001    /*
002     * CDDL HEADER START
003     *
004     * The contents of this file are subject to the terms of the
005     * Common Development and Distribution License, Version 1.0 only
006     * (the "License").  You may not use this file except in compliance
007     * with the License.
008     *
009     * You can obtain a copy of the license at
010     * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011     * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012     * See the License for the specific language governing permissions
013     * and limitations under the License.
014     *
015     * When distributing Covered Code, include this CDDL HEADER in each
016     * file and include the License file at
017     * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
018     * add the following below this CDDL HEADER, with the fields enclosed
019     * by brackets "[]" replaced with your own identifying information:
020     *      Portions Copyright [yyyy] [name of copyright owner]
021     *
022     * CDDL HEADER END
023     *
024     *
025     *      Copyright 2008 Sun Microsystems, Inc.
026     */
027    package org.opends.server.admin.std.meta;
028    
029    
030    
031    import java.util.Collection;
032    import java.util.SortedSet;
033    import java.util.TreeSet;
034    import org.opends.server.admin.AdministratorAction;
035    import org.opends.server.admin.AggregationPropertyDefinition;
036    import org.opends.server.admin.AttributeTypePropertyDefinition;
037    import org.opends.server.admin.BooleanPropertyDefinition;
038    import org.opends.server.admin.client.AuthorizationException;
039    import org.opends.server.admin.client.CommunicationException;
040    import org.opends.server.admin.client.ConcurrentModificationException;
041    import org.opends.server.admin.client.ManagedObject;
042    import org.opends.server.admin.client.MissingMandatoryPropertiesException;
043    import org.opends.server.admin.client.OperationRejectedException;
044    import org.opends.server.admin.DefaultBehaviorProvider;
045    import org.opends.server.admin.DefinedDefaultBehaviorProvider;
046    import org.opends.server.admin.DurationPropertyDefinition;
047    import org.opends.server.admin.EnumPropertyDefinition;
048    import org.opends.server.admin.IntegerPropertyDefinition;
049    import org.opends.server.admin.ManagedObjectAlreadyExistsException;
050    import org.opends.server.admin.ManagedObjectDefinition;
051    import org.opends.server.admin.PropertyOption;
052    import org.opends.server.admin.PropertyProvider;
053    import org.opends.server.admin.server.ConfigurationChangeListener;
054    import org.opends.server.admin.server.ServerManagedObject;
055    import org.opends.server.admin.std.client.AccountStatusNotificationHandlerCfgClient;
056    import org.opends.server.admin.std.client.PasswordGeneratorCfgClient;
057    import org.opends.server.admin.std.client.PasswordPolicyCfgClient;
058    import org.opends.server.admin.std.client.PasswordStorageSchemeCfgClient;
059    import org.opends.server.admin.std.client.PasswordValidatorCfgClient;
060    import org.opends.server.admin.std.server.AccountStatusNotificationHandlerCfg;
061    import org.opends.server.admin.std.server.PasswordGeneratorCfg;
062    import org.opends.server.admin.std.server.PasswordPolicyCfg;
063    import org.opends.server.admin.std.server.PasswordStorageSchemeCfg;
064    import org.opends.server.admin.std.server.PasswordValidatorCfg;
065    import org.opends.server.admin.StringPropertyDefinition;
066    import org.opends.server.admin.Tag;
067    import org.opends.server.admin.TopCfgDefn;
068    import org.opends.server.admin.UndefinedDefaultBehaviorProvider;
069    import org.opends.server.types.AttributeType;
070    import org.opends.server.types.DN;
071    
072    
073    
074    /**
075     * An interface for querying the Password Policy managed object
076     * definition meta information.
077     * <p>
078     * Password Policies define a number of password management rules, as
079     * well as requirements for authentication processing.
080     */
081    public final class PasswordPolicyCfgDefn extends ManagedObjectDefinition<PasswordPolicyCfgClient, PasswordPolicyCfg> {
082    
083      // The singleton configuration definition instance.
084      private static final PasswordPolicyCfgDefn INSTANCE = new PasswordPolicyCfgDefn();
085    
086    
087    
088      /**
089       * Defines the set of permissable values for the "state-update-failure-policy" property.
090       * <p>
091       * Specifies how the server deals with the inability to update
092       * password policy state information during an authentication
093       * attempt.
094       * <p>
095       * In particular, this property can be used to control whether an
096       * otherwise successful bind operation fails if a failure occurs
097       * while attempting to update password policy state information (for
098       * example, to clear a record of previous authentication failures or
099       * to update the last login time). It can also be used to control
100       * whether to reject a bind request if it is known ahead of time that
101       * it will not be possible to update the authentication failure times
102       * in the event of an unsuccessful bind attempt (for example, if the
103       * backend writability mode is disabled).
104       */
105      public static enum StateUpdateFailurePolicy {
106    
107        /**
108         * If a bind attempt would otherwise be successful, then do not
109         * reject it if a problem occurs while attempting to update the
110         * password policy state information for the user.
111         */
112        IGNORE("ignore"),
113    
114    
115    
116        /**
117         * Proactively reject any bind attempt if it is known ahead of
118         * time that it would not be possible to update the user's password
119         * policy state information.
120         */
121        PROACTIVE("proactive"),
122    
123    
124    
125        /**
126         * Even if a bind attempt would otherwise be successful, reject it
127         * if a problem occurs while attempting to update the password
128         * policy state information for the user.
129         */
130        REACTIVE("reactive");
131    
132    
133    
134        // String representation of the value.
135        private final String name;
136    
137    
138    
139        // Private constructor.
140        private StateUpdateFailurePolicy(String name) { this.name = name; }
141    
142    
143    
144        /**
145         * {@inheritDoc}
146         */
147        public String toString() { return name; }
148    
149      }
150    
151    
152    
153      // The "account-status-notification-handler" property definition.
154      private static final AggregationPropertyDefinition<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER;
155    
156    
157    
158      // The "allow-expired-password-changes" property definition.
159      private static final BooleanPropertyDefinition PD_ALLOW_EXPIRED_PASSWORD_CHANGES;
160    
161    
162    
163      // The "allow-multiple-password-values" property definition.
164      private static final BooleanPropertyDefinition PD_ALLOW_MULTIPLE_PASSWORD_VALUES;
165    
166    
167    
168      // The "allow-pre-encoded-passwords" property definition.
169      private static final BooleanPropertyDefinition PD_ALLOW_PRE_ENCODED_PASSWORDS;
170    
171    
172    
173      // The "allow-user-password-changes" property definition.
174      private static final BooleanPropertyDefinition PD_ALLOW_USER_PASSWORD_CHANGES;
175    
176    
177    
178      // The "default-password-storage-scheme" property definition.
179      private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_DEFAULT_PASSWORD_STORAGE_SCHEME;
180    
181    
182    
183      // The "deprecated-password-storage-scheme" property definition.
184      private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_DEPRECATED_PASSWORD_STORAGE_SCHEME;
185    
186    
187    
188      // The "expire-passwords-without-warning" property definition.
189      private static final BooleanPropertyDefinition PD_EXPIRE_PASSWORDS_WITHOUT_WARNING;
190    
191    
192    
193      // The "force-change-on-add" property definition.
194      private static final BooleanPropertyDefinition PD_FORCE_CHANGE_ON_ADD;
195    
196    
197    
198      // The "force-change-on-reset" property definition.
199      private static final BooleanPropertyDefinition PD_FORCE_CHANGE_ON_RESET;
200    
201    
202    
203      // The "grace-login-count" property definition.
204      private static final IntegerPropertyDefinition PD_GRACE_LOGIN_COUNT;
205    
206    
207    
208      // The "idle-lockout-interval" property definition.
209      private static final DurationPropertyDefinition PD_IDLE_LOCKOUT_INTERVAL;
210    
211    
212    
213      // The "last-login-time-attribute" property definition.
214      private static final AttributeTypePropertyDefinition PD_LAST_LOGIN_TIME_ATTRIBUTE;
215    
216    
217    
218      // The "last-login-time-format" property definition.
219      private static final StringPropertyDefinition PD_LAST_LOGIN_TIME_FORMAT;
220    
221    
222    
223      // The "lockout-duration" property definition.
224      private static final DurationPropertyDefinition PD_LOCKOUT_DURATION;
225    
226    
227    
228      // The "lockout-failure-count" property definition.
229      private static final IntegerPropertyDefinition PD_LOCKOUT_FAILURE_COUNT;
230    
231    
232    
233      // The "lockout-failure-expiration-interval" property definition.
234      private static final DurationPropertyDefinition PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL;
235    
236    
237    
238      // The "max-password-age" property definition.
239      private static final DurationPropertyDefinition PD_MAX_PASSWORD_AGE;
240    
241    
242    
243      // The "max-password-reset-age" property definition.
244      private static final DurationPropertyDefinition PD_MAX_PASSWORD_RESET_AGE;
245    
246    
247    
248      // The "min-password-age" property definition.
249      private static final DurationPropertyDefinition PD_MIN_PASSWORD_AGE;
250    
251    
252    
253      // The "password-attribute" property definition.
254      private static final AttributeTypePropertyDefinition PD_PASSWORD_ATTRIBUTE;
255    
256    
257    
258      // The "password-change-requires-current-password" property definition.
259      private static final BooleanPropertyDefinition PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD;
260    
261    
262    
263      // The "password-expiration-warning-interval" property definition.
264      private static final DurationPropertyDefinition PD_PASSWORD_EXPIRATION_WARNING_INTERVAL;
265    
266    
267    
268      // The "password-generator" property definition.
269      private static final AggregationPropertyDefinition<PasswordGeneratorCfgClient, PasswordGeneratorCfg> PD_PASSWORD_GENERATOR;
270    
271    
272    
273      // The "password-history-count" property definition.
274      private static final IntegerPropertyDefinition PD_PASSWORD_HISTORY_COUNT;
275    
276    
277    
278      // The "password-history-duration" property definition.
279      private static final DurationPropertyDefinition PD_PASSWORD_HISTORY_DURATION;
280    
281    
282    
283      // The "password-validator" property definition.
284      private static final AggregationPropertyDefinition<PasswordValidatorCfgClient, PasswordValidatorCfg> PD_PASSWORD_VALIDATOR;
285    
286    
287    
288      // The "previous-last-login-time-format" property definition.
289      private static final StringPropertyDefinition PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT;
290    
291    
292    
293      // The "require-change-by-time" property definition.
294      private static final StringPropertyDefinition PD_REQUIRE_CHANGE_BY_TIME;
295    
296    
297    
298      // The "require-secure-authentication" property definition.
