[RESOLVED] Re: Migrate to 2.0 API - Help w/ PW Policy Control
> On Jun 23, 2021, at 11:26 PM, Emmanuel Lécharny wrote:
>
>
> On 23/06/2021 17:32, Shawn McKinney wrote:
>> Next up on migration tasks, howto process password policy control returned
>> from the server.
>> The 1.x way
>> [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java):
>> ```
>> BindResponse bindResponse = bind( ld, userDn, user.getPassword() );
>> Control cont = bindResponse.getControls().get( (new
>> PasswordPolicyRequestImpl()).getOid() );
>
> better use PasswordPolicyRequest.OID
>
Done
>
>> if ( control == null ){ … }
>> PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control
>> ).getDecorated();
>> if (respCtrl.hasResponse()){
>> ...
>> if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){
>> …
>> if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){
>> …
>> ```
>> The 2.x way
>> [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java):
>> ```
>> PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory )
>> codec.getResponseControlFactories().
>> get( PasswordPolicyResponse.OID );
>> PasswordPolicyResponse passwordPolicyResponse = factory.newControl();
>> factory.decodeValue( passwordPolicyResponse, bb.array() );
>> assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() );
>> assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue()
>> );
>> ```
>> Before we passed the bind response into the factory.
>
> In 2.0, you should be able to do something like :
>
>
> BindResponse bindResponse = connection.bind( bindRequest );
>
> PasswordPolicyResponse passwordPolicyResp = ( PasswordPolicyResponse )
> bindResponse.getControls().get( PasswordPolicyRequest.OID );
>
> then access the PasswordPolicyResponse fields directly:
>
> passwordPolicyResp.getTimeBeforeExpiration()
>
> etc.
Cool, I’m doing this now and it works great.
Thanks
—
Shawn
-
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org
Re: Migrate to 2.0 API - Help w/ PW Policy Control
On 23/06/2021 17:32, Shawn McKinney wrote:
Next up on migration tasks, howto process password policy control returned from
the server.
The 1.x way
[UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java):
```
BindResponse bindResponse = bind( ld, userDn, user.getPassword() );
Control cont = bindResponse.getControls().get( (new
PasswordPolicyRequestImpl()).getOid() );
better use PasswordPolicyRequest.OID
if ( control == null ){ … }
PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control
).getDecorated();
if (respCtrl.hasResponse()){
...
if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){
…
if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){
…
```
The 2.x way
[PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java):
```
PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory )
codec.getResponseControlFactories().
get( PasswordPolicyResponse.OID );
PasswordPolicyResponse passwordPolicyResponse = factory.newControl();
factory.decodeValue( passwordPolicyResponse, bb.array() );
assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() );
assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() );
```
Before we passed the bind response into the factory.
In 2.0, you should be able to do something like :
BindResponse bindResponse = connection.bind( bindRequest );
PasswordPolicyResponse passwordPolicyResp = ( PasswordPolicyResponse
) bindResponse.getControls().get( PasswordPolicyRequest.OID );
then access the PasswordPolicyResponse fields directly:
passwordPolicyResp.getTimeBeforeExpiration()
etc.
Check the server-integ PasswordPolicyIT class that contains examples of
its usage.
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
emmanuel.lecha...@busit.com https://www.busit.com/
-
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org
[Solved] Re: Migrate to 2.0 API - Help w/ PW Policy Control
Found a better test to follow.
[AbstractPasswordPolicyResponder](https://github.com/apache/directory-ldap-api/blob/master/ldap/client/api/src/main/java/org/apache/directory/ldap/client/template/AbstractPasswordPolicyResponder.java)
Processing response control like this:
```
protected PasswordPolicyResponse getPwdRespCtrl(BindResponse resp )
{
Control control = resp.getControls().get( PasswordPolicyResponse.OID );
return ( PasswordPolicyResponse ) control;
}
```
And then coaxing out the info is straightforward:
```
if ( respCtrl != null ){
…
if ( respCtrl.getTimeBeforeExpiration() > 0 ){
…
}
if ( respCtrl.getGraceAuthNRemaining() > 0 ){
…
}
```
—
Shawn
> On Jun 23, 2021, at 10:32 AM, Shawn McKinney wrote:
>
> Next up on migration tasks, howto process password policy control returned
> from the server.
>
> The 1.x way
> [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java):
>
> ```
> BindResponse bindResponse = bind( ld, userDn, user.getPassword() );
> Control cont = bindResponse.getControls().get( (new
> PasswordPolicyRequestImpl()).getOid() );
> if ( control == null ){ … }
>
> PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control
> ).getDecorated();
>
> if (respCtrl.hasResponse()){
> ...
> if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){
> …
>
> if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){
> …
> ```
>
>
> The 2.x way
> [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java):
>
> ```
> PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory )
> codec.getResponseControlFactories().
> get( PasswordPolicyResponse.OID );
> PasswordPolicyResponse passwordPolicyResponse = factory.newControl();
> factory.decodeValue( passwordPolicyResponse, bb.array() );
>
> assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() );
> assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() );
> ```
>
> Before we passed the bind response into the factory.
>
> The 2.0 tests uses a bytebuffer to decode the response. I don’t understand
> how to do this within the context of an authN event.
>
> Any ideas here?
>
> Thanks
>
> —
> Shawn
>
>
>
-
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org
Migrate to 2.0 API - Help w/ PW Policy Control
Next up on migration tasks, howto process password policy control returned from
the server.
The 1.x way
[UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java):
```
BindResponse bindResponse = bind( ld, userDn, user.getPassword() );
Control cont = bindResponse.getControls().get( (new
PasswordPolicyRequestImpl()).getOid() );
if ( control == null ){ … }
PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control
).getDecorated();
if (respCtrl.hasResponse()){
...
if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){
…
if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){
…
```
The 2.x way
[PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java):
```
PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory )
codec.getResponseControlFactories().
get( PasswordPolicyResponse.OID );
PasswordPolicyResponse passwordPolicyResponse = factory.newControl();
factory.decodeValue( passwordPolicyResponse, bb.array() );
assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() );
assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() );
```
Before we passed the bind response into the factory.
The 2.0 tests uses a bytebuffer to decode the response. I don’t understand how
to do this within the context of an authN event.
Any ideas here?
Thanks
—
Shawn
-
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org
