Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
    private enum ActiveDirectoryUserAccountControlFlags {
        UAC_FLAG_ACCOUNT_DISABLED(2),
        UAC_FLAG_LOCKOUT(16),
        UAC_FLAG_PASSWD_NOTREQD(32),
        UAC_FLAG_DONT_EXPIRE_PASSWD(65536),
        UAC_FLAG_PASSWORD_EXPIRED(8388608);
        
        private int value;
        
        ActiveDirectoryUserAccountControlFlags(final int id) { 
            this.value = id; 
        }
        
        public final int getValue() { 
            return this.value; 
        }
    }

Internalization

...

of Pre-Authentication Ldap Error Codes 

LPPE attempts to intercept authentication errors by detecting a set of ldap error codes. By translating the error codes into a webflow state, LPPE is then able to redirect the user the page appropriate and relevant for the issue experienced. Currently, these error codes are visibly defined in the configuration and are somewhat easily accessible by the deployer:

...

The above approach is completely extensible and exposes hooks for other implementations of the LdapErrorDefinition, should a use case arise. The changeset is provided and facilitated by having support for retrieval of custom attributes. 

Support

...

for Post-Authentication Account Examiners

To detect and calculate the account expiration warning, the account state needs to be examined after a successful authentication. Based on LPPE configuration, the account state through retrieval of custom attributes is examined and appropriate prompts and alterations in the flow may occur. 

...