From c9da9e4bd4a115a646dfb846972126ca8eef1158 Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Thu, 18 Aug 2011 17:43:22 +0000
Subject: [PATCH] Initial checkpoint of work for OPENDJ-262: Implement pass through authentication (PTA)
---
opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java | 25 ++++++++++++++-----------
1 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
index f3f4534..1ebbb1d 100644
--- a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
+++ b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
@@ -613,7 +613,9 @@
// make sure that's OK.
if (oldPassword == null)
{
- if (selfChange && pwPolicyState.getPolicy().requireCurrentPassword())
+ if (selfChange
+ && pwPolicyState.getPolicy()
+ .isPasswordChangeRequiresCurrentPassword())
{
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
@@ -635,7 +637,7 @@
}
else
{
- if (pwPolicyState.getPolicy().requireSecureAuthentication() &&
+ if (pwPolicyState.getPolicy().isRequireSecureAuthentication() &&
(! operation.getClientConnection().isSecure()))
{
operation.setResultCode(ResultCode.CONFIDENTIALITY_REQUIRED);
@@ -673,7 +675,7 @@
// If it is a self password change and we don't allow that, then reject
// the request.
if (selfChange &&
- (! pwPolicyState.getPolicy().allowUserPasswordChanges()))
+ (! pwPolicyState.getPolicy().isAllowUserPasswordChanges()))
{
if (pwPolicyRequested)
{
@@ -695,7 +697,7 @@
// If we require secure password changes and the connection isn't secure,
// then reject the request.
- if (pwPolicyState.getPolicy().requireSecurePasswordChanges() &&
+ if (pwPolicyState.getPolicy().isRequireSecurePasswordChanges() &&
(! operation.getClientConnection().isSecure()))
{
@@ -732,7 +734,7 @@
// If the user's password is expired and it's a self-change request, then
// see if that's OK.
if ((selfChange && pwPolicyState.isPasswordExpired() &&
- (! pwPolicyState.getPolicy().allowExpiredPasswordChanges())))
+ (! pwPolicyState.getPolicy().isAllowExpiredPasswordChanges())))
{
if (pwPolicyRequested)
{
@@ -798,7 +800,7 @@
// by an internal operation or during synchronization, so we don't
// need to check for those cases.
isPreEncoded = true;
- if (! pwPolicyState.getPolicy().allowPreEncodedPasswords())
+ if (! pwPolicyState.getPolicy().isAllowPreEncodedPasswords())
{
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
@@ -810,8 +812,9 @@
else
{
// Run the new password through the set of password validators.
- if (selfChange ||
- (! pwPolicyState.getPolicy().skipValidationForAdministrators()))
+ if (selfChange
+ || (!pwPolicyState.getPolicy()
+ .isSkipValidationForAdministrators()))
{
HashSet<ByteString> clearPasswords;
if (oldPassword == null)
@@ -864,7 +867,7 @@
if (pwPolicyState.isPasswordInHistory(newPassword))
{
if (selfChange || (! pwPolicyState.getPolicy().
- skipValidationForAdministrators()))
+ isSkipValidationForAdministrators()))
{
operation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
@@ -923,7 +926,7 @@
Set<AttributeValue> existingValues = pwPolicyState.getPasswordValues();
LinkedHashSet<AttributeValue> deleteValues =
new LinkedHashSet<AttributeValue>(existingValues.size());
- if (pwPolicyState.getPolicy().usesAuthPasswordSyntax())
+ if (pwPolicyState.getPolicy().isAuthPasswordSyntax())
{
for (AttributeValue v : existingValues)
{
@@ -1053,7 +1056,7 @@
else
{
pwPolicyState.setMustChangePassword(
- pwPolicyState.getPolicy().forceChangeOnReset());
+ pwPolicyState.getPolicy().isForceChangeOnReset());
}
--
Gitblit v1.10.0