299      private static final BooleanPropertyDefinition PD_REQUIRE_SECURE_AUTHENTICATION;
300    
301    
302    
303      // The "require-secure-password-changes" property definition.
304      private static final BooleanPropertyDefinition PD_REQUIRE_SECURE_PASSWORD_CHANGES;
305    
306    
307    
308      // The "skip-validation-for-administrators" property definition.
309      private static final BooleanPropertyDefinition PD_SKIP_VALIDATION_FOR_ADMINISTRATORS;
310    
311    
312    
313      // The "state-update-failure-policy" property definition.
314      private static final EnumPropertyDefinition<StateUpdateFailurePolicy> PD_STATE_UPDATE_FAILURE_POLICY;
315    
316    
317    
318      // Build the "account-status-notification-handler" property definition.
319      static {
320          AggregationPropertyDefinition.Builder<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "account-status-notification-handler");
321          builder.setOption(PropertyOption.MULTI_VALUED);
322          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "account-status-notification-handler"));
323          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
324          builder.setParentPath("/");
325          builder.setRelationDefinition("account-status-notification-handler");
326          PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER = builder.getInstance();
327          INSTANCE.registerPropertyDefinition(PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER);
328          INSTANCE.registerConstraint(PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER.getSourceConstraint());
329      }
330    
331    
332    
333      // Build the "allow-expired-password-changes" property definition.
334      static {
335          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-expired-password-changes");
336          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-expired-password-changes"));
337          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
338          builder.setDefaultBehaviorProvider(provider);
339          PD_ALLOW_EXPIRED_PASSWORD_CHANGES = builder.getInstance();
340          INSTANCE.registerPropertyDefinition(PD_ALLOW_EXPIRED_PASSWORD_CHANGES);
341      }
342    
343    
344    
345      // Build the "allow-multiple-password-values" property definition.
346      static {
347          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-multiple-password-values");
348          builder.setOption(PropertyOption.ADVANCED);
349          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-multiple-password-values"));
350          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
351          builder.setDefaultBehaviorProvider(provider);
352          PD_ALLOW_MULTIPLE_PASSWORD_VALUES = builder.getInstance();
353          INSTANCE.registerPropertyDefinition(PD_ALLOW_MULTIPLE_PASSWORD_VALUES);
354      }
355    
356    
357    
358      // Build the "allow-pre-encoded-passwords" property definition.
359      static {
360          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-pre-encoded-passwords");
361          builder.setOption(PropertyOption.ADVANCED);
362          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-pre-encoded-passwords"));
363          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
364          builder.setDefaultBehaviorProvider(provider);
365          PD_ALLOW_PRE_ENCODED_PASSWORDS = builder.getInstance();
366          INSTANCE.registerPropertyDefinition(PD_ALLOW_PRE_ENCODED_PASSWORDS);
367      }
368    
369    
370    
371      // Build the "allow-user-password-changes" property definition.
372      static {
373          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-user-password-changes");
374          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-user-password-changes"));
375          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
376          builder.setDefaultBehaviorProvider(provider);
377          PD_ALLOW_USER_PASSWORD_CHANGES = builder.getInstance();
378          INSTANCE.registerPropertyDefinition(PD_ALLOW_USER_PASSWORD_CHANGES);
379      }
380    
381    
382    
383      // Build the "default-password-storage-scheme" property definition.
384      static {
385          AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "default-password-storage-scheme");
386          builder.setOption(PropertyOption.MULTI_VALUED);
387          builder.setOption(PropertyOption.MANDATORY);
388          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-password-storage-scheme"));
389          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
390          builder.setParentPath("/");
391          builder.setRelationDefinition("password-storage-scheme");
392          PD_DEFAULT_PASSWORD_STORAGE_SCHEME = builder.getInstance();
393          INSTANCE.registerPropertyDefinition(PD_DEFAULT_PASSWORD_STORAGE_SCHEME);
394          INSTANCE.registerConstraint(PD_DEFAULT_PASSWORD_STORAGE_SCHEME.getSourceConstraint());
395      }
396    
397    
398    
399      // Build the "deprecated-password-storage-scheme" property definition.
400      static {
401          AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "deprecated-password-storage-scheme");
402          builder.setOption(PropertyOption.MULTI_VALUED);
403          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "deprecated-password-storage-scheme"));
404          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
405          builder.setParentPath("/");
406          builder.setRelationDefinition("password-storage-scheme");
407          PD_DEPRECATED_PASSWORD_STORAGE_SCHEME = builder.getInstance();
408          INSTANCE.registerPropertyDefinition(PD_DEPRECATED_PASSWORD_STORAGE_SCHEME);
409          INSTANCE.registerConstraint(PD_DEPRECATED_PASSWORD_STORAGE_SCHEME.getSourceConstraint());
410      }
411    
412    
413    
414      // Build the "expire-passwords-without-warning" property definition.
415      static {
416          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "expire-passwords-without-warning");
417          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "expire-passwords-without-warning"));
418          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
419          builder.setDefaultBehaviorProvider(provider);
420          PD_EXPIRE_PASSWORDS_WITHOUT_WARNING = builder.getInstance();
421          INSTANCE.registerPropertyDefinition(PD_EXPIRE_PASSWORDS_WITHOUT_WARNING);
422      }
423    
424    
425    
426      // Build the "force-change-on-add" property definition.
427      static {
428          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "force-change-on-add");
429          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "force-change-on-add"));
430          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
431          builder.setDefaultBehaviorProvider(provider);
432          PD_FORCE_CHANGE_ON_ADD = builder.getInstance();
433          INSTANCE.registerPropertyDefinition(PD_FORCE_CHANGE_ON_ADD);
434      }
435    
436    
437    
438      // Build the "force-change-on-reset" property definition.
439      static {
440          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "force-change-on-reset");
441          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "force-change-on-reset"));
442          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
443          builder.setDefaultBehaviorProvider(provider);
444          PD_FORCE_CHANGE_ON_RESET = builder.getInstance();
445          INSTANCE.registerPropertyDefinition(PD_FORCE_CHANGE_ON_RESET);
446      }
447    
448    
449    
450      // Build the "grace-login-count" property definition.
451      static {
452          IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "grace-login-count");
453          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "grace-login-count"));
454          DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0");
455          builder.setDefaultBehaviorProvider(provider);
456          builder.setUpperLimit(2147483647);
457          builder.setLowerLimit(0);
458          PD_GRACE_LOGIN_COUNT = builder.getInstance();
459          INSTANCE.registerPropertyDefinition(PD_GRACE_LOGIN_COUNT);
460      }
461    
462    
463    
464      // Build the "idle-lockout-interval" property definition.
465      static {
466          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "idle-lockout-interval");
467          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "idle-lockout-interval"));
468          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
469          builder.setDefaultBehaviorProvider(provider);
470          builder.setUpperLimit("2147483647");
471          builder.setLowerLimit("0");
472          PD_IDLE_LOCKOUT_INTERVAL = builder.getInstance();
473          INSTANCE.registerPropertyDefinition(PD_IDLE_LOCKOUT_INTERVAL);
474      }
475    
476    
477    
478      // Build the "last-login-time-attribute" property definition.
479      static {
480          AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "last-login-time-attribute");
481          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "last-login-time-attribute"));
482          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
483          PD_LAST_LOGIN_TIME_ATTRIBUTE = builder.getInstance();
484          INSTANCE.registerPropertyDefinition(PD_LAST_LOGIN_TIME_ATTRIBUTE);
485      }
486    
487    
488    
489      // Build the "last-login-time-format" property definition.
490      static {
491          StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "last-login-time-format");
492          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "last-login-time-format"));
493          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
494          builder.setPattern(".*", "STRING");
495          PD_LAST_LOGIN_TIME_FORMAT = builder.getInstance();
496          INSTANCE.registerPropertyDefinition(PD_LAST_LOGIN_TIME_FORMAT);
497      }
498    
499    
500    
501      // Build the "lockout-duration" property definition.
502      static {
503          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "lockout-duration");
504          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-duration"));
505          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
506          builder.setDefaultBehaviorProvider(provider);
507          builder.setBaseUnit("s");
508          builder.setUpperLimit("2147483647");
509          builder.setLowerLimit("0");
510          PD_LOCKOUT_DURATION = builder.getInstance();
511          INSTANCE.registerPropertyDefinition(PD_LOCKOUT_DURATION);
512      }
513    
514    
515    
516      // Build the "lockout-failure-count" property definition.
517      static {
518          IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "lockout-failure-count");
519          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-failure-count"));
520          DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0");
521          builder.setDefaultBehaviorProvider(provider);
522          builder.setUpperLimit(2147483647);
523          builder.setLowerLimit(0);
524          PD_LOCKOUT_FAILURE_COUNT = builder.getInstance();
525          INSTANCE.registerPropertyDefinition(PD_LOCKOUT_FAILURE_COUNT);
526      }
527    
528    
529    
530      // Build the "lockout-failure-expiration-interval" property definition.
531      static {
532          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "lockout-failure-expiration-interval");
533          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "lockout-failure-expiration-interval"));
534          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
535          builder.setDefaultBehaviorProvider(provider);
536          builder.setBaseUnit("s");
537          builder.setUpperLimit("2147483647");
538          builder.setLowerLimit("0");
539          PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL = builder.getInstance();
540          INSTANCE.registerPropertyDefinition(PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL);
541      }
542    
543    
544    
545      // Build the "max-password-age" property definition.
546      static {
547          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-password-age");
548          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-password-age"));
549          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
550          builder.setDefaultBehaviorProvider(provider);
551          builder.setBaseUnit("s");
552          builder.setUpperLimit("2147483647");
553          builder.setLowerLimit("0");
554          PD_MAX_PASSWORD_AGE = builder.getInstance();
555          INSTANCE.registerPropertyDefinition(PD_MAX_PASSWORD_AGE);
556      }
557    
558    
559    
560      // Build the "max-password-reset-age" property definition.
561      static {
562          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-password-reset-age");
563          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-password-reset-age"));
564          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
565          builder.setDefaultBehaviorProvider(provider);
566          builder.setBaseUnit("s");
567          builder.setUpperLimit("2147483647");
568          builder.setLowerLimit("0");
569          PD_MAX_PASSWORD_RESET_AGE = builder.getInstance();
570          INSTANCE.registerPropertyDefinition(PD_MAX_PASSWORD_RESET_AGE);
571      }
572    
573    
574    
575      // Build the "min-password-age" property definition.
