001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.meta; 028 029 030 031 import java.util.Collection; 032 import java.util.SortedSet; 033 import java.util.TreeSet; 034 import org.opends.server.admin.AdministratorAction; 035 import org.opends.server.admin.AggregationPropertyDefinition; 036 import org.opends.server.admin.AttributeTypePropertyDefinition; 037 import org.opends.server.admin.BooleanPropertyDefinition; 038 import org.opends.server.admin.client.AuthorizationException; 039 import org.opends.server.admin.client.CommunicationException; 040 import org.opends.server.admin.client.ConcurrentModificationException; 041 import org.opends.server.admin.client.ManagedObject; 042 import org.opends.server.admin.client.MissingMandatoryPropertiesException; 043 import org.opends.server.admin.client.OperationRejectedException; 044 import org.opends.server.admin.DefaultBehaviorProvider; 045 import org.opends.server.admin.DefinedDefaultBehaviorProvider; 046 import org.opends.server.admin.DurationPropertyDefinition; 047 import org.opends.server.admin.EnumPropertyDefinition; 048 import org.opends.server.admin.IntegerPropertyDefinition; 049 import org.opends.server.admin.ManagedObjectAlreadyExistsException; 050 import org.opends.server.admin.ManagedObjectDefinition; 051 import org.opends.server.admin.PropertyOption; 052 import org.opends.server.admin.PropertyProvider; 053 import org.opends.server.admin.server.ConfigurationChangeListener; 054 import org.opends.server.admin.server.ServerManagedObject; 055 import org.opends.server.admin.std.client.AccountStatusNotificationHandlerCfgClient; 056 import org.opends.server.admin.std.client.PasswordGeneratorCfgClient; 057 import org.opends.server.admin.std.client.PasswordPolicyCfgClient; 058 import org.opends.server.admin.std.client.PasswordStorageSchemeCfgClient; 059 import org.opends.server.admin.std.client.PasswordValidatorCfgClient; 060 import org.opends.server.admin.std.server.AccountStatusNotificationHandlerCfg; 061 import org.opends.server.admin.std.server.PasswordGeneratorCfg; 062 import org.opends.server.admin.std.server.PasswordPolicyCfg; 063 import org.opends.server.admin.std.server.PasswordStorageSchemeCfg; 064 import org.opends.server.admin.std.server.PasswordValidatorCfg; 065 import org.opends.server.admin.StringPropertyDefinition; 066 import org.opends.server.admin.Tag; 067 import org.opends.server.admin.TopCfgDefn; 068 import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 069 import org.opends.server.types.AttributeType; 070 import org.opends.server.types.DN; 071 072 073 074 /** 075 * An interface for querying the Password Policy managed object 076 * definition meta information. 077 * <p> 078 * Password Policies define a number of password management rules, as 079 * well as requirements for authentication processing. 080 */ 081 public final class PasswordPolicyCfgDefn extends ManagedObjectDefinition<PasswordPolicyCfgClient, PasswordPolicyCfg> { 082 083 // The singleton configuration definition instance. 084 private static final PasswordPolicyCfgDefn INSTANCE = new PasswordPolicyCfgDefn(); 085 086 087 088 /** 089 * Defines the set of permissable values for the "state-update-failure-policy" property. 090 * <p> 091 * Specifies how the server deals with the inability to update 092 * password policy state information during an authentication 093 * attempt. 094 * <p> 095 * In particular, this property can be used to control whether an 096 * otherwise successful bind operation fails if a failure occurs 097 * while attempting to update password policy state information (for 098 * example, to clear a record of previous authentication failures or 099 * to update the last login time). It can also be used to control 100 * whether to reject a bind request if it is known ahead of time that 101 * it will not be possible to update the authentication failure times 102 * in the event of an unsuccessful bind attempt (for example, if the 103 * backend writability mode is disabled). 104 */ 105 public static enum StateUpdateFailurePolicy { 106 107 /** 108 * If a bind attempt would otherwise be successful, then do not 109 * reject it if a problem occurs while attempting to update the 110 * password policy state information for the user. 111 */ 112 IGNORE("ignore"), 113 114 115 116 /** 117 * Proactively reject any bind attempt if it is known ahead of 118 * time that it would not be possible to update the user's password 119 * policy state information. 120 */ 121 PROACTIVE("proactive"), 122 123 124 125 /** 126 * Even if a bind attempt would otherwise be successful, reject it 127 * if a problem occurs while attempting to update the password 128 * policy state information for the user. 129 */ 130 REACTIVE("reactive"); 131 132 133 134 // String representation of the value. 135 private final String name; 136 137 138 139 // Private constructor. 140 private StateUpdateFailurePolicy(String name) { this.name = name; } 141 142 143 144 /** 145 * {@inheritDoc} 146 */ 147 public String toString() { return name; } 148 149 } 150 151 152 153 // The "account-status-notification-handler" property definition. 154 private static final AggregationPropertyDefinition<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER; 155 156 157 158 // The "allow-expired-password-changes" property definition. 159 private static final BooleanPropertyDefinition PD_ALLOW_EXPIRED_PASSWORD_CHANGES; 160 161 162 163 // The "allow-multiple-password-values" property definition. 164 private static final BooleanPropertyDefinition PD_ALLOW_MULTIPLE_PASSWORD_VALUES; 165 166 167 168 // The "allow-pre-encoded-passwords" property definition. 169 private static final BooleanPropertyDefinition PD_ALLOW_PRE_ENCODED_PASSWORDS; 170 171 172 173 // The "allow-user-password-changes" property definition. 174 private static final BooleanPropertyDefinition PD_ALLOW_USER_PASSWORD_CHANGES; 175 176 177 178 // The "default-password-storage-scheme" property definition. 179 private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_DEFAULT_PASSWORD_STORAGE_SCHEME; 180 181 182 183 // The "deprecated-password-storage-scheme" property definition. 184 private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_DEPRECATED_PASSWORD_STORAGE_SCHEME; 185 186 187 188 // The "expire-passwords-without-warning" property definition. 189 private static final BooleanPropertyDefinition PD_EXPIRE_PASSWORDS_WITHOUT_WARNING; 190 191 192 193 // The "force-change-on-add" property definition. 194 private static final BooleanPropertyDefinition PD_FORCE_CHANGE_ON_ADD; 195 196 197 198 // The "force-change-on-reset" property definition. 199 private static final BooleanPropertyDefinition PD_FORCE_CHANGE_ON_RESET; 200 201 202 203 // The "grace-login-count" property definition. 204 private static final IntegerPropertyDefinition PD_GRACE_LOGIN_COUNT; 205 206 207 208 // The "idle-lockout-interval" property definition. 209 private static final DurationPropertyDefinition PD_IDLE_LOCKOUT_INTERVAL; 210 211 212 213 // The "last-login-time-attribute" property definition. 214 private static final AttributeTypePropertyDefinition PD_LAST_LOGIN_TIME_ATTRIBUTE; 215 216 217 218 // The "last-login-time-format" property definition. 219 private static final StringPropertyDefinition PD_LAST_LOGIN_TIME_FORMAT; 220 221 222 223 // The "lockout-duration" property definition. 224 private static final DurationPropertyDefinition PD_LOCKOUT_DURATION; 225 226 227 228 // The "lockout-failure-count" property definition. 229 private static final IntegerPropertyDefinition PD_LOCKOUT_FAILURE_COUNT; 230 231 232 233 // The "lockout-failure-expiration-interval" property definition. 234 private static final DurationPropertyDefinition PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL; 235 236 237 238 // The "max-password-age" property definition. 239 private static final DurationPropertyDefinition PD_MAX_PASSWORD_AGE; 240 241 242 243 // The "max-password-reset-age" property definition. 244 private static final DurationPropertyDefinition PD_MAX_PASSWORD_RESET_AGE; 245 246 247 248 // The "min-password-age" property definition. 249 private static final DurationPropertyDefinition PD_MIN_PASSWORD_AGE; 250 251 252 253 // The "password-attribute" property definition. 254 private static final AttributeTypePropertyDefinition PD_PASSWORD_ATTRIBUTE; 255 256 257 258 // The "password-change-requires-current-password" property definition. 259 private static final BooleanPropertyDefinition PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD; 260 261 262 263 // The "password-expiration-warning-interval" property definition. 264 private static final DurationPropertyDefinition PD_PASSWORD_EXPIRATION_WARNING_INTERVAL; 265 266 267 268 // The "password-generator" property definition. 269 private static final AggregationPropertyDefinition<PasswordGeneratorCfgClient, PasswordGeneratorCfg> PD_PASSWORD_GENERATOR; 270 271 272 273 // The "password-history-count" property definition. 274 private static final IntegerPropertyDefinition PD_PASSWORD_HISTORY_COUNT; 275 276 277 278 // The "password-history-duration" property definition. 279 private static final DurationPropertyDefinition PD_PASSWORD_HISTORY_DURATION; 280 281 282 283 // The "password-validator" property definition. 284 private static final AggregationPropertyDefinition<PasswordValidatorCfgClient, PasswordValidatorCfg> PD_PASSWORD_VALIDATOR; 285 286 287 288 // The "previous-last-login-time-format" property definition. 289 private static final StringPropertyDefinition PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT; 290 291 292 293 // The "require-change-by-time" property definition. 294 private static final StringPropertyDefinition PD_REQUIRE_CHANGE_BY_TIME; 295 296 297 298 // The "require-secure-authentication" property definition. 299 private static final BooleanPropertyDefinition PD_REQUIRE_SECURE_AUTHENTICATION; 300 301 302 303 // The "require-secure-password-changes" property definition. 304 private static final BooleanPropertyDefinition PD_REQUIRE_SECURE_PASSWORD_CHANGES; 305 306 307 308 // The "skip-validation-for-administrators" property definition. 309 private static final BooleanPropertyDefinition PD_SKIP_VALIDATION_FOR_ADMINISTRATORS; 310 311 312 313 // The "state-update-failure-policy" property definition. 314 private static final EnumPropertyDefinition<StateUpdateFailurePolicy> PD_STATE_UPDATE_FAILURE_POLICY; 315 316 317 318 // Build the "account-status-notification-handler" property definition. 