org.apache.directory.server.core.api.authn.ppolicy

Class PasswordPolicyConfiguration

java.lang.Object

org.apache.directory.server.core.api.authn.ppolicy.PasswordPolicyConfiguration

public class PasswordPolicyConfiguration
extends java.lang.Object

A simple pojo holding the password policy configuration base on this draft.

Field Summary

Fields

Modifier and Type	Field and Description
private boolean	pwdAllowUserChange indicates whether users can change their own passwords.
private java.lang.String	pwdAttribute The name of the attribute to which the password policy is applied.
private CheckQualityEnum	pwdCheckQuality indicates how the password quality will be verified while being modified or added.
private int	pwdExpireWarning the maximum number of seconds before a password is due to expire that expiration warning messages will be returned to an authenticating user.
private int	pwdFailureCountInterval the number of seconds after which the password failures are purged from the failure counter.
private int	pwdGraceAuthNLimit the number of times an expired password can be used to authenticate.
private int	pwdGraceExpire specifies the number of seconds the grace authentications are valid Default value is 0, no limit.
private int	pwdInHistory specifies the maximum number of used passwords stored in the pwdHistory attribute.
private boolean	pwdLockout flag to indicate if the account needs to be locked after a specified number of consecutive failed bind attempts.
private int	pwdLockoutDuration the number of seconds that the password cannot be used to authenticate due to too many failed bind attempts.
private int	pwdMaxAge holds the number of seconds after which a modified password will expire.
private int	pwdMaxDelay the maximum number of seconds to delay when responding to a failed authentication attempt.
private int	pwdMaxFailure the number of consecutive failed bind attempts after which the password may not be used to authenticate.
private int	pwdMaxIdle the number of seconds an account may remain unused before it becomes locked Default value is 0, no check for idle time.
private int	pwdMaxLength this attribute holds the maximum number of characters that may be used in a password.
private int	pwdMinAge holds the number of seconds that must elapse between modifications to the password.
private int	pwdMinDelay the number of seconds to delay responding to the first failed authentication attempt Default value 0, no delay.
private int	pwdMinLength this attribute holds the minimum number of characters that must be used in a password.
private boolean	pwdMustChange flag to indicate if the password must be changed by the user after they bind to the directory after a password is set or reset by a password administrator.
private boolean	pwdSafeModify flag to specify whether or not the existing password must be sent along with the new password when being changed.
private PasswordValidator	pwdValidator validator used for checking the quality of password

Constructor Summary

Constructors

Constructor and Description
PasswordPolicyConfiguration()

Method Summary

Modifier and Type	Method and Description
java.lang.String	getPwdAttribute()
CheckQualityEnum	getPwdCheckQuality()
int	getPwdExpireWarning()
int	getPwdFailureCountInterval()
int	getPwdGraceAuthNLimit()
int	getPwdGraceExpire()
int	getPwdInHistory()
int	getPwdLockoutDuration()
int	getPwdMaxAge()
int	getPwdMaxDelay()
int	getPwdMaxFailure()
int	getPwdMaxIdle()
int	getPwdMaxLength()
int	getPwdMinAge()
int	getPwdMinDelay()
int	getPwdMinLength()
PasswordValidator	getPwdValidator()
boolean	isPwdAllowUserChange()
boolean	isPwdLockout()
boolean	isPwdMustChange()
boolean	isPwdSafeModify()
void	setPwdAllowUserChange(boolean pwdAllowUserChange)
void	setPwdAttribute(java.lang.String pwdAttribute) Set the name of the attribute storing the password
void	setPwdCheckQuality(CheckQualityEnum pwdCheckQuality)
void	setPwdExpireWarning(int pwdExpireWarning)
void	setPwdFailureCountInterval(int pwdFailureCountInterval)
void	setPwdGraceAuthNLimit(int pwdGraceAuthNLimit)
void	setPwdGraceExpire(int pwdGraceExpire)
void	setPwdInHistory(int pwdInHistory)
void	setPwdLockout(boolean pwdLockout)
void	setPwdLockoutDuration(int pwdLockoutDuration)
void	setPwdMaxAge(int pwdMaxAge)
void	setPwdMaxDelay(int pwdMaxDelay)
void	setPwdMaxFailure(int pwdMaxFailure)
void	setPwdMaxIdle(int pwdMaxIdle)
void	setPwdMaxLength(int pwdMaxLength)
void	setPwdMinAge(int pwdMinAge)
void	setPwdMinDelay(int pwdMinDelay)
void	setPwdMinLength(int pwdMinLength)
void	setPwdMustChange(boolean pwdMustChange)
void	setPwdSafeModify(boolean pwdSafeModify)
void	setPwdValidator(PasswordValidator pwdValidator)
void	validate() validates the policy configuration and throws a LdapException if there are any errors