576      static {
577          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "min-password-age");
578          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "min-password-age"));
579          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
580          builder.setDefaultBehaviorProvider(provider);
581          builder.setBaseUnit("s");
582          builder.setUpperLimit("2147483647");
583          builder.setLowerLimit("0");
584          PD_MIN_PASSWORD_AGE = builder.getInstance();
585          INSTANCE.registerPropertyDefinition(PD_MIN_PASSWORD_AGE);
586      }
587    
588    
589    
590      // Build the "password-attribute" property definition.
591      static {
592          AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "password-attribute");
593          builder.setOption(PropertyOption.MANDATORY);
594          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-attribute"));
595          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
596          PD_PASSWORD_ATTRIBUTE = builder.getInstance();
597          INSTANCE.registerPropertyDefinition(PD_PASSWORD_ATTRIBUTE);
598      }
599    
600    
601    
602      // Build the "password-change-requires-current-password" property definition.
603      static {
604          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "password-change-requires-current-password");
605          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-change-requires-current-password"));
606          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
607          builder.setDefaultBehaviorProvider(provider);
608          PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD = builder.getInstance();
609          INSTANCE.registerPropertyDefinition(PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD);
610      }
611    
612    
613    
614      // Build the "password-expiration-warning-interval" property definition.
615      static {
616          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "password-expiration-warning-interval");
617          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-expiration-warning-interval"));
618          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 days");
619          builder.setDefaultBehaviorProvider(provider);
620          PD_PASSWORD_EXPIRATION_WARNING_INTERVAL = builder.getInstance();
621          INSTANCE.registerPropertyDefinition(PD_PASSWORD_EXPIRATION_WARNING_INTERVAL);
622      }
623    
624    
625    
626      // Build the "password-generator" property definition.
627      static {
628          AggregationPropertyDefinition.Builder<PasswordGeneratorCfgClient, PasswordGeneratorCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "password-generator");
629          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-generator"));
630          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
631          builder.setParentPath("/");
632          builder.setRelationDefinition("password-generator");
633          PD_PASSWORD_GENERATOR = builder.getInstance();
634          INSTANCE.registerPropertyDefinition(PD_PASSWORD_GENERATOR);
635          INSTANCE.registerConstraint(PD_PASSWORD_GENERATOR.getSourceConstraint());
636      }
637    
638    
639    
640      // Build the "password-history-count" property definition.
641      static {
642          IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "password-history-count");
643          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-history-count"));
644          DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("0");
645          builder.setDefaultBehaviorProvider(provider);
646          builder.setUpperLimit(2147483647);
647          builder.setLowerLimit(0);
648          PD_PASSWORD_HISTORY_COUNT = builder.getInstance();
649          INSTANCE.registerPropertyDefinition(PD_PASSWORD_HISTORY_COUNT);
650      }
651    
652    
653    
654      // Build the "password-history-duration" property definition.
655      static {
656          DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "password-history-duration");
657          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-history-duration"));
658          DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("0 seconds");
659          builder.setDefaultBehaviorProvider(provider);
660          builder.setAllowUnlimited(false);
661          builder.setBaseUnit("s");
662          builder.setUpperLimit("2147483647");
663          builder.setLowerLimit("0");
664          PD_PASSWORD_HISTORY_DURATION = builder.getInstance();
665          INSTANCE.registerPropertyDefinition(PD_PASSWORD_HISTORY_DURATION);
666      }
667    
668    
669    
670      // Build the "password-validator" property definition.
671      static {
672          AggregationPropertyDefinition.Builder<PasswordValidatorCfgClient, PasswordValidatorCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "password-validator");
673          builder.setOption(PropertyOption.MULTI_VALUED);
674          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "password-validator"));
675          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
676          builder.setParentPath("/");
677          builder.setRelationDefinition("password-validator");
678          PD_PASSWORD_VALIDATOR = builder.getInstance();
679          INSTANCE.registerPropertyDefinition(PD_PASSWORD_VALIDATOR);
680          INSTANCE.registerConstraint(PD_PASSWORD_VALIDATOR.getSourceConstraint());
681      }
682    
683    
684    
685      // Build the "previous-last-login-time-format" property definition.
686      static {
687          StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "previous-last-login-time-format");
688          builder.setOption(PropertyOption.MULTI_VALUED);
689          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "previous-last-login-time-format"));
690          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
691          builder.setPattern(".*", "STRING");
692          PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT = builder.getInstance();
693          INSTANCE.registerPropertyDefinition(PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT);
694      }
695    
696    
697    
698      // Build the "require-change-by-time" property definition.
699      static {
700          StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "require-change-by-time");
701          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-change-by-time"));
702          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
703          builder.setPattern(".*", "STRING");
704          PD_REQUIRE_CHANGE_BY_TIME = builder.getInstance();
705          INSTANCE.registerPropertyDefinition(PD_REQUIRE_CHANGE_BY_TIME);
706      }
707    
708    
709    
710      // Build the "require-secure-authentication" property definition.
711      static {
712          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "require-secure-authentication");
713          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-secure-authentication"));
714          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
715          builder.setDefaultBehaviorProvider(provider);
716          PD_REQUIRE_SECURE_AUTHENTICATION = builder.getInstance();
717          INSTANCE.registerPropertyDefinition(PD_REQUIRE_SECURE_AUTHENTICATION);
718      }
719    
720    
721    
722      // Build the "require-secure-password-changes" property definition.
723      static {
724          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "require-secure-password-changes");
725          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "require-secure-password-changes"));
726          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
727          builder.setDefaultBehaviorProvider(provider);
728          PD_REQUIRE_SECURE_PASSWORD_CHANGES = builder.getInstance();
729          INSTANCE.registerPropertyDefinition(PD_REQUIRE_SECURE_PASSWORD_CHANGES);
730      }
731    
732    
733    
734      // Build the "skip-validation-for-administrators" property definition.
735      static {
736          BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "skip-validation-for-administrators");
737          builder.setOption(PropertyOption.ADVANCED);
738          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "skip-validation-for-administrators"));
739          DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
740          builder.setDefaultBehaviorProvider(provider);
741          PD_SKIP_VALIDATION_FOR_ADMINISTRATORS = builder.getInstance();
742          INSTANCE.registerPropertyDefinition(PD_SKIP_VALIDATION_FOR_ADMINISTRATORS);
743      }
744    
745    
746    
747      // Build the "state-update-failure-policy" property definition.
748      static {
749          EnumPropertyDefinition.Builder<StateUpdateFailurePolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "state-update-failure-policy");
750          builder.setOption(PropertyOption.ADVANCED);
751          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "state-update-failure-policy"));
752          DefaultBehaviorProvider<StateUpdateFailurePolicy> provider = new DefinedDefaultBehaviorProvider<StateUpdateFailurePolicy>("reactive");
753          builder.setDefaultBehaviorProvider(provider);
754          builder.setEnumClass(StateUpdateFailurePolicy.class);
755          PD_STATE_UPDATE_FAILURE_POLICY = builder.getInstance();
756          INSTANCE.registerPropertyDefinition(PD_STATE_UPDATE_FAILURE_POLICY);
757      }
758    
759    
760    
761      // Register the tags associated with this managed object definition.
762      static {
763        INSTANCE.registerTag(Tag.valueOf("user-management"));
764      }
765    
766    
767    
768      /**
769       * Get the Password Policy configuration definition singleton.
770       *
771       * @return Returns the Password Policy configuration definition
772       *         singleton.
773       */
774      public static PasswordPolicyCfgDefn getInstance() {
775        return INSTANCE;
776      }
777    
778    
779    
780      /**
781       * Private constructor.
782       */
783      private PasswordPolicyCfgDefn() {
784        super("password-policy", TopCfgDefn.getInstance());
785      }
786    
787    
788    
789      /**
790       * {@inheritDoc}
791       */
792      public PasswordPolicyCfgClient createClientConfiguration(
793          ManagedObject<? extends PasswordPolicyCfgClient> impl) {
794        return new PasswordPolicyCfgClientImpl(impl);
795      }
796    
797    
798    
799      /**
800       * {@inheritDoc}
801       */
802      public PasswordPolicyCfg createServerConfiguration(
803          ServerManagedObject<? extends PasswordPolicyCfg> impl) {
804        return new PasswordPolicyCfgServerImpl(impl);
805      }
806    
807    
808    
809      /**
810       * {@inheritDoc}
811       */
812      public Class<PasswordPolicyCfg> getServerConfigurationClass() {
813        return PasswordPolicyCfg.class;
814      }
815    
816    
817    
818      /**
819       * Get the "account-status-notification-handler" property definition.
820       * <p>
821       * Specifies the names of the account status notification handlers
822       * that are used with the associated password storage scheme.
823       *
824       * @return Returns the "account-status-notification-handler" property definition.
825       */
826      public AggregationPropertyDefinition<AccountStatusNotificationHandlerCfgClient, AccountStatusNotificationHandlerCfg> getAccountStatusNotificationHandlerPropertyDefinition() {
827        return PD_ACCOUNT_STATUS_NOTIFICATION_HANDLER;
828      }
829    
830    
831    
832      /**
833       * Get the "allow-expired-password-changes" property definition.
834       * <p>
835       * Indicates whether a user whose password is expired is still
836       * allowed to change that password using the password modify extended
837       * operation.
838       *
839       * @return Returns the "allow-expired-password-changes" property definition.
840       */
841      public BooleanPropertyDefinition getAllowExpiredPasswordChangesPropertyDefinition() {
842        return PD_ALLOW_EXPIRED_PASSWORD_CHANGES;
843      }
844    
845    
846    
847      /**
848       * Get the "allow-multiple-password-values" property definition.
849       * <p>
850       * Indicates whether user entries can have multiple distinct values
851       * for the password attribute.
852       * <p>
853       * This is potentially dangerous because many mechanisms used to
854       * change the password do not work well with such a configuration. If
855       * multiple password values are allowed, then any of them can be used
856       * to authenticate, and they are all subject to the same policy
857       * constraints.
858       *
859       * @return Returns the "allow-multiple-password-values" property definition.
860       */
861      public BooleanPropertyDefinition getAllowMultiplePasswordValuesPropertyDefinition() {
862        return PD_ALLOW_MULTIPLE_PASSWORD_VALUES;
863      }
864    
865    
866    
867      /**
868       * Get the "allow-pre-encoded-passwords" property definition.
869       * <p>
870       * Indicates whether users can change their passwords by providing a
871       * pre-encoded value.
872       * <p>
873       * This can cause a security risk because the clear-text version of
874       * the password is not known and therefore validation checks cannot
875       * be applied to it.
876       *
877       * @return Returns the "allow-pre-encoded-passwords" property definition.
