001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * https://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.api.ldap.extras.controls.ppolicy; 021 022import org.apache.directory.api.ldap.model.message.Control; 023 024/** 025 * The PasswordPolicy response. It contains information about the error if we 026 * had one when injecting a bad password into the server. Here is the controlValue 027 * ASN.1 grammar: 028 * <pre> 029 * PasswordPolicyResponseValue ::= SEQUENCE { 030 * warning [0] CHOICE { 031 * timeBeforeExpiration [0] INTEGER (0 .. maxInt), 032 * graceAuthNsRemaining [1] INTEGER (0 .. maxInt) 033 * } OPTIONAL, 034 * error [1] ENUMERATED { 035 * passwordExpired (0), 036 * accountLocked (1), 037 * changeAfterReset (2), 038 * passwordModNotAllowed (3), 039 * mustSupplyOldPassword (4), 040 * insufficientPasswordQuality (5), 041 * passwordTooShort (6), 042 * passwordTooYoung (7), 043 * passwordInHistory (8) } OPTIONAL 044 * } 045 * } 046 * </pre> 047 * 048 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 049 * @version $Rev$, $Date$ 050 */ 051public interface PasswordPolicyResponse extends Control 052{ 053 /** the password policy response control */ 054 String OID = "1.3.6.1.4.1.42.2.27.8.5.1"; 055 056 /** 057 * Returns the time before expiration. Will return -1 if this warning 058 * was not present in the response. 059 * 060 * @return The time before expiration of the password, or -1 if not set 061 */ 062 int getTimeBeforeExpiration(); 063 064 065 /** 066 * Set a date of expiration for the password. 067 * 068 * @param timeBeforeExpiration The time before the password will expire 069 */ 070 void setTimeBeforeExpiration( int timeBeforeExpiration ); 071 072 073 /** 074 * Returns the number of possible attempts on the password before it's 075 * locked. Will return -1 if this warning was not present in the 076 * response. 077 * 078 * @return The number of possible attempts on the password before it's locked 079 */ 080 int getGraceAuthNRemaining(); 081 082 083 /** 084 * Sets the number of remaining wrong authentication for this password. 085 * 086 * @param graceAuthNRemaining The number of remaining attempts 087 */ 088 void setGraceAuthNRemaining( int graceAuthNRemaining ); 089 090 091 /** 092 * Returns the password policy error. 093 * 094 * @return The PasswordPolicyErrorEnum representing the error 095 */ 096 PasswordPolicyErrorEnum getPasswordPolicyError(); 097 098 099 /** 100 * Sets the PasswordPolicy error. 101 * 102 * @param ppolicyError The PasswordPolicyErrorEnum representing the error 103 */ 104 void setPasswordPolicyError( PasswordPolicyErrorEnum ppolicyError ); 105}