001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import java.util.TreeSet;
023import org.forgerock.opendj.config.AdministratorAction;
024import org.forgerock.opendj.config.AggregationPropertyDefinition;
025import org.forgerock.opendj.config.AttributeTypePropertyDefinition;
026import org.forgerock.opendj.config.BooleanPropertyDefinition;
027import org.forgerock.opendj.config.ClassPropertyDefinition;
028import org.forgerock.opendj.config.client.ConcurrentModificationException;
029import org.forgerock.opendj.config.client.ManagedObject;
030import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
031import org.forgerock.opendj.config.client.OperationRejectedException;
032import org.forgerock.opendj.config.conditions.Conditions;
033import org.forgerock.opendj.config.DefaultBehaviorProvider;
034import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
035import org.forgerock.opendj.config.DurationPropertyDefinition;
036import org.forgerock.opendj.config.EnumPropertyDefinition;
037import org.forgerock.opendj.config.IntegerPropertyDefinition;
038import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
039import org.forgerock.opendj.config.ManagedObjectDefinition;
040import org.forgerock.opendj.config.PropertyOption;
041import org.forgerock.opendj.config.PropertyProvider;
042import org.forgerock.opendj.config.server.ConfigurationChangeListener;
043import org.forgerock.opendj.config.server.ServerManagedObject;
044import org.forgerock.opendj.config.StringPropertyDefinition;
045import org.forgerock.opendj.config.Tag;
046import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
047import org.forgerock.opendj.ldap.DN;
048import org.forgerock.opendj.ldap.LdapException;
049import org.forgerock.opendj.ldap.schema.AttributeType;
050import org.forgerock.opendj.server.config.client.AccountStatusNotificationHandlerCfgClient;
051import org.forgerock.opendj.server.config.client.PasswordGeneratorCfgClient;
052import org.forgerock.opendj.server.config.client.PasswordPolicyCfgClient;
053import org.forgerock.opendj.server.config.client.PasswordStorageSchemeCfgClient;
054import org.forgerock.opendj.server.config.client.PasswordValidatorCfgClient;
055import org.forgerock.opendj.server.config.server.AccountStatusNotificationHandlerCfg;
056import org.forgerock.opendj.server.config.server.AuthenticationPolicyCfg;
057import org.forgerock.opendj.server.config.server.PasswordGeneratorCfg;
058import org.forgerock.opendj.server.config.server.PasswordPolicyCfg;
059import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg;
060import org.forgerock.opendj.server.config.server.PasswordValidatorCfg;
061
062
063
064/**
065 * An interface for querying the Password Policy managed object
066 * definition meta information.
067 * <p>
068 * Password Policies define a number of password management rules, as
069 * well as requirements for authentication processing.
070 */
071public final class PasswordPolicyCfgDefn extends ManagedObjectDefinition<PasswordPolicyCfgClient, PasswordPolicyCfg> {
072
073  /** The singleton configuration definition instance. */
074  private static final PasswordPolicyCfgDefn INSTANCE = new PasswordPolicyCfgDefn();
075
076
077
078  /**
079   * Defines the set of permissable values for the "state-update-failure-policy" property.
080   * <p>
081   * Specifies how the server deals with the inability to update
082   * password policy state information during an authentication
083   * attempt.
084   * <p>
085   * In particular, this property can be used to control whether an
086   * otherwise successful bind operation fails if a failure occurs
087   * while attempting to update password policy state information (for
088   * example, to clear a record of previous authentication failures or
089   * to update the last login time). It can also be used to control
090   * whether to reject a bind request if it is known ahead of time that
091   * it will not be possible to update the authentication failure times
092   * in the event of an unsuccessful bind attempt (for example, if the
093   * backend writability mode is disabled).
094   */
095  public static enum StateUpdateFailurePolicy {
096
097    /**
098     * If a bind attempt would otherwise be successful, then do not
099     * reject it if a problem occurs while attempting to update the
100     * password policy state information for the user.
101     */
102    IGNORE("ignore"),
103
104
105
106    /**
107     * Proactively reject any bind attempt if it is known ahead of
108     * time that it would not be possible to update the user's password
109     * policy state information.
110     */
111    PROACTIVE("proactive"),
112
113
114
115    /**
116     * Even if a bind attempt would otherwise be successful, reject it
117     * if a problem occurs while attempting to update the password
118     * policy state information for the user.
119     */
120    REACTIVE("reactive");
121
122
123
124    /** String representation of the value. */
125    private final String name;
126
127
128
129    /** Private constructor. */
130    private StateUpdateFailurePolicy(String name) { this.name = name; }
131
132
133
134    /** {@inheritDoc} */
135    public String toString() { return name; }
136
137  }
138
139
140
141  /** The "account-status-notification-handler" property definition. */
142  private static final AggregationPropertyDefinition<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER;
143
144
145
146  /** The "allow-expired-password-changes" property definition. */
147  private static final BooleanPropertyDefinition PD_ALLOW_EXPIRED_PASSWORD_CHANGES;
148
149
150
151  /** The "allow-multiple-password-values" property definition. */
152  private static final BooleanPropertyDefinition PD_ALLOW_MULTIPLE_PASSWORD_VALUES;
153
154
155
156  /** The "allow-pre-encoded-passwords" property definition. */
157  private static final BooleanPropertyDefinition PD_ALLOW_PRE_ENCODED_PASSWORDS;
158
159
160
161  /** The "allow-user-password-changes" property definition. */
162  private static final BooleanPropertyDefinition PD_ALLOW_USER_PASSWORD_CHANGES;
163
164
165
166  /** The "default-password-storage-scheme" property definition. */
167  private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_DEFAULT_PASSWORD_STORAGE_SCHEME;
168
169
170
171  /** The "deprecated-password-storage-scheme" property definition. */
172  private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_DEPRECATED_PASSWORD_STORAGE_SCHEME;
173
174
175
176  /** The "expire-passwords-without-warning" property definition. */
177  private static final BooleanPropertyDefinition PD_EXPIRE_PASSWORDS_WITHOUT_WARNING;
178
179
180
181  /** The "force-change-on-add" property definition. */
182  private static final BooleanPropertyDefinition PD_FORCE_CHANGE_ON_ADD;
183
184
185
186  /** The "force-change-on-reset" property definition. */
187  private static final BooleanPropertyDefinition PD_FORCE_CHANGE_ON_RESET;
188
189
190
191  /** The "grace-login-count" property definition. */
192  private static final IntegerPropertyDefinition PD_GRACE_LOGIN_COUNT;
193
194
195
196  /** The "idle-lockout-interval" property definition. */
197  private static final DurationPropertyDefinition PD_IDLE_LOCKOUT_INTERVAL;
198
199
200
201  /** The "java-class" property definition. */
202  private static final ClassPropertyDefinition PD_JAVA_CLASS;
203
204
205
206  /** The "last-login-time-attribute" property definition. */
207  private static final AttributeTypePropertyDefinition PD_LAST_LOGIN_TIME_ATTRIBUTE;
208
209
210
211  /** The "last-login-time-format" property definition. */
212  private static final StringPropertyDefinition PD_LAST_LOGIN_TIME_FORMAT;
213
214
215
216  /** The "lockout-duration" property definition. */
217  private static final DurationPropertyDefinition PD_LOCKOUT_DURATION;
218
219
220
221  /** The "lockout-failure-count" property definition. */
222  private static final IntegerPropertyDefinition PD_LOCKOUT_FAILURE_COUNT;
223
224
225
226  /** The "lockout-failure-expiration-interval" property definition. */
227  private static final DurationPropertyDefinition PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL;
228
229
230
231  /** The "max-password-age" property definition. */
232  private static final DurationPropertyDefinition PD_MAX_PASSWORD_AGE;
233
234
235
236  /** The "max-password-reset-age" property definition. */
237  private static final DurationPropertyDefinition PD_MAX_PASSWORD_RESET_AGE;
238
239
240
241  /** The "min-password-age" property definition. */
242  private static final DurationPropertyDefinition PD_MIN_PASSWORD_AGE;
243
244
245
246  /** The "password-attribute" property definition. */
247  private static final AttributeTypePropertyDefinition PD_PASSWORD_ATTRIBUTE;
248
249
250
251  /** The "password-change-requires-current-password" property definition. */
252  private static final BooleanPropertyDefinition PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD;
253
254
255
256  /** The "password-expiration-warning-interval" property definition. */
257  private static final DurationPropertyDefinition PD_PASSWORD_EXPIRATION_WARNING_INTERVAL;
258
259
260
261  /** The "password-generator" property definition. */
262  private static final AggregationPropertyDefinition<PasswordGeneratorCfgClient, PasswordGeneratorCfg> PD_PASSWORD_GENERATOR;
263
264
265
266  /** The "password-history-count" property definition. */
267  private static final IntegerPropertyDefinition PD_PASSWORD_HISTORY_COUNT;
268
269
270
271  /** The "password-history-duration" property definition. */
272  private static final DurationPropertyDefinition PD_PASSWORD_HISTORY_DURATION;
273
274
275
276  /** The "password-validator" property definition. */
277  private static final AggregationPropertyDefinition<PasswordValidatorCfgClient, PasswordValidatorCfg> PD_PASSWORD_VALIDATOR;
278
279
280
281  /** The "previous-last-login-time-format" property definition. */
282  private static final StringPropertyDefinition PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT;
283
284
285
286  /** The "require-change-by-time" property definition. */
287  private static final StringPropertyDefinition PD_REQUIRE_CHANGE_BY_TIME;
288
289
290
291  /** The "require-secure-authentication" property definition. */
292  private static final BooleanPropertyDefinition PD_REQUIRE_SECURE_AUTHENTICATION;
293
294
295
296  /** The "require-secure-password-changes" property definition. */
297  private static final BooleanPropertyDefinition PD_REQUIRE_SECURE_PASSWORD_CHANGES;
298
299
300
301  /** The "skip-validation-for-administrators" property definition. */
302  private static final BooleanPropertyDefinition PD_SKIP_VALIDATION_FOR_ADMINISTRATORS;
303
304
305
306  /** The "state-update-failure-policy" property definition. */
307  private static final EnumPropertyDefinition<StateUpdateFailurePolicy> PD_STATE_UPDATE_FAILURE_POLICY;
308
309
310
311  /** Build the "account-status-notification-handler" property definition. */
312  static {
313      AggregationPropertyDefinition.Builder<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "account-status-notification-handler");
314      builder.setOption(PropertyOption.MULTI_VALUED);
315      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "account-status-notification-handler"));
316      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
317      builder.setParentPath("/");
318      builder.setRelationDefinition("account-status-notification-handler");
319      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
320      PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER = builder.getInstance();
321      INSTANCE.registerPropertyDefinition(PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER);
