Class GeneratePasswordExtendedRequest
- java.lang.Object
-
- com.unboundid.ldap.sdk.LDAPRequest
-
- com.unboundid.ldap.sdk.ExtendedRequest
-
- com.unboundid.ldap.sdk.unboundidds.extensions.GeneratePasswordExtendedRequest
-
- All Implemented Interfaces:
ProtocolOp
,ReadOnlyLDAPRequest
,java.io.Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class GeneratePasswordExtendedRequest extends ExtendedRequest
This class provides an implementation of an extended request that may be used to request that the server suggest one or more passwords that the client may use in new entries, password changes, or administrative password resets.
NOTE: This class, and other classes within the
com.unboundid.ldap.sdk.unboundidds
package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.
This extended request has an OID of "1.3.6.1.4.1.30221.2.6.62" and a value\ with the following encoding:
GeneratePasswordRequest ::= SEQUENCE { passwordPolicySelection CHOICE { defaultPolicy [0] NULL, passwordPolicyDN [1] LDAPDN, targetEntryDN [2] LDAPDN, ... }, numberOfPasswords [3] INTEGER DEFAULT 1, validationAttempts [4] INTEGER DEFAULT 5, ... }
The "passwordPolicySelection" element allows the client to indicate which password policy (along with its associated password generator and password validators) should be used in the course of generating the passwords, and available options include:- defaultPolicy -- Indicates that the server should use the default password policy as defined in the configuration.
- passwordPolicyDN -- Specifies the DN of the password policy that should be used.
- targetEntryDN -- Specifies the DN of the target entry for which the passwords are to be generated. If this entry exists, then the password policy that governs it will be used. If the entry does not exist, then the server will generate a stub of an entry with the provided DN and compute virtual attributes for that entry to account for the possibility that a password policy may be assigned by a virtual attribute, but will fall back to using the default password policy as defined in the configuration.
The "numberOfPasswords" element indicates the number of passwords that the server should generate, since it may be beneficial for the server to suggest multiple passwords and allow the user to choose one. If specified, then the value must be greater than or equal to one.
The "validationAttempts" element indicates the number of attempts that the server should make to generate each password in a way that will satisfy the set of validators associated with the selected password policy. A value of zero indicates that no validation should be performed. A value of one will cause the server to invoke password validators on each generated password, still returning that password but also including information about potential reasons that generated password may not pass validation. A value that is greater than one will cause the server to re-generate each password up to the specified number of times if the previous attempt resulted in a password that did not satisfy all of the associated password validators. In the event that no acceptable password could be generated after exhausting all attempts, the server will select the last one generated, but will provide a list of reasons that the password was not considered acceptable so that they may be provided to the end user as additional guidance when choosing a password.
If the generate password operation is processed successfully, then the server will return aGeneratePasswordExtendedResult
response with the passwords that it generated and other relevant information.- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
GENERATE_PASSWORD_REQUEST_OID
The OID (1.3.6.1.4.1.30221.2.6.62) for the generate password extended request.-
Fields inherited from class com.unboundid.ldap.sdk.ExtendedRequest
TYPE_EXTENDED_REQUEST_OID, TYPE_EXTENDED_REQUEST_VALUE
-
-
Constructor Summary
Constructors Constructor Description GeneratePasswordExtendedRequest(Control... controls)
Creates a new generate password extended request with all the default settings.GeneratePasswordExtendedRequest(ExtendedRequest request)
Creates a new generate password extended request that is decoded from the provided generic request.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static GeneratePasswordExtendedRequest
createDefaultPolicyRequest(int numberOfPasswords, int numberOfValidationAttempts, Control... controls)
Creates a generate password extended request that will use the default password policy (as defined in the server configuration) to determine which password generator and validators should be used.static GeneratePasswordExtendedRequest
createPasswordPolicyDNRequest(java.lang.String passwordPolicyDN, int numberOfPasswords, int numberOfValidationAttempts, Control... controls)
Creates a generate password extended request that will use the password policy defined in the entry with the specified DN to determine which password generator and validators should be used.static GeneratePasswordExtendedRequest
createTargetEntryDNRequest(java.lang.String targetEntryDN, int numberOfPasswords, int numberOfValidationAttempts, Control... controls)
Creates a generate password extended request that will use the password policy that governs the specified entry to determine which password generator and validators should be used.GeneratePasswordExtendedRequest
duplicate()
Creates a new instance of this LDAP request that may be modified without impacting this request.GeneratePasswordExtendedRequest
duplicate(Control[] controls)
Creates a new instance of this LDAP request that may be modified without impacting this request.java.lang.String
getExtendedRequestName()
Retrieves the user-friendly name for the extended request, if available.int
getNumberOfPasswords()
Retrieves the number of passwords that the client wants the server to generate.int
getNumberOfValidationAttempts()