878       */
879      public BooleanPropertyDefinition getAllowPreEncodedPasswordsPropertyDefinition() {
880        return PD_ALLOW_PRE_ENCODED_PASSWORDS;
881      }
882    
883    
884    
885      /**
886       * Get the "allow-user-password-changes" property definition.
887       * <p>
888       * Indicates whether users can change their own passwords.
889       * <p>
890       * This check is made in addition to access control evaluation. Both
891       * must allow the password change for it to occur.
892       *
893       * @return Returns the "allow-user-password-changes" property definition.
894       */
895      public BooleanPropertyDefinition getAllowUserPasswordChangesPropertyDefinition() {
896        return PD_ALLOW_USER_PASSWORD_CHANGES;
897      }
898    
899    
900    
901      /**
902       * Get the "default-password-storage-scheme" property definition.
903       * <p>
904       * Specifies the names of the password storage schemes that are used
905       * to encode clear-text passwords for this password policy.
906       *
907       * @return Returns the "default-password-storage-scheme" property definition.
908       */
909      public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getDefaultPasswordStorageSchemePropertyDefinition() {
910        return PD_DEFAULT_PASSWORD_STORAGE_SCHEME;
911      }
912    
913    
914    
915      /**
916       * Get the "deprecated-password-storage-scheme" property definition.
917       * <p>
918       * Specifies the names of the password storage schemes that are
919       * considered deprecated for this password policy.
920       * <p>
921       * If a user with this password policy authenticates to the server
922       * and his/her password is encoded with a deprecated scheme, those
923       * values are removed and replaced with values encoded using the
924       * default password storage scheme(s).
925       *
926       * @return Returns the "deprecated-password-storage-scheme" property definition.
927       */
928      public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getDeprecatedPasswordStorageSchemePropertyDefinition() {
929        return PD_DEPRECATED_PASSWORD_STORAGE_SCHEME;
930      }
931    
932    
933    
934      /**
935       * Get the "expire-passwords-without-warning" property definition.
936       * <p>
937       * Indicates whether the Directory Server allows a user's password
938       * to expire even if that user has never seen an expiration warning
939       * notification.
940       * <p>
941       * If this property is true, accounts always expire when the
942       * expiration time arrives. If this property is false disabled, the
943       * user always receives at least one warning notification, and the
944       * password expiration is set to the warning time plus the warning
945       * interval.
946       *
947       * @return Returns the "expire-passwords-without-warning" property definition.
948       */
949      public BooleanPropertyDefinition getExpirePasswordsWithoutWarningPropertyDefinition() {
950        return PD_EXPIRE_PASSWORDS_WITHOUT_WARNING;
951      }
952    
953    
954    
955      /**
956       * Get the "force-change-on-add" property definition.
957       * <p>
958       * Indicates whether users are forced to change their passwords upon
959       * first authenticating to the Directory Server after their account
960       * has been created.
961       *
962       * @return Returns the "force-change-on-add" property definition.
963       */
964      public BooleanPropertyDefinition getForceChangeOnAddPropertyDefinition() {
965        return PD_FORCE_CHANGE_ON_ADD;
966      }
967    
968    
969    
970      /**
971       * Get the "force-change-on-reset" property definition.
972       * <p>
973       * Indicates whether users are forced to change their passwords if
974       * they are reset by an administrator.
975       * <p>
976       * For this purpose, anyone with permission to change a given user's
977       * password other than that user is considered an administrator.
978       *
979       * @return Returns the "force-change-on-reset" property definition.
980       */
981      public BooleanPropertyDefinition getForceChangeOnResetPropertyDefinition() {
982        return PD_FORCE_CHANGE_ON_RESET;
983      }
984    
985    
986    
987      /**
988       * Get the "grace-login-count" property definition.
989       * <p>
990       * Specifies the number of grace logins that a user is allowed after
991       * the account has expired to allow that user to choose a new
992       * password.
993       * <p>
994       * A value of 0 indicates that no grace logins are allowed.
995       *
996       * @return Returns the "grace-login-count" property definition.
997       */
998      public IntegerPropertyDefinition getGraceLoginCountPropertyDefinition() {
999        return PD_GRACE_LOGIN_COUNT;
1000      }
1001    
1002    
1003    
1004      /**
1005       * Get the "idle-lockout-interval" property definition.
1006       * <p>
1007       * Specifies the maximum length of time that an account may remain
1008       * idle (that is, the associated user does not authenticate to the
1009       * server) before that user is locked out.
1010       * <p>
1011       * The value of this attribute is an integer followed by a unit of
1012       * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1013       * indicates that idle accounts are not automatically locked out.
1014       * This feature is available only if the last login time is
1015       * maintained.
1016       *
1017       * @return Returns the "idle-lockout-interval" property definition.
1018       */
1019      public DurationPropertyDefinition getIdleLockoutIntervalPropertyDefinition() {
1020        return PD_IDLE_LOCKOUT_INTERVAL;
1021      }
1022    
1023    
1024    
1025      /**
1026       * Get the "last-login-time-attribute" property definition.
1027       * <p>
1028       * Specifies the name or OID of the attribute type that is used to
1029       * hold the last login time for users with the associated password
1030       * policy.
1031       * <p>
1032       * This attribute type must be defined in the Directory Server
1033       * schema and must either be defined as an operational attribute or
1034       * must be allowed by the set of objectClasses for all users with the
1035       * associated password policy.
1036       *
1037       * @return Returns the "last-login-time-attribute" property definition.
1038       */
1039      public AttributeTypePropertyDefinition getLastLoginTimeAttributePropertyDefinition() {
1040        return PD_LAST_LOGIN_TIME_ATTRIBUTE;
1041      }
1042    
1043    
1044    
1045      /**
1046       * Get the "last-login-time-format" property definition.
1047       * <p>
1048       * Specifies the format string that is used to generate the last
1049       * login time value for users with the associated password policy.
1050       * <p>
1051       * This format string conforms to the syntax described in the API
1052       * documentation for the java.text.SimpleDateFormat class.
1053       *
1054       * @return Returns the "last-login-time-format" property definition.
1055       */
1056      public StringPropertyDefinition getLastLoginTimeFormatPropertyDefinition() {
1057        return PD_LAST_LOGIN_TIME_FORMAT;
1058      }
1059    
1060    
1061    
1062      /**
1063       * Get the "lockout-duration" property definition.
1064       * <p>
1065       * Specifies the length of time that an account is locked after too
1066       * many authentication failures.
1067       * <p>
1068       * The value of this attribute is an integer followed by a unit of
1069       * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1070       * indicates that the account must remain locked until an
1071       * administrator resets the password.
1072       *
1073       * @return Returns the "lockout-duration" property definition.
1074       */
1075      public DurationPropertyDefinition getLockoutDurationPropertyDefinition() {
1076        return PD_LOCKOUT_DURATION;
1077      }
1078    
1079    
1080    
1081      /**
1082       * Get the "lockout-failure-count" property definition.
1083       * <p>
1084       * Specifies the maximum number of authentication failures that a
1085       * user is allowed before the account is locked out.
1086       * <p>
1087       * A value of 0 indicates that accounts are never locked out due to
1088       * failed attempts.
1089       *
1090       * @return Returns the "lockout-failure-count" property definition.
1091       */
1092      public IntegerPropertyDefinition getLockoutFailureCountPropertyDefinition() {
1093        return PD_LOCKOUT_FAILURE_COUNT;
1094      }
1095    
1096    
1097    
1098      /**
1099       * Get the "lockout-failure-expiration-interval" property definition.
1100       * <p>
1101       * Specifies the length of time before an authentication failure is
1102       * no longer counted against a user for the purposes of account
1103       * lockout.
1104       * <p>
1105       * The value of this attribute is an integer followed by a unit of
1106       * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1107       * indicates that the authentication failures must never expire. The
1108       * failure count is always cleared upon a successful authentication.
1109       *
1110       * @return Returns the "lockout-failure-expiration-interval" property definition.
1111       */
1112      public DurationPropertyDefinition getLockoutFailureExpirationIntervalPropertyDefinition() {
1113        return PD_LOCKOUT_FAILURE_EXPIRATION_INTERVAL;
1114      }
1115    
1116    
1117    
1118      /**
1119       * Get the "max-password-age" property definition.
1120       * <p>
1121       * Specifies the maximum length of time that a user can continue
1122       * using the same password before it must be changed (that is, the
1123       * password expiration interval).
1124       * <p>
1125       * The value of this attribute is an integer followed by a unit of
1126       * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1127       * disables password expiration.
1128       *
1129       * @return Returns the "max-password-age" property definition.
1130       */
1131      public DurationPropertyDefinition getMaxPasswordAgePropertyDefinition() {
1132        return PD_MAX_PASSWORD_AGE;
1133      }
1134    
1135    
1136    
1137      /**
1138       * Get the "max-password-reset-age" property definition.
1139       * <p>
1140       * Specifies the maximum length of time that users have to change
1141       * passwords after they have been reset by an administrator before
1142       * they become locked.
1143       * <p>
1144       * The value of this attribute is an integer followed by a unit of
1145       * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1146       * disables this feature.
1147       *
1148       * @return Returns the "max-password-reset-age" property definition.
1149       */
1150      public DurationPropertyDefinition getMaxPasswordResetAgePropertyDefinition() {
1151        return PD_MAX_PASSWORD_RESET_AGE;
1152      }
1153    
1154    
1155    
1156      /**
1157       * Get the "min-password-age" property definition.
1158       * <p>
1159       * Specifies the minimum length of time after a password change
1160       * before the user is allowed to change the password again.
1161       * <p>
1162       * The value of this attribute is an integer followed by a unit of
1163       * seconds, minutes, hours, days, or weeks. This setting can be used
1164       * to prevent users from changing their passwords repeatedly over a
1165       * short period of time to flush an old password from the history so
1166       * that it can be re-used.
1167       *
1168       * @return Returns the "min-password-age" property definition.
1169       */
1170      public DurationPropertyDefinition getMinPasswordAgePropertyDefinition() {
1171        return PD_MIN_PASSWORD_AGE;
1172      }
1173    
1174    
1175    
1176      /**
1177       * Get the "password-attribute" property definition.
1178       * <p>
1179       * Specifies the attribute type used to hold user passwords.
1180       * <p>
1181       * This attribute type must be defined in the server schema, and it
1182       * must have either the user password or auth password syntax.
1183       *
1184       * @return Returns the "password-attribute" property definition.
1185       */
1186      public AttributeTypePropertyDefinition getPasswordAttributePropertyDefinition() {
1187        return PD_PASSWORD_ATTRIBUTE;
1188      }
1189    
1190    
1191    
1192      /**
1193       * Get the "password-change-requires-current-password" property definition.