319 static { 320 AggregationPropertyDefinition.Builder<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "account-status-notification-handler"); 321 builder.setOption(PropertyOption.MULTI_VALUED); 322 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "account-status-notification-handler")); 323 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 324 builder.setParentPath("/"); 325 builder.setRelationDefinition("account-status-notification-handler"); 326 PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER = builder.getInstance(); 327 INSTANCE.registerPropertyDefinition(PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER); 328 INSTANCE.registerConstraint(PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER.getSourceConstraint()); 329 } 330 331 332 333 // Build the "allow-expired-password-changes" property definition. 334 static { 335 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-expired-password-changes"); 336 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-expired-password-changes")); 337 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 338 builder.setDefaultBehaviorProvider(provider); 339 PD_ALLOW_EXPIRED_PASSWORD_CHANGES = builder.getInstance(); 340 INSTANCE.registerPropertyDefinition(PD_ALLOW_EXPIRED_PASSWORD_CHANGES); 341 } 342 343 344 345 // Build the "allow-multiple-password-values" property definition. 346 static { 347 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-multiple-password-values"); 348 builder.setOption(PropertyOption.ADVANCED); 349 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-multiple-password-values")); 350 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 351 builder.setDefaultBehaviorProvider(provider); 352 PD_ALLOW_MULTIPLE_PASSWORD_VALUES = builder.getInstance(); 353 INSTANCE.registerPropertyDefinition(PD_ALLOW_MULTIPLE_PASSWORD_VALUES); 354 } 355 356 357 358 // Build the "allow-pre-encoded-passwords" property definition. 359 static { 360 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-pre-encoded-passwords"); 361 builder.setOption(PropertyOption.ADVANCED); 362 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-pre-encoded-passwords")); 363 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 364 builder.setDefaultBehaviorProvider(provider); 365 PD_ALLOW_PRE_ENCODED_PASSWORDS = builder.getInstance(); 366 INSTANCE.registerPropertyDefinition(PD_ALLOW_PRE_ENCODED_PASSWORDS); 367 } 368 369 370 371 // Build the "allow-user-password-changes" property definition. 372 static { 373 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-user-password-changes"); 374 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-user-password-changes")); 375 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 376 builder.setDefaultBehaviorProvider(provider); 377 PD_ALLOW_USER_PASSWORD_CHANGES = builder.getInstance(); 378 INSTANCE.registerPropertyDefinition(PD_ALLOW_USER_PASSWORD_CHANGES); 379 } 380 381 382 383 // Build the "default-password-storage-scheme" property definition. 384 static { 385 AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "default-password-storage-scheme"); 386 builder.setOption(PropertyOption.MULTI_VALUED); 387 builder.setOption(PropertyOption.MANDATORY); 388 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-password-storage-scheme")); 389 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 390 builder.setParentPath("/"); 391 builder.setRelationDefinition("password-storage-scheme"); 392 PD_DEFAULT_PASSWORD_STORAGE_SCHEME = builder.getInstance(); 393 INSTANCE.registerPropertyDefinition(PD_DEFAULT_PASSWORD_STORAGE_SCHEME); 394 INSTANCE.registerConstraint(PD_DEFAULT_PASSWORD_STORAGE_SCHEME.getSourceConstraint()); 395 } 396 397 398 399 // Build the "deprecated-password-storage-scheme" property definition. 400 static { 401 AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "deprecated-password-storage-scheme"); 402 builder.setOption(PropertyOption.MULTI_VALUED); 403 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "deprecated-password-storage-scheme")); 404 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 405 builder.setParentPath("/"); 406 builder.setRelationDefinition("password-storage-scheme"); 407 PD_DEPRECATED_PASSWORD_STORAGE_SCHEME = builder.getInstance(); 408 INSTANCE.registerPropertyDefinition(PD_DEPRECATED_PASSWORD_STORAGE_SCHEME); 409 INSTANCE.registerConstraint(PD_DEPRECATED_PASSWORD_STORAGE_SCHEME.getSourceConstraint()); 410 } 411 412 413 414 // Build the "expire-passwords-without-warning" property definition. 415 static { 416 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "expire-passwords-without-warning"); 417 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "expire-passwords-without-warning")); 418 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 419 builder.setDefaultBehaviorProvider(provider); 420 PD_EXPIRE_PASSWORDS_WITHOUT_WARNING = builder.getInstance(); 421 INSTANCE.registerPropertyDefinition(PD_EXPIRE_PASSWORDS_WITHOUT_WARNING); 422 } 423 424 425 426 // Build the "force-change-on-add" property definition. 427 static { 428 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "force-change-on-add"); 429 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "force-change-on-add")); 430 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 431 builder.setDefaultBehaviorProvider(provider); 432 PD_FORCE_CHANGE_ON_ADD = builder.getInstance(); 433 INSTANCE.registerPropertyDefinition(PD_FORCE_CHANGE_ON_ADD); 434 } 435 436 437 438 // Build the "force-change-on-reset" property definition. 439 static { 440 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "force-change-on-reset"); 441 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "force-change-on-reset")); 442 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 443 builder.setDefaultBehaviorProvider(provider); 444 PD_FORCE_CHANGE_ON_RESET = builder.getInstance(); 445 INSTANCE.registerPropertyDefinition(PD_FORCE_CHANGE_ON_RESET); 446 } 447 448 449 450 // Build the "grace-login-count" property definition. 451 static { 452 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "grace-login-count"); 453 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "grace-login-count")); 454 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0"); 455 builder.setDefaultBehaviorProvider(provider); 456 builder.setUpperLimit(2147483647); 457 builder.setLowerLimit(0); 458 PD_GRACE_LOGIN_COUNT = builder.getInstance(); 459 INSTANCE.registerPropertyDefinition(PD_GRACE_LOGIN_COUNT); 460 } 461 462 463 464 // Build the "idle-lockout-interval" property definition. 465 static { 466 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "idle-lockout-interval"); 467 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "idle-lockout-interval")); 468 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds"); 469 builder.setDefaultBehaviorProvider(provider); 470 builder.setUpperLimit("2147483647"); 471 builder.setLowerLimit("0"); 472 PD_IDLE_LOCKOUT_INTERVAL = builder.getInstance(); 473 INSTANCE.registerPropertyDefinition(PD_IDLE_LOCKOUT_INTERVAL); 474 } 475 476 477 478 // Build the "last-login-time-attribute" property definition. 479 static { 480 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "last-login-time-attribute"); 481 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "last-login-time-attribute")); 482 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>()); 483 PD_LAST_LOGIN_TIME_ATTRIBUTE = builder.getInstance(); 484 INSTANCE.registerPropertyDefinition(PD_LAST_LOGIN_TIME_ATTRIBUTE); 485 } 486 487 488 489 // Build the "last-login-time-format" property definition. 490 static { 491 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "last-login-time-format"); 492 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "last-login-time-format")); 493 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 494 builder.setPattern(".*", "STRING"); 495 PD_LAST_LOGIN_TIME_FORMAT = builder.getInstance(); 496 INSTANCE.registerPropertyDefinition(PD_LAST_LOGIN_TIME_FORMAT); 497 } 498 499 500 501 // Build the "lockout-duration" property definition. 502 static { 503 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "lockout-duration"); 504 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-duration")); 505 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds"); 506 builder.setDefaultBehaviorProvider(provider); 507 builder.setBaseUnit("s"); 508 builder.setUpperLimit("2147483647"); 509 builder.setLowerLimit("0"); 510 PD_LOCKOUT_DURATION = builder.getInstance(); 511 INSTANCE.registerPropertyDefinition(PD_LOCKOUT_DURATION); 512 } 513 514 515 516 // Build the "lockout-failure-count" property definition. 517 static { 518 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "lockout-failure-count"); 519 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-failure-count")); 520 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0"); 521 builder.setDefaultBehaviorProvider(provider); 522 builder.setUpperLimit(2147483647); 523 builder.setLowerLimit(0); 524 PD_LOCKOUT_FAILURE_COUNT = builder.getInstance(); 525 INSTANCE.registerPropertyDefinition(PD_LOCKOUT_FAILURE_COUNT); 526 } 527 528 529 530 // Build the "lockout-failure-expiration-interval" property definition. 531 static { 532 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "lockout-failure-expiration-interval"); 533 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-failure-expiration-interval")); 534 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds"); 535 builder.setDefaultBehaviorProvider(provider); 536 builder.setBaseUnit("s"); 537 builder.setUpperLimit("2147483647"); 538 builder.setLowerLimit("0"); 539 PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL = builder.getInstance(); 540 INSTANCE.registerPropertyDefinition(PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL); 541 } 542 543 544 545 // Build the "max-password-age" property definition. 546 static { 547 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-password-age"); 548 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-password-age")); 549 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds"); 550 builder.setDefaultBehaviorProvider(provider); 551 builder.setBaseUnit("s"); 552 builder.setUpperLimit("2147483647"); 553 builder.setLowerLimit("0"); 554 PD_MAX_PASSWORD_AGE = builder.getInstance(); 555 INSTANCE.registerPropertyDefinition(PD_MAX_PASSWORD_AGE); 556 } 557 558 559 560 // Build the "max-password-reset-age" property definition. 