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

pwdAttribute

private java.lang.String pwdAttribute

The name of the attribute to which the password policy is applied. The default value is "userPassword"

pwdMinAge

private int pwdMinAge

holds the number of seconds that must elapse between modifications to the password. Default value is 0

pwdMaxAge

private int pwdMaxAge

holds the number of seconds after which a modified password will expire. Default value is 0, does not expire. If not 0, the value must be greater than or equal to the value of the pwdMinAge.

pwdInHistory

private int pwdInHistory

specifies the maximum number of used passwords stored in the pwdHistory attribute. Default value is 0, no password history maintained

pwdCheckQuality

private CheckQualityEnum pwdCheckQuality

indicates how the password quality will be verified while being modified or added. Default value NO_CHECK, do not check

pwdMinLength

private int pwdMinLength

this attribute holds the minimum number of characters that must be used in a password. Default value 0, no minimum length enforced

pwdMaxLength

private int pwdMaxLength

this attribute holds the maximum number of characters that may be used in a password. Default value 0, no maximum length enforced

pwdExpireWarning

private int pwdExpireWarning

the maximum number of seconds before a password is due to expire that expiration warning messages will be returned to an authenticating user. Default value is 0, never send a warning message.

pwdGraceAuthNLimit

private int pwdGraceAuthNLimit

the number of times an expired password can be used to authenticate. Default value is 0, do not allow a expired password for authentication.

pwdGraceExpire

private int pwdGraceExpire

specifies the number of seconds the grace authentications are valid Default value is 0, no limit.

pwdLockout

private boolean pwdLockout

flag to indicate if the account needs to be locked after a specified number of consecutive failed bind attempts. The maximum number of consecutive failed bind attempts is specified in pwdMaxFailure

pwdLockoutDuration

private int pwdLockoutDuration

the number of seconds that the password cannot be used to authenticate due to too many failed bind attempts. Default value is 300 seconds.

pwdMaxFailure

private int pwdMaxFailure

the number of consecutive failed bind attempts after which the password may not be used to authenticate. Default value is 0, no limit on the number of authentication failures

pwdFailureCountInterval

private int pwdFailureCountInterval

the number of seconds after which the password failures are purged from the failure counter. Default value is 0, reset all pwdFailureTimes after a successful authentication.

pwdMustChange

private boolean pwdMustChange

flag to indicate if the password must be changed by the user after they bind to the directory after a password is set or reset by a password administrator. Default value is false, no need to change the password by user.

pwdAllowUserChange

private boolean pwdAllowUserChange

indicates whether users can change their own passwords. Default value is true, allow change

pwdSafeModify

private boolean pwdSafeModify

flag to specify whether or not the existing password must be sent along with the new password when being changed. Default value is false.

pwdMinDelay

private int pwdMinDelay

the number of seconds to delay responding to the first failed authentication attempt Default value 0, no delay.

pwdMaxDelay

private int pwdMaxDelay

the maximum number of seconds to delay when responding to a failed authentication attempt.

pwdMaxIdle

private int pwdMaxIdle

the number of seconds an account may remain unused before it becomes locked Default value is 0, no check for idle time.

