Class ActiveDirectoryAuthenticationResponseHandler

java.lang.Object
org.ldaptive.auth.ext.ActiveDirectoryAuthenticationResponseHandler
All Implemented Interfaces:
AuthenticationResponseHandler

public class ActiveDirectoryAuthenticationResponseHandler extends Object implements AuthenticationResponseHandler
Attempts to parse the authentication response message and set the account state using data associated with active directory. If this handler is assigned a expirationPeriod, then the Authenticator should be configured to return the 'pwdLastSet' attribute so it can be consumed by this handler. This will cause the handler to emit a warning for the pwdLastSet value plus the expiration amount. The scope of that warning can be further narrowed by providing a warningPeriod. By default if the msDS-UserPasswordExpiryTimeComputed attribute is found, expirationPeriod is ignored.
  • Field Details

    • ATTRIBUTES

      public static final String[] ATTRIBUTES
      Attributes needed to enforce password policy.
    • expirationPeriod

      private Period expirationPeriod
      Amount of time since a password was set until it will expire. Used if msDS-UserPasswordExpiryTimeComputed cannot be read.
    • warningPeriod

      private Period warningPeriod
      Amount of time before expiration to produce a warning.
  • Constructor Details

    • ActiveDirectoryAuthenticationResponseHandler

      public ActiveDirectoryAuthenticationResponseHandler()
      Default constructor.
    • ActiveDirectoryAuthenticationResponseHandler

      public ActiveDirectoryAuthenticationResponseHandler(Period warning)
      Creates a new active directory authentication response handler.
      Parameters:
      warning - length of time before expiration that should produce a warning
    • ActiveDirectoryAuthenticationResponseHandler

      public ActiveDirectoryAuthenticationResponseHandler(Period expiration, Period warning)
      Creates a new active directory authentication response handler.
      Parameters:
      expiration - length of time that a password is valid
      warning - length of time before expiration that should produce a warning
  • Method Details

    • handle

      public void handle(AuthenticationResponse response)
      Description copied from interface: AuthenticationResponseHandler
      Handle the response from an ldap authentication.
      Specified by:
      handle in interface AuthenticationResponseHandler
      Parameters:
      response - produced from an authentication
    • getExpirationPeriod

      public Period getExpirationPeriod()
      Returns the amount of time since a password was set until it will expire.
      Returns:
      expiration period
    • setExpirationPeriod

      public void setExpirationPeriod(Period period)
      Sets amount of time since a password was set until it will expire.
      Parameters:
      period - expiration period
    • getWarningPeriod

      public Period getWarningPeriod()
      Returns the amount of time before expiration to produce a warning.
      Returns:
      warning period
    • setWarningPeriod

      public void setWarningPeriod(Period period)
      Sets the amount of time before expiration to produce a warning.
      Parameters:
      period - warning period
    • toString

      public String toString()
      Overrides:
      toString in class Object