Class PasswordUpdateBehaviorRequestControlProperties
- java.lang.Object
-
- com.unboundid.ldap.sdk.unboundidds.controls.PasswordUpdateBehaviorRequestControlProperties
-
- All Implemented Interfaces:
java.io.Serializable
@Mutable @ThreadSafety(level=NOT_THREADSAFE) public final class PasswordUpdateBehaviorRequestControlProperties extends java.lang.Object implements java.io.Serializable
This class provides a set of properties that can be used in conjunction with thePasswordUpdateBehaviorRequestControl
.
NOTE: This class, and other classes within the
com.unboundid.ldap.sdk.unboundidds
package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description PasswordUpdateBehaviorRequestControlProperties()
Creates a new password update behavior request control properties object with none of the properties set, which will cause the server to behave as if the control had not been included in the request.PasswordUpdateBehaviorRequestControlProperties(PasswordUpdateBehaviorRequestControl control)
Creates a new password update behavior request control properties object with the settings used for the provided password update behavior request control.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.Boolean
getAllowPreEncodedPassword()
Indicates whether the password update behavior request control should override the value of theallow-pre-encoded-passwords
configuration property for the target user's password policy, and if so, what the overridden value should be.java.lang.Boolean
getIgnoreMinimumPasswordAge()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to checking the minimum password age, and if so, what the overridden behavior should be.java.lang.Boolean
getIgnorePasswordHistory()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to checking the password history for any new passwords included in the password update, and if so, what the overridden behavior should be.java.lang.Boolean
getIsSelfChange()
Indicates whether the password update behavior request control should override the server's automatic classification of the password update as a self change or an administrative reset, and if so, what the overridden value should be.java.lang.Boolean
getMustChangePassword()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to requiring a password change, and if so, what that behavior should be.java.lang.String
getPasswordStorageScheme()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to selecting the password storage scheme to use to encode new password values, and if so, which password storage scheme should be used.java.lang.Boolean
getSkipPasswordValidation()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to invoking password validators for any new passwords included in the password update, and if so, what the overridden behavior should be.void
setAllowPreEncodedPassword(java.lang.Boolean allowPreEncodedPassword)
Specifies whether the password update behavior request control should override the value of theallow-pre-encoded-passwords
configuration property for the target user's password policy, and if so, what the overridden value should be.void
setIgnoreMinimumPasswordAge(java.lang.Boolean ignoreMinimumPasswordAge)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to checking the minimum password age, and if so, what the overridden behavior should be.void
setIgnorePasswordHistory(java.lang.Boolean ignorePasswordHistory)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to checking the password history for any new passwords included in the password update, and if so, what the overridden behavior should be.void
setIsSelfChange(java.lang.Boolean isSelfChange)
Specifies whether the password update behavior request control should override the server's automatic classification of the password update as a self change or an administrative reset, and if so, what the overridden value should be.void
setMustChangePassword(java.lang.Boolean mustChangePassword)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to requiring a password change, and if so, what that behavior should be.void
setPasswordStorageScheme(java.lang.String passwordStorageScheme)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to selecting the password storage scheme to use to encode new password values, and if so, which password storage scheme should be used.void
setSkipPasswordValidation(java.lang.Boolean skipPasswordValidation)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to invoking password validators for any new passwords included in the password update, and if so, what the overridden behavior should be.java.lang.String
toString()
Retrieves a string representation of this password update behavior request control properties object.void
toString(java.lang.StringBuilder buffer)
Appends a string representation of this password update behavior request control properties object to the provided buffer.
-
-
-
Constructor Detail
-
PasswordUpdateBehaviorRequestControlProperties
public PasswordUpdateBehaviorRequestControlProperties()
Creates a new password update behavior request control properties object with none of the properties set, which will cause the server to behave as if the control had not been included in the request.