322      INSTANCE.registerConstraint(PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER.getSourceConstraint());
323  }
324
325
326
327  /** Build the "allow-expired-password-changes" property definition. */
328  static {
329      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-expired-password-changes");
330      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-expired-password-changes"));
331      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
332      builder.setDefaultBehaviorProvider(provider);
333      PD_ALLOW_EXPIRED_PASSWORD_CHANGES = builder.getInstance();
334      INSTANCE.registerPropertyDefinition(PD_ALLOW_EXPIRED_PASSWORD_CHANGES);
335  }
336
337
338
339  /** Build the "allow-multiple-password-values" property definition. */
340  static {
341      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-multiple-password-values");
342      builder.setOption(PropertyOption.ADVANCED);
343      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-multiple-password-values"));
344      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
345      builder.setDefaultBehaviorProvider(provider);
346      PD_ALLOW_MULTIPLE_PASSWORD_VALUES = builder.getInstance();
347      INSTANCE.registerPropertyDefinition(PD_ALLOW_MULTIPLE_PASSWORD_VALUES);
348  }
349
350
351
352  /** Build the "allow-pre-encoded-passwords" property definition. */
353  static {
354      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-pre-encoded-passwords");
355      builder.setOption(PropertyOption.ADVANCED);
356      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-pre-encoded-passwords"));
357      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
358      builder.setDefaultBehaviorProvider(provider);
359      PD_ALLOW_PRE_ENCODED_PASSWORDS = builder.getInstance();
360      INSTANCE.registerPropertyDefinition(PD_ALLOW_PRE_ENCODED_PASSWORDS);
361  }
362
363
364
365  /** Build the "allow-user-password-changes" property definition. */
366  static {
367      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-user-password-changes");
368      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-user-password-changes"));
369      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
370      builder.setDefaultBehaviorProvider(provider);
371      PD_ALLOW_USER_PASSWORD_CHANGES = builder.getInstance();
372      INSTANCE.registerPropertyDefinition(PD_ALLOW_USER_PASSWORD_CHANGES);
373  }
374
375
376
377  /** Build the "default-password-storage-scheme" property definition. */
378  static {
379      AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "default-password-storage-scheme");
380      builder.setOption(PropertyOption.MULTI_VALUED);
381      builder.setOption(PropertyOption.MANDATORY);
382      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-password-storage-scheme"));
383      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
384      builder.setParentPath("/");
385      builder.setRelationDefinition("password-storage-scheme");
386      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
387      PD_DEFAULT_PASSWORD_STORAGE_SCHEME = builder.getInstance();
388      INSTANCE.registerPropertyDefinition(PD_DEFAULT_PASSWORD_STORAGE_SCHEME);
389      INSTANCE.registerConstraint(PD_DEFAULT_PASSWORD_STORAGE_SCHEME.getSourceConstraint());
390  }
391
392
393
394  /** Build the "deprecated-password-storage-scheme" property definition. */
395  static {
396      AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "deprecated-password-storage-scheme");
397      builder.setOption(PropertyOption.MULTI_VALUED);
398      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "deprecated-password-storage-scheme"));
399      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
400      builder.setParentPath("/");
401      builder.setRelationDefinition("password-storage-scheme");
402      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
403      PD_DEPRECATED_PASSWORD_STORAGE_SCHEME = builder.getInstance();
404      INSTANCE.registerPropertyDefinition(PD_DEPRECATED_PASSWORD_STORAGE_SCHEME);
405      INSTANCE.registerConstraint(PD_DEPRECATED_PASSWORD_STORAGE_SCHEME.getSourceConstraint());
406  }
407
408
409
410  /** Build the "expire-passwords-without-warning" property definition. */
411  static {
412      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "expire-passwords-without-warning");
413      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "expire-passwords-without-warning"));
414      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
415      builder.setDefaultBehaviorProvider(provider);
416      PD_EXPIRE_PASSWORDS_WITHOUT_WARNING = builder.getInstance();
417      INSTANCE.registerPropertyDefinition(PD_EXPIRE_PASSWORDS_WITHOUT_WARNING);
418  }
419
420
421
422  /** Build the "force-change-on-add" property definition. */
423  static {
424      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "force-change-on-add");
425      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "force-change-on-add"));
426      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
427      builder.setDefaultBehaviorProvider(provider);
428      PD_FORCE_CHANGE_ON_ADD = builder.getInstance();
429      INSTANCE.registerPropertyDefinition(PD_FORCE_CHANGE_ON_ADD);
430  }
431
432
433
434  /** Build the "force-change-on-reset" property definition. */
435  static {
436      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "force-change-on-reset");
437      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "force-change-on-reset"));
438      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
439      builder.setDefaultBehaviorProvider(provider);
440      PD_FORCE_CHANGE_ON_RESET = builder.getInstance();
441      INSTANCE.registerPropertyDefinition(PD_FORCE_CHANGE_ON_RESET);
442  }
443
444
445
446  /** Build the "grace-login-count" property definition. */
447  static {
448      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "grace-login-count");
449      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "grace-login-count"));
450      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0");
451      builder.setDefaultBehaviorProvider(provider);
452      builder.setUpperLimit(2147483647);
453      builder.setLowerLimit(0);
454      PD_GRACE_LOGIN_COUNT = builder.getInstance();
455      INSTANCE.registerPropertyDefinition(PD_GRACE_LOGIN_COUNT);
456  }
457
458
459
460  /** Build the "idle-lockout-interval" property definition. */
461  static {
462      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "idle-lockout-interval");
463      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "idle-lockout-interval"));
464      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
465      builder.setDefaultBehaviorProvider(provider);
466      builder.setUpperLimit("2147483647");
467      builder.setLowerLimit("0");
468      PD_IDLE_LOCKOUT_INTERVAL = builder.getInstance();
469      INSTANCE.registerPropertyDefinition(PD_IDLE_LOCKOUT_INTERVAL);
470  }
471
472
473
474  /** Build the "java-class" property definition. */
475  static {
476      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
477      builder.setOption(PropertyOption.MANDATORY);
478      builder.setOption(PropertyOption.ADVANCED);
479      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
480      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.core.PasswordPolicyFactory");
481      builder.setDefaultBehaviorProvider(provider);
482      builder.addInstanceOf("org.opends.server.api.AuthenticationPolicyFactory");
483      PD_JAVA_CLASS = builder.getInstance();
484      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
485  }
486
487
488
489  /** Build the "last-login-time-attribute" property definition. */
490  static {
491      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "last-login-time-attribute");
492      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "last-login-time-attribute"));
493      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
494      PD_LAST_LOGIN_TIME_ATTRIBUTE = builder.getInstance();
495      INSTANCE.registerPropertyDefinition(PD_LAST_LOGIN_TIME_ATTRIBUTE);
496  }
497
498
499
500  /** Build the "last-login-time-format" property definition. */
501  static {
502      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "last-login-time-format");
503      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "last-login-time-format"));
504      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
505      builder.setPattern(".*", "STRING");
506      PD_LAST_LOGIN_TIME_FORMAT = builder.getInstance();
507      INSTANCE.registerPropertyDefinition(PD_LAST_LOGIN_TIME_FORMAT);
508  }
509
510
511
512  /** Build the "lockout-duration" property definition. */
513  static {
514      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "lockout-duration");
515      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-duration"));
516      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
517      builder.setDefaultBehaviorProvider(provider);
518      builder.setBaseUnit("s");
519      builder.setUpperLimit("2147483647");
520      builder.setLowerLimit("0");
521      PD_LOCKOUT_DURATION = builder.getInstance();
522      INSTANCE.registerPropertyDefinition(PD_LOCKOUT_DURATION);
523  }
524
525
526
527  /** Build the "lockout-failure-count" property definition. */
528  static {
529      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "lockout-failure-count");
530      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-failure-count"));
531      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0");
532      builder.setDefaultBehaviorProvider(provider);
533      builder.setUpperLimit(2147483647);
534      builder.setLowerLimit(0);
535      PD_LOCKOUT_FAILURE_COUNT = builder.getInstance();
536      INSTANCE.registerPropertyDefinition(PD_LOCKOUT_FAILURE_COUNT);
537  }
538
539
540
541  /** Build the "lockout-failure-expiration-interval" property definition. */
542  static {
543      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "lockout-failure-expiration-interval");
544      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-failure-expiration-interval"));
545      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
546      builder.setDefaultBehaviorProvider(provider);
547      builder.setBaseUnit("s");
548      builder.setUpperLimit("2147483647");
549      builder.setLowerLimit("0");
550      PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL = builder.getInstance();
551      INSTANCE.registerPropertyDefinition(PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL);
552  }
553
554
555
556  /** Build the "max-password-age" property definition. */
557  static {
558      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-password-age");
559      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-password-age"));
560      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
561      builder.setDefaultBehaviorProvider(provider);
562      builder.setBaseUnit("s");
563      builder.setUpperLimit("2147483647");
564      builder.setLowerLimit("0");
565      PD_MAX_PASSWORD_AGE = builder.getInstance();
566      INSTANCE.registerPropertyDefinition(PD_MAX_PASSWORD_AGE);
567  }
568
569
570
571  /** Build the "max-password-reset-age" property definition. */
572  static {
573      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-password-reset-age");
574      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-password-reset-age"));
575      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
576      builder.setDefaultBehaviorProvider(provider);
577      builder.setBaseUnit("s");
