Package org.ldaptive.auth.ext
Class ActiveDirectoryAuthenticationResponseHandler
java.lang.Object
org.ldaptive.auth.ext.ActiveDirectoryAuthenticationResponseHandler
- All Implemented Interfaces:
AuthenticationResponseHandler
public class ActiveDirectoryAuthenticationResponseHandler
extends Object
implements AuthenticationResponseHandler
Attempts to parse the authentication response message and set the account state using data associated with active
directory. If this handler is assigned a
expirationPeriod
, then the Authenticator
should be configured to return the 'pwdLastSet' attribute so it can be consumed by this handler. This will cause the
handler to emit a warning for the pwdLastSet value plus the expiration amount. The scope of that warning can be
further narrowed by providing a warningPeriod
. By default if the msDS-UserPasswordExpiryTimeComputed
attribute is found, expirationPeriod is ignored.-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionDefault constructor.Creates a new active directory authentication response handler.ActiveDirectoryAuthenticationResponseHandler
(Period expiration, Period warning) Creates a new active directory authentication response handler. -
Method Summary
Modifier and TypeMethodDescriptionReturns the amount of time since a password was set until it will expire.Returns the amount of time before expiration to produce a warning.void
handle
(AuthenticationResponse response) Handle the response from an ldap authentication.void
setExpirationPeriod
(Period period) Sets amount of time since a password was set until it will expire.void
setWarningPeriod
(Period period) Sets the amount of time before expiration to produce a warning.toString()
-
Field Details
-
ATTRIBUTES
Attributes needed to enforce password policy. -
expirationPeriod
Amount of time since a password was set until it will expire. Used if msDS-UserPasswordExpiryTimeComputed cannot be read. -
warningPeriod
Amount of time before expiration to produce a warning.
-
-
Constructor Details
-
ActiveDirectoryAuthenticationResponseHandler
public ActiveDirectoryAuthenticationResponseHandler()Default constructor. -
ActiveDirectoryAuthenticationResponseHandler
Creates a new active directory authentication response handler.- Parameters:
warning
- length of time before expiration that should produce a warning
-
ActiveDirectoryAuthenticationResponseHandler
Creates a new active directory authentication response handler.- Parameters:
expiration
- length of time that a password is validwarning
- length of time before expiration that should produce a warning
-
-
Method Details
-
handle
Description copied from interface:AuthenticationResponseHandler
Handle the response from an ldap authentication.- Specified by:
handle
in interfaceAuthenticationResponseHandler
- Parameters:
response
- produced from an authentication
-
getExpirationPeriod
Returns the amount of time since a password was set until it will expire.- Returns:
- expiration period
-
setExpirationPeriod
Sets amount of time since a password was set until it will expire.- Parameters:
period
- expiration period
-
getWarningPeriod
Returns the amount of time before expiration to produce a warning.- Returns:
- warning period
-
setWarningPeriod
Sets the amount of time before expiration to produce a warning.- Parameters:
period
- warning period
-
toString
-