Retrieves the number of maximum number of attempts that the client wants the server to make when generating each password in the hope that the generated password will satisfy the validation criteria specified in the associated password policy.java.lang.String
getPasswordPolicyDN()
Retrieves the DN of the entry that defines the password policy that should be used when generating and validating passwords.GeneratePasswordPolicySelectionType
getPasswordPolicySelectionType()
Retrieves the password policy selection type for this request.java.lang.String
getTargetEntryDN()
Retrieves the DN of the target entry whose governing password policy should be used when generating and validating passwords.protected GeneratePasswordExtendedResult
process(LDAPConnection connection, int depth)
Sends this extended request to the directory server over the provided connection and returns the associated response.void
toString(java.lang.StringBuilder buffer)
Appends a string representation of this request to the provided buffer.-
Methods inherited from class com.unboundid.ldap.sdk.ExtendedRequest
encodeProtocolOp, getLastMessageID, getOID, getOperationType, getProtocolOpType, getValue, hasValue, responseReceived, toCode, writeTo
-
Methods inherited from class com.unboundid.ldap.sdk.LDAPRequest
followReferrals, getControl, getControlList, getControls, getIntermediateResponseListener, getReferralConnector, getReferralConnectorInternal, getReferralDepth, getResponseTimeoutMillis, hasControl, hasControl, setFollowReferrals, setIntermediateResponseListener, setReferralConnector, setReferralDepth, setResponseTimeoutMillis, toString
-
-
-
-
Field Detail
-
GENERATE_PASSWORD_REQUEST_OID
@NotNull public static final java.lang.String GENERATE_PASSWORD_REQUEST_OID
The OID (1.3.6.1.4.1.30221.2.6.62) for the generate password extended request.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
GeneratePasswordExtendedRequest
public GeneratePasswordExtendedRequest(@Nullable Control... controls)
Creates a new generate password extended request with all the default settings.- Parameters:
controls
- The set of controls to include in the request. It may benull
or empty if there should not be any request controls.
-
GeneratePasswordExtendedRequest
public GeneratePasswordExtendedRequest(@NotNull ExtendedRequest request) throws LDAPException
Creates a new generate password extended request that is decoded from the provided generic request.- Parameters:
request
- The extended request to be decoded as a generate password extended request. It must not benull
.- Throws:
LDAPException
- If the provided extended request cannot be decoded as a generate password request.
-
-
Method Detail
-
createDefaultPolicyRequest
@NotNull public static GeneratePasswordExtendedRequest createDefaultPolicyRequest(int numberOfPasswords, int numberOfValidationAttempts, @Nullable Control... controls)
Creates a generate password extended request that will use the default password policy (as defined in the server configuration) to determine which password generator and validators should be used.- Parameters:
numberOfPasswords
- The number of passwords to generate. The value must be greater than or equal to one.numberOfValidationAttempts
- The number of attempts that should be made to generate each password in an attempt to obtain a password that satisfies the associated set of password validators. The value must be greater than or equal to zero.controls
- The set of controls to include in the request. It may benull
or empty if there should not be any request controls.- Returns:
- The generate password extended request that was created.
-
createPasswordPolicyDNRequest
@NotNull public static GeneratePasswordExtendedRequest createPasswordPolicyDNRequest(@NotNull java.lang.String passwordPolicyDN, int numberOfPasswords, int numberOfValidationAttempts, @Nullable Control... controls)
Creates a generate password extended request that will use the password policy defined in the entry with the specified DN to determine which password generator and validators should be used.- Parameters:
passwordPolicyDN
- The DN of the entry that defines the password policy to use to determine which password generator and validators should be used. It must not benull
.numberOfPasswords
- The number of passwords to generate. The value must be greater than or equal to one.numberOfValidationAttempts
- The number of attempts that should be made to generate each password in an attempt to obtain a password that satisfies the associated set of password validators. The value must be greater than or equal to zero.controls
- The set of controls to include in the request. It may benull
or empty if there should not be any request controls.- Returns:
- The generate password extended request that was created.
-
createTargetEntryDNRequest
@NotNull public static GeneratePasswordExtendedRequest createTargetEntryDNRequest(@NotNull java.lang.String targetEntryDN, int numberOfPasswords, int numberOfValidationAttempts, @Nullable Control... controls)
Creates a generate password extended request that will use the password policy that governs the specified entry to determine which password generator and validators should be used. If the target entry does not exist, then the server will generate a stub of an entry and compute virtual attributes for that entry to account for the possibility that the password policy may be specified using a virtual attribute.- Parameters:
targetEntryDN
- The DN of the entry whose governing password policy should be used. It must not benull
.numberOfPasswords
- The number of passwords to generate. The value must be greater than or equal to one.numberOfValidationAttempts
- The number of attempts that should be made to generate each password in an attempt to obtain a password that satisfies the associated set of password validators. The value must be greater than or equal to zero.controls
- The set of controls to include in the request. It may benull
or empty if there should not be any request controls.- Returns:
- The generate password extended request that was created.
