Class FreeIPAAuthenticationResponseHandler

  • All Implemented Interfaces:
    AuthenticationResponseHandler

    public class FreeIPAAuthenticationResponseHandler
    extends java.lang.Object
    implements AuthenticationResponseHandler
    Attempts to parse the authentication response and set the account state using data associated with FreeIPA. The Authenticator should be configured to return 'krbPasswordExpiration', 'krbLoginFailedCount' and 'krbLastPwdChange' attributes so they can be consumed by this handler.
    Author:
    tduehr
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String[] ATTRIBUTES
      Attributes needed to enforce password policy.
      protected org.slf4j.Logger logger
      Logger for this class.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.time.Period getExpirationPeriod()
      Returns the amount of time since a password was set until it will expire.
      int getMaxLoginFailures()
      Returns the maximum login failures.
      java.time.Period getWarningPeriod()
      Returns the amount of time before expiration to produce a warning.
      void handle​(AuthenticationResponse response)
      Handle the response from an ldap authentication.
      void setExpirationPeriod​(java.time.Period period)
      Sets the amount of time since a password was set until it will expire.
      void setMaxLoginFailures​(int loginFailures)
      Sets the maximum login failures.
      void setWarningPeriod​(java.time.Period period)
      Sets the amount of time before expiration to produce a warning.
      java.lang.String toString()  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Field Detail

      • ATTRIBUTES

        public static final java.lang.String[] ATTRIBUTES
        Attributes needed to enforce password policy.
      • logger

        protected final org.slf4j.Logger logger
        Logger for this class.
    • Constructor Detail

      • FreeIPAAuthenticationResponseHandler

        public FreeIPAAuthenticationResponseHandler()
        Default constructor.
      • FreeIPAAuthenticationResponseHandler

        public FreeIPAAuthenticationResponseHandler​(java.time.Period warning,
                                                    int loginFailures)
        Creates a new freeipa authentication response handler.
        Parameters:
        warning - length of time before expiration that should produce a warning
        loginFailures - number of login failures to allow
      • FreeIPAAuthenticationResponseHandler

        public FreeIPAAuthenticationResponseHandler​(java.time.Period expiration,
                                                    java.time.Period warning,
                                                    int loginFailures)
        Creates a new freeipa authentication response handler.
        Parameters:
        expiration - length of time that a password is valid
        warning - length of time before expiration that should produce a warning
        loginFailures - number of login failures to allow
    • Method Detail

      • getMaxLoginFailures

        public int getMaxLoginFailures()
        Returns the maximum login failures.
        Returns:
        maximum login failures before lockout.
      • setMaxLoginFailures

        public void setMaxLoginFailures​(int loginFailures)
        Sets the maximum login failures.
        Parameters:
        loginFailures - before lockout.
      • getExpirationPeriod

        public java.time.Period getExpirationPeriod()
        Returns the amount of time since a password was set until it will expire. Only used if the krbPasswordExpiration attribute cannot be read from the directory.
        Returns:
        expiration period
      • setExpirationPeriod

        public void setExpirationPeriod​(java.time.Period period)
        Sets the amount of time since a password was set until it will expire. Only used if the krbPasswordExpiration attribute cannot be read from the directory.
        Parameters:
        period - expiration period
      • getWarningPeriod

        public java.time.Period getWarningPeriod()
        Returns the amount of time before expiration to produce a warning.
        Returns:
        warning period
      • setWarningPeriod

        public void setWarningPeriod​(java.time.Period period)
        Sets the amount of time before expiration to produce a warning.
        Parameters:
        period - warning period
      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object