1194       * <p>
1195       * Indicates whether user password changes must use the password
1196       * modify extended operation and must include the user's current
1197       * password before the change is allowed.
1198       *
1199       * @return Returns the "password-change-requires-current-password" property definition.
1200       */
1201      public BooleanPropertyDefinition getPasswordChangeRequiresCurrentPasswordPropertyDefinition() {
1202        return PD_PASSWORD_CHANGE_REQUIRES_CURRENT_PASSWORD;
1203      }
1204    
1205    
1206    
1207      /**
1208       * Get the "password-expiration-warning-interval" property definition.
1209       * <p>
1210       * Specifies the maximum length of time before a user's password
1211       * actually expires that the server begins to include warning
1212       * notifications in bind responses for that user.
1213       * <p>
1214       * The value of this attribute is an integer followed by a unit of
1215       * seconds, minutes, hours, days, or weeks. A value of 0 seconds
1216       * disables the warning interval.
1217       *
1218       * @return Returns the "password-expiration-warning-interval" property definition.
1219       */
1220      public DurationPropertyDefinition getPasswordExpirationWarningIntervalPropertyDefinition() {
1221        return PD_PASSWORD_EXPIRATION_WARNING_INTERVAL;
1222      }
1223    
1224    
1225    
1226      /**
1227       * Get the "password-generator" property definition.
1228       * <p>
1229       * Specifies the name of the password generator that is used with
1230       * the associated password policy.
1231       * <p>
1232       * This is used in conjunction with the password modify extended
1233       * operation to generate a new password for a user when none was
1234       * provided in the request.
1235       *
1236       * @return Returns the "password-generator" property definition.
1237       */
1238      public AggregationPropertyDefinition<PasswordGeneratorCfgClient, PasswordGeneratorCfg> getPasswordGeneratorPropertyDefinition() {
1239        return PD_PASSWORD_GENERATOR;
1240      }
1241    
1242    
1243    
1244      /**
1245       * Get the "password-history-count" property definition.
1246       * <p>
1247       * Specifies the maximum number of former passwords to maintain in
1248       * the password history.
1249       * <p>
1250       * When choosing a new password, the proposed password is checked to
1251       * ensure that it does not match the current password, nor any other
1252       * password in the history list. A value of zero indicates that
1253       * either no password history is to be maintained (if the password
1254       * history duration has a value of zero seconds), or that there is no
1255       * maximum number of passwords to maintain in the history (if the
1256       * password history duration has a value greater than zero seconds).
1257       *
1258       * @return Returns the "password-history-count" property definition.
1259       */
1260      public IntegerPropertyDefinition getPasswordHistoryCountPropertyDefinition() {
1261        return PD_PASSWORD_HISTORY_COUNT;
1262      }
1263    
1264    
1265    
1266      /**
1267       * Get the "password-history-duration" property definition.
1268       * <p>
1269       * Specifies the maximum length of time that passwords remain in the
1270       * password history.
1271       * <p>
1272       * When choosing a new password, the proposed password is checked to
1273       * ensure that it does not match the current password, nor any other
1274       * password in the history list. A value of zero seconds indicates
1275       * that either no password history is to be maintained (if the
1276       * password history count has a value of zero), or that there is no
1277       * maximum duration for passwords in the history (if the password
1278       * history count has a value greater than zero).
1279       *
1280       * @return Returns the "password-history-duration" property definition.
1281       */
1282      public DurationPropertyDefinition getPasswordHistoryDurationPropertyDefinition() {
1283        return PD_PASSWORD_HISTORY_DURATION;
1284      }
1285    
1286    
1287    
1288      /**
1289       * Get the "password-validator" property definition.
1290       * <p>
1291       * Specifies the names of the password validators that are used with
1292       * the associated password storage scheme.
1293       * <p>
1294       * The password validators are invoked when a user attempts to
1295       * provide a new password, to determine whether the new password is
1296       * acceptable.
1297       *
1298       * @return Returns the "password-validator" property definition.
1299       */
1300      public AggregationPropertyDefinition<PasswordValidatorCfgClient, PasswordValidatorCfg> getPasswordValidatorPropertyDefinition() {
1301        return PD_PASSWORD_VALIDATOR;
1302      }
1303    
1304    
1305    
1306      /**
1307       * Get the "previous-last-login-time-format" property definition.
1308       * <p>
1309       * Specifies the format string(s) that might have been used with the
1310       * last login time at any point in the past for users associated with
1311       * the password policy.
1312       * <p>
1313       * These values are used to make it possible to parse previous
1314       * values, but are not used to set new values. The format strings
1315       * conform to the syntax described in the API documentation for the
1316       * java.text.SimpleDateFormat class.
1317       *
1318       * @return Returns the "previous-last-login-time-format" property definition.
1319       */
1320      public StringPropertyDefinition getPreviousLastLoginTimeFormatPropertyDefinition() {
1321        return PD_PREVIOUS_LAST_LOGIN_TIME_FORMAT;
1322      }
1323    
1324    
1325    
1326      /**
1327       * Get the "require-change-by-time" property definition.
1328       * <p>
1329       * Specifies the time by which all users with the associated
1330       * password policy must change their passwords.
1331       * <p>
1332       * The value is expressed in a generalized time format. If this time
1333       * is equal to the current time or is in the past, then all users are
1334       * required to change their passwords immediately. The behavior of
1335       * the server in this mode is identical to the behavior observed when
1336       * users are forced to change their passwords after an administrative
1337       * reset.
1338       *
1339       * @return Returns the "require-change-by-time" property definition.
1340       */
1341      public StringPropertyDefinition getRequireChangeByTimePropertyDefinition() {
1342        return PD_REQUIRE_CHANGE_BY_TIME;
1343      }
1344    
1345    
1346    
1347      /**
1348       * Get the "require-secure-authentication" property definition.
1349       * <p>
1350       * Indicates whether users with the associated password policy are
1351       * required to authenticate in a secure manner.
1352       * <p>
1353       * This might mean either using a secure communication channel
1354       * between the client and the server, or using a SASL mechanism that
1355       * does not expose the credentials.
1356       *
1357       * @return Returns the "require-secure-authentication" property definition.
1358       */
1359      public BooleanPropertyDefinition getRequireSecureAuthenticationPropertyDefinition() {
1360        return PD_REQUIRE_SECURE_AUTHENTICATION;
1361      }
1362    
1363    
1364    
1365      /**
1366       * Get the "require-secure-password-changes" property definition.
1367       * <p>
1368       * Indicates whether users with the associated password policy are
1369       * required to change their password in a secure manner that does not
1370       * expose the credentials.
1371       *
1372       * @return Returns the "require-secure-password-changes" property definition.
1373       */
1374      public BooleanPropertyDefinition getRequireSecurePasswordChangesPropertyDefinition() {
1375        return PD_REQUIRE_SECURE_PASSWORD_CHANGES;
1376      }
1377    
1378    
1379    
1380      /**
1381       * Get the "skip-validation-for-administrators" property definition.
1382       * <p>
1383       * Indicates whether passwords set by administrators are allowed to
1384       * bypass the password validation process that is required for user
1385       * password changes.
1386       *
1387       * @return Returns the "skip-validation-for-administrators" property definition.
1388       */
1389      public BooleanPropertyDefinition getSkipValidationForAdministratorsPropertyDefinition() {
1390        return PD_SKIP_VALIDATION_FOR_ADMINISTRATORS;
1391      }
1392    
1393    
1394    
1395      /**
1396       * Get the "state-update-failure-policy" property definition.
1397       * <p>
1398       * Specifies how the server deals with the inability to update
1399       * password policy state information during an authentication
1400       * attempt.
1401       * <p>
1402       * In particular, this property can be used to control whether an
1403       * otherwise successful bind operation fails if a failure occurs
1404       * while attempting to update password policy state information (for
1405       * example, to clear a record of previous authentication failures or
1406       * to update the last login time). It can also be used to control
1407       * whether to reject a bind request if it is known ahead of time that
1408       * it will not be possible to update the authentication failure times
1409       * in the event of an unsuccessful bind attempt (for example, if the
1410       * backend writability mode is disabled).
1411       *
1412       * @return Returns the "state-update-failure-policy" property definition.
1413       */
1414      public EnumPropertyDefinition<StateUpdateFailurePolicy> getStateUpdateFailurePolicyPropertyDefinition() {
1415        return PD_STATE_UPDATE_FAILURE_POLICY;
1416      }
1417    
1418    
1419    
1420      /**
1421       * Managed object client implementation.
1422       */
1423      private static class PasswordPolicyCfgClientImpl implements
1424        PasswordPolicyCfgClient {
1425    
1426        // Private implementation.
1427        private ManagedObject<? extends PasswordPolicyCfgClient> impl;
1428    
1429    
1430    
1431        // Private constructor.