561 static { 562 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-password-reset-age"); 563 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-password-reset-age")); 564 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds"); 565 builder.setDefaultBehaviorProvider(provider); 566 builder.setBaseUnit("s"); 567 builder.setUpperLimit("2147483647"); 568 builder.setLowerLimit("0"); 569 PD_MAX_PASSWORD_RESET_AGE = builder.getInstance(); 570 INSTANCE.registerPropertyDefinition(PD_MAX_PASSWORD_RESET_AGE); 571 } 572 573 574 575 // Build the "min-password-age" property definition. 576 static { 577 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "min-password-age"); 578 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "min-password-age")); 579 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds"); 580 builder.setDefaultBehaviorProvider(provider); 581 builder.setBaseUnit("s"); 582 builder.setUpperLimit("2147483647"); 583 builder.setLowerLimit("0"); 584 PD_MIN_PASSWORD_AGE = builder.getInstance(); 585 INSTANCE.registerPropertyDefinition(PD_MIN_PASSWORD_AGE); 586 } 587 588 589 590 // Build the "password-attribute" property definition. 591 static { 592 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "password-attribute"); 593 builder.setOption(PropertyOption.MANDATORY); 594 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-attribute")); 595 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>()); 596 PD_PASSWORD_ATTRIBUTE = builder.getInstance(); 597 INSTANCE.registerPropertyDefinition(PD_PASSWORD_ATTRIBUTE); 598 } 599 600 601 602 // Build the "password-change-requires-current-password" property definition. 603 static { 604 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "password-change-requires-current-password"); 605 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-change-requires-current-password")); 606 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 607 builder.setDefaultBehaviorProvider(provider); 608 PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD = builder.getInstance(); 609 INSTANCE.registerPropertyDefinition(PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD); 610 } 611 612 613 614 // Build the "password-expiration-warning-interval" property definition. 615 static { 616 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "password-expiration-warning-interval"); 617 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-expiration-warning-interval")); 618 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 days"); 619 builder.setDefaultBehaviorProvider(provider); 620 PD_PASSWORD_EXPIRATION_WARNING_INTERVAL = builder.getInstance(); 621 INSTANCE.registerPropertyDefinition(PD_PASSWORD_EXPIRATION_WARNING_INTERVAL); 622 } 623 624 625 626 // Build the "password-generator" property definition. 627 static { 628 AggregationPropertyDefinition.Builder<PasswordGeneratorCfgClient, PasswordGeneratorCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "password-generator"); 629 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-generator")); 630 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 631 builder.setParentPath("/"); 632 builder.setRelationDefinition("password-generator"); 633 PD_PASSWORD_GENERATOR = builder.getInstance(); 634 INSTANCE.registerPropertyDefinition(PD_PASSWORD_GENERATOR); 635 INSTANCE.registerConstraint(PD_PASSWORD_GENERATOR.getSourceConstraint()); 636 } 637 638 639 640 // Build the "password-history-count" property definition. 641 static { 642 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "password-history-count"); 643 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-history-count")); 644 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0"); 645 builder.setDefaultBehaviorProvider(provider); 646 builder.setUpperLimit(2147483647); 647 builder.setLowerLimit(0); 648 PD_PASSWORD_HISTORY_COUNT = builder.getInstance(); 649 INSTANCE.registerPropertyDefinition(PD_PASSWORD_HISTORY_COUNT); 650 } 651 652 653 654 // Build the "password-history-duration" property definition. 655 static { 656 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "password-history-duration"); 657 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-history-duration")); 658 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds"); 659 builder.setDefaultBehaviorProvider(provider); 660 builder.setAllowUnlimited(false); 661 builder.setBaseUnit("s"); 662 builder.setUpperLimit("2147483647"); 663 builder.setLowerLimit("0"); 664 PD_PASSWORD_HISTORY_DURATION = builder.getInstance(); 665 INSTANCE.registerPropertyDefinition(PD_PASSWORD_HISTORY_DURATION); 666 } 667 668 669 670 // Build the "password-validator" property definition. 671 static { 672 AggregationPropertyDefinition.Builder<PasswordValidatorCfgClient, PasswordValidatorCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "password-validator"); 673 builder.setOption(PropertyOption.MULTI_VALUED); 674 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-validator")); 675 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 676 builder.setParentPath("/"); 677 builder.setRelationDefinition("password-validator"); 678 PD_PASSWORD_VALIDATOR = builder.getInstance(); 679 INSTANCE.registerPropertyDefinition(PD_PASSWORD_VALIDATOR); 680 INSTANCE.registerConstraint(PD_PASSWORD_VALIDATOR.getSourceConstraint()); 681 } 682 683 684 685 // Build the "previous-last-login-time-format" property definition. 686 static { 687 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "previous-last-login-time-format"); 688 builder.setOption(PropertyOption.MULTI_VALUED); 689 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "previous-last-login-time-format")); 690 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 691 builder.setPattern(".*", "STRING"); 692 PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT = builder.getInstance(); 693 INSTANCE.registerPropertyDefinition(PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT); 694 } 695 696 697 698 // Build the "require-change-by-time" property definition. 699 static { 700 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "require-change-by-time"); 701 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-change-by-time")); 702 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 703 builder.setPattern(".*", "STRING"); 704 PD_REQUIRE_CHANGE_BY_TIME = builder.getInstance(); 705 INSTANCE.registerPropertyDefinition(PD_REQUIRE_CHANGE_BY_TIME); 706 } 707 708 709 710 // Build the "require-secure-authentication" property definition. 711 static { 712 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "require-secure-authentication"); 713 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-secure-authentication")); 714 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 715 builder.setDefaultBehaviorProvider(provider); 716 PD_REQUIRE_SECURE_AUTHENTICATION = builder.getInstance(); 717 INSTANCE.registerPropertyDefinition(PD_REQUIRE_SECURE_AUTHENTICATION); 718 } 719 720 721 722 // Build the "require-secure-password-changes" property definition. 723 static { 724 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "require-secure-password-changes"); 725 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-secure-password-changes")); 726 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 727 builder.setDefaultBehaviorProvider(provider); 728 PD_REQUIRE_SECURE_PASSWORD_CHANGES = builder.getInstance(); 729 INSTANCE.registerPropertyDefinition(PD_REQUIRE_SECURE_PASSWORD_CHANGES); 730 } 731 732 733 734 // Build the "skip-validation-for-administrators" property definition. 735 static { 736 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "skip-validation-for-administrators"); 737 builder.setOption(PropertyOption.ADVANCED); 738 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "skip-validation-for-administrators")); 739 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 740 builder.setDefaultBehaviorProvider(provider); 741 PD_SKIP_VALIDATION_FOR_ADMINISTRATORS = builder.getInstance(); 742 INSTANCE.registerPropertyDefinition(PD_SKIP_VALIDATION_FOR_ADMINISTRATORS); 743 } 744 745 746 747 // Build the "state-update-failure-policy" property definition. 748 static { 749 EnumPropertyDefinition.Builder<StateUpdateFailurePolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "state-update-failure-policy"); 750 builder.setOption(PropertyOption.ADVANCED); 751 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "state-update-failure-policy")); 752 DefaultBehaviorProvider<StateUpdateFailurePolicy> provider = new DefinedDefaultBehaviorProvider<StateUpdateFailurePolicy>("reactive"); 753 builder.setDefaultBehaviorProvider(provider); 754 builder.setEnumClass(StateUpdateFailurePolicy.class); 755 PD_STATE_UPDATE_FAILURE_POLICY = builder.getInstance(); 756 INSTANCE.registerPropertyDefinition(PD_STATE_UPDATE_FAILURE_POLICY); 757 } 758 759 760 761 // Register the tags associated with this managed object definition. 762 static { 763 INSTANCE.registerTag(Tag.valueOf("user-management")); 764 } 765 766 767 768 /** 769 * Get the Password Policy configuration definition singleton. 770 * 771 * @return Returns the Password Policy configuration definition 772 * singleton. 773 */ 774 public static PasswordPolicyCfgDefn getInstance() { 775 return INSTANCE; 776 } 777 778 779 780 /** 781 * Private constructor. 782 */ 783 private PasswordPolicyCfgDefn() { 784 super("password-policy", TopCfgDefn.getInstance()); 785 } 786 787 788 789 /** 790 * {@inheritDoc} 791 */ 792 public PasswordPolicyCfgClient createClientConfiguration( 793 ManagedObject<? extends PasswordPolicyCfgClient> impl) { 794 return new PasswordPolicyCfgClientImpl(impl); 795 } 796 797 798 799 /** 800 * {@inheritDoc} 801 */ 802 public PasswordPolicyCfg createServerConfiguration( 803 ServerManagedObject<? extends PasswordPolicyCfg> impl) { 804 return new PasswordPolicyCfgServerImpl(impl); 805 } 806 807 808 809 /** 810 * {@inheritDoc} 811 */ 812 public Class<PasswordPolicyCfg> getServerConfigurationClass() { 813 return PasswordPolicyCfg.class; 814 } 815 816 817 818 /** 819 * Get the "account-status-notification-handler" property definition. 820 * <p> 821 * Specifies the names of the account status notification handlers 822 * that are used with the associated password storage scheme. 823 * 824 * @return Returns the "account-status-notification-handler" property definition. 