From 2c7b8d6d8c0c177e8089272140dae66b87852ff7 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Tue, 17 Jul 2007 21:59:32 +0000
Subject: [PATCH] Implement support for password history functionality. The password history can be maintained either based on the number of previous passwords to remember (e.g., a user cannot re-use any of his/her last five passwords), or the length of time the previous passwords have been retained (e.g., a user cannot re-use any password he/she has had within the last 365 days), or both.
---
opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java | 28 ++++++++++++++++++++++++++++
1 files changed, 28 insertions(+), 0 deletions(-)
diff --git a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
index 47bfac2..2676af9 100644
--- a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
+++ b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
@@ -861,6 +861,7 @@
}
else
{
+ // Run the new password through the set of password validators.
if (selfChange ||
(! pwPolicyState.getPolicy().skipValidationForAdministrators()))
{
@@ -919,6 +920,33 @@
return;
}
}
+
+
+ // Prepare to update the password history, if necessary.
+ if (pwPolicyState.maintainHistory())
+ {
+ if (pwPolicyState.isPasswordInHistory(newPassword))
+ {
+ if (oldPassword == null)
+ {
+ operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
+
+ int msgID = MSGID_EXTOP_PASSMOD_PW_IN_HISTORY;
+ operation.appendErrorMessage(getMessage(msgID));
+ }
+ else
+ {
+ operation.setResultCode(ResultCode.INVALID_CREDENTIALS);
+
+ int msgID = MSGID_EXTOP_PASSMOD_PW_IN_HISTORY;
+ operation.appendAdditionalLogMessage(getMessage(msgID));
+ }
+ }
+ else
+ {
+ pwPolicyState.updatePasswordHistory();
+ }
+ }
}
}
--
Gitblit v1.10.0