-
PasswordUpdateBehaviorRequestControlProperties
public PasswordUpdateBehaviorRequestControlProperties(PasswordUpdateBehaviorRequestControl control)
Creates a new password update behavior request control properties object with the settings used for the provided password update behavior request control.- Parameters:
control
- The control to use to initialize this properties object.
-
-
Method Detail
-
getIsSelfChange
public java.lang.Boolean getIsSelfChange()
Indicates whether the password update behavior request control should override the server's automatic classification of the password update as a self change or an administrative reset, and if so, what the overridden value should be.- Returns:
Boolean.TRUE
if the server should treat the password update as a self change,Boolean.FALSE
if the server should treat the password update as an administrative reset, ornull
if the server should automatically determine whether the password update is a self change or an administrative reset.
-
setIsSelfChange
public void setIsSelfChange(java.lang.Boolean isSelfChange)
Specifies whether the password update behavior request control should override the server's automatic classification of the password update as a self change or an administrative reset, and if so, what the overridden value should be.
Normally, the server will consider a password update to be a self change if it contains the user's current password in addition to the new password, or if the user entry being updated is the entry for the authorization identity for the requested operation. Conversely, if the password change does not include the target user's current password in addition to the new password, and the user performing the password change doesn't own the entry being updated, then it will be considered an administrative reset. But if this method is called with a value ofBoolean.TRUE
, then the server will consider the password update to be a self change even if it would have otherwise been considered an administrative reset, and if this method is called with a value ofBoolean.FALSE
, then the server will consider the password update to be an administrative reset even if it would have otherwise been considered a self change.
Note that this only applies to modify requests and password modify extended requests. It does not apply to add requests, which will always be considered administrative resets because a user can't change their own password before their account exists in the server. However, the password update behavior request control can still be used to override the server's default behavior for other properties that do apply to add operations.- Parameters:
isSelfChange
- Specifies whether the control should override the server's automatic classification of the password update as a self change or an administrative reset. If this isBoolean.TRUE
, then it indicates that the server should treat the password update as a self change. If this isBoolean.FALSE
, then it indicates that the server should treat the password update as an administrative reset. If this isnull
, it indicates that the server should automatically determine whether the password change is a self change or an administrative reset.
-
getAllowPreEncodedPassword
public java.lang.Boolean getAllowPreEncodedPassword()
Indicates whether the password update behavior request control should override the value of theallow-pre-encoded-passwords
configuration property for the target user's password policy, and if so, what the overridden value should be.- Returns:
Boolean.TRUE
if the server should accept a pre-encoded password in the password update even if the server's password policy configuration would normally not permit this,Boolean.FALSE
if the server should reject a pre-encoded password in the password update even if the server's password policy configuration would normally accept it, ornull
if the password policy configuration should be used to determine whether to accept pre-encoded passwords.
-
setAllowPreEncodedPassword
public void setAllowPreEncodedPassword(java.lang.Boolean allowPreEncodedPassword)
Specifies whether the password update behavior request control should override the value of theallow-pre-encoded-passwords
configuration property for the target user's password policy, and if so, what the overridden value should be.
Note that certain types of validation cannot be performed for new passwords that are pre-encoded. It will not be possible to invoke password validators on a pre-encoded password, and it will not be possible to compare the a pre-encoded new password against the current password or one in the password history. Allowing end users to provide pre-encoded passwords could create a loophole in which the user could continue using the same password longer than they would otherwise be permitted to because they could keep changing the password to a different encoded representation of the same password, or to a weaker password than the server would normally allow.- Parameters:
allowPreEncodedPassword
- Specifies whether the password update behavior request control should override the value of theallow-pre-encoded-passwords
configuration property for the target user's password policy, and if so, what the overridden value should be. If this isBoolean.TRUE
, then the server will permit a pre-encoded password, even if it would normally reject them. If this isBoolean.FALSE
, then the server will reject a pre-encoded password, even if it would normally accept it. If this isnull
, then the server will use the password policy configuration to determine whether to accept a pre-encoded password.