578      builder.setUpperLimit("2147483647");
579      builder.setLowerLimit("0");
580      PD_MAX_PASSWORD_RESET_AGE = builder.getInstance();
581      INSTANCE.registerPropertyDefinition(PD_MAX_PASSWORD_RESET_AGE);
582  }
583
584
585
586  /** Build the "min-password-age" property definition. */
587  static {
588      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "min-password-age");
589      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "min-password-age"));
590      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
591      builder.setDefaultBehaviorProvider(provider);
592      builder.setBaseUnit("s");
593      builder.setUpperLimit("2147483647");
594      builder.setLowerLimit("0");
595      PD_MIN_PASSWORD_AGE = builder.getInstance();
596      INSTANCE.registerPropertyDefinition(PD_MIN_PASSWORD_AGE);
597  }
598
599
600
601  /** Build the "password-attribute" property definition. */
602  static {
603      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "password-attribute");
604      builder.setOption(PropertyOption.MANDATORY);
605      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-attribute"));
606      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
607      PD_PASSWORD_ATTRIBUTE = builder.getInstance();
608      INSTANCE.registerPropertyDefinition(PD_PASSWORD_ATTRIBUTE);
609  }
610
611
612
613  /** Build the "password-change-requires-current-password" property definition. */
614  static {
615      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "password-change-requires-current-password");
616      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-change-requires-current-password"));
617      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
618      builder.setDefaultBehaviorProvider(provider);
619      PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD = builder.getInstance();
620      INSTANCE.registerPropertyDefinition(PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD);
621  }
622
623
624
625  /** Build the "password-expiration-warning-interval" property definition. */
626  static {
627      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "password-expiration-warning-interval");
628      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-expiration-warning-interval"));
629      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 days");
630      builder.setDefaultBehaviorProvider(provider);
631      PD_PASSWORD_EXPIRATION_WARNING_INTERVAL = builder.getInstance();
632      INSTANCE.registerPropertyDefinition(PD_PASSWORD_EXPIRATION_WARNING_INTERVAL);
633  }
634
635
636
637  /** Build the "password-generator" property definition. */
638  static {
639      AggregationPropertyDefinition.Builder<PasswordGeneratorCfgClient, PasswordGeneratorCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "password-generator");
640      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-generator"));
641      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
642      builder.setParentPath("/");
643      builder.setRelationDefinition("password-generator");
644      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
645      PD_PASSWORD_GENERATOR = builder.getInstance();
646      INSTANCE.registerPropertyDefinition(PD_PASSWORD_GENERATOR);
647      INSTANCE.registerConstraint(PD_PASSWORD_GENERATOR.getSourceConstraint());
648  }
649
650
651
652  /** Build the "password-history-count" property definition. */
653  static {
654      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "password-history-count");
655      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-history-count"));
656      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0");
657      builder.setDefaultBehaviorProvider(provider);
658      builder.setUpperLimit(2147483647);
659      builder.setLowerLimit(0);
660      PD_PASSWORD_HISTORY_COUNT = builder.getInstance();
661      INSTANCE.registerPropertyDefinition(PD_PASSWORD_HISTORY_COUNT);
662  }
663
664
665
666  /** Build the "password-history-duration" property definition. */
667  static {
668      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "password-history-duration");
669      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-history-duration"));
670      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
671      builder.setDefaultBehaviorProvider(provider);
672      builder.setAllowUnlimited(false);
673      builder.setBaseUnit("s");
674      builder.setUpperLimit("2147483647");
675      builder.setLowerLimit("0");
676      PD_PASSWORD_HISTORY_DURATION = builder.getInstance();
677      INSTANCE.registerPropertyDefinition(PD_PASSWORD_HISTORY_DURATION);
678  }
679
680
681
682  /** Build the "password-validator" property definition. */
683  static {
684      AggregationPropertyDefinition.Builder<PasswordValidatorCfgClient, PasswordValidatorCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "password-validator");
685      builder.setOption(PropertyOption.MULTI_VALUED);
686      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-validator"));
687      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
688      builder.setParentPath("/");
689      builder.setRelationDefinition("password-validator");
690      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
691      PD_PASSWORD_VALIDATOR = builder.getInstance();
692      INSTANCE.registerPropertyDefinition(PD_PASSWORD_VALIDATOR);
693      INSTANCE.registerConstraint(PD_PASSWORD_VALIDATOR.getSourceConstraint());
694  }
695
696
697
698  /** Build the "previous-last-login-time-format" property definition. */
699  static {
700      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "previous-last-login-time-format");
701      builder.setOption(PropertyOption.MULTI_VALUED);
702      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "previous-last-login-time-format"));
703      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
704      builder.setPattern(".*", "STRING");
705      PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT = builder.getInstance();
706      INSTANCE.registerPropertyDefinition(PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT);
707  }
708
709
710
711  /** Build the "require-change-by-time" property definition. */
712  static {
713      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "require-change-by-time");
714      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-change-by-time"));
715      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
716      builder.setPattern(".*", "STRING");
717      PD_REQUIRE_CHANGE_BY_TIME = builder.getInstance();
718      INSTANCE.registerPropertyDefinition(PD_REQUIRE_CHANGE_BY_TIME);
719  }
720
721
722
723  /** Build the "require-secure-authentication" property definition. */
724  static {
725      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "require-secure-authentication");
726      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-secure-authentication"));
727      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
728      builder.setDefaultBehaviorProvider(provider);
729      PD_REQUIRE_SECURE_AUTHENTICATION = builder.getInstance();
730      INSTANCE.registerPropertyDefinition(PD_REQUIRE_SECURE_AUTHENTICATION);
731  }
732
733
734
735  /** Build the "require-secure-password-changes" property definition. */
736  static {
737      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "require-secure-password-changes");
738      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-secure-password-changes"));
739      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
740      builder.setDefaultBehaviorProvider(provider);
741      PD_REQUIRE_SECURE_PASSWORD_CHANGES = builder.getInstance();
742      INSTANCE.registerPropertyDefinition(PD_REQUIRE_SECURE_PASSWORD_CHANGES);
743  }
744
745
746
747  /** Build the "skip-validation-for-administrators" property definition. */
748  static {
749      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "skip-validation-for-administrators");
750      builder.setOption(PropertyOption.ADVANCED);
751      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "skip-validation-for-administrators"));
752      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
753      builder.setDefaultBehaviorProvider(provider);
754      PD_SKIP_VALIDATION_FOR_ADMINISTRATORS = builder.getInstance();
755      INSTANCE.registerPropertyDefinition(PD_SKIP_VALIDATION_FOR_ADMINISTRATORS);
756  }
757
758
759
760  /** Build the "state-update-failure-policy" property definition. */
761  static {
762      EnumPropertyDefinition.Builder<StateUpdateFailurePolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "state-update-failure-policy");
763      builder.setOption(PropertyOption.ADVANCED);
764      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "state-update-failure-policy"));
765      DefaultBehaviorProvider<StateUpdateFailurePolicy> provider = new DefinedDefaultBehaviorProvider<StateUpdateFailurePolicy>("reactive");
766      builder.setDefaultBehaviorProvider(provider);
767      builder.setEnumClass(StateUpdateFailurePolicy.class);
768      PD_STATE_UPDATE_FAILURE_POLICY = builder.getInstance();
769      INSTANCE.registerPropertyDefinition(PD_STATE_UPDATE_FAILURE_POLICY);
770  }
771
772
773
774  // Register the tags associated with this managed object definition.
775  static {
776    INSTANCE.registerTag(Tag.valueOf("user-management"));
777  }
778
779
780
781  /**
782   * Get the Password Policy configuration definition singleton.
783   *
784   * @return Returns the Password Policy configuration definition
785   *         singleton.
786   */
787  public static PasswordPolicyCfgDefn getInstance() {
788    return INSTANCE;
789  }
790
791
792
793  /**
794   * Private constructor.
795   */
796  private PasswordPolicyCfgDefn() {
797    super("password-policy", AuthenticationPolicyCfgDefn.getInstance());
798  }
799
800
801
802  /** {@inheritDoc} */
803  public PasswordPolicyCfgClient createClientConfiguration(
804      ManagedObject<? extends PasswordPolicyCfgClient> impl) {
805    return new PasswordPolicyCfgClientImpl(impl);
806  }
807
808
809
810  /** {@inheritDoc} */
811  public PasswordPolicyCfg createServerConfiguration(
812      ServerManagedObject<? extends PasswordPolicyCfg> impl) {
813    return new PasswordPolicyCfgServerImpl(impl);
814  }
815
816
817
818  /** {@inheritDoc} */
819  public Class<PasswordPolicyCfg> getServerConfigurationClass() {
820    return PasswordPolicyCfg.class;
821  }
822
823
824
825  /**
826   * Get the "account-status-notification-handler" property definition.
827   * <p>
828   * Specifies the names of the account status notification handlers
829   * that are used with the associated password storage scheme.
830   *
831   * @return Returns the "account-status-notification-handler" property definition.
832   */
833  public AggregationPropertyDefinition<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> getAccountStatusNotificationHandlerPropertyDefinition() {
834    return PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER;
835  }
836
837
838
839  /**
840   * Get the "allow-expired-password-changes" property definition.
841   * <p>
842   * Indicates whether a user whose password is expired is still
843   * allowed to change that password using the password modify extended
844   * operation.
845   *
846   * @return Returns the "allow-expired-password-changes" property definition.
847   */
848  public BooleanPropertyDefinition getAllowExpiredPasswordChangesPropertyDefinition() {
849    return PD_ALLOW_EXPIRED_PASSWORD_CHANGES;
850  }
851
852
853
854  /**
855   * Get the "allow-multiple-password-values" property definition.
