[RESOLVED] Re: Migrate to 2.0 API - Help w/ PW Policy Control
> On Jun 23, 2021, at 11:26 PM, Emmanuel Lécharny wrote: > > > On 23/06/2021 17:32, Shawn McKinney wrote: >> Next up on migration tasks, howto process password policy control returned >> from the server. >> The 1.x way >> [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java): >> ``` >> BindResponse bindResponse = bind( ld, userDn, user.getPassword() ); >> Control cont = bindResponse.getControls().get( (new >> PasswordPolicyRequestImpl()).getOid() ); > > better use PasswordPolicyRequest.OID > Done > >> if ( control == null ){ … } >> PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control >> ).getDecorated(); >> if (respCtrl.hasResponse()){ >> ... >> if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){ >> … >> if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){ >> … >> ``` >> The 2.x way >> [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java): >> ``` >> PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory ) >> codec.getResponseControlFactories(). >> get( PasswordPolicyResponse.OID ); >> PasswordPolicyResponse passwordPolicyResponse = factory.newControl(); >> factory.decodeValue( passwordPolicyResponse, bb.array() ); >> assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() ); >> assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() >> ); >> ``` >> Before we passed the bind response into the factory. > > In 2.0, you should be able to do something like : > > > BindResponse bindResponse = connection.bind( bindRequest ); > > PasswordPolicyResponse passwordPolicyResp = ( PasswordPolicyResponse ) > bindResponse.getControls().get( PasswordPolicyRequest.OID ); > > then access the PasswordPolicyResponse fields directly: > > passwordPolicyResp.getTimeBeforeExpiration() > > etc. Cool, I’m doing this now and it works great. Thanks — Shawn - To unsubscribe, e-mail: api-unsubscr...@directory.apache.org For additional commands, e-mail: api-h...@directory.apache.org
Re: Migrate to 2.0 API - Help w/ PW Policy Control
On 23/06/2021 17:32, Shawn McKinney wrote: Next up on migration tasks, howto process password policy control returned from the server. The 1.x way [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java): ``` BindResponse bindResponse = bind( ld, userDn, user.getPassword() ); Control cont = bindResponse.getControls().get( (new PasswordPolicyRequestImpl()).getOid() ); better use PasswordPolicyRequest.OID if ( control == null ){ … } PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control ).getDecorated(); if (respCtrl.hasResponse()){ ... if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){ … if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){ … ``` The 2.x way [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java): ``` PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory ) codec.getResponseControlFactories(). get( PasswordPolicyResponse.OID ); PasswordPolicyResponse passwordPolicyResponse = factory.newControl(); factory.decodeValue( passwordPolicyResponse, bb.array() ); assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() ); assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() ); ``` Before we passed the bind response into the factory. In 2.0, you should be able to do something like : BindResponse bindResponse = connection.bind( bindRequest ); PasswordPolicyResponse passwordPolicyResp = ( PasswordPolicyResponse ) bindResponse.getControls().get( PasswordPolicyRequest.OID ); then access the PasswordPolicyResponse fields directly: passwordPolicyResp.getTimeBeforeExpiration() etc. Check the server-integ PasswordPolicyIT class that contains examples of its usage. -- *Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE T. +33 (0)4 89 97 36 50 P. +33 (0)6 08 33 32 61 emmanuel.lecha...@busit.com https://www.busit.com/ - To unsubscribe, e-mail: api-unsubscr...@directory.apache.org For additional commands, e-mail: api-h...@directory.apache.org
[Solved] Re: Migrate to 2.0 API - Help w/ PW Policy Control
Found a better test to follow. [AbstractPasswordPolicyResponder](https://github.com/apache/directory-ldap-api/blob/master/ldap/client/api/src/main/java/org/apache/directory/ldap/client/template/AbstractPasswordPolicyResponder.java) Processing response control like this: ``` protected PasswordPolicyResponse getPwdRespCtrl(BindResponse resp ) { Control control = resp.getControls().get( PasswordPolicyResponse.OID ); return ( PasswordPolicyResponse ) control; } ``` And then coaxing out the info is straightforward: ``` if ( respCtrl != null ){ … if ( respCtrl.getTimeBeforeExpiration() > 0 ){ … } if ( respCtrl.getGraceAuthNRemaining() > 0 ){ … } ``` — Shawn > On Jun 23, 2021, at 10:32 AM, Shawn McKinney wrote: > > Next up on migration tasks, howto process password policy control returned > from the server. > > The 1.x way > [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java): > > ``` > BindResponse bindResponse = bind( ld, userDn, user.getPassword() ); > Control cont = bindResponse.getControls().get( (new > PasswordPolicyRequestImpl()).getOid() ); > if ( control == null ){ … } > > PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control > ).getDecorated(); > > if (respCtrl.hasResponse()){ > ... > if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){ > … > > if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){ > … > ``` > > > The 2.x way > [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java): > > ``` > PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory ) > codec.getResponseControlFactories(). > get( PasswordPolicyResponse.OID ); > PasswordPolicyResponse passwordPolicyResponse = factory.newControl(); > factory.decodeValue( passwordPolicyResponse, bb.array() ); > > assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() ); > assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() ); > ``` > > Before we passed the bind response into the factory. > > The 2.0 tests uses a bytebuffer to decode the response. I don’t understand > how to do this within the context of an authN event. > > Any ideas here? > > Thanks > > — > Shawn > > > - To unsubscribe, e-mail: api-unsubscr...@directory.apache.org For additional commands, e-mail: api-h...@directory.apache.org
Migrate to 2.0 API - Help w/ PW Policy Control
Next up on migration tasks, howto process password policy control returned from the server. The 1.x way [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java): ``` BindResponse bindResponse = bind( ld, userDn, user.getPassword() ); Control cont = bindResponse.getControls().get( (new PasswordPolicyRequestImpl()).getOid() ); if ( control == null ){ … } PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control ).getDecorated(); if (respCtrl.hasResponse()){ ... if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){ … if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){ … ``` The 2.x way [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java): ``` PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory ) codec.getResponseControlFactories(). get( PasswordPolicyResponse.OID ); PasswordPolicyResponse passwordPolicyResponse = factory.newControl(); factory.decodeValue( passwordPolicyResponse, bb.array() ); assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() ); assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() ); ``` Before we passed the bind response into the factory. The 2.0 tests uses a bytebuffer to decode the response. I don’t understand how to do this within the context of an authN event. Any ideas here? Thanks — Shawn - To unsubscribe, e-mail: api-unsubscr...@directory.apache.org For additional commands, e-mail: api-h...@directory.apache.org