Package org.ldaptive.auth.ext
Class FreeIPAAuthenticationResponseHandler
- java.lang.Object
-
- org.ldaptive.auth.ext.FreeIPAAuthenticationResponseHandler
-
- All Implemented Interfaces:
AuthenticationResponseHandler
public class FreeIPAAuthenticationResponseHandler extends java.lang.Object implements AuthenticationResponseHandler
Attempts to parse the authentication response and set the account state using data associated with FreeIPA. TheAuthenticator
should be configured to return 'krbPasswordExpiration', 'krbLoginFailedCount' and 'krbLastPwdChange' attributes so they can be consumed by this handler.- Author:
- tduehr
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String[]
ATTRIBUTES
Attributes needed to enforce password policy.protected org.slf4j.Logger
logger
Logger for this class.
-
Constructor Summary
Constructors Constructor Description FreeIPAAuthenticationResponseHandler()
Default constructor.FreeIPAAuthenticationResponseHandler(java.time.Period warning, int loginFailures)
Creates a new freeipa authentication response handler.FreeIPAAuthenticationResponseHandler(java.time.Period expiration, java.time.Period warning, int loginFailures)
Creates a new freeipa authentication response handler.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.time.Period
getExpirationPeriod()
Returns the amount of time since a password was set until it will expire.int
getMaxLoginFailures()
Returns the maximum login failures.java.time.Period
getWarningPeriod()
Returns the amount of time before expiration to produce a warning.void
handle(AuthenticationResponse response)
Handle the response from an ldap authentication.void
setExpirationPeriod(java.time.Period period)
Sets the amount of time since a password was set until it will expire.void
setMaxLoginFailures(int loginFailures)
Sets the maximum login failures.void
setWarningPeriod(java.time.Period period)
Sets the amount of time before expiration to produce a warning.java.lang.String
toString()
-
-
-
Constructor Detail
-
FreeIPAAuthenticationResponseHandler
public FreeIPAAuthenticationResponseHandler()
Default constructor.
-
FreeIPAAuthenticationResponseHandler
public FreeIPAAuthenticationResponseHandler(java.time.Period warning, int loginFailures)
Creates a new freeipa authentication response handler.- Parameters:
warning
- length of time before expiration that should produce a warningloginFailures
- number of login failures to allow
-
FreeIPAAuthenticationResponseHandler
public FreeIPAAuthenticationResponseHandler(java.time.Period expiration, java.time.Period warning, int loginFailures)
Creates a new freeipa authentication response handler.- Parameters:
expiration
- length of time that a password is validwarning
- length of time before expiration that should produce a warningloginFailures
- number of login failures to allow
-
-
Method Detail
-
handle
public void handle(AuthenticationResponse response)
Description copied from interface:AuthenticationResponseHandler
Handle the response from an ldap authentication.- Specified by:
handle
in interfaceAuthenticationResponseHandler
- Parameters:
response
- produced from an authentication
-
getMaxLoginFailures
public int getMaxLoginFailures()
Returns the maximum login failures.- Returns:
- maximum login failures before lockout.
-
setMaxLoginFailures
public void setMaxLoginFailures(int loginFailures)
Sets the maximum login failures.- Parameters:
loginFailures
- before lockout.
-
getExpirationPeriod
public java.time.Period getExpirationPeriod()
Returns the amount of time since a password was set until it will expire. Only used if the krbPasswordExpiration attribute cannot be read from the directory.- Returns:
- expiration period
-
setExpirationPeriod
public void setExpirationPeriod(java.time.Period period)
Sets the amount of time since a password was set until it will expire. Only used if the krbPasswordExpiration attribute cannot be read from the directory.- Parameters:
period
- expiration period
-
getWarningPeriod
public java.time.Period getWarningPeriod()
Returns the amount of time before expiration to produce a warning.- Returns:
- warning period
-
setWarningPeriod
public void setWarningPeriod(java.time.Period period)
Sets the amount of time before expiration to produce a warning.- Parameters:
period
- warning period
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-