy.getDefaultStorageSchemes().isEmpty())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Doing nothing for user %s because no " +
- "deprecated storage schemes have been defined.", userDNString);
- }
+ TRACER.debugInfo("Doing nothing for user %s because no " +
+ "deprecated storage schemes have been defined.", userDNString);
}
return;
@@ -3765,13 +3503,10 @@
List<Attribute> attrList = userEntry.getAttribute(type);
if ((attrList == null) || attrList.isEmpty())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Doing nothing for entry %s because no password " +
- "values were found.", userDNString);
- }
+ TRACER.debugInfo("Doing nothing for entry %s because no password " +
+ "values were found.", userDNString);
}
return;
@@ -3818,7 +3553,7 @@
: DirectoryServer.getPasswordStorageScheme(schemeName);
if (scheme == null)
{
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Skipping password value for user %s " +
"because the associated storage scheme %s is not " +
@@ -3843,13 +3578,10 @@
}
else if (passwordPolicy.isDeprecatedStorageScheme(schemeName))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Marking password with scheme %s for " +
- "removal from user entry %s.", schemeName, userDNString);
- }
+ TRACER.debugInfo("Marking password with scheme %s for " +
+ "removal from user entry %s.", schemeName, userDNString);
}
iterator.remove();
@@ -3866,14 +3598,11 @@
if (debugEnabled())
{
TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
- if (debug)
- {
TRACER.debugWarning("Skipping password value for user %s because " +
"an error occurred while attempting to decode it based on " +
"the user password syntax: %s",
- userDNString, stackTraceToSingleLineString(e));
+ userDNString, stackTraceToSingleLineString(e));
}
}
}
@@ -3881,13 +3610,10 @@
if (removedValues.isEmpty())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("User entry %s does not have any password values " +
- "encoded using deprecated schemes.", userDNString);
- }
+ TRACER.debugInfo("User entry %s does not have any password values " +
+ "encoded using deprecated schemes.", userDNString);
}
return;
@@ -3917,7 +3643,7 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Unable to encode password for user %s using " +
"default scheme %s: %s",
@@ -3930,7 +3656,7 @@
if (updatedValues.isEmpty())
{
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Not updating user entry %s because removing " +
"deprecated schemes would leave the user without a password.",
@@ -3958,14 +3684,11 @@
}
}
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Updating user entry %s to replace password values " +
- "encoded with deprecated schemes with values encoded " +
- "with the default schemes.", userDNString);
- }
+ TRACER.debugInfo("Updating user entry %s to replace password values " +
+ "encoded with deprecated schemes with values encoded " +
+ "with the default schemes.", userDNString);
}
}
@@ -4000,13 +3723,10 @@
{
if (! maintainHistory())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because password history " +
- "checking is disabled.");
- }
+ TRACER.debugInfo("Returning false because password history " +
+ "checking is disabled.");
}
// Password history checking is disabled, so we don't care if it is in the
@@ -4019,13 +3739,10 @@
// passwords. If so, then we'll consider it to be in the history.
if (passwordMatches(password))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true because the provided password " +
- "is currently in use.");
- }
+ TRACER.debugInfo("Returning true because the provided password " +
+ "is currently in use.");
}
return true;
@@ -4073,13 +3790,10 @@
{
if (historyValueMatches(password, v))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true because the password is in " +
- "the history.");
- }
+ TRACER.debugInfo("Returning true because the password is in " +
+ "the history.");
}
return true;
@@ -4088,13 +3802,10 @@
// If we've gotten here, then the password isn't in the history.