1432        private PasswordPolicyCfgClientImpl(
1433            ManagedObject<? extends PasswordPolicyCfgClient> impl) {
1434          this.impl = impl;
1435        }
1436    
1437    
1438    
1439        /**
1440         * {@inheritDoc}
1441         */
1442        public SortedSet<String> getAccountStatusNotificationHandler() {
1443          return impl.getPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition());
1444        }
1445    
1446    
1447    
1448        /**
1449         * {@inheritDoc}
1450         */
1451        public void setAccountStatusNotificationHandler(Collection<String> values) {
1452          impl.setPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition(), values);
1453        }
1454    
1455    
1456    
1457        /**
1458         * {@inheritDoc}
1459         */
1460        public boolean isAllowExpiredPasswordChanges() {
1461          return impl.getPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition());
1462        }
1463    
1464    
1465    
1466        /**
1467         * {@inheritDoc}
1468         */
1469        public void setAllowExpiredPasswordChanges(Boolean value) {
1470          impl.setPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition(), value);
1471        }
1472    
1473    
1474    
1475        /**
1476         * {@inheritDoc}
1477         */
1478        public boolean isAllowMultiplePasswordValues() {
1479          return impl.getPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition());
1480        }
1481    
1482    
1483    
1484        /**
1485         * {@inheritDoc}
1486         */
1487        public void setAllowMultiplePasswordValues(Boolean value) {
1488          impl.setPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition(), value);
1489        }
1490    
1491    
1492    
1493        /**
1494         * {@inheritDoc}
1495         */
1496        public boolean isAllowPreEncodedPasswords() {
1497          return impl.getPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition());
1498        }
1499    
1500    
1501    
1502        /**
1503         * {@inheritDoc}
1504         */
1505        public void setAllowPreEncodedPasswords(Boolean value) {
1506          impl.setPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition(), value);
1507        }
1508    
1509    
1510    
1511        /**
1512         * {@inheritDoc}
1513         */
1514        public boolean isAllowUserPasswordChanges() {
1515          return impl.getPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition());
1516        }
1517    
1518    
1519    
1520        /**
1521         * {@inheritDoc}
1522         */
1523        public void setAllowUserPasswordChanges(Boolean value) {
1524          impl.setPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition(), value);
1525        }
1526    
1527    
1528    
1529        /**
1530         * {@inheritDoc}
1531         */
1532        public SortedSet<String> getDefaultPasswordStorageScheme() {
1533          return impl.getPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition());
1534        }
1535    
1536    
1537    
1538        /**
1539         * {@inheritDoc}
1540         */
1541        public void setDefaultPasswordStorageScheme(Collection<String> values) {
1542          impl.setPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition(), values);
1543        }
1544    
1545    
1546    
1547        /**
1548         * {@inheritDoc}
1549         */
1550        public SortedSet<String> getDeprecatedPasswordStorageScheme() {
1551          return impl.getPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition());
1552        }
1553    
1554    
1555    
1556        /**
1557         * {@inheritDoc}
1558         */
1559        public void setDeprecatedPasswordStorageScheme(Collection<String> values) {
1560          impl.setPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition(), values);
1561        }
1562    
1563    
1564    
1565        /**
1566         * {@inheritDoc}
1567         */
1568        public boolean isExpirePasswordsWithoutWarning() {
1569          return impl.getPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition());
1570        }
1571    
1572    
1573    
1574        /**
1575         * {@inheritDoc}
1576         */
1577        public void setExpirePasswordsWithoutWarning(Boolean value) {
1578          impl.setPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition(), value);
1579        }
1580    
1581    
1582    
1583        /**
1584         * {@inheritDoc}
1585         */
1586        public boolean isForceChangeOnAdd() {
1587          return impl.getPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition());
1588        }
1589    
1590    
1591    
1592        /**
1593         * {@inheritDoc}
1594         */
1595        public void setForceChangeOnAdd(Boolean value) {
1596          impl.setPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition(), value);
1597        }
1598    
1599    
1600    
1601        /**
1602         * {@inheritDoc}
1603         */
1604        public boolean isForceChangeOnReset() {
1605          return impl.getPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition());
1606        }
1607    
1608    
1609    
1610        /**
1611         * {@inheritDoc}
1612         */
1613        public void setForceChangeOnReset(Boolean value) {
1614          impl.setPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition(), value);
1615        }
1616    
1617    
1618    
1619        /**
1620         * {@inheritDoc}
1621         */
1622        public int getGraceLoginCount() {
1623          return impl.getPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition());
1624        }
1625    
1626    
1627    
1628        /**
1629         * {@inheritDoc}
1630         */
1631        public void setGraceLoginCount(Integer value) {
1632          impl.setPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition(), value);
1633        }
1634    
1635    
1636    
1637        /**
1638         * {@inheritDoc}
1639         */
1640        public long getIdleLockoutInterval() {
1641          return impl.getPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition());
1642        }
1643    
1644    
1645    
1646        /**
1647         * {@inheritDoc}
1648         */
1649        public void setIdleLockoutInterval(Long value) {
1650          impl.setPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition(), value);
1651        }
1652    
1653    
1654    
1655        /**
1656         * {@inheritDoc}
1657         */
1658        public AttributeType getLastLoginTimeAttribute() {
1659          return impl.getPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition());
1660        }
1661    
1662    
1663    
1664        /**
1665         * {@inheritDoc}
1666         */
1667        public void setLastLoginTimeAttribute(AttributeType value) {
1668          impl.setPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition(), value);
1669        }
1670    
1671    
1672    
1673        /**
1674         * {@inheritDoc}
1675         */
1676        public String getLastLoginTimeFormat() {
1677          return impl.getPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition());
1678        }
1679    
1680    
1681    
1682        /**
1683         * {@inheritDoc}
1684         */
1685        public void setLastLoginTimeFormat(String value) {
1686          impl.setPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition(), value);
1687        }
1688    
1689    
1690    
1691        /**
1692         * {@inheritDoc}
1693         */
1694        public long getLockoutDuration() {
1695          return impl.getPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition());
1696        }
1697    
1698    
1699    
1700        /**
1701         * {@inheritDoc}
1702         */
1703        public void setLockoutDuration(Long value) {
1704          impl.setPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition(), value);
1705        }
1706    
1707    
1708    
1709        /**
1710         * {@inheritDoc}
1711         */
1712        public int getLockoutFailureCount() {
1713          return impl.getPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition());
1714        }
1715    
1716    
1717    
1718        /**
1719         * {@inheritDoc}
1720         */
1721        public void setLockoutFailureCount(Integer value) {
1722          impl.setPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition(), value);
1723        }
1724    
1725    
1726    
1727        /**
1728         * {@inheritDoc}
1729         */
1730        public long getLockoutFailureExpirationInterval() {
1731          return impl.getPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition());
1732        }
1733    
1734    
1735    
1736        /**
1737         * {@inheritDoc}
1738         */
1739        public void setLockoutFailureExpirationInterval(Long value) {
1740          impl.setPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition(), value);
1741        }
1742    
1743    
1744    
1745        /**
1746         * {@inheritDoc}
1747         */
1748        public long getMaxPasswordAge() {
1749          return impl.getPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition());
1750        }
1751    
1752    
1753    
1754        /**
1755         * {@inheritDoc}
1756         */
1757        public void setMaxPasswordAge(Long value) {
1758          impl.setPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition(), value);
1759        }
1760    
1761    
1762    
1763        /**
1764         * {@inheritDoc}
1765         */
1766        public long getMaxPasswordResetAge() {
1767          return impl.getPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition());
1768        }
1769    
1770    
1771    
1772        /**
1773         * {@inheritDoc}
1774         */
1775        public void setMaxPasswordResetAge(Long value) {
1776          impl.setPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition(), value);
1777        }
1778    
1779    
1780    
1781        /**
1782         * {@inheritDoc}
1783         */
1784        public long getMinPasswordAge() {
1785          return impl.getPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition());
1786        }
1787    
1788    
1789    
1790        /**
1791         * {@inheritDoc}
1792         */
1793        public void setMinPasswordAge(Long value) {
1794          impl.setPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition(), value);
1795        }
1796    
1797    
1798    
1799        /**
1800         * {@inheritDoc}
1801         */
1802        public AttributeType getPasswordAttribute() {
1803          return impl.getPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition());
1804        }
1805    
1806    
1807    
1808        /**
1809         * {@inheritDoc}
1810         */
1811        public void setPasswordAttribute(AttributeType value) {
1812          impl.setPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition(), value);
1813        }
1814    
1815    
1816    
1817        /**
1818         * {@inheritDoc}
1819         */
1820        public boolean isPasswordChangeRequiresCurrentPassword() {
1821          return impl.getPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition());
1822        }
1823    
1824    
1825    
1826        /**
1827         * {@inheritDoc}
1828         */
1829        public void setPasswordChangeRequiresCurrentPassword(Boolean value) {
1830          impl.setPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition(), value);
1831        }
1832    
1833    
1834    
1835        /**
1836         * {@inheritDoc}
1837         */
1838        public long getPasswordExpirationWarningInterval() {
1839          return impl.getPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition());
1840        }
1841    
1842    
1843    
1844        /**
1845         * {@inheritDoc}
1846         */
1847        public void setPasswordExpirationWarningInterval(Long value) {
1848          impl.setPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition(), value);
1849        }
1850    
1851    
1852    
1853        /**
1854         * {@inheritDoc}
1855         */
1856        public String getPasswordGenerator() {
1857          return impl.getPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition());
1858        }
1859    
1860    
1861    
1862        /**
1863         * {@inheritDoc}
1864         */
1865        public void setPasswordGenerator(String value) {
1866          impl.setPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition(), value);
1867        }
1868    
1869    
1870    
1871        /**
1872         * {@inheritDoc}
1873         */
1874        public int getPasswordHistoryCount() {
1875          return impl.getPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition());
1876        }
1877    
1878    
1879    
1880        /**
1881         * {@inheritDoc}
1882         */
1883        public void setPasswordHistoryCount(Integer value) {
1884          impl.setPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition(), value);
1885        }
1886    
1887    
1888    
1889        /**
1890         * {@inheritDoc}
1891         */
1892        public long getPasswordHistoryDuration() {
1893          return impl.getPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition());
1894        }
1895    
1896    
1897    
1898        /**
1899         * {@inheritDoc}
1900         */
1901        public void setPasswordHistoryDuration(Long value) {
1902          impl.setPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition(), value);
1903        }
1904    
1905    
1906    
1907        /**
1908         * {@inheritDoc}
1909         */
1910        public SortedSet<String> getPasswordValidator() {
1911          return impl.getPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition());
1912        }
1913    
1914    
1915    
1916        /**
1917         * {@inheritDoc}
1918         */
1919        public void setPasswordValidator(Collection<String> values) {
1920          impl.setPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition(), values);
1921        }
1922    
1923    
1924    
1925        /**
1926         * {@inheritDoc}
1927         */
1928        public SortedSet<String> getPreviousLastLoginTimeFormat() {
1929          return impl.getPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition());
1930        }
1931    
1932    
1933    
1934        /**
1935         * {@inheritDoc}
1936         */
1937        public void setPreviousLastLoginTimeFormat(Collection<String> values) {
1938          impl.setPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition(), values);
1939        }
1940    
1941    
1942    
1943        /**
1944         * {@inheritDoc}
1945         */
1946        public String getRequireChangeByTime() {
1947          return impl.getPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition());
1948        }
1949    
1950    
1951    
1952        /**
1953         * {@inheritDoc}
1954         */
1955        public void setRequireChangeByTime(String value) {
1956          impl.setPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition(), value);
1957        }
1958    
1959    
1960    
1961        /**
1962         * {@inheritDoc}
1963         */
1964        public boolean isRequireSecureAuthentication() {
1965          return impl.getPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition());
1966        }
1967    
1968    
1969    
1970        /**
1971         * {@inheritDoc}
1972         */
1973        public void setRequireSecureAuthentication(Boolean value) {
1974          impl.setPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition(), value);
1975        }
1976    
1977    
1978    
1979        /**
1980         * {@inheritDoc}
1981         */
1982        public boolean isRequireSecurePasswordChanges() {
1983          return impl.getPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition());
1984        }
1985    
1986    
1987    
1988        /**
1989         * {@inheritDoc}
1990         */
1991        public void setRequireSecurePasswordChanges(Boolean value) {
1992          impl.setPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition(), value);
1993        }
1994    
1995    
1996    
1997        /**
1998         * {@inheritDoc}
1999         */
2000        public boolean isSkipValidationForAdministrators() {
2001          return impl.getPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition());
2002        }
2003    
2004    
2005    
2006        /**
2007         * {@inheritDoc}
2008         */
2009        public void setSkipValidationForAdministrators(Boolean value) {
2010          impl.setPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition(), value);
2011        }
2012    
2013    
2014    
2015        /**
2016         * {@inheritDoc}
2017         */
2018        public StateUpdateFailurePolicy getStateUpdateFailurePolicy() {
2019          return impl.getPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition());
2020        }
2021    
2022    
2023    
2024        /**
2025         * {@inheritDoc}
2026         */
2027        public void setStateUpdateFailurePolicy(StateUpdateFailurePolicy value) {
2028          impl.setPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition(), value);
2029        }
2030    
2031    
2032    
2033        /**
2034         * {@inheritDoc}
2035         */
2036        public ManagedObjectDefinition<? extends PasswordPolicyCfgClient, ? extends PasswordPolicyCfg> definition() {
2037          return INSTANCE;
2038        }
2039    
2040    
2041    
2042        /**
2043         * {@inheritDoc}
2044         */
2045        public PropertyProvider properties() {
2046          return impl;
2047        }
2048    
2049    
2050    
2051        /**
2052         * {@inheritDoc}
2053         */
2054        public void commit() throws ManagedObjectAlreadyExistsException,
2055            MissingMandatoryPropertiesException, ConcurrentModificationException,
2056            OperationRejectedException, AuthorizationException,
2057            CommunicationException {
2058          impl.commit();
2059        }
2060    
2061      }
2062    
2063    
2064    
2065      /**
2066       * Managed object server implementation.