856   * <p>
857   * Indicates whether user entries can have multiple distinct values
858   * for the password attribute.
859   * <p>
860   * This is potentially dangerous because many mechanisms used to
861   * change the password do not work well with such a configuration. If
862   * multiple password values are allowed, then any of them can be used
863   * to authenticate, and they are all subject to the same policy
864   * constraints.
865   *
866   * @return Returns the "allow-multiple-password-values" property definition.
867   */
868  public BooleanPropertyDefinition getAllowMultiplePasswordValuesPropertyDefinition() {
869    return PD_ALLOW_MULTIPLE_PASSWORD_VALUES;
870  }
871
872
873
874  /**
875   * Get the "allow-pre-encoded-passwords" property definition.
876   * <p>
877   * Indicates whether users can change their passwords by providing a
878   * pre-encoded value.
879   * <p>
880   * This can cause a security risk because the clear-text version of
881   * the password is not known and therefore validation checks cannot
882   * be applied to it.
883   *
884   * @return Returns the "allow-pre-encoded-passwords" property definition.
885   */
886  public BooleanPropertyDefinition getAllowPreEncodedPasswordsPropertyDefinition() {
887    return PD_ALLOW_PRE_ENCODED_PASSWORDS;
888  }
889
890
891
892  /**
893   * Get the "allow-user-password-changes" property definition.
894   * <p>
895   * Indicates whether users can change their own passwords.
896   * <p>
897   * This check is made in addition to access control evaluation. Both
898   * must allow the password change for it to occur.
899   *
900   * @return Returns the "allow-user-password-changes" property definition.
901   */
902  public BooleanPropertyDefinition getAllowUserPasswordChangesPropertyDefinition() {
903    return PD_ALLOW_USER_PASSWORD_CHANGES;
904  }
905
906
907
908  /**
909   * Get the "default-password-storage-scheme" property definition.
910   * <p>
911   * Specifies the names of the password storage schemes that are used
912   * to encode clear-text passwords for this password policy.
913   *
914   * @return Returns the "default-password-storage-scheme" property definition.
915   */
916  public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getDefaultPasswordStorageSchemePropertyDefinition() {
917    return PD_DEFAULT_PASSWORD_STORAGE_SCHEME;
918  }
919
920
921
922  /**
923   * Get the "deprecated-password-storage-scheme" property definition.
924   * <p>
925   * Specifies the names of the password storage schemes that are
926   * considered deprecated for this password policy.
927   * <p>
928   * If a user with this password policy authenticates to the server
929   * and his/her password is encoded with a deprecated scheme, those
930   * values are removed and replaced with values encoded using the
931   * default password storage scheme(s).
932   *
933   * @return Returns the "deprecated-password-storage-scheme" property definition.
934   */
935  public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getDeprecatedPasswordStorageSchemePropertyDefinition() {
936    return PD_DEPRECATED_PASSWORD_STORAGE_SCHEME;
937  }
938
939
940
941  /**
942   * Get the "expire-passwords-without-warning" property definition.
943   * <p>
944   * Indicates whether the directory server allows a user's password
945   * to expire even if that user has never seen an expiration warning
946   * notification.
947   * <p>
948   * If this property is true, accounts always expire when the
949   * expiration time arrives. If this property is false or disabled,
950   * the user always receives at least one warning notification, and
951   * the password expiration is set to the warning time plus the
952   * warning interval.
953   *
954   * @return Returns the "expire-passwords-without-warning" property definition.
955   */
956  public BooleanPropertyDefinition getExpirePasswordsWithoutWarningPropertyDefinition() {
957    return PD_EXPIRE_PASSWORDS_WITHOUT_WARNING;
958  }
959
960
961
962  /**
963   * Get the "force-change-on-add" property definition.
964   * <p>
965   * Indicates whether users are forced to change their passwords upon
966   * first authenticating to the directory server after their account
967   * has been created.
968   *
969   * @return Returns the "force-change-on-add" property definition.
970   */
971  public BooleanPropertyDefinition getForceChangeOnAddPropertyDefinition() {
972    return PD_FORCE_CHANGE_ON_ADD;
973  }
974
975
976
977  /**
978   * Get the "force-change-on-reset" property definition.
979   * <p>
980   * Indicates whether users are forced to change their passwords if
981   * they are reset by an administrator.
982   * <p>
983   * For this purpose, anyone with permission to change a given user's
984   * password other than that user is considered an administrator.
985   *
986   * @return Returns the "force-change-on-reset" property definition.
987   */
988  public BooleanPropertyDefinition getForceChangeOnResetPropertyDefinition() {
989    return PD_FORCE_CHANGE_ON_RESET;
990  }
991
992
993
994  /**
995   * Get the "grace-login-count" property definition.
996   * <p>
997   * Specifies the number of grace logins that a user is allowed after
998   * the account has expired to allow that user to choose a new
999   * password.
1000   * <p>
1001   * A value of 0 indicates that no grace logins are allowed.
1002   *
1003   * @return Returns the "grace-login-count" property definition.
1004   */
1005  public IntegerPropertyDefinition getGraceLoginCountPropertyDefinition() {
1006    return PD_GRACE_LOGIN_COUNT;
1007  }
1008
1009
1010
1011  /**
1012   * Get the "idle-lockout-interval" property definition.
1013   * <p>
1014   * Specifies the maximum length of time that an account may remain
1015   * idle (that is, the associated user does not authenticate to the
1016   * server) before that user is locked out.
1017   * <p>
1018   * The value of this attribute is an integer followed by a unit of
1019   * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1020   * indicates that idle accounts are not automatically locked out.
1021   * This feature is available only if the last login time is
1022   * maintained.
1023   *
1024   * @return Returns the "idle-lockout-interval" property definition.
1025   */
1026  public DurationPropertyDefinition getIdleLockoutIntervalPropertyDefinition() {
1027    return PD_IDLE_LOCKOUT_INTERVAL;
1028  }
1029
1030
1031
1032  /**
1033   * Get the "java-class" property definition.
1034   * <p>
1035   * Specifies the fully-qualified name of the Java class which
1036   * provides the Password Policy implementation.
1037   *
1038   * @return Returns the "java-class" property definition.
1039   */
1040  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
1041    return PD_JAVA_CLASS;
1042  }
1043
1044
1045
1046  /**
1047   * Get the "last-login-time-attribute" property definition.
1048   * <p>
1049   * Specifies the name or OID of the attribute type that is used to
1050   * hold the last login time for users with the associated password
1051   * policy.
1052   * <p>
1053   * This attribute type must be defined in the directory server
1054   * schema and must either be defined as an operational attribute or
1055   * must be allowed by the set of objectClasses for all users with the
1056   * associated password policy.
1057   *
1058   * @return Returns the "last-login-time-attribute" property definition.
1059   */
1060  public AttributeTypePropertyDefinition getLastLoginTimeAttributePropertyDefinition() {
1061    return PD_LAST_LOGIN_TIME_ATTRIBUTE;
1062  }
1063
1064
1065
1066  /**
1067   * Get the "last-login-time-format" property definition.
1068   * <p>
1069   * Specifies the format string that is used to generate the last
1070   * login time value for users with the associated password policy.
1071   * <p>
1072   * This format string conforms to the syntax described in the API
1073   * documentation for the java.text.SimpleDateFormat class.
1074   *
1075   * @return Returns the "last-login-time-format" property definition.
1076   */
1077  public StringPropertyDefinition getLastLoginTimeFormatPropertyDefinition() {
1078    return PD_LAST_LOGIN_TIME_FORMAT;
1079  }
1080
1081
1082
1083  /**
1084   * Get the "lockout-duration" property definition.
1085   * <p>
1086   * Specifies the length of time that an account is locked after too
1087   * many authentication failures.
1088   * <p>
1089   * The value of this attribute is an integer followed by a unit of
1090   * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1091   * indicates that the account must remain locked until an
1092   * administrator resets the password.
1093   *
1094   * @return Returns the "lockout-duration" property definition.
1095   */
1096  public DurationPropertyDefinition getLockoutDurationPropertyDefinition() {
1097    return PD_LOCKOUT_DURATION;
1098  }
1099
1100
1101
1102  /**
1103   * Get the "lockout-failure-count" property definition.
1104   * <p>
1105   * Specifies the maximum number of authentication failures that a
1106   * user is allowed before the account is locked out.
1107   * <p>
1108   * A value of 0 indicates that accounts are never locked out due to
1109   * failed attempts.
1110   *
1111   * @return Returns the "lockout-failure-count" property definition.
1112   */
1113  public IntegerPropertyDefinition getLockoutFailureCountPropertyDefinition() {
1114    return PD_LOCKOUT_FAILURE_COUNT;
1115  }
1116
1117
1118
1119  /**
1120   * Get the "lockout-failure-expiration-interval" property definition.
1121   * <p>
1122   * Specifies the length of time before an authentication failure is
1123   * no longer counted against a user for the purposes of account
1124   * lockout.
1125   * <p>
1126   * The value of this attribute is an integer followed by a unit of
1127   * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1128   * indicates that the authentication failures must never expire. The
1129   * failure count is always cleared upon a successful authentication.
1130   *
1131   * @return Returns the "lockout-failure-expiration-interval" property definition.
1132   */
1133  public DurationPropertyDefinition getLockoutFailureExpirationIntervalPropertyDefinition() {
1134    return PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL;
1135  }
1136
1137
1138
1139  /**
1140   * Get the "max-password-age" property definition.
1141   * <p>
1142   * Specifies the maximum length of time that a user can continue
1143   * using the same password before it must be changed (that is, the
1144   * password expiration interval).
1145   * <p>
1146   * The value of this attribute is an integer followed by a unit of
1147   * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1148   * disables password expiration.
1149   *
1150   * @return Returns the "max-password-age" property definition.