-
getSkipPasswordValidation
public java.lang.Boolean getSkipPasswordValidation()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to invoking password validators for any new passwords included in the password update, and if so, what the overridden behavior should be.- Returns:
Boolean.TRUE
if the server should skip invoking the password validators configured in the target user's password policy validators for any new passwords included in the password update even if the server would normally perform password validation,Boolean.FALSE
if the server should invoke the password validators even if it would normally skip them, ornull
if the password policy configuration should be used to determine whether to skip password validation.
-
setSkipPasswordValidation
public void setSkipPasswordValidation(java.lang.Boolean skipPasswordValidation)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to invoking password validators for any new passwords included in the password update, and if so, what the overridden behavior should be.
Note that if password validation is to be performed, it will use the set of password validators set in the target user's password policy. It is not possible to customize which validators will be used on a per-request basis.
Also note that password validation can only be performed for new passwords that are not pre-encoded. Pre-encoded passwords cannot be checked against password validators or the password history.- Parameters:
skipPasswordValidation
- Specifies whether the password update behavior request control should override the server's normal behavior with regard to invoking password validators for any new passwords included in the password update, and if so, what the overridden behavior should be. If this isBoolean.TRUE
, then the server will skip new password validation even if it would normally perform it. If this isBoolean.FALSE
, then the server will perform new password validation even if it would normally skip it. If this isnull
, then the server will use the password policy configuration to determine whether to perform new password validation.
-
getIgnorePasswordHistory
public java.lang.Boolean getIgnorePasswordHistory()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to checking the password history for any new passwords included in the password update, and if so, what the overridden behavior should be.- Returns:
Boolean.TRUE
if the server should not check to see whether any new password matches the current password or is in the user's password history even if it would normally perform that check,Boolean.FALSE
if the server should check to see whether any new password matches the current or previous password even if it would normally not perform such a check, ornull
if the password policy configuration should be used to determine whether to ignore the password history.
-
setIgnorePasswordHistory
public void setIgnorePasswordHistory(java.lang.Boolean ignorePasswordHistory)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to checking the password history for any new passwords included in the password update, and if so, what the overridden behavior should be.
Note that if the target user's password policy is not configured to maintain a password history, then there may not be any previous passwords to check. In that case, overriding the behavior to check the password history will only compare the new password against the current password.
Also note that this setting only applies to the validation of the new password. It will not affect the server's behavior with regard to storing the new or previous password in the password history.
Finally, password history validation can only be performed for new passwords that are not pre-encoded. Pre-encoded passwords cannot be checked against password validators or the password history.- Parameters:
ignorePasswordHistory
- Specifies whether the password update behavior request control should override the server's normal behavior with regard to checking the password history for any new passwords included in the password update, and if so, what the overridden behavior should be. If this isBoolean.TRUE
, then the server will skip password history validation even if it would have normally performed it. If this isBoolean.FALSE
, then the server will perform password history validation even if it would have normally skipped it. If this isnull
, then the server will use the password policy configuration to determine whether to perform password history validation.
-
getIgnoreMinimumPasswordAge
public java.lang.Boolean getIgnoreMinimumPasswordAge()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to checking the minimum password age, and if so, what the overridden behavior should be.- Returns:
Boolean.TRUE
if the server should accept the password change even if it has been less than the configured minimum password age since the password was last changed,Boolean.FALSE
if the server should reject the password change if it has been less than teh configured minimum password age, ornull
if the password policy configuration should be used to determine the appropriate behavior.
-
setIgnoreMinimumPasswordAge
public void setIgnoreMinimumPasswordAge(java.lang.Boolean ignoreMinimumPasswordAge)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to checking the minimum password age, and if so, what the overridden behavior should be.