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the password isn't in the " +
- "history.");
- }
+ TRACER.debugInfo("Returning false because the password isn't in the " +
+ "history.");
}
return false;
@@ -4128,14 +3839,11 @@
int hashPos = histStr.indexOf('#');
if (hashPos <= 0)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Found value " + histStr + " in the " +
- "history with no timestamp. Marking it " +
- "for removal.");
- }
+ TRACER.debugInfo("Found value " + histStr + " in the " +
+ "history with no timestamp. Marking it " +
+ "for removal.");
}
LinkedHashSet<AttributeValue> values =
@@ -4162,12 +3870,9 @@
{
TRACER.debugCaught(DebugLogLevel.ERROR, e);
- if (debug)
- {
- TRACER.debugInfo("Could not decode the timestamp in " +
- "history value " + histStr + " -- " + e +
- ". Marking it for removal.");
- }
+ TRACER.debugInfo("Could not decode the timestamp in " +
+ "history value " + histStr + " -- " + e +
+ ". Marking it for removal.");
}
LinkedHashSet<AttributeValue> values =
@@ -4212,13 +3917,10 @@
int hashPos1 = histStr.indexOf('#');
if (hashPos1 <= 0)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the password history " +
- "value didn't include any hash characters.");
- }
+ TRACER.debugInfo("Returning false because the password history " +
+ "value didn't include any hash characters.");
}
return false;
@@ -4227,13 +3929,10 @@
int hashPos2 = histStr.indexOf('#', hashPos1+1);
if (hashPos2 < 0)
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the password history " +
- "value only had one hash character.");
- }
+ TRACER.debugInfo("Returning false because the password history " +
+ "value only had one hash character.");
}
return false;
@@ -4251,26 +3950,20 @@
if (scheme.authPasswordMatches(password, authPWComponents[1].toString(),
authPWComponents[2].toString()))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true because the auth password " +
- "history value matched.");
- }
+ TRACER.debugInfo("Returning true because the auth password " +
+ "history value matched.");
}
return true;
}
else
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the auth password " +
- "history value did not match.");
- }
+ TRACER.debugInfo("Returning false because the auth password " +
+ "history value did not match.");
}
return false;
@@ -4286,26 +3979,20 @@
if (scheme.passwordMatches(password,
new ASN1OctetString(userPWComponents[1])))
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning true because the user password " +
- "history value matched.");
- }
+ TRACER.debugInfo("Returning true because the user password " +
+ "history value matched.");
}
return true;
}
else
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the user password " +
- "history value did not match.");
- }
+ TRACER.debugInfo("Returning false because the user password " +
+ "history value did not match.");
}
return false;
@@ -4313,14 +4000,11 @@
}
else
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Returning false because the syntax OID " +
- syntaxOID + " didn't match for either the auth " +
- "or user password syntax.");
- }
+ TRACER.debugInfo("Returning false because the syntax OID " +
+ syntaxOID + " didn't match for either the auth " +
+ "or user password syntax.");
}
return false;
@@ -4332,7 +4016,7 @@
{
TRACER.debugCaught(DebugLogLevel.ERROR, e);
- if (debug)
+ if (debugEnabled())
{
TRACER.debugInfo("Returning false because of an exception: " +
stackTraceToSingleLineString(e));
@@ -4380,13 +4064,10 @@
{
if (! maintainHistory())
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Not doing anything because password history " +
- "maintenance is disabled.");
- }
+ TRACER.debugInfo("Not doing anything because password history " +
+ "maintenance is disabled.");
}
return;
@@ -4419,13 +4100,10 @@
iterator.remove();
numToDelete--;
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Removing history value " + v.getStringValue() +
- " to preserve the history count.");
- }
+ TRACER.debugInfo("Removing history value " + v.getStringValue() +
+ " to preserve the history count.");
}
}
@@ -4455,13 +4133,10 @@
removeValues.add(v);
iterator.remove();
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Removing history value " + v.getStringValue() +
- " to preserve the history duration.");
- }
+ TRACER.debugInfo("Removing history value " + v.getStringValue() +
+ " to preserve the history duration.");
}
}
else
@@ -4497,12 +4172,9 @@
new Attribute(historyType, historyType.getPrimaryName(),
newHistValues);
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Going to add history value " + newHistStr);
- }
+ TRACER.debugInfo("Going to add history value " + newHistStr);
}
@@ -4567,12 +4239,9 @@
*/
public void clearPasswordHistory()
{
- if (debug)
+ if (debugEnabled())
{
- if (debugEnabled())
- {
- TRACER.debugInfo("Clearing password history for user %s", userDNString);
- }
+ TRACER.debugInfo("Clearing password history for user %s", userDNString);
}
AttributeType type = DirectoryServer.getAttributeType(
@@ -4605,7 +4274,7 @@
PasswordGenerator generator = passwordPolicy.getPasswordGenerator();
if (generator == null)
{
- if (debug)
+ if (debugEnabled())
{
TRACER.debugWarning("Unable to generate a new password for user " +
"%s because no password generator has been defined in the " +
--
Gitblit v1.10.0