1151   */
1152  public DurationPropertyDefinition getMaxPasswordAgePropertyDefinition() {
1153    return PD_MAX_PASSWORD_AGE;
1154  }
1155
1156
1157
1158  /**
1159   * Get the "max-password-reset-age" property definition.
1160   * <p>
1161   * Specifies the maximum length of time that users have to change
1162   * passwords after they have been reset by an administrator before
1163   * they become locked.
1164   * <p>
1165   * The value of this attribute is an integer followed by a unit of
1166   * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1167   * disables this feature.
1168   *
1169   * @return Returns the "max-password-reset-age" property definition.
1170   */
1171  public DurationPropertyDefinition getMaxPasswordResetAgePropertyDefinition() {
1172    return PD_MAX_PASSWORD_RESET_AGE;
1173  }
1174
1175
1176
1177  /**
1178   * Get the "min-password-age" property definition.
1179   * <p>
1180   * Specifies the minimum length of time after a password change
1181   * before the user is allowed to change the password again.
1182   * <p>
1183   * The value of this attribute is an integer followed by a unit of
1184   * seconds, minutes, hours, days, or weeks. This setting can be used
1185   * to prevent users from changing their passwords repeatedly over a
1186   * short period of time to flush an old password from the history so
1187   * that it can be re-used.
1188   *
1189   * @return Returns the "min-password-age" property definition.
1190   */
1191  public DurationPropertyDefinition getMinPasswordAgePropertyDefinition() {
1192    return PD_MIN_PASSWORD_AGE;
1193  }
1194
1195
1196
1197  /**
1198   * Get the "password-attribute" property definition.
1199   * <p>
1200   * Specifies the attribute type used to hold user passwords.
1201   * <p>
1202   * This attribute type must be defined in the server schema, and it
1203   * must have either the user password or auth password syntax.
1204   *
1205   * @return Returns the "password-attribute" property definition.
1206   */
1207  public AttributeTypePropertyDefinition getPasswordAttributePropertyDefinition() {
1208    return PD_PASSWORD_ATTRIBUTE;
1209  }
1210
1211
1212
1213  /**
1214   * Get the "password-change-requires-current-password" property definition.
1215   * <p>
1216   * Indicates whether user password changes must use the password
1217   * modify extended operation and must include the user's current
1218   * password before the change is allowed.
1219   *
1220   * @return Returns the "password-change-requires-current-password" property definition.
1221   */
1222  public BooleanPropertyDefinition getPasswordChangeRequiresCurrentPasswordPropertyDefinition() {
1223    return PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD;
1224  }
1225
1226
1227
1228  /**
1229   * Get the "password-expiration-warning-interval" property definition.
1230   * <p>
1231   * Specifies the maximum length of time before a user's password
1232   * actually expires that the server begins to include warning
1233   * notifications in bind responses for that user.
1234   * <p>
1235   * The value of this attribute is an integer followed by a unit of
1236   * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1237   * disables the warning interval.
1238   *
1239   * @return Returns the "password-expiration-warning-interval" property definition.
1240   */
1241  public DurationPropertyDefinition getPasswordExpirationWarningIntervalPropertyDefinition() {
1242    return PD_PASSWORD_EXPIRATION_WARNING_INTERVAL;
1243  }
1244
1245
1246
1247  /**
1248   * Get the "password-generator" property definition.
1249   * <p>
1250   * Specifies the name of the password generator that is used with
1251   * the associated password policy.
1252   * <p>
1253   * This is used in conjunction with the password modify extended
1254   * operation to generate a new password for a user when none was
1255   * provided in the request.
1256   *
1257   * @return Returns the "password-generator" property definition.
1258   */
1259  public AggregationPropertyDefinition<PasswordGeneratorCfgClient, PasswordGeneratorCfg> getPasswordGeneratorPropertyDefinition() {
1260    return PD_PASSWORD_GENERATOR;
1261  }
1262
1263
1264
1265  /**
1266   * Get the "password-history-count" property definition.
1267   * <p>
1268   * Specifies the maximum number of former passwords to maintain in
1269   * the password history.
1270   * <p>
1271   * When choosing a new password, the proposed password is checked to
1272   * ensure that it does not match the current password, nor any other
1273   * password in the history list. A value of zero indicates that
1274   * either no password history is to be maintained (if the password
1275   * history duration has a value of zero seconds), or that there is no
1276   * maximum number of passwords to maintain in the history (if the
1277   * password history duration has a value greater than zero seconds).
1278   *
1279   * @return Returns the "password-history-count" property definition.
1280   */
1281  public IntegerPropertyDefinition getPasswordHistoryCountPropertyDefinition() {
1282    return PD_PASSWORD_HISTORY_COUNT;
1283  }
1284
1285
1286
1287  /**
1288   * Get the "password-history-duration" property definition.
1289   * <p>
1290   * Specifies the maximum length of time that passwords remain in the
1291   * password history.
1292   * <p>
1293   * When choosing a new password, the proposed password is checked to
1294   * ensure that it does not match the current password, nor any other
1295   * password in the history list. A value of zero seconds indicates
1296   * that either no password history is to be maintained (if the
1297   * password history count has a value of zero), or that there is no
1298   * maximum duration for passwords in the history (if the password
1299   * history count has a value greater than zero).
1300   *
1301   * @return Returns the "password-history-duration" property definition.
1302   */
1303  public DurationPropertyDefinition getPasswordHistoryDurationPropertyDefinition() {
1304    return PD_PASSWORD_HISTORY_DURATION;
1305  }
1306
1307
1308
1309  /**
1310   * Get the "password-validator" property definition.
1311   * <p>
1312   * Specifies the names of the password validators that are used with
1313   * the associated password storage scheme.
1314   * <p>
1315   * The password validators are invoked when a user attempts to
1316   * provide a new password, to determine whether the new password is
1317   * acceptable.
1318   *
1319   * @return Returns the "password-validator" property definition.
1320   */
1321  public AggregationPropertyDefinition<PasswordValidatorCfgClient, PasswordValidatorCfg> getPasswordValidatorPropertyDefinition() {
1322    return PD_PASSWORD_VALIDATOR;
1323  }
1324
1325
1326
1327  /**
1328   * Get the "previous-last-login-time-format" property definition.
1329   * <p>
1330   * Specifies the format string(s) that might have been used with the
1331   * last login time at any point in the past for users associated with
1332   * the password policy.
1333   * <p>
1334   * These values are used to make it possible to parse previous
1335   * values, but are not used to set new values. The format strings
1336   * conform to the syntax described in the API documentation for the
1337   * java.text.SimpleDateFormat class.
1338   *
1339   * @return Returns the "previous-last-login-time-format" property definition.
1340   */
1341  public StringPropertyDefinition getPreviousLastLoginTimeFormatPropertyDefinition() {
1342    return PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT;
1343  }
1344
1345
1346
1347  /**
1348   * Get the "require-change-by-time" property definition.
1349   * <p>
1350   * Specifies the time by which all users with the associated
1351   * password policy must change their passwords.
1352   * <p>
1353   * The value is expressed in a generalized time format. If this time
1354   * is equal to the current time or is in the past, then all users are
1355   * required to change their passwords immediately. The behavior of
1356   * the server in this mode is identical to the behavior observed when
1357   * users are forced to change their passwords after an administrative
1358   * reset.
1359   *
1360   * @return Returns the "require-change-by-time" property definition.
1361   */
1362  public StringPropertyDefinition getRequireChangeByTimePropertyDefinition() {
1363    return PD_REQUIRE_CHANGE_BY_TIME;
1364  }
1365
1366
1367
1368  /**
1369   * Get the "require-secure-authentication" property definition.
1370   * <p>
1371   * Indicates whether users with the associated password policy are
1372   * required to authenticate in a secure manner.
1373   * <p>
1374   * This might mean either using a secure communication channel
1375   * between the client and the server, or using a SASL mechanism that
1376   * does not expose the credentials.
1377   *
1378   * @return Returns the "require-secure-authentication" property definition.
1379   */
1380  public BooleanPropertyDefinition getRequireSecureAuthenticationPropertyDefinition() {
1381    return PD_REQUIRE_SECURE_AUTHENTICATION;
1382  }
1383
1384
1385
1386  /**
1387   * Get the "require-secure-password-changes" property definition.
1388   * <p>
1389   * Indicates whether users with the associated password policy are
1390   * required to change their password in a secure manner that does not
1391   * expose the credentials.
1392   *
1393   * @return Returns the "require-secure-password-changes" property definition.
1394   */
1395  public BooleanPropertyDefinition getRequireSecurePasswordChangesPropertyDefinition() {
1396    return PD_REQUIRE_SECURE_PASSWORD_CHANGES;
1397  }
1398
1399
1400
1401  /**
1402   * Get the "skip-validation-for-administrators" property definition.
1403   * <p>
1404   * Indicates whether passwords set by administrators are allowed to
1405   * bypass the password validation process that is required for user
1406   * password changes.
1407   *
1408   * @return Returns the "skip-validation-for-administrators" property definition.
1409   */
1410  public BooleanPropertyDefinition getSkipValidationForAdministratorsPropertyDefinition() {
1411    return PD_SKIP_VALIDATION_FOR_ADMINISTRATORS;
1412  }
1413
1414
1415
1416  /**
1417   * Get the "state-update-failure-policy" property definition.
1418   * <p>
1419   * Specifies how the server deals with the inability to update
1420   * password policy state information during an authentication
1421   * attempt.
1422   * <p>
1423   * In particular, this property can be used to control whether an
1424   * otherwise successful bind operation fails if a failure occurs
1425   * while attempting to update password policy state information (for
1426   * example, to clear a record of previous authentication failures or
1427   * to update the last login time). It can also be used to control
1428   * whether to reject a bind request if it is known ahead of time that
1429   * it will not be possible to update the authentication failure times
1430   * in the event of an unsuccessful bind attempt (for example, if the
1431   * backend writability mode is disabled).
1432   *
1433   * @return Returns the "state-update-failure-policy" property definition.