825 */ 826 public AggregationPropertyDefinition<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> getAccountStatusNotificationHandlerPropertyDefinition() { 827 return PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER; 828 } 829 830 831 832 /** 833 * Get the "allow-expired-password-changes" property definition. 834 * <p> 835 * Indicates whether a user whose password is expired is still 836 * allowed to change that password using the password modify extended 837 * operation. 838 * 839 * @return Returns the "allow-expired-password-changes" property definition. 840 */ 841 public BooleanPropertyDefinition getAllowExpiredPasswordChangesPropertyDefinition() { 842 return PD_ALLOW_EXPIRED_PASSWORD_CHANGES; 843 } 844 845 846 847 /** 848 * Get the "allow-multiple-password-values" property definition. 849 * <p> 850 * Indicates whether user entries can have multiple distinct values 851 * for the password attribute. 852 * <p> 853 * This is potentially dangerous because many mechanisms used to 854 * change the password do not work well with such a configuration. If 855 * multiple password values are allowed, then any of them can be used 856 * to authenticate, and they are all subject to the same policy 857 * constraints. 858 * 859 * @return Returns the "allow-multiple-password-values" property definition. 860 */ 861 public BooleanPropertyDefinition getAllowMultiplePasswordValuesPropertyDefinition() { 862 return PD_ALLOW_MULTIPLE_PASSWORD_VALUES; 863 } 864 865 866 867 /** 868 * Get the "allow-pre-encoded-passwords" property definition. 869 * <p> 870 * Indicates whether users can change their passwords by providing a 871 * pre-encoded value. 872 * <p> 873 * This can cause a security risk because the clear-text version of 874 * the password is not known and therefore validation checks cannot 875 * be applied to it. 876 * 877 * @return Returns the "allow-pre-encoded-passwords" property definition. 878 */ 879 public BooleanPropertyDefinition getAllowPreEncodedPasswordsPropertyDefinition() { 880 return PD_ALLOW_PRE_ENCODED_PASSWORDS; 881 } 882 883 884 885 /** 886 * Get the "allow-user-password-changes" property definition. 887 * <p> 888 * Indicates whether users can change their own passwords. 889 * <p> 890 * This check is made in addition to access control evaluation. Both 891 * must allow the password change for it to occur. 892 * 893 * @return Returns the "allow-user-password-changes" property definition. 894 */ 895 public BooleanPropertyDefinition getAllowUserPasswordChangesPropertyDefinition() { 896 return PD_ALLOW_USER_PASSWORD_CHANGES; 897 } 898 899 900 901 /** 902 * Get the "default-password-storage-scheme" property definition. 903 * <p> 904 * Specifies the names of the password storage schemes that are used 905 * to encode clear-text passwords for this password policy. 906 * 907 * @return Returns the "default-password-storage-scheme" property definition. 908 */ 909 public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getDefaultPasswordStorageSchemePropertyDefinition() { 910 return PD_DEFAULT_PASSWORD_STORAGE_SCHEME; 911 } 912 913 914 915 /** 916 * Get the "deprecated-password-storage-scheme" property definition. 917 * <p> 918 * Specifies the names of the password storage schemes that are 919 * considered deprecated for this password policy. 920 * <p> 921 * If a user with this password policy authenticates to the server 922 * and his/her password is encoded with a deprecated scheme, those 923 * values are removed and replaced with values encoded using the 924 * default password storage scheme(s). 925 * 926 * @return Returns the "deprecated-password-storage-scheme" property definition. 927 */ 928 public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getDeprecatedPasswordStorageSchemePropertyDefinition() { 929 return PD_DEPRECATED_PASSWORD_STORAGE_SCHEME; 930 } 931 932 933 934 /** 935 * Get the "expire-passwords-without-warning" property definition. 936 * <p> 937 * Indicates whether the Directory Server allows a user's password 938 * to expire even if that user has never seen an expiration warning 939 * notification. 940 * <p> 941 * If this property is true, accounts always expire when the 942 * expiration time arrives. If this property is false disabled, the 943 * user always receives at least one warning notification, and the 944 * password expiration is set to the warning time plus the warning 945 * interval. 946 * 947 * @return Returns the "expire-passwords-without-warning" property definition. 948 */ 949 public BooleanPropertyDefinition getExpirePasswordsWithoutWarningPropertyDefinition() { 950 return PD_EXPIRE_PASSWORDS_WITHOUT_WARNING; 951 } 952 953 954 955 /** 956 * Get the "force-change-on-add" property definition. 957 * <p> 958 * Indicates whether users are forced to change their passwords upon 959 * first authenticating to the Directory Server after their account 960 * has been created. 961 * 962 * @return Returns the "force-change-on-add" property definition. 963 */ 964 public BooleanPropertyDefinition getForceChangeOnAddPropertyDefinition() { 965 return PD_FORCE_CHANGE_ON_ADD; 966 } 967 968 969 970 /** 971 * Get the "force-change-on-reset" property definition. 972 * <p> 973 * Indicates whether users are forced to change their passwords if 974 * they are reset by an administrator. 975 * <p> 976 * For this purpose, anyone with permission to change a given user's 977 * password other than that user is considered an administrator. 978 * 979 * @return Returns the "force-change-on-reset" property definition. 980 */ 981 public BooleanPropertyDefinition getForceChangeOnResetPropertyDefinition() { 982 return PD_FORCE_CHANGE_ON_RESET; 983 } 984 985 986 987 /** 988 * Get the "grace-login-count" property definition. 989 * <p> 990 * Specifies the number of grace logins that a user is allowed after 991 * the account has expired to allow that user to choose a new 992 * password. 993 * <p> 994 * A value of 0 indicates that no grace logins are allowed. 995 * 996 * @return Returns the "grace-login-count" property definition. 997 */ 998 public IntegerPropertyDefinition getGraceLoginCountPropertyDefinition() { 999 return PD_GRACE_LOGIN_COUNT; 1000 } 1001 1002 1003 1004 /** 1005 * Get the "idle-lockout-interval" property definition. 1006 * <p> 1007 * Specifies the maximum length of time that an account may remain 1008 * idle (that is, the associated user does not authenticate to the 1009 * server) before that user is locked out. 1010 * <p> 1011 * The value of this attribute is an integer followed by a unit of 1012 * seconds, minutes, hours, days, or weeks. A value of 0 seconds 1013 * indicates that idle accounts are not automatically locked out. 1014 * This feature is available only if the last login time is 1015 * maintained. 1016 * 1017 * @return Returns the "idle-lockout-interval" property definition. 1018 */ 1019 public DurationPropertyDefinition getIdleLockoutIntervalPropertyDefinition() { 1020 return PD_IDLE_LOCKOUT_INTERVAL; 1021 } 1022 1023 1024 1025 /** 1026 * Get the "last-login-time-attribute" property definition. 1027 * <p> 1028 * Specifies the name or OID of the attribute type that is used to 1029 * hold the last login time for users with the associated password 1030 * policy. 1031 * <p> 1032 * This attribute type must be defined in the Directory Server 1033 * schema and must either be defined as an operational attribute or 1034 * must be allowed by the set of objectClasses for all users with the 1035 * associated password policy. 1036 * 1037 * @return Returns the "last-login-time-attribute" property definition. 1038 */ 1039 public AttributeTypePropertyDefinition getLastLoginTimeAttributePropertyDefinition() { 1040 return PD_LAST_LOGIN_TIME_ATTRIBUTE; 1041 } 1042 1043 1044 1045 /** 1046 * Get the "last-login-time-format" property definition. 1047 * <p> 1048 * Specifies the format string that is used to generate the last 1049 * login time value for users with the associated password policy. 1050 * <p> 1051 * This format string conforms to the syntax described in the API 1052 * documentation for the java.text.SimpleDateFormat class. 1053 * 1054 * @return Returns the "last-login-time-format" property definition. 1055 */ 1056 public StringPropertyDefinition getLastLoginTimeFormatPropertyDefinition() { 1057 return PD_LAST_LOGIN_TIME_FORMAT; 1058 } 1059 1060 1061 1062 /** 1063 * Get the "lockout-duration" property definition. 1064 * <p> 1065 * Specifies the length of time that an account is locked after too 1066 * many authentication failures. 1067 * <p> 1068 * The value of this attribute is an integer followed by a unit of 1069 * seconds, minutes, hours, days, or weeks. A value of 0 seconds 1070 * indicates that the account must remain locked until an 1071 * administrator resets the password. 1072 * 1073 * @return Returns the "lockout-duration" property definition. 1074 */ 1075 public DurationPropertyDefinition getLockoutDurationPropertyDefinition() { 1076 return PD_LOCKOUT_DURATION; 1077 } 1078 1079 1080 1081 /** 1082 * Get the "lockout-failure-count" property definition. 1083 * <p> 1084 * Specifies the maximum number of authentication failures that a 1085 * user is allowed before the account is locked out. 1086 * <p> 1087 * A value of 0 indicates that accounts are never locked out due to 1088 * failed attempts. 1089 * 1090 * @return Returns the "lockout-failure-count" property definition. 1091 */ 1092 public IntegerPropertyDefinition getLockoutFailureCountPropertyDefinition() { 1093 return PD_LOCKOUT_FAILURE_COUNT; 1094 } 1095 1096 1097 1098 /** 1099 * Get the "lockout-failure-expiration-interval" property definition. 1100 * <p> 1101 * Specifies the length of time before an authentication failure is 1102 * no longer counted against a user for the purposes of account 1103 * lockout. 1104 * <p> 1105 * The value of this attribute is an integer followed by a unit of 1106 * seconds, minutes, hours, days, or weeks. A value of 0 seconds 1107 * indicates that the authentication failures must never expire. The 1108 * failure count is always cleared upon a successful authentication. 1109 * 1110 * @return Returns the "lockout-failure-expiration-interval" property definition. 1111 */ 1112 public DurationPropertyDefinition getLockoutFailureExpirationIntervalPropertyDefinition() { 1113 return PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL; 1114 } 1115 1116 1117 1118 /** 1119 * Get the "max-password-age" property definition. 