Normally, if a minimum password age is configured, then it will apply only for self password changes but not for administrative resets. With this value set toBoolean.TRUE
, then the configured minimum password age will be ignored even for self changes. With this value set toBoolean.FALSE
, then the configured minimum password age will be enforced even for administrative resets. In any case, this will only be used if the target user's password policy is configured with a nonzero minimum password age.- Parameters:
ignoreMinimumPasswordAge
- Specifies whether the password update behavior request control should override the server's normal behavior with regard to checking the minimum password age, and if so, what the overridden behavior should be. If this isBoolean.TRUE
, then the minimum password age will not be enforced, even for self password changes. If this isBoolean.FALSE
, then the minimum password age will be enforced, even for administrative resets. If this isnull
, then the server's default behavior will be used so that the minimum password age will be enforced for self changes but not for administrative resets.
-
getPasswordStorageScheme
public java.lang.String getPasswordStorageScheme()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to selecting the password storage scheme to use to encode new password values, and if so, which password storage scheme should be used.- Returns:
- The name of the password storage scheme that should be used to
encode any new password values, or
null
if the target user's password policy configuration should determine the appropriate schemes for encoding new passwords.
-
setPasswordStorageScheme
public void setPasswordStorageScheme(java.lang.String passwordStorageScheme)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to selecting the password storage scheme to use to encode new password values, and if so, which password storage scheme should be used.
If a non-null
password storage scheme name is provided, then it must be the prefix used in front of passwords encoded with that scheme, optionally including or omitting the curly braces. The specified scheme must be enabled for use in the server but does not otherwise need to be associated with the target user's password policy.- Parameters:
passwordStorageScheme
- The name of the password storage scheme that should be used to encode any new password values. It may optionally be enclosed in curly braces. It may benull
if the password policy configuration should be used to determine which password storage schemes should be used to encode new passwords.
-
getMustChangePassword
public java.lang.Boolean getMustChangePassword()
Indicates whether the password update behavior request control should override the server's normal behavior with regard to requiring a password change, and if so, what that behavior should be.- Returns:
Boolean.TRUE
if the user will be required to change their password before being allowed to perform any other operation,Boolean.FALSE
if the user will not be required to change their password before being allowed to perform any other operation, ornull
if the password policy configuration should be used to control this behavior.
-
setMustChangePassword
public void setMustChangePassword(java.lang.Boolean mustChangePassword)
Specifies whether the password update behavior request control should override the server's normal behavior with regard to requiring a password change, and if so, what that behavior should be.
Note that the "must change password" behavior will only be enforced if the target user's password policy is configured with eitherforce-change-on-add
orforce-change-on-reset
set totrue
. If both of those properties are set tofalse
, then this method will have no effect.
Normally, ifforce-change-on-reset
istrue
, then the server will put the user's account into a "must change password" state after an administrative password reset, but not after a self change. If this method is called with a value ofBoolean.TRUE
, then the "must change password" flag will be set, even if the password update is a self change. It this method is called with a value ofBoolean.FALSE
, then the "must change password" flag will not be set even if the password update is an administrative change. If this method is called with a value ofnull
, then the server's normal logic will be used to determine whether to set the "must change password" flag.- Parameters:
mustChangePassword
- Specifies whether the password update behavior request control should override the server's normal behavior with regard to requiring a password change, and if so, what that behavior should be. If this isBoolean.TRUE
, then the user entry will be required to change their password after their next login even if this is a self change. If this isBoolean.FALSE
, then the user will not be required to change their password after the next login even if this is an administrative reset. If this isnull
, then the server's normal logic will be used to make the determination.
-
toString
public java.lang.String toString()
Retrieves a string representation of this password update behavior request control properties object.- Overrides:
toString
in classjava.lang.Object
- Returns:
- A string representation of this password update behavior request control properties object.
-
toString
public void toString(java.lang.StringBuilder buffer)
Appends a string representation of this password update behavior request control properties object to the provided buffer.- Parameters:
buffer
- The buffer to which the information should be appended.
-
-