1434   */
1435  public EnumPropertyDefinition<StateUpdateFailurePolicy> getStateUpdateFailurePolicyPropertyDefinition() {
1436    return PD_STATE_UPDATE_FAILURE_POLICY;
1437  }
1438
1439
1440
1441  /**
1442   * Managed object client implementation.
1443   */
1444  private static class PasswordPolicyCfgClientImpl implements
1445    PasswordPolicyCfgClient {
1446
1447    /** Private implementation. */
1448    private ManagedObject<? extends PasswordPolicyCfgClient> impl;
1449
1450
1451
1452    /** Private constructor. */
1453    private PasswordPolicyCfgClientImpl(
1454        ManagedObject<? extends PasswordPolicyCfgClient> impl) {
1455      this.impl = impl;
1456    }
1457
1458
1459
1460    /** {@inheritDoc} */
1461    public SortedSet<String> getAccountStatusNotificationHandler() {
1462      return impl.getPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition());
1463    }
1464
1465
1466
1467    /** {@inheritDoc} */
1468    public void setAccountStatusNotificationHandler(Collection<String> values) {
1469      impl.setPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition(), values);
1470    }
1471
1472
1473
1474    /** {@inheritDoc} */
1475    public boolean isAllowExpiredPasswordChanges() {
1476      return impl.getPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition());
1477    }
1478
1479
1480
1481    /** {@inheritDoc} */
1482    public void setAllowExpiredPasswordChanges(Boolean value) {
1483      impl.setPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition(), value);
1484    }
1485
1486
1487
1488    /** {@inheritDoc} */
1489    public boolean isAllowMultiplePasswordValues() {
1490      return impl.getPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition());
1491    }
1492
1493
1494
1495    /** {@inheritDoc} */
1496    public void setAllowMultiplePasswordValues(Boolean value) {
1497      impl.setPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition(), value);
1498    }
1499
1500
1501
1502    /** {@inheritDoc} */
1503    public boolean isAllowPreEncodedPasswords() {
1504      return impl.getPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition());
1505    }
1506
1507
1508
1509    /** {@inheritDoc} */
1510    public void setAllowPreEncodedPasswords(Boolean value) {
1511      impl.setPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition(), value);
1512    }
1513
1514
1515
1516    /** {@inheritDoc} */
1517    public boolean isAllowUserPasswordChanges() {
1518      return impl.getPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition());
1519    }
1520
1521
1522
1523    /** {@inheritDoc} */
1524    public void setAllowUserPasswordChanges(Boolean value) {
1525      impl.setPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition(), value);
1526    }
1527
1528
1529
1530    /** {@inheritDoc} */
1531    public SortedSet<String> getDefaultPasswordStorageScheme() {
1532      return impl.getPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition());
1533    }
1534
1535
1536
1537    /** {@inheritDoc} */
1538    public void setDefaultPasswordStorageScheme(Collection<String> values) {
1539      impl.setPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition(), values);
1540    }
1541
1542
1543
1544    /** {@inheritDoc} */
1545    public SortedSet<String> getDeprecatedPasswordStorageScheme() {
1546      return impl.getPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition());
1547    }
1548
1549
1550
1551    /** {@inheritDoc} */
1552    public void setDeprecatedPasswordStorageScheme(Collection<String> values) {
1553      impl.setPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition(), values);
1554    }
1555
1556
1557
1558    /** {@inheritDoc} */
1559    public boolean isExpirePasswordsWithoutWarning() {
1560      return impl.getPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition());
1561    }
1562
1563
1564
1565    /** {@inheritDoc} */
1566    public void setExpirePasswordsWithoutWarning(Boolean value) {
1567      impl.setPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition(), value);
1568    }
1569
1570
1571
1572    /** {@inheritDoc} */
1573    public boolean isForceChangeOnAdd() {
1574      return impl.getPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition());
1575    }
1576
1577
1578
1579    /** {@inheritDoc} */
1580    public void setForceChangeOnAdd(Boolean value) {
1581      impl.setPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition(), value);
1582    }
1583
1584
1585
1586    /** {@inheritDoc} */
1587    public boolean isForceChangeOnReset() {
1588      return impl.getPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition());
1589    }
1590
1591
1592
1593    /** {@inheritDoc} */
1594    public void setForceChangeOnReset(Boolean value) {
1595      impl.setPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition(), value);
1596    }
1597
1598
1599
1600    /** {@inheritDoc} */
1601    public int getGraceLoginCount() {
1602      return impl.getPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition());
1603    }
1604
1605
1606
1607    /** {@inheritDoc} */
1608    public void setGraceLoginCount(Integer value) {
1609      impl.setPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition(), value);
1610    }
1611
1612
1613
1614    /** {@inheritDoc} */
1615    public long getIdleLockoutInterval() {
1616      return impl.getPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition());
1617    }
1618
1619
1620
1621    /** {@inheritDoc} */
1622    public void setIdleLockoutInterval(Long value) {
1623      impl.setPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition(), value);
1624    }
1625
1626
1627
1628    /** {@inheritDoc} */
1629    public String getJavaClass() {
1630      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1631    }
1632
1633
1634
1635    /** {@inheritDoc} */
1636    public void setJavaClass(String value) {
1637      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
1638    }
1639
1640
1641
1642    /** {@inheritDoc} */
1643    public AttributeType getLastLoginTimeAttribute() {
1644      return impl.getPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition());
1645    }
1646
1647
1648
1649    /** {@inheritDoc} */
1650    public void setLastLoginTimeAttribute(AttributeType value) {
1651      impl.setPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition(), value);
1652    }
1653
1654
1655
1656    /** {@inheritDoc} */
1657    public String getLastLoginTimeFormat() {
1658      return impl.getPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition());
1659    }
1660
1661
1662
1663    /** {@inheritDoc} */
1664    public void setLastLoginTimeFormat(String value) {
1665      impl.setPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition(), value);
1666    }
1667
1668
1669
1670    /** {@inheritDoc} */
1671    public long getLockoutDuration() {
1672      return impl.getPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition());
1673    }
1674
1675
1676
1677    /** {@inheritDoc} */
1678    public void setLockoutDuration(Long value) {
1679      impl.setPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition(), value);
1680    }
1681
1682
1683
1684    /** {@inheritDoc} */
1685    public int getLockoutFailureCount() {
1686      return impl.getPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition());
1687    }
1688
1689
1690
1691    /** {@inheritDoc} */
1692    public void setLockoutFailureCount(Integer value) {
1693      impl.setPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition(), value);
1694    }
1695
1696
1697
1698    /** {@inheritDoc} */
1699    public long getLockoutFailureExpirationInterval() {
1700      return impl.getPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition());
1701    }
1702
1703
1704
1705    /** {@inheritDoc} */
1706    public void setLockoutFailureExpirationInterval(Long value) {
1707      impl.setPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition(), value);
1708    }
1709
1710
1711
1712    /** {@inheritDoc} */
1713    public long getMaxPasswordAge() {
1714      return impl.getPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition());
1715    }
1716
1717
1718
1719    /** {@inheritDoc} */
1720    public void setMaxPasswordAge(Long value) {
1721      impl.setPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition(), value);
1722    }
1723
1724
1725
1726    /** {@inheritDoc} */
1727    public long getMaxPasswordResetAge() {
1728      return impl.getPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition());
1729    }
1730
1731
1732
1733    /** {@inheritDoc} */
1734    public void setMaxPasswordResetAge(Long value) {
1735      impl.setPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition(), value);
1736    }
1737
1738
1739
1740    /** {@inheritDoc} */
1741    public long getMinPasswordAge() {
1742      return impl.getPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition());
1743    }
1744
1745
1746
1747    /** {@inheritDoc} */
1748    public void setMinPasswordAge(Long value) {
1749      impl.setPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition(), value);
1750    }
1751
1752
1753
1754    /** {@inheritDoc} */
1755    public AttributeType getPasswordAttribute() {
1756      return impl.getPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition());
1757    }
1758
1759
1760
1761    /** {@inheritDoc} */
1762    public void setPasswordAttribute(AttributeType value) {
1763      impl.setPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition(), value);
1764    }
1765
1766
1767
1768    /** {@inheritDoc} */
1769    public boolean isPasswordChangeRequiresCurrentPassword() {
1770      return impl.getPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition());
1771    }
1772
1773
1774
1775    /** {@inheritDoc} */
1776    public void setPasswordChangeRequiresCurrentPassword(Boolean value) {
1777      impl.setPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition(), value);
1778    }
1779
1780
1781
1782    /** {@inheritDoc} */
1783    public long getPasswordExpirationWarningInterval() {
1784      return impl.getPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition());
1785    }
1786
1787
1788
1789    /** {@inheritDoc} */
1790    public void setPasswordExpirationWarningInterval(Long value) {
1791      impl.setPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition(), value);
1792    }
1793
1794
1795
1796    /** {@inheritDoc} */
1797    public String getPasswordGenerator() {
1798      return impl.getPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition());
1799    }
1800
1801
1802
1803    /** {@inheritDoc} */
1804    public void setPasswordGenerator(String value) {
1805      impl.setPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition(), value);
1806    }
1807
1808
1809
1810    /** {@inheritDoc} */
1811    public int getPasswordHistoryCount() {
1812      return impl.getPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition());
