Found a better test to follow. [AbstractPasswordPolicyResponder](https://github.com/apache/directory-ldap-api/blob/master/ldap/client/api/src/main/java/org/apache/directory/ldap/client/template/AbstractPasswordPolicyResponder.java)
Processing response control like this: ``` protected PasswordPolicyResponse getPwdRespCtrl(BindResponse resp ) { Control control = resp.getControls().get( PasswordPolicyResponse.OID ); return ( PasswordPolicyResponse ) control; } ``` And then coaxing out the info is straightforward: ``` if ( respCtrl != null ){ … if ( respCtrl.getTimeBeforeExpiration() > 0 ){ … } if ( respCtrl.getGraceAuthNRemaining() > 0 ){ … } ``` — Shawn > On Jun 23, 2021, at 10:32 AM, Shawn McKinney <smckin...@apache.org> wrote: > > Next up on migration tasks, howto process password policy control returned > from the server. > > The 1.x way > [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java): > > ``` > BindResponse bindResponse = bind( ld, userDn, user.getPassword() ); > Control cont = bindResponse.getControls().get( (new > PasswordPolicyRequestImpl()).getOid() ); > if ( control == null ){ … } > > PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control > ).getDecorated(); > > if (respCtrl.hasResponse()){ > ... > if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){ > … > > if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){ > … > ``` > > > The 2.x way > [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java): > > ``` > PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory ) > codec.getResponseControlFactories(). > get( PasswordPolicyResponse.OID ); > PasswordPolicyResponse passwordPolicyResponse = factory.newControl(); > factory.decodeValue( passwordPolicyResponse, bb.array() ); > > assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() ); > assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() ); > ``` > > Before we passed the bind response into the factory. > > The 2.0 tests uses a bytebuffer to decode the response. I don’t understand > how to do this within the context of an authN event. > > Any ideas here? > > Thanks > > — > Shawn > > > --------------------------------------------------------------------- To unsubscribe, e-mail: api-unsubscr...@directory.apache.org For additional commands, e-mail: api-h...@directory.apache.org