001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.server;
017
018
019
020import java.util.SortedSet;
021import org.forgerock.opendj.config.server.ConfigurationChangeListener;
022import org.forgerock.opendj.ldap.schema.AttributeType;
023
024
025
026/**
027 * A server-side interface for querying Attribute Value Password
028 * Validator settings.
029 * <p>
030 * The Attribute Value Password Validator attempts to determine
031 * whether a proposed password is acceptable for use by determining
032 * whether that password is contained in any attribute within the
033 * user's entry.
034 */
035public interface AttributeValuePasswordValidatorCfg extends PasswordValidatorCfg {
036
037  /**
038   * Gets the configuration class associated with this Attribute Value Password Validator.
039   *
040   * @return Returns the configuration class associated with this Attribute Value Password Validator.
041   */
042  Class<? extends AttributeValuePasswordValidatorCfg> configurationClass();
043
044
045
046  /**
047   * Register to be notified when this Attribute Value Password Validator is changed.
048   *
049   * @param listener
050   *          The Attribute Value Password Validator configuration change listener.
051   */
052  void addAttributeValueChangeListener(ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener);
053
054
055
056  /**
057   * Deregister an existing Attribute Value Password Validator configuration change listener.
058   *
059   * @param listener
060   *          The Attribute Value Password Validator configuration change listener.
061   */
062  void removeAttributeValueChangeListener(ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener);
063
064
065
066  /**
067   * Gets the "check-substrings" property.
068   * <p>
069   * Indicates whether this password validator is to match portions of
070   * the password string against attribute values.
071   * <p>
072   * If "false" then only match the entire password against attribute
073   * values otherwise ("true") check whether the password contains
074   * attribute values.
075   *
076   * @return Returns the value of the "check-substrings" property.
077   */
078  boolean isCheckSubstrings();
079
080
081
082  /**
083   * Gets the "java-class" property.
084   * <p>
085   * Specifies the fully-qualified name of the Java class that
086   * provides the password validator implementation.
087   *
088   * @return Returns the value of the "java-class" property.
089   */
090  String getJavaClass();
091
092
093
094  /**
095   * Gets the "match-attribute" property.
096   * <p>
097   * Specifies the name(s) of the attribute(s) whose values should be
098   * checked to determine whether they match the provided password. If
099   * no values are provided, then the server checks if the proposed
100   * password matches the value of any attribute in the user's entry.
101   *
102   * @return Returns an unmodifiable set containing the values of the "match-attribute" property.
103   */
104  SortedSet<AttributeType> getMatchAttribute();
105
106
107
108  /**
109   * Gets the "min-substring-length" property.
110   * <p>
111   * Indicates the minimal length of the substring within the password
112   * in case substring checking is enabled.
113   * <p>
114   * If "check-substrings" option is set to true, then this parameter
115   * defines the length of the smallest word which should be used for
116   * substring matching. Use with caution because values below 3 might
117   * disqualify valid passwords.
118   *
119   * @return Returns the value of the "min-substring-length" property.
120   */
121  int getMinSubstringLength();
122
123
124
125  /**
126   * Gets the "test-reversed-password" property.
127   * <p>
128   * Indicates whether this password validator should test the
129   * reversed value of the provided password as well as the order in
130   * which it was given.
131   *
132   * @return Returns the value of the "test-reversed-password" property.
133   */
134  boolean isTestReversedPassword();
135
136}