1813    }
1814
1815
1816
1817    /** {@inheritDoc} */
1818    public void setPasswordHistoryCount(Integer value) {
1819      impl.setPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition(), value);
1820    }
1821
1822
1823
1824    /** {@inheritDoc} */
1825    public long getPasswordHistoryDuration() {
1826      return impl.getPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition());
1827    }
1828
1829
1830
1831    /** {@inheritDoc} */
1832    public void setPasswordHistoryDuration(Long value) {
1833      impl.setPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition(), value);
1834    }
1835
1836
1837
1838    /** {@inheritDoc} */
1839    public SortedSet<String> getPasswordValidator() {
1840      return impl.getPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition());
1841    }
1842
1843
1844
1845    /** {@inheritDoc} */
1846    public void setPasswordValidator(Collection<String> values) {
1847      impl.setPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition(), values);
1848    }
1849
1850
1851
1852    /** {@inheritDoc} */
1853    public SortedSet<String> getPreviousLastLoginTimeFormat() {
1854      return impl.getPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition());
1855    }
1856
1857
1858
1859    /** {@inheritDoc} */
1860    public void setPreviousLastLoginTimeFormat(Collection<String> values) {
1861      impl.setPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition(), values);
1862    }
1863
1864
1865
1866    /** {@inheritDoc} */
1867    public String getRequireChangeByTime() {
1868      return impl.getPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition());
1869    }
1870
1871
1872
1873    /** {@inheritDoc} */
1874    public void setRequireChangeByTime(String value) {
1875      impl.setPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition(), value);
1876    }
1877
1878
1879
1880    /** {@inheritDoc} */
1881    public boolean isRequireSecureAuthentication() {
1882      return impl.getPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition());
1883    }
1884
1885
1886
1887    /** {@inheritDoc} */
1888    public void setRequireSecureAuthentication(Boolean value) {
1889      impl.setPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition(), value);
1890    }
1891
1892
1893
1894    /** {@inheritDoc} */
1895    public boolean isRequireSecurePasswordChanges() {
1896      return impl.getPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition());
1897    }
1898
1899
1900
1901    /** {@inheritDoc} */
1902    public void setRequireSecurePasswordChanges(Boolean value) {
1903      impl.setPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition(), value);
1904    }
1905
1906
1907
1908    /** {@inheritDoc} */
1909    public boolean isSkipValidationForAdministrators() {
1910      return impl.getPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition());
1911    }
1912
1913
1914
1915    /** {@inheritDoc} */
1916    public void setSkipValidationForAdministrators(Boolean value) {
1917      impl.setPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition(), value);
1918    }
1919
1920
1921
1922    /** {@inheritDoc} */
1923    public StateUpdateFailurePolicy getStateUpdateFailurePolicy() {
1924      return impl.getPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition());
1925    }
1926
1927
1928
1929    /** {@inheritDoc} */
1930    public void setStateUpdateFailurePolicy(StateUpdateFailurePolicy value) {
1931      impl.setPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition(), value);
1932    }
1933
1934
1935
1936    /** {@inheritDoc} */
1937    public ManagedObjectDefinition<? extends PasswordPolicyCfgClient, ? extends PasswordPolicyCfg> definition() {
1938      return INSTANCE;
1939    }
1940
1941
1942
1943    /** {@inheritDoc} */
1944    public PropertyProvider properties() {
1945      return impl;
1946    }
1947
1948
1949
1950    /** {@inheritDoc} */
1951    public void commit() throws ManagedObjectAlreadyExistsException,
1952        MissingMandatoryPropertiesException, ConcurrentModificationException,
1953        OperationRejectedException, LdapException {
1954      impl.commit();
1955    }
1956
1957
1958
1959    /** {@inheritDoc} */
1960    public String toString() {
1961      return impl.toString();
1962    }
1963  }
1964
1965
1966
1967  /**
1968   * Managed object server implementation.
1969   */
1970  private static class PasswordPolicyCfgServerImpl implements
1971    PasswordPolicyCfg {
1972
1973    /** Private implementation. */
1974    private ServerManagedObject<? extends PasswordPolicyCfg> impl;
1975
1976    /** The value of the "account-status-notification-handler" property. */
1977    private final SortedSet<String> pAccountStatusNotificationHandler;
1978
1979    /** The value of the "allow-expired-password-changes" property. */
1980    private final boolean pAllowExpiredPasswordChanges;
1981
1982    /** The value of the "allow-multiple-password-values" property. */
1983    private final boolean pAllowMultiplePasswordValues;
1984
1985    /** The value of the "allow-pre-encoded-passwords" property. */
1986    private final boolean pAllowPreEncodedPasswords;
1987
1988    /** The value of the "allow-user-password-changes" property. */
1989    private final boolean pAllowUserPasswordChanges;
1990
1991    /** The value of the "default-password-storage-scheme" property. */
1992    private final SortedSet<String> pDefaultPasswordStorageScheme;
1993
1994    /** The value of the "deprecated-password-storage-scheme" property. */
1995    private final SortedSet<String> pDeprecatedPasswordStorageScheme;
1996
1997    /** The value of the "expire-passwords-without-warning" property. */
1998    private final boolean pExpirePasswordsWithoutWarning;
1999
2000    /** The value of the "force-change-on-add" property. */
2001    private final boolean pForceChangeOnAdd;
2002
2003    /** The value of the "force-change-on-reset" property. */
2004    private final boolean pForceChangeOnReset;
2005
2006    /** The value of the "grace-login-count" property. */
2007    private final int pGraceLoginCount;
2008
2009    /** The value of the "idle-lockout-interval" property. */
2010    private final long pIdleLockoutInterval;
2011
2012    /** The value of the "java-class" property. */
2013    private final String pJavaClass;
2014
2015    /** The value of the "last-login-time-attribute" property. */
2016    private final AttributeType pLastLoginTimeAttribute;
2017
2018    /** The value of the "last-login-time-format" property. */
2019    private final String pLastLoginTimeFormat;
2020
2021    /** The value of the "lockout-duration" property. */
2022    private final long pLockoutDuration;
2023
2024    /** The value of the "lockout-failure-count" property. */
2025    private final int pLockoutFailureCount;
2026
2027    /** The value of the "lockout-failure-expiration-interval" property. */
2028    private final long pLockoutFailureExpirationInterval;
2029
2030    /** The value of the "max-password-age" property. */
2031    private final long pMaxPasswordAge;
2032
2033    /** The value of the "max-password-reset-age" property. */
2034    private final long pMaxPasswordResetAge;
2035
2036    /** The value of the "min-password-age" property. */
2037    private final long pMinPasswordAge;
2038
2039    /** The value of the "password-attribute" property. */
2040    private final AttributeType pPasswordAttribute;
2041
2042    /** The value of the "password-change-requires-current-password" property. */
2043    private final boolean pPasswordChangeRequiresCurrentPassword;
2044
2045    /** The value of the "password-expiration-warning-interval" property. */
2046    private final long pPasswordExpirationWarningInterval;
2047
2048    /** The value of the "password-generator" property. */
2049    private final String pPasswordGenerator;
2050
2051    /** The value of the "password-history-count" property. */
2052    private final int pPasswordHistoryCount;
2053
2054    /** The value of the "password-history-duration" property. */
2055    private final long pPasswordHistoryDuration;
2056
2057    /** The value of the "password-validator" property. */
2058    private final SortedSet<String> pPasswordValidator;
2059
2060    /** The value of the "previous-last-login-time-format" property. */
2061    private final SortedSet<String> pPreviousLastLoginTimeFormat;
2062
2063    /** The value of the "require-change-by-time" property. */
2064    private final String pRequireChangeByTime;
2065
2066    /** The value of the "require-secure-authentication" property. */
2067    private final boolean pRequireSecureAuthentication;
2068
2069    /** The value of the "require-secure-password-changes" property. */
2070    private final boolean pRequireSecurePasswordChanges;
2071
2072    /** The value of the "skip-validation-for-administrators" property. */
2073    private final boolean pSkipValidationForAdministrators;
2074
2075    /** The value of the "state-update-failure-policy" property. */
2076    private final StateUpdateFailurePolicy pStateUpdateFailurePolicy;
2077
2078
2079
2080    /** Private constructor. */
2081    private PasswordPolicyCfgServerImpl(ServerManagedObject<? extends PasswordPolicyCfg> impl) {
2082      this.impl = impl;
2083      this.pAccountStatusNotificationHandler = impl.getPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition());
2084      this.pAllowExpiredPasswordChanges = impl.getPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition());
2085      this.pAllowMultiplePasswordValues = impl.getPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition());
2086      this.pAllowPreEncodedPasswords = impl.getPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition());
2087      this.pAllowUserPasswordChanges = impl.getPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition());
2088      this.pDefaultPasswordStorageScheme = impl.getPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition());
2089      this.pDeprecatedPasswordStorageScheme = impl.getPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition());
2090      this.pExpirePasswordsWithoutWarning = impl.getPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition());
2091      this.pForceChangeOnAdd = impl.getPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition());
2092      this.pForceChangeOnReset = impl.getPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition());
2093      this.pGraceLoginCount = impl.getPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition());
2094      this.pIdleLockoutInterval = impl.getPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition());
2095      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
2096      this.pLastLoginTimeAttribute = impl.getPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition());
