directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject directory-fortress-core git commit: FC-211 - Support apacheds password policies - manually remove pwdreset flag on changepassword
Date Wed, 14 Jun 2017 14:54:37 GMT
Repository: directory-fortress-core
Updated Branches:
  refs/heads/master f1baa9288 -> 7c38dccbd


FC-211 - Support apacheds password policies - manually remove pwdreset flag on changepassword


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/7c38dccb
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/7c38dccb
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/7c38dccb

Branch: refs/heads/master
Commit: 7c38dccbd705cfad7bf5911bf6c62efa1c289336
Parents: f1baa92
Author: Shawn McKinney <smckinney@apache.org>
Authored: Wed Jun 14 07:40:23 2017 -0500
Committer: Shawn McKinney <smckinney@apache.org>
Committed: Wed Jun 14 07:40:23 2017 -0500

----------------------------------------------------------------------
 .../directory/fortress/core/impl/UserDAO.java   | 40 ++++++++++++++++++++
 1 file changed, 40 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/7c38dccb/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
index dba2f56..1c9a589 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
@@ -1524,6 +1524,12 @@ final class UserDAO extends LdapDataProvider
             closeUserConnection( ld );
         }
 
+        // apacheds does not remove the pwdreset flag automatically when password is changed:
+        if( Config.getInstance().isApacheds() )
+        {
+            deleteResetFlag(entity);
+        }
+
         return rc;
     }
 
@@ -1563,6 +1569,40 @@ final class UserDAO extends LdapDataProvider
 
 
     /**
+1     * @param user
+     * @throws UpdateException
+     */
+    private void deleteResetFlag( User user ) throws UpdateException
+    {
+        LdapConnection ld = null;
+        String userDn = getDn( user.getUserId(), user.getContextId() );
+
+        try
+        {
+            List<Modification> mods = new ArrayList<Modification>();
+            mods.add( new DefaultModification( ModificationOperation.REMOVE_ATTRIBUTE, OPENLDAP_PW_RESET
) );
+            ld = getAdminConnection();
+            modify( ld, userDn, mods, user );
+        }
+        catch ( LdapNoSuchAttributeException e )
+        {
+            // Log, but don't throw, if reset attribute not present on account.
+            LOG.info( "deleteResetFlag user [" + user.getUserId() + "] no such attribute:"
+ OPENLDAP_PW_RESET );
+        }
+        catch ( LdapException e )
+        {
+            String warning = "deleteResetFlag userId [" + user.getUserId() + "] caught LDAPException="
+ e
+                .getMessage();
+            throw new UpdateException( GlobalErrIds.USER_PW_RESET_FAILED, warning, e );
+        }
+        finally
+        {
+            closeAdminConnection( ld );
+        }
+    }
+
+
+    /**
      * @param uRole
      * @return
      * @throws UpdateException


Mime
View raw message