2067       */
2068      private static class PasswordPolicyCfgServerImpl implements
2069        PasswordPolicyCfg {
2070    
2071        // Private implementation.
2072        private ServerManagedObject<? extends PasswordPolicyCfg> impl;
2073    
2074        // The value of the "account-status-notification-handler" property.
2075        private final SortedSet<String> pAccountStatusNotificationHandler;
2076    
2077        // The value of the "allow-expired-password-changes" property.
2078        private final boolean pAllowExpiredPasswordChanges;
2079    
2080        // The value of the "allow-multiple-password-values" property.
2081        private final boolean pAllowMultiplePasswordValues;
2082    
2083        // The value of the "allow-pre-encoded-passwords" property.
2084        private final boolean pAllowPreEncodedPasswords;
2085    
2086        // The value of the "allow-user-password-changes" property.
2087        private final boolean pAllowUserPasswordChanges;
2088    
2089        // The value of the "default-password-storage-scheme" property.
2090        private final SortedSet<String> pDefaultPasswordStorageScheme;
2091    
2092        // The value of the "deprecated-password-storage-scheme" property.
2093        private final SortedSet<String> pDeprecatedPasswordStorageScheme;
2094    
2095        // The value of the "expire-passwords-without-warning" property.
2096        private final boolean pExpirePasswordsWithoutWarning;
2097    
2098        // The value of the "force-change-on-add" property.
2099        private final boolean pForceChangeOnAdd;
2100    
2101        // The value of the "force-change-on-reset" property.
2102        private final boolean pForceChangeOnReset;
2103    
2104        // The value of the "grace-login-count" property.
2105        private final int pGraceLoginCount;
2106    
2107        // The value of the "idle-lockout-interval" property.
2108        private final long pIdleLockoutInterval;
2109    
2110        // The value of the "last-login-time-attribute" property.
2111        private final AttributeType pLastLoginTimeAttribute;
2112    
2113        // The value of the "last-login-time-format" property.
2114        private final String pLastLoginTimeFormat;
2115    
2116        // The value of the "lockout-duration" property.
2117        private final long pLockoutDuration;
2118    
2119        // The value of the "lockout-failure-count" property.
2120        private final int pLockoutFailureCount;
2121    
2122        // The value of the "lockout-failure-expiration-interval" property.
2123        private final long pLockoutFailureExpirationInterval;
2124    
2125        // The value of the "max-password-age" property.
2126        private final long pMaxPasswordAge;
2127    
2128        // The value of the "max-password-reset-age" property.
2129        private final long pMaxPasswordResetAge;
2130    
2131        // The value of the "min-password-age" property.
2132        private final long pMinPasswordAge;
2133    
2134        // The value of the "password-attribute" property.
2135        private final AttributeType pPasswordAttribute;
2136    
2137        // The value of the "password-change-requires-current-password" property.
2138        private final boolean pPasswordChangeRequiresCurrentPassword;
2139    
2140        // The value of the "password-expiration-warning-interval" property.
2141        private final long pPasswordExpirationWarningInterval;
2142    
2143        // The value of the "password-generator" property.
2144        private final String pPasswordGenerator;
2145    
2146        // The value of the "password-history-count" property.
2147        private final int pPasswordHistoryCount;
2148    
2149        // The value of the "password-history-duration" property.
2150        private final long pPasswordHistoryDuration;
2151    
2152        // The value of the "password-validator" property.
2153        private final SortedSet<String> pPasswordValidator;
2154    
2155        // The value of the "previous-last-login-time-format" property.
2156        private final SortedSet<String> pPreviousLastLoginTimeFormat;
2157    
2158        // The value of the "require-change-by-time" property.
2159        private final String pRequireChangeByTime;
2160    
2161        // The value of the "require-secure-authentication" property.
2162        private final boolean pRequireSecureAuthentication;
2163    
2164        // The value of the "require-secure-password-changes" property.
2165        private final boolean pRequireSecurePasswordChanges;
2166    
2167        // The value of the "skip-validation-for-administrators" property.
2168        private final boolean pSkipValidationForAdministrators;
2169    
2170        // The value of the "state-update-failure-policy" property.
2171        private final StateUpdateFailurePolicy pStateUpdateFailurePolicy;
2172    
2173    
2174    
2175        // Private constructor.
2176        private PasswordPolicyCfgServerImpl(ServerManagedObject<? extends PasswordPolicyCfg> impl) {
2177          this.impl = impl;
2178          this.pAccountStatusNotificationHandler = impl.getPropertyValues(INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition());
2179          this.pAllowExpiredPasswordChanges = impl.getPropertyValue(INSTANCE.getAllowExpiredPasswordChangesPropertyDefinition());
2180          this.pAllowMultiplePasswordValues = impl.getPropertyValue(INSTANCE.getAllowMultiplePasswordValuesPropertyDefinition());
2181          this.pAllowPreEncodedPasswords = impl.getPropertyValue(INSTANCE.getAllowPreEncodedPasswordsPropertyDefinition());
2182          this.pAllowUserPasswordChanges = impl.getPropertyValue(INSTANCE.getAllowUserPasswordChangesPropertyDefinition());
2183          this.pDefaultPasswordStorageScheme = impl.getPropertyValues(INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition());
2184          this.pDeprecatedPasswordStorageScheme = impl.getPropertyValues(INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition());
2185          this.pExpirePasswordsWithoutWarning = impl.getPropertyValue(INSTANCE.getExpirePasswordsWithoutWarningPropertyDefinition());
2186          this.pForceChangeOnAdd = impl.getPropertyValue(INSTANCE.getForceChangeOnAddPropertyDefinition());
2187          this.pForceChangeOnReset = impl.getPropertyValue(INSTANCE.getForceChangeOnResetPropertyDefinition());
2188          this.pGraceLoginCount = impl.getPropertyValue(INSTANCE.getGraceLoginCountPropertyDefinition());
2189          this.pIdleLockoutInterval = impl.getPropertyValue(INSTANCE.getIdleLockoutIntervalPropertyDefinition());
2190          this.pLastLoginTimeAttribute = impl.getPropertyValue(INSTANCE.getLastLoginTimeAttributePropertyDefinition());
2191          this.pLastLoginTimeFormat = impl.getPropertyValue(INSTANCE.getLastLoginTimeFormatPropertyDefinition());
2192          this.pLockoutDuration = impl.getPropertyValue(INSTANCE.getLockoutDurationPropertyDefinition());
2193          this.pLockoutFailureCount = impl.getPropertyValue(INSTANCE.getLockoutFailureCountPropertyDefinition());
2194          this.pLockoutFailureExpirationInterval = impl.getPropertyValue(INSTANCE.getLockoutFailureExpirationIntervalPropertyDefinition());
2195          this.pMaxPasswordAge = impl.getPropertyValue(INSTANCE.getMaxPasswordAgePropertyDefinition());
2196          this.pMaxPasswordResetAge = impl.getPropertyValue(INSTANCE.getMaxPasswordResetAgePropertyDefinition());
2197          this.pMinPasswordAge = impl.getPropertyValue(INSTANCE.getMinPasswordAgePropertyDefinition());
2198          this.pPasswordAttribute = impl.getPropertyValue(INSTANCE.getPasswordAttributePropertyDefinition());
2199          this.pPasswordChangeRequiresCurrentPassword = impl.getPropertyValue(INSTANCE.getPasswordChangeRequiresCurrentPasswordPropertyDefinition());
2200          this.pPasswordExpirationWarningInterval = impl.getPropertyValue(INSTANCE.getPasswordExpirationWarningIntervalPropertyDefinition());
2201          this.pPasswordGenerator = impl.getPropertyValue(INSTANCE.getPasswordGeneratorPropertyDefinition());
2202          this.pPasswordHistoryCount = impl.getPropertyValue(INSTANCE.getPasswordHistoryCountPropertyDefinition());
2203          this.pPasswordHistoryDuration = impl.getPropertyValue(INSTANCE.getPasswordHistoryDurationPropertyDefinition());
2204          this.pPasswordValidator = impl.getPropertyValues(INSTANCE.getPasswordValidatorPropertyDefinition());
2205          this.pPreviousLastLoginTimeFormat = impl.getPropertyValues(INSTANCE.getPreviousLastLoginTimeFormatPropertyDefinition());
2206          this.pRequireChangeByTime = impl.getPropertyValue(INSTANCE.getRequireChangeByTimePropertyDefinition());
2207          this.pRequireSecureAuthentication = impl.getPropertyValue(INSTANCE.getRequireSecureAuthenticationPropertyDefinition());
2208          this.pRequireSecurePasswordChanges = impl.getPropertyValue(INSTANCE.getRequireSecurePasswordChangesPropertyDefinition());
2209          this.pSkipValidationForAdministrators = impl.getPropertyValue(INSTANCE.getSkipValidationForAdministratorsPropertyDefinition());
2210          this.pStateUpdateFailurePolicy = impl.getPropertyValue(INSTANCE.getStateUpdateFailurePolicyPropertyDefinition());
2211        }
2212    
2213    
2214    
2215        /**
2216         * {@inheritDoc}
2217         */
2218        public void addChangeListener(
2219            ConfigurationChangeListener<PasswordPolicyCfg> listener) {
2220          impl.registerChangeListener(listener);
2221        }
2222    
2223    
2224    
2225        /**
2226         * {@inheritDoc}
2227         */
2228        public void removeChangeListener(
2229            ConfigurationChangeListener<PasswordPolicyCfg> listener) {
2230          impl.deregisterChangeListener(listener);
