Package org.opends.server.api

Class PasswordValidator<T extends PasswordValidatorCfg>

java.lang.Object
org.opends.server.api.PasswordValidator<T>
Type Parameters:
T - The type of configuration handled by this password validator.
Direct Known Subclasses:
AttributeValuePasswordValidator, CharacterSetPasswordValidator, DictionaryPasswordValidator, LengthBasedPasswordValidator, RepeatedCharactersPasswordValidator, SimilarityBasedPasswordValidator, UniqueCharactersPasswordValidator
public abstract class PasswordValidator<T extends PasswordValidatorCfg> extends Object
This class defines the set of methods and structures that must be implemented by a Directory Server module that may be used to determine whether a proposed password is acceptable for a user.

  • Constructor Details

    • PasswordValidator

      public PasswordValidator()

  • Method Details

    • initializePasswordValidator

      public abstract void initializePasswordValidator(T configuration) throws ConfigException, InitializationException
      Initializes this password validator based on the information in the provided configuration entry.
      Parameters:
      configuration - The configuration to use to initialize this password validator.
      Throws:
      ConfigException - If an unrecoverable problem arises in the process of performing the initialization.
      InitializationException - If a problem occurs during initialization that is not related to the server configuration.

    • isConfigurationAcceptable

      public boolean isConfigurationAcceptable(T configuration, List<LocalizableMessage> unacceptableReasons)
      Indicates whether the provided configuration is acceptable for this password validator. It should be possible to call this method on an uninitialized password validator instance in order to determine whether the password validator would be able to use the provided configuration.
      Parameters:
      configuration - The password validator configuration for which to make the determination.
      unacceptableReasons - A list that may be used to hold the reasons that the provided configuration is not acceptable.
      Returns:
      true if the provided configuration is acceptable for this password validator, or false if not.

    • finalizePasswordValidator

      public void finalizePasswordValidator()
      Performs any finalization that might be required when this password validator is unloaded. No action is taken in the default implementation.

    • passwordIsAcceptable

      public abstract boolean passwordIsAcceptable(ByteString newPassword, Set<ByteString> currentPasswords, Operation operation, Entry userEntry, LocalizableMessageBuilder invalidReason)
      Indicates whether the provided password is acceptable for use by the specified user. If the password is determined to be unacceptable, then a human-readable explanation should be appended to the provided buffer.
      Parameters:
      newPassword - The proposed clear-text password that should be validated.
      currentPasswords - The set of clear-text current passwords for the user (if available). Note that the current passwords may not always be available, and this may not comprise entire set of passwords currently for the user.
      operation - The operation that is being used to set the password. It may be an add, a modify, or a password modify operation.
      userEntry - The entry for the user whose password is being changed.
      invalidReason - The buffer to which the human-readable explanation should be appended if it is determined that the password is not acceptable.
      Returns:
      true if the password is acceptable, or false if not.

    • createPasswordQualityCriteria

      public abstract com.forgerock.opendj.ldap.controls.PasswordQualityAdviceResponseControl.Criteria createPasswordQualityCriteria()
      Returns a password quality criteria corresponding to the type and parameters of this validator for use in a PasswordQualityAdviceResponseControl.
      Returns:
      A password quality criteria corresponding to the type and parameters of this validator.