1120 * <p> 1121 * Specifies the maximum length of time that a user can continue 1122 * using the same password before it must be changed (that is, the 1123 * password expiration interval). 1124 * <p> 1125 * The value of this attribute is an integer followed by a unit of 1126 * seconds, minutes, hours, days, or weeks. A value of 0 seconds 1127 * disables password expiration. 1128 * 1129 * @return Returns the "max-password-age" property definition. 1130 */ 1131 public DurationPropertyDefinition getMaxPasswordAgePropertyDefinition() { 1132 return PD_MAX_PASSWORD_AGE; 1133 } 1134 1135 1136 1137 /** 1138 * Get the "max-password-reset-age" property definition. 1139 * <p> 1140 * Specifies the maximum length of time that users have to change 1141 * passwords after they have been reset by an administrator before 1142 * they become locked. 1143 * <p> 1144 * The value of this attribute is an integer followed by a unit of 1145 * seconds, minutes, hours, days, or weeks. A value of 0 seconds 1146 * disables this feature. 1147 * 1148 * @return Returns the "max-password-reset-age" property definition. 1149 */ 1150 public DurationPropertyDefinition getMaxPasswordResetAgePropertyDefinition() { 1151 return PD_MAX_PASSWORD_RESET_AGE; 1152 } 1153 1154 1155 1156 /** 1157 * Get the "min-password-age" property definition. 1158 * <p> 1159 * Specifies the minimum length of time after a password change 1160 * before the user is allowed to change the password again. 1161 * <p> 1162 * The value of this attribute is an integer followed by a unit of 1163 * seconds, minutes, hours, days, or weeks. This setting can be used 1164 * to prevent users from changing their passwords repeatedly over a 1165 * short period of time to flush an old password from the history so 1166 * that it can be re-used. 1167 * 1168 * @return Returns the "min-password-age" property definition. 1169 */ 1170 public DurationPropertyDefinition getMinPasswordAgePropertyDefinition() { 1171 return PD_MIN_PASSWORD_AGE; 1172 } 1173 1174 1175 1176 /** 1177 * Get the "password-attribute" property definition. 1178 * <p> 1179 * Specifies the attribute type used to hold user passwords. 1180 * <p> 1181 * This attribute type must be defined in the server schema, and it 1182 * must have either the user password or auth password syntax. 1183 * 1184 * @return Returns the "password-attribute" property definition. 1185 */ 1186 public AttributeTypePropertyDefinition getPasswordAttributePropertyDefinition() { 1187 return PD_PASSWORD_ATTRIBUTE; 1188 } 1189 1190 1191 1192 /** 1193 * Get the "password-change-requires-current-password" property definition. 1194 * <p> 1195 * Indicates whether user password changes must use the password 1196 * modify extended operation and must include the user's current 1197 * password before the change is allowed. 1198 * 1199 * @return Returns the "password-change-requires-current-password" property definition. 1200 */ 1201 public BooleanPropertyDefinition getPasswordChangeRequiresCurrentPasswordPropertyDefinition() { 1202 return PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD; 1203 } 1204 1205 1206 1207 /** 1208 * Get the "password-expiration-warning-interval" property definition. 1209 * <p> 1210 * Specifies the maximum length of time before a user's password 1211 * actually expires that the server begins to include warning 1212 * notifications in bind responses for that user. 1213 * <p> 1214 * The value of this attribute is an integer followed by a unit of 1215 * seconds, minutes, hours, days, or weeks. A value of 0 seconds 1216 * disables the warning interval. 1217 * 1218 * @return Returns the "password-expiration-warning-interval" property definition. 1219 */ 1220 public DurationPropertyDefinition getPasswordExpirationWarningIntervalPropertyDefinition() { 1221 return PD_PASSWORD_EXPIRATION_WARNING_INTERVAL; 1222 } 1223 1224 1225 1226 /** 1227 * Get the "password-generator" property definition. 1228 * <p> 1229 * Specifies the name of the password generator that is used with 1230 * the associated password policy. 1231 * <p> 1232 * This is used in conjunction with the password modify extended 1233 * operation to generate a new password for a user when none was 1234 * provided in the request. 1235 * 1236 * @return Returns the "password-generator" property definition. 1237 */ 1238 public AggregationPropertyDefinition<PasswordGeneratorCfgClient, PasswordGeneratorCfg> getPasswordGeneratorPropertyDefinition() { 1239 return PD_PASSWORD_GENERATOR; 1240 } 1241 1242 1243 1244 /** 1245 * Get the "password-history-count" property definition. 1246 * <p> 1247 * Specifies the maximum number of former passwords to maintain in 1248 * the password history. 1249 * <p> 1250 * When choosing a new password, the proposed password is checked to 1251 * ensure that it does not match the current password, nor any other 1252 * password in the history list. A value of zero indicates that 1253 * either no password history is to be maintained (if the password 1254 * history duration has a value of zero seconds), or that there is no 1255 * maximum number of passwords to maintain in the history (if the 1256 * password history duration has a value greater than zero seconds). 1257 * 1258 * @return Returns the "password-history-count" property definition. 1259 */ 1260 public IntegerPropertyDefinition getPasswordHistoryCountPropertyDefinition() { 1261 return PD_PASSWORD_HISTORY_COUNT; 1262 } 1263 1264 1265 1266 /** 1267 * Get the "password-history-duration" property definition. 1268 * <p> 1269 * Specifies the maximum length of time that passwords remain in the 1270 * password history. 1271 * <p> 1272 * When choosing a new password, the proposed password is checked to 1273 * ensure that it does not match the current password, nor any other 1274 * password in the history list. A value of zero seconds indicates 1275 * that either no password history is to be maintained (if the 1276 * password history count has a value of zero), or that there is no 1277 * maximum duration for passwords in the history (if the password 1278 * history count has a value greater than zero). 1279 * 1280 * @return Returns the "password-history-duration" property definition. 1281 */ 1282 public DurationPropertyDefinition getPasswordHistoryDurationPropertyDefinition() { 1283 return PD_PASSWORD_HISTORY_DURATION; 1284 } 1285 1286 1287 1288 /** 1289 * Get the "password-validator" property definition. 1290 * <p> 1291 * Specifies the names of the password validators that are used with 1292 * the associated password storage scheme. 1293 * <p> 1294 * The password validators are invoked when a user attempts to 1295 * provide a new password, to determine whether the new password is 1296 * acceptable. 1297 * 1298 * @return Returns the "password-validator" property definition. 1299 */ 1300 public AggregationPropertyDefinition<PasswordValidatorCfgClient, PasswordValidatorCfg> getPasswordValidatorPropertyDefinition() { 1301 return PD_PASSWORD_VALIDATOR; 1302 } 1303 1304 1305 1306 /** 1307 * Get the "previous-last-login-time-format" property definition. 1308 * <p> 1309 * Specifies the format string(s) that might have been used with the 1310 * last login time at any point in the past for users associated with 1311 * the password policy. 1312 * <p> 1313 * These values are used to make it possible to parse previous 1314 * values, but are not used to set new values. The format strings 1315 * conform to the syntax described in the API documentation for the 1316 * java.text.SimpleDateFormat class. 1317 * 1318 * @return Returns the "previous-last-login-time-format" property definition. 1319 */ 1320 public StringPropertyDefinition getPreviousLastLoginTimeFormatPropertyDefinition() { 1321 return PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT; 1322 } 1323 1324 1325 1326 /** 1327 * Get the "require-change-by-time" property definition. 1328 * <p> 1329 * Specifies the time by which all users with the associated 1330 * password policy must change their passwords. 1331 * <p> 1332 * The value is expressed in a generalized time format. If this time 1333 * is equal to the current time or is in the past, then all users are 1334 * required to change their passwords immediately. The behavior of 1335 * the server in this mode is identical to the behavior observed when 1336 * users are forced to change their passwords after an administrative 1337 * reset. 1338 * 1339 * @return Returns the "require-change-by-time" property definition. 1340 */ 1341 public StringPropertyDefinition getRequireChangeByTimePropertyDefinition() { 1342 return PD_REQUIRE_CHANGE_BY_TIME; 1343 } 1344 1345 1346 1347 /** 1348 * Get the "require-secure-authentication" property definition. 1349 * <p> 1350 * Indicates whether users with the associated password policy are 1351 * required to authenticate in a secure manner. 1352 * <p> 1353 * This might mean either using a secure communication channel 1354 * between the client and the server, or using a SASL mechanism that 1355 * does not expose the credentials. 1356 * 1357 * @return Returns the "require-secure-authentication" property definition. 1358 */ 1359 public BooleanPropertyDefinition getRequireSecureAuthenticationPropertyDefinition() { 1360 return PD_REQUIRE_SECURE_AUTHENTICATION; 1361 } 1362 1363 1364 1365 /** 1366 * Get the "require-secure-password-changes" property definition. 1367 * <p> 1368 * Indicates whether users with the associated password policy are 1369 * required to change their password in a secure manner that does not 1370 * expose the credentials. 1371 * 1372 * @return Returns the "require-secure-password-changes" property definition. 1373 */ 1374 public BooleanPropertyDefinition getRequireSecurePasswordChangesPropertyDefinition() { 1375 return PD_REQUIRE_SECURE_PASSWORD_CHANGES; 1376 } 1377 1378 1379 1380 /** 1381 * Get the "skip-validation-for-administrators" property definition. 1382 * <p> 1383 * Indicates whether passwords set by administrators are allowed to 1384 * bypass the password validation process that is required for user 1385 * password changes. 1386 * 1387 * @return Returns the "skip-validation-for-administrators" property definition. 1388 */ 1389 public BooleanPropertyDefinition getSkipValidationForAdministratorsPropertyDefinition() { 1390 return PD_SKIP_VALIDATION_FOR_ADMINISTRATORS; 1391 } 1392 1393 1394 1395 /** 1396 * Get the "state-update-failure-policy" property definition. 