[Solved] Re: Migrate to 2.0 API - Help w/ PW Policy Control

Wed, 23 Jun 2021 11:44:41 -0700 

Found a better test to follow.

[AbstractPasswordPolicyResponder](https://github.com/apache/directory-ldap-api/blob/master/ldap/client/api/src/main/java/org/apache/directory/ldap/client/template/AbstractPasswordPolicyResponder.java)


Processing response control like this:

```
protected PasswordPolicyResponse getPwdRespCtrl(BindResponse resp )
{
  Control control = resp.getControls().get( PasswordPolicyResponse.OID );
  return ( PasswordPolicyResponse ) control;
}
```

And then coaxing out the info is straightforward:

```
if ( respCtrl != null ){
…

if ( respCtrl.getTimeBeforeExpiration() > 0 ){
…
}
if ( respCtrl.getGraceAuthNRemaining() > 0 ){
…
}
```

—
Shawn


> On Jun 23, 2021, at 10:32 AM, Shawn McKinney <smckin...@apache.org> wrote:
> 
> Next up on migration tasks, howto process password policy control returned 
> from the server.
> 
> The 1.x way 
> [UserDAO](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java):
> 
> ```
> BindResponse bindResponse = bind( ld, userDn, user.getPassword() );
> Control cont = bindResponse.getControls().get( (new 
> PasswordPolicyRequestImpl()).getOid() );
> if ( control == null ){ … }
> 
> PasswordPolicyResponse respCtrl = ((PasswordPolicyDecorator)control 
> ).getDecorated();
> 
> if (respCtrl.hasResponse()){
> ...
> if (respCtrl.getResponse().getTimeBeforeExpiration() > 0 ){
> …
> 
> if (respCtrl.getResponse().getGraceAuthNRemaining() > 0 ){
> …
> ```
> 
> 
> The 2.x way 
> [PasswordPolicyResponseTest](https://github.com/apache/directory-ldap-api/blob/master/ldap/extras/codec/src/test/java/org/apache/directory/api/ldap/extras/controls/ppolicy/PasswordPolicyResponseTest.java):
> 
> ```
> PasswordPolicyResponseFactory factory = ( PasswordPolicyResponseFactory ) 
> codec.getResponseControlFactories().
> get( PasswordPolicyResponse.OID );
> PasswordPolicyResponse passwordPolicyResponse = factory.newControl();
> factory.decodeValue( passwordPolicyResponse, bb.array() );
> 
> assertEquals( 1, passwordPolicyResponse.getTimeBeforeExpiration() );
> assertEquals( 1, passwordPolicyResponse.getPasswordPolicyError().getValue() );
> ```
> 
> Before we passed the bind response into the factory.  
> 
> The 2.0 tests uses a bytebuffer to decode the response.  I don’t understand 
> how to do this within the context of an authN event.
> 
> Any ideas here?
> 
> Thanks
> 
> —
> Shawn
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org

Reply via email to