pwdValidator

private PasswordValidator pwdValidator

validator used for checking the quality of password

Constructor Detail

PasswordPolicyConfiguration

public PasswordPolicyConfiguration()

Method Detail

getPwdAttribute

public java.lang.String getPwdAttribute()

Returns:

The name of the attribute used to store the password

setPwdAttribute

public void setPwdAttribute(java.lang.String pwdAttribute)

Set the name of the attribute storing the password

Parameters:

pwdAttribute - The attribute's name

getPwdMinAge

public int getPwdMinAge()

Returns:

The time that should elapse before we can change the password

setPwdMinAge

public void setPwdMinAge(int pwdMinAge)

getPwdMaxAge

public int getPwdMaxAge()

setPwdMaxAge

public void setPwdMaxAge(int pwdMaxAge)

getPwdInHistory

public int getPwdInHistory()

setPwdInHistory

public void setPwdInHistory(int pwdInHistory)

getPwdCheckQuality

public CheckQualityEnum getPwdCheckQuality()

Returns:

The Password Check Quality

setPwdCheckQuality

public void setPwdCheckQuality(CheckQualityEnum pwdCheckQuality)

getPwdMinLength

public int getPwdMinLength()

setPwdMinLength

public void setPwdMinLength(int pwdMinLength)

getPwdMaxLength

public int getPwdMaxLength()

setPwdMaxLength

public void setPwdMaxLength(int pwdMaxLength)

getPwdExpireWarning

public int getPwdExpireWarning()

setPwdExpireWarning

public void setPwdExpireWarning(int pwdExpireWarning)

getPwdGraceAuthNLimit

public int getPwdGraceAuthNLimit()

setPwdGraceAuthNLimit

public void setPwdGraceAuthNLimit(int pwdGraceAuthNLimit)

getPwdGraceExpire

public int getPwdGraceExpire()

setPwdGraceExpire

public void setPwdGraceExpire(int pwdGraceExpire)

isPwdLockout

public boolean isPwdLockout()

setPwdLockout

public void setPwdLockout(boolean pwdLockout)

getPwdLockoutDuration

public int getPwdLockoutDuration()

setPwdLockoutDuration

public void setPwdLockoutDuration(int pwdLockoutDuration)

getPwdMaxFailure

public int getPwdMaxFailure()

setPwdMaxFailure

public void setPwdMaxFailure(int pwdMaxFailure)

getPwdFailureCountInterval

public int getPwdFailureCountInterval()

setPwdFailureCountInterval

public void setPwdFailureCountInterval(int pwdFailureCountInterval)

isPwdMustChange

public boolean isPwdMustChange()

setPwdMustChange

public void setPwdMustChange(boolean pwdMustChange)

isPwdAllowUserChange

public boolean isPwdAllowUserChange()

setPwdAllowUserChange

public void setPwdAllowUserChange(boolean pwdAllowUserChange)

isPwdSafeModify

public boolean isPwdSafeModify()

setPwdSafeModify

public void setPwdSafeModify(boolean pwdSafeModify)

getPwdMinDelay

public int getPwdMinDelay()

setPwdMinDelay

public void setPwdMinDelay(int pwdMinDelay)

getPwdMaxDelay

public int getPwdMaxDelay()

setPwdMaxDelay

public void setPwdMaxDelay(int pwdMaxDelay)

getPwdMaxIdle

public int getPwdMaxIdle()

setPwdMaxIdle

public void setPwdMaxIdle(int pwdMaxIdle)

getPwdValidator

public PasswordValidator getPwdValidator()

Returns:

the pwdValidator

setPwdValidator

public void setPwdValidator(PasswordValidator pwdValidator)

Parameters:

pwdValidator - the pwdValidator to set

validate

public void validate()
              throws org.apache.directory.api.ldap.model.exception.LdapException

validates the policy configuration and throws a LdapException if there are any errors

Throws:

org.apache.directory.api.ldap.model.exception.LdapException - if there are any errors in the configuration