1397 * <p> 1398 * Specifies how the server deals with the inability to update 1399 * password policy state information during an authentication 1400 * attempt. 1401 * <p> 1402 * In particular, this property can be used to control whether an 1403 * otherwise successful bind operation fails if a failure occurs 1404 * while attempting to update password policy state information (for 1405 * example, to clear a record of previous authentication failures or 1406 * to update the last login time). It can also be used to control 1407 * whether to reject a bind request if it is known ahead of time that 1408 * it will not be possible to update the authentication failure times 1409 * in the event of an unsuccessful bind attempt (for example, if the 1410 * backend writability mode is disabled). 1411 * 1412 * @return Returns the "state-update-failure-policy" property definition. 1413 */ 1414 public EnumPropertyDefinition<StateUpdateFailurePolicy> getStateUpdateFailurePolicyPropertyDefinition() { 1415 return PD_STATE_UPDATE_FAILURE_POLICY; 1416 } 1417 1418 1419 1420 /** 1421 * Managed object client implementation. 1422 */ 1423 private static class PasswordPolicyCfgClientImpl implements 1424 PasswordPolicyCfgClient { 1425 1426 // Private implementation. 1427 private ManagedObject<? extends PasswordPolicyCfgClient> impl; 1428 1429 1430 1431 // Private constructor. 1432 private PasswordPolicyCfgClientImpl( 1433 ManagedObject<? extends PasswordPolicyCfgClient> impl) { 1434 this.impl = impl; 1435 } 1436 1437 1438 1439 /** 1440 * {@inheritDoc} 1441 */ 1442 public SortedSet<String> getAccountStatusNotificationHandler() { 1443 return impl.getPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition()); 1444 } 1445 1446 1447 1448 /** 1449 * {@inheritDoc} 1450 */ 1451 public void setAccountStatusNotificationHandler(Collection<String> values) { 1452 impl.setPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition(), values); 1453 } 1454 1455 1456 1457 /** 1458 * {@inheritDoc} 1459 */ 1460 public boolean isAllowExpiredPasswordChanges() { 1461 return impl.getPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition()); 1462 } 1463 1464 1465 1466 /** 1467 * {@inheritDoc} 1468 */ 1469 public void setAllowExpiredPasswordChanges(Boolean value) { 1470 impl.setPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition(), value); 1471 } 1472 1473 1474 1475 /** 1476 * {@inheritDoc} 1477 */ 1478 public boolean isAllowMultiplePasswordValues() { 1479 return impl.getPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition()); 1480 } 1481 1482 1483 1484 /** 1485 * {@inheritDoc} 1486 */ 1487 public void setAllowMultiplePasswordValues(Boolean value) { 1488 impl.setPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition(), value); 1489 } 1490 1491 1492 1493 /** 1494 * {@inheritDoc} 1495 */ 1496 public boolean isAllowPreEncodedPasswords() { 1497 return impl.getPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition()); 1498 } 1499 1500 1501 1502 /** 1503 * {@inheritDoc} 1504 */ 1505 public void setAllowPreEncodedPasswords(Boolean value) { 1506 impl.setPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition(), value); 1507 } 1508 1509 1510 1511 /** 1512 * {@inheritDoc} 1513 */ 1514 public boolean isAllowUserPasswordChanges() { 1515 return impl.getPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition()); 1516 } 1517 1518 1519 1520 /** 1521 * {@inheritDoc} 1522 */ 1523 public void setAllowUserPasswordChanges(Boolean value) { 1524 impl.setPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition(), value); 1525 } 1526 1527 1528 1529 /** 1530 * {@inheritDoc} 1531 */ 1532 public SortedSet<String> getDefaultPasswordStorageScheme() { 1533 return impl.getPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition()); 1534 } 1535 1536 1537 1538 /** 1539 * {@inheritDoc} 1540 */ 1541 public void setDefaultPasswordStorageScheme(Collection<String> values) { 1542 impl.setPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition(), values); 1543 } 1544 1545 1546 1547 /** 1548 * {@inheritDoc} 1549 */ 1550 public SortedSet<String> getDeprecatedPasswordStorageScheme() { 1551 return impl.getPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition()); 1552 } 1553 1554 1555 1556 /** 1557 * {@inheritDoc} 1558 */ 1559 public void setDeprecatedPasswordStorageScheme(Collection<String> values) { 1560 impl.setPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition(), values); 1561 } 1562 1563 1564 1565 /** 1566 * {@inheritDoc} 1567 */ 1568 public boolean isExpirePasswordsWithoutWarning() { 1569 return impl.getPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition()); 1570 } 1571 1572 1573 1574 /** 1575 * {@inheritDoc} 1576 */ 1577 public void setExpirePasswordsWithoutWarning(Boolean value) { 1578 impl.setPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition(), value); 1579 } 1580 1581 1582 1583 /** 1584 * {@inheritDoc} 1585 */ 1586 public boolean isForceChangeOnAdd() { 1587 return impl.getPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition()); 1588 } 1589 1590 1591 1592 /** 1593 * {@inheritDoc} 1594 */ 1595 public void setForceChangeOnAdd(Boolean value) { 1596 impl.setPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition(), value); 1597 } 1598 1599 1600 1601 /** 1602 * {@inheritDoc} 1603 */ 1604 public boolean isForceChangeOnReset() { 1605 return impl.getPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition()); 1606 } 1607 1608 1609 1610 /** 1611 * {@inheritDoc} 1612 */ 1613 public void setForceChangeOnReset(Boolean value) { 1614 impl.setPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition(), value); 1615 } 1616 1617 1618 1619 /** 1620 * {@inheritDoc} 1621 */ 1622 public int getGraceLoginCount() { 1623 return impl.getPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition()); 1624 } 1625 1626 1627 1628 /** 1629 * {@inheritDoc} 1630 */ 1631 public void setGraceLoginCount(Integer value) { 1632 impl.setPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition(), value); 1633 } 1634 1635 1636 1637 /** 1638 * {@inheritDoc} 1639 */ 1640 public long getIdleLockoutInterval() { 1641 return impl.getPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition()); 1642 } 1643 1644 1645 1646 /** 1647 * {@inheritDoc} 1648 */ 1649 public void setIdleLockoutInterval(Long value) { 1650 impl.setPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition(), value); 1651 } 1652 1653 1654 1655 /** 1656 * {@inheritDoc} 1657 */ 1658 public AttributeType getLastLoginTimeAttribute() { 1659 return impl.getPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition()); 1660 } 1661 1662 1663 1664 /** 1665 * {@inheritDoc} 1666 */ 1667 public void setLastLoginTimeAttribute(AttributeType value) { 1668 impl.setPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition(), value); 1669 } 1670 1671 1672 1673 /** 1674 * {@inheritDoc} 1675 */ 1676 public String getLastLoginTimeFormat() { 1677 return impl.getPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition()); 1678 } 1679 1680 1681 1682 /** 1683 * {@inheritDoc} 1684 */ 1685 public void setLastLoginTimeFormat(String value) { 1686 impl.setPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition(), value); 1687 } 1688 1689 1690 1691 /** 1692 * {@inheritDoc} 1693 */ 1694 public long getLockoutDuration() { 1695 return impl.getPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition()); 1696 } 1697 1698 1699 1700 /** 1701 * {@inheritDoc} 1702 */ 1703 public void setLockoutDuration(Long value) { 1704 impl.setPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition(), value); 1705 } 1706 1707 1708 1709 /** 1710 * {@inheritDoc} 1711 */ 1712 public int getLockoutFailureCount() { 1713 return impl.getPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition()); 1714 } 1715 1716 1717 1718 /** 1719 * {@inheritDoc} 1720 */ 1721 public void setLockoutFailureCount(Integer value) { 1722 impl.setPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition(), value); 1723 } 1724 1725 1726 1727 /** 1728 * {@inheritDoc} 1729 */ 1730 public long getLockoutFailureExpirationInterval() { 1731 return impl.getPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition()); 1732 } 1733 1734 1735 1736 /** 1737 * {@inheritDoc} 1738 */ 1739 public void setLockoutFailureExpirationInterval(Long value) { 1740 impl.setPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition(), value); 1741 } 1742 1743 1744 1745 /** 1746 * {@inheritDoc} 1747 */ 1748 public long getMaxPasswordAge() { 1749 return impl.getPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition()); 1750 } 1751 1752 1753 1754 /** 1755 * {@inheritDoc} 1756 */ 1757 public void setMaxPasswordAge(Long value) { 1758 impl.setPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition(), value); 1759 } 1760 1761 1762 1763 /** 1764 * {@inheritDoc} 1765 */ 1766 public long getMaxPasswordResetAge() { 1767 return impl.getPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition()); 1768 } 1769 1770 1771 1772 /** 1773 * {@inheritDoc} 1774 */ 1775 public void setMaxPasswordResetAge(Long value) { 1776 impl.setPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition(), value); 1777 } 1778 1779 1780 1781 /** 1782 * {@inheritDoc} 1783 */ 1784 public long getMinPasswordAge() { 1785 return impl.getPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition()); 1786 } 1787 1788 1789 1790 /** 1791 * {@inheritDoc} 1792 */ 1793 public void setMinPasswordAge(Long value) { 1794 impl.setPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition(), value); 1795 } 1796 1797 1798 1799 /** 1800 * {@inheritDoc} 1801 */ 1802 public AttributeType getPasswordAttribute() { 1803 return impl.getPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition()); 1804 } 1805 1806 1807 1808 /** 1809 * {@inheritDoc} 1810 */ 1811 public void setPasswordAttribute(AttributeType value) { 1812 impl.setPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition(), value); 1813 } 1814 1815 1816 1817 /** 1818 * {@inheritDoc} 1819 */ 1820 public boolean isPasswordChangeRequiresCurrentPassword() { 1821 return impl.getPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition()); 1822 } 1823 1824 1825 1826 /** 1827 * {@inheritDoc} 1828 */ 1829 public void setPasswordChangeRequiresCurrentPassword(Boolean value) { 1830 impl.setPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition(), value); 1831 } 1832 1833 1834 1835 /** 