Skip to content
Permalink
Browse files
cleanup password policy processing
  • Loading branch information
shawnmckinney committed Jun 24, 2021
1 parent 32d7dc1 commit 98429ffed8ee3fd2237dcdf4fd5f7ccc1e9f0d49
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 33 deletions.
@@ -30,11 +30,7 @@
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.directory.api.ldap.codec.api.LdapApiService;
import org.apache.directory.api.ldap.codec.osgi.DefaultLdapCodecService;
import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyResponse;
//import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicy;
import org.apache.directory.api.ldap.extras.controls.ppolicy_impl.PasswordPolicyResponseFactory;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
@@ -54,7 +50,6 @@
import org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException;
import org.apache.directory.api.ldap.model.message.BindResponse;
import org.apache.directory.api.ldap.model.message.Control;
import org.apache.directory.api.ldap.model.message.ResultCodeEnum;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.fortress.core.CfgException;
@@ -76,7 +71,6 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import static org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyErrorEnum.*;
import static org.apache.directory.fortress.core.impl.RoleDAO.IS_RFC2307;


@@ -840,13 +834,8 @@ Session checkPassword( User user ) throws FinderException, PasswordException
session.setErrorId( GlobalErrIds.USER_PW_INVLD );
}

//PasswordPolicy respCtrl = getPwdRespCtrl( bindResponse );
PasswordPolicyResponse respCtrl = getPwdRespCtrl( bindResponse );
if ( respCtrl != null )
{
// check IETF password policies here
checkPwPolicies( session, respCtrl );
}
// check IETF password policies here
checkPwPolicies( session, bindResponse );

if ( session.getErrorId() == 0 )
{
@@ -877,11 +866,12 @@ Session checkPassword( User user ) throws FinderException, PasswordException
}


private void checkPwPolicies( PwMessage pwMsg, PasswordPolicyResponse respCtrl )
private void checkPwPolicies( PwMessage pwMsg, BindResponse bindResponse )
{
int rc = 0;
boolean result = false;
String msgHdr = "checkPwPolicies for userId [" + pwMsg.getUserId() + "] ";
PasswordPolicyResponse respCtrl = getPwdRespCtrl( bindResponse );
if ( respCtrl != null )
{
String errMsg = null;
@@ -30,26 +30,9 @@
import java.util.TreeSet;

import org.apache.commons.lang.StringUtils;
import org.apache.directory.api.ldap.codec.api.LdapApiService;
import org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory;
import org.apache.directory.api.ldap.codec.osgi.DefaultLdapCodecService;
import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyRequest;
import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyRequestImpl;

//import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyImpl;
//import org.apache.directory.api.ldap.extras.controls.ppolicy_impl.PasswordPolicyDecorator;


//import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicy;
//import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyImpl;
//import org.apache.directory.api.ldap.extras.controls.ppolicy_impl.PasswordPolicyDecorator;
//import org.apache.directory.api.ldap.extras.controls.ppolicy.*;
//import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyRequest;
//import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyRequestImpl;


import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyResponse;
import org.apache.directory.api.ldap.extras.controls.ppolicy_impl.PasswordPolicyResponseFactory;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
@@ -1214,8 +1197,7 @@ protected String encodeSafeText( String value, int validLen ) throws LdapExcepti
*/
protected PasswordPolicyResponse getPwdRespCtrl(BindResponse resp )
{
Control control = resp.getControls().get( PasswordPolicyResponse.OID );
return ( PasswordPolicyResponse ) control;
return ( PasswordPolicyResponse ) resp.getControls().get( PasswordPolicyRequest.OID );
}


0 comments on commit 98429ff

Please sign in to comment.