2231        }
2232    
2233    
2234    
2235        /**
2236         * {@inheritDoc}
2237         */
2238        public SortedSet<String> getAccountStatusNotificationHandler() {
2239          return pAccountStatusNotificationHandler;
2240        }
2241    
2242    
2243    
2244        /**
2245         * {@inheritDoc}
2246         */
2247        public SortedSet<DN> getAccountStatusNotificationHandlerDNs() {
2248          SortedSet<String> values = getAccountStatusNotificationHandler();
2249          SortedSet<DN> dnValues = new TreeSet<DN>();
2250          for (String value : values) {
2251            DN dn = INSTANCE.getAccountStatusNotificationHandlerPropertyDefinition().getChildDN(value);
2252            dnValues.add(dn);
2253          }
2254          return dnValues;
2255        }
2256    
2257    
2258    
2259        /**
2260         * {@inheritDoc}
2261         */
2262        public boolean isAllowExpiredPasswordChanges() {
2263          return pAllowExpiredPasswordChanges;
2264        }
2265    
2266    
2267    
2268        /**
2269         * {@inheritDoc}
2270         */
2271        public boolean isAllowMultiplePasswordValues() {
2272          return pAllowMultiplePasswordValues;
2273        }
2274    
2275    
2276    
2277        /**
2278         * {@inheritDoc}
2279         */
2280        public boolean isAllowPreEncodedPasswords() {
2281          return pAllowPreEncodedPasswords;
2282        }
2283    
2284    
2285    
2286        /**
2287         * {@inheritDoc}
2288         */
2289        public boolean isAllowUserPasswordChanges() {
2290          return pAllowUserPasswordChanges;
2291        }
2292    
2293    
2294    
2295        /**
2296         * {@inheritDoc}
2297         */
2298        public SortedSet<String> getDefaultPasswordStorageScheme() {
2299          return pDefaultPasswordStorageScheme;
2300        }
2301    
2302    
2303    
2304        /**
2305         * {@inheritDoc}
2306         */
2307        public SortedSet<DN> getDefaultPasswordStorageSchemeDNs() {
2308          SortedSet<String> values = getDefaultPasswordStorageScheme();
2309          SortedSet<DN> dnValues = new TreeSet<DN>();
2310          for (String value : values) {
2311            DN dn = INSTANCE.getDefaultPasswordStorageSchemePropertyDefinition().getChildDN(value);
2312            dnValues.add(dn);
2313          }
2314          return dnValues;
2315        }
2316    
2317    
2318    
2319        /**
2320         * {@inheritDoc}
2321         */
2322        public SortedSet<String> getDeprecatedPasswordStorageScheme() {
2323          return pDeprecatedPasswordStorageScheme;
2324        }
2325    
2326    
2327    
2328        /**
2329         * {@inheritDoc}
2330         */
2331        public SortedSet<DN> getDeprecatedPasswordStorageSchemeDNs() {
2332          SortedSet<String> values = getDeprecatedPasswordStorageScheme();
2333          SortedSet<DN> dnValues = new TreeSet<DN>();
2334          for (String value : values) {
2335            DN dn = INSTANCE.getDeprecatedPasswordStorageSchemePropertyDefinition().getChildDN(value);
2336            dnValues.add(dn);
2337          }
2338          return dnValues;
2339        }
2340    
2341    
2342    
2343        /**
2344         * {@inheritDoc}
2345         */
2346        public boolean isExpirePasswordsWithoutWarning() {
2347          return pExpirePasswordsWithoutWarning;
2348        }
2349    
2350    
2351    
2352        /**
2353         * {@inheritDoc}
2354         */
2355        public boolean isForceChangeOnAdd() {
2356          return pForceChangeOnAdd;
2357        }
2358    
2359    
2360    
2361        /**
2362         * {@inheritDoc}
2363         */
2364        public boolean isForceChangeOnReset() {
2365          return pForceChangeOnReset;
2366        }
2367    
2368    
2369    
2370        /**
2371         * {@inheritDoc}
2372         */
2373        public int getGraceLoginCount() {
2374          return pGraceLoginCount;
2375        }
2376    
2377    
2378    
2379        /**
2380         * {@inheritDoc}
2381         */
2382        public long getIdleLockoutInterval() {
2383          return pIdleLockoutInterval;
2384        }
2385    
2386    
2387    
2388        /**
2389         * {@inheritDoc}
2390         */
2391        public AttributeType getLastLoginTimeAttribute() {
2392          return pLastLoginTimeAttribute;
2393        }
2394    
2395    
2396    
2397        /**
2398         * {@inheritDoc}
2399         */
2400        public String getLastLoginTimeFormat() {
2401          return pLastLoginTimeFormat;
2402        }
2403    
2404    
2405    
2406        /**
2407         * {@inheritDoc}
2408         */
2409        public long getLockoutDuration() {
2410          return pLockoutDuration;
2411        }
2412    
2413    
2414    
2415        /**
2416         * {@inheritDoc}
2417         */
2418        public int getLockoutFailureCount() {
2419          return pLockoutFailureCount;
2420        }
2421    
2422    
2423    
2424        /**
2425         * {@inheritDoc}
2426         */
2427        public long getLockoutFailureExpirationInterval() {
2428          return pLockoutFailureExpirationInterval;
2429        }
2430    
2431    
2432    
2433        /**
2434         * {@inheritDoc}
2435         */
2436        public long getMaxPasswordAge() {
2437          return pMaxPasswordAge;
2438        }
2439    
2440    
2441    
2442        /**
2443         * {@inheritDoc}
2444         */
2445        public long getMaxPasswordResetAge() {
2446          return pMaxPasswordResetAge;
2447        }
2448    
2449    
2450    
2451        /**
2452         * {@inheritDoc}
2453         */
2454        public long getMinPasswordAge() {
2455          return pMinPasswordAge;
2456        }
2457    
2458    
2459    
2460        /**
2461         * {@inheritDoc}
2462         */
2463        public AttributeType getPasswordAttribute() {
2464          return pPasswordAttribute;
2465        }
2466    
2467    
2468    
2469        /**
2470         * {@inheritDoc}
2471         */
2472        public boolean isPasswordChangeRequiresCurrentPassword() {
2473          return pPasswordChangeRequiresCurrentPassword;
2474        }
2475    
2476    
2477    
2478        /**
2479         * {@inheritDoc}
2480         */
2481        public long getPasswordExpirationWarningInterval() {
2482          return pPasswordExpirationWarningInterval;
2483        }
2484    
2485    
2486    
2487        /**
2488         * {@inheritDoc}
2489         */
2490        public String getPasswordGenerator() {
2491          return pPasswordGenerator;
2492        }
2493    
2494    
2495    
2496        /**
2497         * {@inheritDoc}
2498         */
2499        public DN getPasswordGeneratorDN() {
2500          String value = getPasswordGenerator();
2501          if (value == null) return null;
2502          return INSTANCE.getPasswordGeneratorPropertyDefinition().getChildDN(value);
2503        }
2504    
2505    
2506    
2507        /**
2508         * {@inheritDoc}
2509         */
2510        public int getPasswordHistoryCount() {
2511          return pPasswordHistoryCount;
2512        }
2513    
2514    
2515    
2516        /**
2517         * {@inheritDoc}
2518         */
2519        public long getPasswordHistoryDuration() {
2520          return pPasswordHistoryDuration;
2521        }
2522    
2523    
2524    
2525        /**
2526         * {@inheritDoc}
2527         */
2528        public SortedSet<String> getPasswordValidator() {
2529          return pPasswordValidator;
2530        }
2531    
2532    
2533    
2534        /**
2535         * {@inheritDoc}
2536         */
2537        public SortedSet<DN> getPasswordValidatorDNs() {
2538          SortedSet<String> values = getPasswordValidator();
2539          SortedSet<DN> dnValues = new TreeSet<DN>();
2540          for (String value : values) {
2541            DN dn = INSTANCE.getPasswordValidatorPropertyDefinition().getChildDN(value);
2542            dnValues.add(dn);
2543          }
2544          return dnValues;
2545        }
2546    
2547    
2548    
2549        /**
2550         * {@inheritDoc}
2551         */
2552        public SortedSet<String> getPreviousLastLoginTimeFormat() {
2553          return pPreviousLastLoginTimeFormat;
2554        }
2555    
2556    
2557    
2558        /**
2559         * {@inheritDoc}
2560         */
2561        public String getRequireChangeByTime() {
2562          return pRequireChangeByTime;
2563        }
2564    
2565    
2566    
2567        /**
2568         * {@inheritDoc}
2569         */
2570        public boolean isRequireSecureAuthentication() {
2571          return pRequireSecureAuthentication;
2572        }
2573    
2574    
2575    
2576        /**
2577         * {@inheritDoc}
2578         */
2579        public boolean isRequireSecurePasswordChanges() {
2580          return pRequireSecurePasswordChanges;
2581        }
2582    
2583    
2584    
2585        /**
2586         * {@inheritDoc}
2587         */
2588        public boolean isSkipValidationForAdministrators() {
2589          return pSkipValidationForAdministrators;
2590        }
2591    
2592    
2593    
2594        /**
2595         * {@inheritDoc}
2596         */
2597        public StateUpdateFailurePolicy getStateUpdateFailurePolicy() {
2598          return pStateUpdateFailurePolicy;
2599        }
2600    
2601    
2602    
2603        /**
2604         * {@inheritDoc}
2605         */
2606        public Class<? extends PasswordPolicyCfg> configurationClass() {
2607          return PasswordPolicyCfg.class;
2608        }
2609    
2610    
2611    
2612        /**
2613         * {@inheritDoc}
2614         */
2615        public DN dn() {
2616          return impl.getDN();
2617        }
2618    
2619      }
2620    }