1836 * {@inheritDoc} 1837 */ 1838 public long getPasswordExpirationWarningInterval() { 1839 return impl.getPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition()); 1840 } 1841 1842 1843 1844 /** 1845 * {@inheritDoc} 1846 */ 1847 public void setPasswordExpirationWarningInterval(Long value) { 1848 impl.setPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition(), value); 1849 } 1850 1851 1852 1853 /** 1854 * {@inheritDoc} 1855 */ 1856 public String getPasswordGenerator() { 1857 return impl.getPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition()); 1858 } 1859 1860 1861 1862 /** 1863 * {@inheritDoc} 1864 */ 1865 public void setPasswordGenerator(String value) { 1866 impl.setPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition(), value); 1867 } 1868 1869 1870 1871 /** 1872 * {@inheritDoc} 1873 */ 1874 public int getPasswordHistoryCount() { 1875 return impl.getPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition()); 1876 } 1877 1878 1879 1880 /** 1881 * {@inheritDoc} 1882 */ 1883 public void setPasswordHistoryCount(Integer value) { 1884 impl.setPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition(), value); 1885 } 1886 1887 1888 1889 /** 1890 * {@inheritDoc} 1891 */ 1892 public long getPasswordHistoryDuration() { 1893 return impl.getPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition()); 1894 } 1895 1896 1897 1898 /** 1899 * {@inheritDoc} 1900 */ 1901 public void setPasswordHistoryDuration(Long value) { 1902 impl.setPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition(), value); 1903 } 1904 1905 1906 1907 /** 1908 * {@inheritDoc} 1909 */ 1910 public SortedSet<String> getPasswordValidator() { 1911 return impl.getPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition()); 1912 } 1913 1914 1915 1916 /** 1917 * {@inheritDoc} 1918 */ 1919 public void setPasswordValidator(Collection<String> values) { 1920 impl.setPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition(), values); 1921 } 1922 1923 1924 1925 /** 1926 * {@inheritDoc} 1927 */ 1928 public SortedSet<String> getPreviousLastLoginTimeFormat() { 1929 return impl.getPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition()); 1930 } 1931 1932 1933 1934 /** 1935 * {@inheritDoc} 1936 */ 1937 public void setPreviousLastLoginTimeFormat(Collection<String> values) { 1938 impl.setPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition(), values); 1939 } 1940 1941 1942 1943 /** 1944 * {@inheritDoc} 1945 */ 1946 public String getRequireChangeByTime() { 1947 return impl.getPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition()); 1948 } 1949 1950 1951 1952 /** 1953 * {@inheritDoc} 1954 */ 1955 public void setRequireChangeByTime(String value) { 1956 impl.setPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition(), value); 1957 } 1958 1959 1960 1961 /** 1962 * {@inheritDoc} 1963 */ 1964 public boolean isRequireSecureAuthentication() { 1965 return impl.getPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition()); 1966 } 1967 1968 1969 1970 /** 1971 * {@inheritDoc} 1972 */ 1973 public void setRequireSecureAuthentication(Boolean value) { 1974 impl.setPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition(), value); 1975 } 1976 1977 1978 1979 /** 1980 * {@inheritDoc} 1981 */ 1982 public boolean isRequireSecurePasswordChanges() { 1983 return impl.getPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition()); 1984 } 1985 1986 1987 1988 /** 1989 * {@inheritDoc} 1990 */ 1991 public void setRequireSecurePasswordChanges(Boolean value) { 1992 impl.setPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition(), value); 1993 } 1994 1995 1996 1997 /** 1998 * {@inheritDoc} 1999 */ 2000 public boolean isSkipValidationForAdministrators() { 2001 return impl.getPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition()); 2002 } 2003 2004 2005 2006 /** 2007 * {@inheritDoc} 2008 */ 2009 public void setSkipValidationForAdministrators(Boolean value) { 2010 impl.setPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition(), value); 2011 } 2012 2013 2014 2015 /** 2016 * {@inheritDoc} 2017 */ 2018 public StateUpdateFailurePolicy getStateUpdateFailurePolicy() { 2019 return impl.getPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition()); 2020 } 2021 2022 2023 2024 /** 2025 * {@inheritDoc} 2026 */ 2027 public void setStateUpdateFailurePolicy(StateUpdateFailurePolicy value) { 2028 impl.setPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition(), value); 2029 } 2030 2031 2032 2033 /** 2034 * {@inheritDoc} 2035 */ 2036 public ManagedObjectDefinition<? extends PasswordPolicyCfgClient, ? extends PasswordPolicyCfg> definition() { 2037 return INSTANCE; 2038 } 2039 2040 2041 2042 /** 2043 * {@inheritDoc} 2044 */ 2045 public PropertyProvider properties() { 2046 return impl; 2047 } 2048 2049 2050 2051 /** 2052 * {@inheritDoc} 2053 */ 2054 public void commit() throws ManagedObjectAlreadyExistsException, 2055 MissingMandatoryPropertiesException, ConcurrentModificationException, 2056 OperationRejectedException, AuthorizationException, 2057 CommunicationException { 2058 impl.commit(); 2059 } 2060 2061 } 2062 2063 2064 2065 /** 2066 * Managed object server implementation. 2067 */ 2068 private static class PasswordPolicyCfgServerImpl implements 2069 PasswordPolicyCfg { 2070 2071 // Private implementation. 2072 private ServerManagedObject<? extends PasswordPolicyCfg> impl; 2073 2074 // The value of the "account-status-notification-handler" property. 2075 private final SortedSet<String> pAccountStatusNotificationHandler; 2076 2077 // The value of the "allow-expired-password-changes" property. 2078 private final boolean pAllowExpiredPasswordChanges; 2079 2080 // The value of the "allow-multiple-password-values" property. 2081 private final boolean pAllowMultiplePasswordValues; 2082 2083 // The value of the "allow-pre-encoded-passwords" property. 2084 private final boolean pAllowPreEncodedPasswords; 2085 2086 // The value of the "allow-user-password-changes" property. 2087 private final boolean pAllowUserPasswordChanges; 2088 2089 // The value of the "default-password-storage-scheme" property. 2090 private final SortedSet<String> pDefaultPasswordStorageScheme; 2091 2092 // The value of the "deprecated-password-storage-scheme" property. 2093 private final SortedSet<String> pDeprecatedPasswordStorageScheme; 2094 2095 // The value of the "expire-passwords-without-warning" property. 2096 private final boolean pExpirePasswordsWithoutWarning; 2097 2098 // The value of the "force-change-on-add" property. 2099 private final boolean pForceChangeOnAdd; 2100 2101 // The value of the "force-change-on-reset" property. 2102 private final boolean pForceChangeOnReset; 2103 2104 // The value of the "grace-login-count" property. 2105 private final int pGraceLoginCount; 2106 2107 // The value of the "idle-lockout-interval" property. 2108 private final long pIdleLockoutInterval; 2109 2110 // The value of the "last-login-time-attribute" property. 2111 private final AttributeType pLastLoginTimeAttribute; 2112 2113 // The value of the "last-login-time-format" property. 2114 private final String pLastLoginTimeFormat; 2115 2116 // The value of the "lockout-duration" property. 2117 private final long pLockoutDuration; 2118 2119 // The value of the "lockout-failure-count" property. 2120 private final int pLockoutFailureCount; 2121 2122 // The value of the "lockout-failure-expiration-interval" property. 2123 private final long pLockoutFailureExpirationInterval; 2124 2125 // The value of the "max-password-age" property. 2126 private final long pMaxPasswordAge; 2127 2128 // The value of the "max-password-reset-age" property. 2129 private final long pMaxPasswordResetAge; 2130 2131 // The value of the "min-password-age" property. 2132 private final long pMinPasswordAge; 2133 2134 // The value of the "password-attribute" property. 2135 private final AttributeType pPasswordAttribute; 2136 2137 // The value of the "password-change-requires-current-password" property. 2138 private final boolean pPasswordChangeRequiresCurrentPassword; 2139 2140 // The value of the "password-expiration-warning-interval" property. 2141 private final long pPasswordExpirationWarningInterval; 2142 2143 // The value of the "password-generator" property. 2144 private final String pPasswordGenerator; 2145 2146 // The value of the "password-history-count" property. 2147 private final int pPasswordHistoryCount; 2148 2149 // The value of the "password-history-duration" property. 2150 private final long pPasswordHistoryDuration; 2151 2152 // The value of the "password-validator" property. 2153 private final SortedSet<String> pPasswordValidator; 2154 2155 // The value of the "previous-last-login-time-format" property. 2156 private final SortedSet<String> pPreviousLastLoginTimeFormat; 2157 2158 // The value of the "require-change-by-time" property. 2159 private final String pRequireChangeByTime; 2160 2161 // The value of the "require-secure-authentication" property. 2162 private final boolean pRequireSecureAuthentication; 2163 2164 // The value of the "require-secure-password-changes" property. 2165 private final boolean pRequireSecurePasswordChanges; 2166 2167 // The value of the "skip-validation-for-administrators" property. 2168 private final boolean pSkipValidationForAdministrators; 2169 2170 // The value of the "state-update-failure-policy" property. 2171 private final StateUpdateFailurePolicy pStateUpdateFailurePolicy; 2172 2173 2174 2175 // Private constructor. 