public abstract class AuthenticationPolicy extends Object
Modifier | Constructor and Description |
---|---|
protected |
AuthenticationPolicy()
Creates a new abstract authentication policy.
|
Modifier and Type | Method and Description |
---|---|
AuthenticationPolicyState |
createAuthenticationPolicyState(Entry userEntry)
Returns the authentication policy state object for the provided user using the current time as the basis for all
time-based state logic (such as expiring passwords).
|
abstract AuthenticationPolicyState |
createAuthenticationPolicyState(Entry userEntry,
long time)
Returns an authentication policy state object for the provided user using the specified time as the basis for all
time-based state logic (such as expiring passwords).
|
void |
finalizeAuthenticationPolicy()
Performs any necessary work to finalize this authentication policy.
|
static AuthenticationPolicy |
forUser(Entry userEntry,
boolean useDefaultOnError)
Returns the authentication policy for the user provided user.
|
abstract Dn |
getDN()
Returns the name of the configuration entry associated with this authentication policy.
|
boolean |
isPasswordPolicy()
Returns
true if this authentication policy is a password policy and the methods
createAuthenticationPolicyState(Entry) and createAuthenticationPolicyState(Entry, long) will
return a PasswordPolicyState . |
protected AuthenticationPolicy()
public static AuthenticationPolicy forUser(Entry userEntry, boolean useDefaultOnError) throws LdapException
ds-pwp-password-policy-dn
attribute (whether real or virtual), then
the referenced authentication policy will be returned
userEntry
- The user entry.useDefaultOnError
- Indicates whether the server should fall back to using the default password policy if there is a
problem with the configured policy for the user.LdapException
- If a problem occurs while attempting to determine the password policy for the user.public abstract Dn getDN()
public boolean isPasswordPolicy()
true
if this authentication policy is a password policy and the methods
createAuthenticationPolicyState(Entry)
and createAuthenticationPolicyState(Entry, long)
will
return a PasswordPolicyState
.
The default implementation is to return false
.
true
if this authentication policy is a password policy, otherwise false
.public AuthenticationPolicyState createAuthenticationPolicyState(Entry userEntry) throws LdapException
The default implementation is to call createAuthenticationPolicyState(Entry, long)
with the current
time.
userEntry
- The user's entry.LdapException
- If a problem occurs while attempting to initialize the state object from the provided user entry.public abstract AuthenticationPolicyState createAuthenticationPolicyState(Entry userEntry, long time) throws LdapException
userEntry
- The user's entry.time
- The time since the epoch to use for all time-based state logic (such as expiring passwords).LdapException
- If a problem occurs while attempting to initialize the state object from the provided user entry.public void finalizeAuthenticationPolicy()
The default implementation is to do nothing.
Copyright 2010-2022 ForgeRock AS.