Package org.ldaptive.auth.ext
Class FreeIPAAuthenticationResponseHandler
java.lang.Object
org.ldaptive.auth.ext.FreeIPAAuthenticationResponseHandler
- All Implemented Interfaces:
AuthenticationResponseHandler
public class FreeIPAAuthenticationResponseHandler
extends Object
implements AuthenticationResponseHandler
Attempts to parse the authentication response and set the account state using data associated with FreeIPA. The
Authenticator
should be configured to return 'krbPasswordExpiration',
'krbLoginFailedCount' and 'krbLastPwdChange' attributes so they can be consumed by this handler.-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String[]
Attributes needed to enforce password policy.private Period
Amount of time since a password was set until it will expire.protected final org.slf4j.Logger
Logger for this class.private int
Maximum number of login failures to allow.private Period
Amount of time before expiration to produce a warning. -
Constructor Summary
ConstructorsConstructorDescriptionDefault constructor.FreeIPAAuthenticationResponseHandler
(Period warning, int loginFailures) Creates a new freeipa authentication response handler.FreeIPAAuthenticationResponseHandler
(Period expiration, Period warning, int loginFailures) Creates a new freeipa authentication response handler. -
Method Summary
Modifier and TypeMethodDescriptionReturns the amount of time since a password was set until it will expire.int
Returns the maximum login failures.Returns the amount of time before expiration to produce a warning.void
handle
(AuthenticationResponse response) Handle the response from an ldap authentication.void
setExpirationPeriod
(Period period) Sets the amount of time since a password was set until it will expire.void
setMaxLoginFailures
(int loginFailures) Sets the maximum login failures.void
setWarningPeriod
(Period period) Sets the amount of time before expiration to produce a warning.toString()
-
Field Details
-
ATTRIBUTES
Attributes needed to enforce password policy. -
logger
protected final org.slf4j.Logger loggerLogger for this class. -
expirationPeriod
Amount of time since a password was set until it will expire. Used if krbPasswordExpiration cannot be read. -
warningPeriod
Amount of time before expiration to produce a warning. -
maxLoginFailures
private int maxLoginFailuresMaximum number of login failures to allow.
-
-
Constructor Details
-
FreeIPAAuthenticationResponseHandler
public FreeIPAAuthenticationResponseHandler()Default constructor. -
FreeIPAAuthenticationResponseHandler
Creates a new freeipa authentication response handler.- Parameters:
warning
- length of time before expiration that should produce a warningloginFailures
- number of login failures to allow
-
FreeIPAAuthenticationResponseHandler
Creates a new freeipa authentication response handler.- Parameters:
expiration
- length of time that a password is validwarning
- length of time before expiration that should produce a warningloginFailures
- number of login failures to allow
-
-
Method Details
-
handle
Description copied from interface:AuthenticationResponseHandler
Handle the response from an ldap authentication.- Specified by:
handle
in interfaceAuthenticationResponseHandler
- Parameters:
response
- produced from an authentication
-
getMaxLoginFailures
public int getMaxLoginFailures()Returns the maximum login failures.- Returns:
- maximum login failures before lockout.
-
setMaxLoginFailures
public void setMaxLoginFailures(int loginFailures) Sets the maximum login failures.- Parameters:
loginFailures
- before lockout.
-
getExpirationPeriod
Returns the amount of time since a password was set until it will expire. Only used if the krbPasswordExpiration attribute cannot be read from the directory.- Returns:
- expiration period
-
setExpirationPeriod
Sets the amount of time since a password was set until it will expire. Only used if the krbPasswordExpiration attribute cannot be read from the directory.- Parameters:
period
- expiration period
-
getWarningPeriod
Returns the amount of time before expiration to produce a warning.- Returns:
- warning period
-
setWarningPeriod
Sets the amount of time before expiration to produce a warning.- Parameters:
period
- warning period
-
toString
-