directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <>
Subject Re: Extending Authentication for Bind
Date Thu, 21 Feb 2013 17:40:59 GMT
Le 2/21/13 5:25 PM, Kiran Ayyagari a écrit :
> don't think we have such a support right now do we? is that looping of
> authenticators makes this a possibility?

I see that the Authenticator interface provide a checkPwdPolicy() method :

     *  performs checks on the given entry based on the specified
password policy configuration
     * @param userEntry the user entry to be checked for authentication
     * @throws PasswordPolicyException
    void checkPwdPolicy( Entry userEntry ) throws LdapException;

Why can't we do all the passwordPolicy checks in the authenticator,
instead of the interceptor ?

The only pb is that we need the user entry at this point, but couldn't
we pass the BindContext, so for the checkPwdPolicy() to fetch the entry
from the DS instead ?

Does it make sense ?

Emmanuel Lécharny 

View raw message