2176 private PasswordPolicyCfgServerImpl(ServerManagedObject<? extends PasswordPolicyCfg> impl) { 2177 this.impl = impl; 2178 this.pAccountStatusNotificationHandler = impl.getPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition()); 2179 this.pAllowExpiredPasswordChanges = impl.getPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition()); 2180 this.pAllowMultiplePasswordValues = impl.getPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition()); 2181 this.pAllowPreEncodedPasswords = impl.getPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition()); 2182 this.pAllowUserPasswordChanges = impl.getPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition()); 2183 this.pDefaultPasswordStorageScheme = impl.getPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition()); 2184 this.pDeprecatedPasswordStorageScheme = impl.getPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition()); 2185 this.pExpirePasswordsWithoutWarning = impl.getPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition()); 2186 this.pForceChangeOnAdd = impl.getPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition()); 2187 this.pForceChangeOnReset = impl.getPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition()); 2188 this.pGraceLoginCount = impl.getPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition()); 2189 this.pIdleLockoutInterval = impl.getPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition()); 2190 this.pLastLoginTimeAttribute = impl.getPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition()); 2191 this.pLastLoginTimeFormat = impl.getPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition()); 2192 this.pLockoutDuration = impl.getPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition()); 2193 this.pLockoutFailureCount = impl.getPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition()); 2194 this.pLockoutFailureExpirationInterval = impl.getPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition()); 2195 this.pMaxPasswordAge = impl.getPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition()); 2196 this.pMaxPasswordResetAge = impl.getPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition()); 2197 this.pMinPasswordAge = impl.getPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition()); 2198 this.pPasswordAttribute = impl.getPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition()); 2199 this.pPasswordChangeRequiresCurrentPassword = impl.getPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition()); 2200 this.pPasswordExpirationWarningInterval = impl.getPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition()); 2201 this.pPasswordGenerator = impl.getPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition()); 2202 this.pPasswordHistoryCount = impl.getPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition()); 2203 this.pPasswordHistoryDuration = impl.getPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition()); 2204 this.pPasswordValidator = impl.getPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition()); 2205 this.pPreviousLastLoginTimeFormat = impl.getPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition()); 2206 this.pRequireChangeByTime = impl.getPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition()); 2207 this.pRequireSecureAuthentication = impl.getPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition()); 2208 this.pRequireSecurePasswordChanges = impl.getPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition()); 2209 this.pSkipValidationForAdministrators = impl.getPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition()); 2210 this.pStateUpdateFailurePolicy = impl.getPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition()); 2211 } 2212 2213 2214 2215 /** 2216 * {@inheritDoc} 2217 */ 2218 public void addChangeListener( 2219 ConfigurationChangeListener<PasswordPolicyCfg> listener) { 2220 impl.registerChangeListener(listener); 2221 } 2222 2223 2224 2225 /** 2226 * {@inheritDoc} 2227 */ 2228 public void removeChangeListener( 2229 ConfigurationChangeListener<PasswordPolicyCfg> listener) { 2230 impl.deregisterChangeListener(listener); 2231 } 2232 2233 2234 2235 /** 2236 * {@inheritDoc} 2237 */ 2238 public SortedSet<String> getAccountStatusNotificationHandler() { 2239 return pAccountStatusNotificationHandler; 2240 } 2241 2242 2243 2244 /** 2245 * {@inheritDoc} 2246 */ 2247 public SortedSet<DN> getAccountStatusNotificationHandlerDNs() { 2248 SortedSet<String> values = getAccountStatusNotificationHandler(); 2249 SortedSet<DN> dnValues = new TreeSet<DN>(); 2250 for (String value : values) { 2251 DN dn = INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition().getChildDN(value); 2252 dnValues.add(dn); 2253 } 2254 return dnValues; 2255 } 2256 2257 2258 2259 /** 2260 * {@inheritDoc} 2261 */ 2262 public boolean isAllowExpiredPasswordChanges() { 2263 return pAllowExpiredPasswordChanges; 2264 } 2265 2266 2267 2268 /** 2269 * {@inheritDoc} 2270 */ 2271 public boolean isAllowMultiplePasswordValues() { 2272 return pAllowMultiplePasswordValues; 2273 } 2274 2275 2276 2277 /** 2278 * {@inheritDoc} 2279 */ 2280 public boolean isAllowPreEncodedPasswords() { 2281 return pAllowPreEncodedPasswords; 2282 } 2283 2284 2285 2286 /** 2287 * {@inheritDoc} 2288 */ 2289 public boolean isAllowUserPasswordChanges() { 2290 return pAllowUserPasswordChanges; 2291 } 2292 2293 2294 2295 /** 2296 * {@inheritDoc} 2297 */ 2298 public SortedSet<String> getDefaultPasswordStorageScheme() { 2299 return pDefaultPasswordStorageScheme; 2300 } 2301 2302 2303 2304 /** 2305 * {@inheritDoc} 2306 */ 2307 public SortedSet<DN> getDefaultPasswordStorageSchemeDNs() { 2308 SortedSet<String> values = getDefaultPasswordStorageScheme(); 2309 SortedSet<DN> dnValues = new TreeSet<DN>(); 2310 for (String value : values) { 2311 DN dn = INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition().getChildDN(value); 2312 dnValues.add(dn); 2313 } 2314 return dnValues; 2315 } 2316 2317 2318 2319 /** 2320 * {@inheritDoc} 2321 */ 2322 public SortedSet<String> getDeprecatedPasswordStorageScheme() { 2323 return pDeprecatedPasswordStorageScheme; 2324 } 2325 2326 2327 2328 /** 2329 * {@inheritDoc} 2330 */ 2331 public SortedSet<DN> getDeprecatedPasswordStorageSchemeDNs() { 2332 SortedSet<String> values = getDeprecatedPasswordStorageScheme(); 2333 SortedSet<DN> dnValues = new TreeSet<DN>(); 2334 for (String value : values) { 2335 DN dn = INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition().getChildDN(value); 2336 dnValues.add(dn); 2337 } 2338 return dnValues; 2339 } 2340 2341 2342 2343 /** 2344 * {@inheritDoc} 2345 */ 2346 public boolean isExpirePasswordsWithoutWarning() { 2347 return pExpirePasswordsWithoutWarning; 2348 } 2349 2350 2351 2352 /** 2353 * {@inheritDoc} 2354 */ 2355 public boolean isForceChangeOnAdd() { 2356 return pForceChangeOnAdd; 2357 } 2358 2359 2360 2361 /** 2362 * {@inheritDoc} 2363 */ 2364 public boolean isForceChangeOnReset() { 2365 return pForceChangeOnReset; 2366 } 2367 2368 2369 2370 /** 2371 * {@inheritDoc} 2372 */ 2373 public int getGraceLoginCount() { 2374 return pGraceLoginCount; 2375 } 2376 2377 2378 2379 /** 2380 * {@inheritDoc} 2381 */ 2382 public long getIdleLockoutInterval() { 2383 return pIdleLockoutInterval; 2384 } 2385 2386 2387 2388 /** 2389 * {@inheritDoc} 2390 */ 2391 public AttributeType getLastLoginTimeAttribute() { 2392 return pLastLoginTimeAttribute; 2393 } 2394 2395 2396 2397 /** 2398 * {@inheritDoc} 2399 */ 2400 public String getLastLoginTimeFormat() { 2401 return pLastLoginTimeFormat; 2402 } 2403 2404 2405 2406 /** 2407 * {@inheritDoc} 2408 */ 2409 public long getLockoutDuration() { 2410 return pLockoutDuration; 2411 } 2412 2413 2414 2415 /** 2416 * {@inheritDoc} 2417 */ 2418 public int getLockoutFailureCount() { 2419 return pLockoutFailureCount; 2420 } 2421 2422 2423 2424 /** 2425 * {@inheritDoc} 2426 */ 2427 public long getLockoutFailureExpirationInterval() { 2428 return pLockoutFailureExpirationInterval; 2429 } 2430 2431 2432 2433 /** 2434 * {@inheritDoc} 2435 */ 2436 public long getMaxPasswordAge() { 2437 return pMaxPasswordAge; 2438 } 2439 2440 2441 2442 /** 2443 * {@inheritDoc} 2444 */ 2445 public long getMaxPasswordResetAge() { 2446 return pMaxPasswordResetAge; 2447 } 2448 2449 2450 2451 /** 2452 * {@inheritDoc} 2453 */ 2454 public long getMinPasswordAge() { 2455 return pMinPasswordAge; 2456 } 2457 2458 2459 2460 /** 2461 * {@inheritDoc} 2462 */ 2463 public AttributeType getPasswordAttribute() { 2464 return pPasswordAttribute; 2465 } 2466 2467 2468 2469 /** 2470 * {@inheritDoc} 2471 */ 2472 public boolean isPasswordChangeRequiresCurrentPassword() { 2473 return pPasswordChangeRequiresCurrentPassword; 2474 } 2475 2476 2477 2478 /** 2479 * {@inheritDoc} 2480 */ 2481 public long getPasswordExpirationWarningInterval() { 2482 return pPasswordExpirationWarningInterval; 2483 } 2484 2485 2486 2487 /** 2488 * {@inheritDoc} 2489 */ 2490 public String getPasswordGenerator() { 2491 return pPasswordGenerator; 2492 } 2493 2494 2495 2496 /** 2497 * {@inheritDoc} 2498 */ 2499 public DN getPasswordGeneratorDN() { 2500 String value = getPasswordGenerator(); 2501 if (value == null) return null; 2502 return INSTANCE.getPasswordGeneratorPropertyDefinition().getChildDN(value); 2503 } 2504 2505 2506 2507 /** 2508 * {@inheritDoc} 2509 */ 2510 public int getPasswordHistoryCount() { 2511 return pPasswordHistoryCount; 2512 } 2513 2514 2515 2516 /** 2517 * {@inheritDoc} 2518 */ 2519 public long getPasswordHistoryDuration() { 2520 return pPasswordHistoryDuration; 2521 } 2522 2523 2524 2525 /** 2526 * {@inheritDoc} 2527 */ 2528 public SortedSet<String> getPasswordValidator() { 2529 return pPasswordValidator; 2530 } 2531 2532 2533 2534 /** 2535 * {@inheritDoc} 2536 */ 2537 public SortedSet<DN> getPasswordValidatorDNs() { 2538 SortedSet<String> values = getPasswordValidator(); 2539 SortedSet<DN> dnValues = new TreeSet<DN>(); 2540 for (String value : values) { 2541 DN dn = INSTANCE.getPasswordValidatorPropertyDefinition().getChildDN(value); 2542 dnValues.add(dn); 2543 } 2544 return dnValues; 2545 } 2546 2547 2548 2549 /** 2550 * {@inheritDoc} 2551 */ 2552 public SortedSet<String> getPreviousLastLoginTimeFormat() { 2553 return pPreviousLastLoginTimeFormat; 2554 } 2555 2556 2557 2558 /** 2559 * {@inheritDoc} 2560 */ 2561 public String getRequireChangeByTime() { 2562 return pRequireChangeByTime; 2563 } 2564 2565 2566 2567 /** 2568 * {@inheritDoc} 2569 */ 2570 public boolean isRequireSecureAuthentication() { 2571 return pRequireSecureAuthentication; 2572 } 2573 2574 2575 2576 /** 2577 * {@inheritDoc} 2578 */ 2579 public boolean isRequireSecurePasswordChanges() { 2580 return pRequireSecurePasswordChanges; 2581 } 2582 2583 2584 2585 /** 2586 * {@inheritDoc} 2587 */ 2588 public boolean isSkipValidationForAdministrators() { 2589 return pSkipValidationForAdministrators; 2590 } 2591 2592 2593 2594 /** 2595 * {@inheritDoc} 2596 */ 2597 public StateUpdateFailurePolicy getStateUpdateFailurePolicy() { 2598 return pStateUpdateFailurePolicy; 2599 } 2600 2601 2602 2603 /** 2604 * {@inheritDoc} 2605 */ 2606 public Class<? extends PasswordPolicyCfg> configurationClass() { 2607 return PasswordPolicyCfg.class; 2608 } 2609 2610 2611 2612 /** 2613 * {@inheritDoc} 2614 */ 2615 public DN dn() { 2616 return impl.getDN(); 2617 } 2618 2619 } 2620 }