-
getPasswordPolicySelectionType
@NotNull public GeneratePasswordPolicySelectionType getPasswordPolicySelectionType()
Retrieves the password policy selection type for this request.- Returns:
- The password policy selection type for this request.
-
getPasswordPolicyDN
@Nullable public java.lang.String getPasswordPolicyDN()
Retrieves the DN of the entry that defines the password policy that should be used when generating and validating passwords. This will only be available for theGeneratePasswordPolicySelectionType.PASSWORD_POLICY_DN
password policy selection type.- Returns:
- The DN of the entry that defines the password policy that should
be used when generating and validating the passwords, or
null
if the password policy selection type is anything other thanPASSWORD_POLICY_DN
.
-
getTargetEntryDN
@Nullable public java.lang.String getTargetEntryDN()
Retrieves the DN of the target entry whose governing password policy should be used when generating and validating passwords. This will only be available for theGeneratePasswordPolicySelectionType.TARGET_ENTRY_DN
password policy selection type.- Returns:
- The DN of the target entry whose governing password policy should
be used when generating and validating the passwords, or
null
if the password policy selection type is anything other thanTARGET_ENTRY_DN
.
-
getNumberOfPasswords
public int getNumberOfPasswords()
Retrieves the number of passwords that the client wants the server to generate. Note that the server may choose to generate fewer passwords than this, based on its configuration.- Returns:
- The number of passwords that the client wants the server to generate.
-
getNumberOfValidationAttempts
public int getNumberOfValidationAttempts()
Retrieves the number of maximum number of attempts that the client wants the server to make when generating each password in the hope that the generated password will satisfy the validation criteria specified in the associated password policy. Note that the server may choose to make fewer validation attempts than this, based on its configuration.- Returns:
- The number maximum number of validation attempts that the client wants the server to make, or zero if the server should not attempt to validate the generated passwords.
-
process
@NotNull protected GeneratePasswordExtendedResult process(@NotNull LDAPConnection connection, int depth) throws LDAPException
Sends this extended request to the directory server over the provided connection and returns the associated response.- Overrides:
process
in classExtendedRequest
- Parameters:
connection
- The connection to use to communicate with the directory server.depth
- The current referral depth for this request. It should always be one for the initial request, and should only be incremented when following referrals.- Returns:
- An LDAP result object that provides information about the result of the extended operation processing.
- Throws:
LDAPException
- If a problem occurs while sending the request or reading the response.
-
duplicate
@NotNull public GeneratePasswordExtendedRequest duplicate()
Creates a new instance of this LDAP request that may be modified without impacting this request.. Subclasses should override this method to return a duplicate of the appropriate type.- Specified by:
duplicate
in interfaceReadOnlyLDAPRequest
- Overrides:
duplicate
in classExtendedRequest
- Returns:
- A new instance of this LDAP request that may be modified without impacting this request.
-
duplicate
@NotNull public GeneratePasswordExtendedRequest duplicate(@Nullable Control[] controls)
Creates a new instance of this LDAP request that may be modified without impacting this request. The provided controls will be used for the new request instead of duplicating the controls from this request.. Subclasses should override this method to return a duplicate of the appropriate type.- Specified by:
duplicate
in interfaceReadOnlyLDAPRequest
- Overrides:
duplicate
in classExtendedRequest
- Parameters:
controls
- The set of controls to include in the duplicate request.- Returns:
- A new instance of this LDAP request that may be modified without impacting this request.
-
getExtendedRequestName
@NotNull public java.lang.String getExtendedRequestName()
Retrieves the user-friendly name for the extended request, if available. If no user-friendly name has been defined, then the OID will be returned.- Overrides:
getExtendedRequestName
in classExtendedRequest
- Returns:
- The user-friendly name for this extended request, or the OID if no user-friendly name is available.
-
toString
public void toString(@NotNull java.lang.StringBuilder buffer)
Appends a string representation of this request to the provided buffer.- Specified by:
toString
in interfaceProtocolOp
- Specified by:
toString
in interfaceReadOnlyLDAPRequest
- Overrides:
toString
in classExtendedRequest
- Parameters:
buffer
- The buffer to which to append a string representation of this request.
-
-