2097      this.pLastLoginTimeFormat = impl.getPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition());
2098      this.pLockoutDuration = impl.getPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition());
2099      this.pLockoutFailureCount = impl.getPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition());
2100      this.pLockoutFailureExpirationInterval = impl.getPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition());
2101      this.pMaxPasswordAge = impl.getPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition());
2102      this.pMaxPasswordResetAge = impl.getPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition());
2103      this.pMinPasswordAge = impl.getPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition());
2104      this.pPasswordAttribute = impl.getPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition());
2105      this.pPasswordChangeRequiresCurrentPassword = impl.getPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition());
2106      this.pPasswordExpirationWarningInterval = impl.getPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition());
2107      this.pPasswordGenerator = impl.getPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition());
2108      this.pPasswordHistoryCount = impl.getPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition());
2109      this.pPasswordHistoryDuration = impl.getPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition());
2110      this.pPasswordValidator = impl.getPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition());
2111      this.pPreviousLastLoginTimeFormat = impl.getPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition());
2112      this.pRequireChangeByTime = impl.getPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition());
2113      this.pRequireSecureAuthentication = impl.getPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition());
2114      this.pRequireSecurePasswordChanges = impl.getPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition());
2115      this.pSkipValidationForAdministrators = impl.getPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition());
2116      this.pStateUpdateFailurePolicy = impl.getPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition());
2117    }
2118
2119
2120
2121    /** {@inheritDoc} */
2122    public void addPasswordPolicyChangeListener(
2123        ConfigurationChangeListener<PasswordPolicyCfg> listener) {
2124      impl.registerChangeListener(listener);
2125    }
2126
2127
2128
2129    /** {@inheritDoc} */
2130    public void removePasswordPolicyChangeListener(
2131        ConfigurationChangeListener<PasswordPolicyCfg> listener) {
2132      impl.deregisterChangeListener(listener);
2133    }
2134    /** {@inheritDoc} */
2135    public void addChangeListener(
2136        ConfigurationChangeListener<AuthenticationPolicyCfg> listener) {
2137      impl.registerChangeListener(listener);
2138    }
2139
2140
2141
2142    /** {@inheritDoc} */
2143    public void removeChangeListener(
2144        ConfigurationChangeListener<AuthenticationPolicyCfg> listener) {
2145      impl.deregisterChangeListener(listener);
2146    }
2147
2148
2149
2150    /** {@inheritDoc} */
2151    public SortedSet<String> getAccountStatusNotificationHandler() {
2152      return pAccountStatusNotificationHandler;
2153    }
2154
2155
2156
2157    /**
2158     * {@inheritDoc}
2159     */
2160    public SortedSet<DN> getAccountStatusNotificationHandlerDNs() {
2161      SortedSet<String> values = getAccountStatusNotificationHandler();
2162      SortedSet<DN> dnValues = new TreeSet<DN>();
2163      for (String value : values) {
2164        DN dn = INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition().getChildDN(value);
2165        dnValues.add(dn);
2166      }
2167      return dnValues;
2168    }
2169
2170
2171
2172    /** {@inheritDoc} */
2173    public boolean isAllowExpiredPasswordChanges() {
2174      return pAllowExpiredPasswordChanges;
2175    }
2176
2177
2178
2179    /** {@inheritDoc} */
2180    public boolean isAllowMultiplePasswordValues() {
2181      return pAllowMultiplePasswordValues;
2182    }
2183
2184
2185
2186    /** {@inheritDoc} */
2187    public boolean isAllowPreEncodedPasswords() {
2188      return pAllowPreEncodedPasswords;
2189    }
2190
2191
2192
2193    /** {@inheritDoc} */
2194    public boolean isAllowUserPasswordChanges() {
2195      return pAllowUserPasswordChanges;
2196    }
2197
2198
2199
2200    /** {@inheritDoc} */
2201    public SortedSet<String> getDefaultPasswordStorageScheme() {
2202      return pDefaultPasswordStorageScheme;
2203    }
2204
2205
2206
2207    /**
2208     * {@inheritDoc}
2209     */
2210    public SortedSet<DN> getDefaultPasswordStorageSchemeDNs() {
2211      SortedSet<String> values = getDefaultPasswordStorageScheme();
2212      SortedSet<DN> dnValues = new TreeSet<DN>();
2213      for (String value : values) {
2214        DN dn = INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition().getChildDN(value);
2215        dnValues.add(dn);
2216      }
2217      return dnValues;
2218    }
2219
2220
2221
2222    /** {@inheritDoc} */
2223    public SortedSet<String> getDeprecatedPasswordStorageScheme() {
2224      return pDeprecatedPasswordStorageScheme;
2225    }
2226
2227
2228
2229    /**
2230     * {@inheritDoc}
2231     */
2232    public SortedSet<DN> getDeprecatedPasswordStorageSchemeDNs() {
2233      SortedSet<String> values = getDeprecatedPasswordStorageScheme();
2234      SortedSet<DN> dnValues = new TreeSet<DN>();
2235      for (String value : values) {
2236        DN dn = INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition().getChildDN(value);
2237        dnValues.add(dn);
2238      }
2239      return dnValues;
2240    }
2241
2242
2243
2244    /** {@inheritDoc} */
2245    public boolean isExpirePasswordsWithoutWarning() {
2246      return pExpirePasswordsWithoutWarning;
2247    }
2248
2249
2250
2251    /** {@inheritDoc} */
2252    public boolean isForceChangeOnAdd() {
2253      return pForceChangeOnAdd;
2254    }
2255
2256
2257
2258    /** {@inheritDoc} */
2259    public boolean isForceChangeOnReset() {
2260      return pForceChangeOnReset;
2261    }
2262
2263
2264
2265    /** {@inheritDoc} */
2266    public int getGraceLoginCount() {
2267      return pGraceLoginCount;
2268    }
2269
2270
2271
2272    /** {@inheritDoc} */
2273    public long getIdleLockoutInterval() {
2274      return pIdleLockoutInterval;
2275    }
2276
2277
2278
2279    /** {@inheritDoc} */
2280    public String getJavaClass() {
2281      return pJavaClass;
2282    }
2283
2284
2285
2286    /** {@inheritDoc} */
2287    public AttributeType getLastLoginTimeAttribute() {
2288      return pLastLoginTimeAttribute;
2289    }
2290
2291
2292
2293    /** {@inheritDoc} */
2294    public String getLastLoginTimeFormat() {
2295      return pLastLoginTimeFormat;
2296    }
2297
2298
2299
2300    /** {@inheritDoc} */
2301    public long getLockoutDuration() {
2302      return pLockoutDuration;
2303    }
2304
2305
2306
2307    /** {@inheritDoc} */
2308    public int getLockoutFailureCount() {
2309      return pLockoutFailureCount;
2310    }
2311
2312
2313
2314    /** {@inheritDoc} */
2315    public long getLockoutFailureExpirationInterval() {
2316      return pLockoutFailureExpirationInterval;
2317    }
2318
2319
2320
2321    /** {@inheritDoc} */
2322    public long getMaxPasswordAge() {
2323      return pMaxPasswordAge;
2324    }
2325
2326
2327
2328    /** {@inheritDoc} */
2329    public long getMaxPasswordResetAge() {
2330      return pMaxPasswordResetAge;
2331    }
2332
2333
2334
2335    /** {@inheritDoc} */
2336    public long getMinPasswordAge() {
2337      return pMinPasswordAge;
2338    }
2339
2340
2341
2342    /** {@inheritDoc} */
2343    public AttributeType getPasswordAttribute() {
2344      return pPasswordAttribute;
2345    }
2346
2347
2348
2349    /** {@inheritDoc} */
2350    public boolean isPasswordChangeRequiresCurrentPassword() {
2351      return pPasswordChangeRequiresCurrentPassword;
2352    }
2353
2354
2355
2356    /** {@inheritDoc} */
2357    public long getPasswordExpirationWarningInterval() {
2358      return pPasswordExpirationWarningInterval;
2359    }
2360
2361
2362
2363    /** {@inheritDoc} */
2364    public String getPasswordGenerator() {
2365      return pPasswordGenerator;
2366    }
2367
2368
2369
2370    /**
2371     * {@inheritDoc}
2372     */
2373    public DN getPasswordGeneratorDN() {
2374      String value = getPasswordGenerator();
2375      if (value == null) return null;
2376      return INSTANCE.getPasswordGeneratorPropertyDefinition().getChildDN(value);
2377    }
2378
2379
2380
2381    /** {@inheritDoc} */
2382    public int getPasswordHistoryCount() {
2383      return pPasswordHistoryCount;
2384    }
2385
2386
2387
2388    /** {@inheritDoc} */
2389    public long getPasswordHistoryDuration() {
2390      return pPasswordHistoryDuration;
2391    }
2392
2393
2394
2395    /** {@inheritDoc} */
2396    public SortedSet<String> getPasswordValidator() {
2397      return pPasswordValidator;
2398    }
2399
2400
2401
2402    /**
2403     * {@inheritDoc}
2404     */
2405    public SortedSet<DN> getPasswordValidatorDNs() {
2406      SortedSet<String> values = getPasswordValidator();
2407      SortedSet<DN> dnValues = new TreeSet<DN>();
2408      for (String value : values) {
2409        DN dn = INSTANCE.getPasswordValidatorPropertyDefinition().getChildDN(value);
2410        dnValues.add(dn);
2411      }
2412      return dnValues;
2413    }
2414
2415
2416
2417    /** {@inheritDoc} */
2418    public SortedSet<String> getPreviousLastLoginTimeFormat() {
2419      return pPreviousLastLoginTimeFormat;
2420    }
2421
2422
2423
2424    /** {@inheritDoc} */
2425    public String getRequireChangeByTime() {
2426      return pRequireChangeByTime;
2427    }
2428
2429
2430
2431    /** {@inheritDoc} */
2432    public boolean isRequireSecureAuthentication() {
2433      return pRequireSecureAuthentication;
2434    }
2435
2436
2437
2438    /** {@inheritDoc} */
2439    public boolean isRequireSecurePasswordChanges() {
2440      return pRequireSecurePasswordChanges;
2441    }
2442
2443
2444
2445    /** {@inheritDoc} */
2446    public boolean isSkipValidationForAdministrators() {
2447      return pSkipValidationForAdministrators;
2448    }
2449
2450
2451
2452    /** {@inheritDoc} */
2453    public StateUpdateFailurePolicy getStateUpdateFailurePolicy() {
2454      return pStateUpdateFailurePolicy;
2455    }
2456
2457
2458
2459    /** {@inheritDoc} */
2460    public Class<? extends PasswordPolicyCfg> configurationClass() {
2461      return PasswordPolicyCfg.class;
2462    }
2463
2464
2465
2466    /** {@inheritDoc} */
2467    public DN dn() {
2468      return impl.getDN();
2469    }
2470
2471
2472
2473    /** {@inheritDoc} */
2474    public String toString() {
2475      return impl.toString();
2476    }
2477  }
2478}