public abstract class AuthenticationPolicy extends Object
Modifier | Constructor and Description |
---|---|
protected |
AuthenticationPolicy()
Creates a new abstract authentication policy.
|
Modifier and Type | Method and Description |
---|---|
AuthenticationPolicyState |
createAuthenticationPolicyState(Entry userEntry)
Returns the authentication policy state object for the provided user using
the current time as the basis for all time-based state logic (such as
expiring passwords).
|
abstract AuthenticationPolicyState |
createAuthenticationPolicyState(Entry userEntry,
long time)
Returns an authentication policy state object for the provided user using
the specified time as the basis for all time-based state logic (such as
expiring passwords).
|
void |
finalizeAuthenticationPolicy()
Performs any necessary work to finalize this authentication policy.
|
static AuthenticationPolicy |
forUser(Entry userEntry,
boolean useDefaultOnError)
Returns the authentication policy for the user provided user.
|
abstract org.forgerock.opendj.ldap.Dn |
getDN()
Returns the name of the configuration entry associated with this
authentication policy.
|
boolean |
isPasswordPolicy()
Returns
true if this authentication policy is a password policy and
the methods createAuthenticationPolicyState(Entry) and
createAuthenticationPolicyState(Entry, long) will return a
PasswordPolicyState . |
protected AuthenticationPolicy()
public static AuthenticationPolicy forUser(Entry userEntry, boolean useDefaultOnError) throws DirectoryException
ds-pwp-password-policy-dn
attribute (whether real or virtual), then the referenced authentication
policy will be returned
userEntry
- The user entry.useDefaultOnError
- Indicates whether the server should fall back to using the default
password policy if there is a problem with the configured policy
for the user.DirectoryException
- If a problem occurs while attempting to determine the password
policy for the user.public abstract org.forgerock.opendj.ldap.Dn getDN()
public boolean isPasswordPolicy()
true
if this authentication policy is a password policy and
the methods createAuthenticationPolicyState(Entry)
and
createAuthenticationPolicyState(Entry, long)
will return a
PasswordPolicyState
.
The default implementation is to return false
.
true
if this authentication policy is a password policy,
otherwise false
.public AuthenticationPolicyState createAuthenticationPolicyState(Entry userEntry) throws DirectoryException
The default implementation is to call
createAuthenticationPolicyState(Entry, long)
with the current
time.
userEntry
- The user's entry.DirectoryException
- If a problem occurs while attempting to initialize the state
object from the provided user entry.public abstract AuthenticationPolicyState createAuthenticationPolicyState(Entry userEntry, long time) throws DirectoryException
userEntry
- The user's entry.time
- The time since the epoch to use for all time-based state logic
(such as expiring passwords).DirectoryException
- If a problem occurs while attempting to initialize the state
object from the provided user entry.public void finalizeAuthenticationPolicy()
The default implementation is to do nothing.
Copyright © 2010-2017 ForgeRock AS. All Rights Reserved.