...
| Code Block |
|---|
private enum ActiveDirectoryUserAccountControlFlags {
UAC_FLAG_ACCOUNT_DISABLED(2),
UAC_FLAG_LOCKOUT(16),
UAC_FLAG_PASSWD_NOTREQD(32),
UAC_FLAG_DONT_EXPIRE_PASSWD(65536),
UAC_FLAG_PASSWORD_EXPIRED(8388608);
private int value;
ActiveDirectoryUserAccountControlFlags(final int id) {
this.value = id;
}
public final int getValue() {
return this.value;
}
} |
Reduce Ldap Query Overhead
TODO
Support for Custom Date Formatters
TODO
Support for Custom WebFlow States
...
The above approach is completely extensible and exposes hooks for other implementations of the LdapPasswordPolicyExaminer, should a use case arise. The changeset is provided and facilitated by having support for retrieval of custom attributes. Examiners are also optional and may or may not be used in conjunction with detection of ldap error codes during authentication.
Support for Custom Date Formatters
To calculate the password expiration warning based on a given LDAP attribute date (specified in the lppe configuration), this changeset proposes various implementations of the LdapDateConverter interface. This interface provides for not only configuring the given timezone used in date calculation, but defines the general contract between LPPE and the following implementations:
ActiveDirectoryLdapDateConverter used specifically with ActiveDirectory ldap instances, feature the ability to convert a special AD date value into its equivalent java.util.Date object.
- SimpleDateFormatLdapDateConverter expects the received date value form LDAP to be consistent with a given DateTimeFormatter's pattern.
- TimeUnitLdapDateConverter expects the received ldap date value to be defined in milliseconds. It will convert the value to the time unit specified. The final date is initialized from a given date (or epoch).
Reduce Ldap Query Overhead
TODO
Component Diagram
TODO
Flow Diagram
...