001/* 002 * Copyright 2013-2020 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2013-2020 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2015-2020 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import com.unboundid.ldap.sdk.Control; 041import com.unboundid.ldap.sdk.LDAPException; 042import com.unboundid.ldap.sdk.ResultCode; 043import com.unboundid.util.NotMutable; 044import com.unboundid.util.ThreadSafety; 045import com.unboundid.util.ThreadSafetyLevel; 046 047import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 048 049 050 051/** 052 * This class provides a request control that can be included in a modify 053 * request or a password modify extended request in order to indicate that if 054 * the operation results in changing the password for a user, the user's former 055 * password should be marked as "retired", which may allow it to remain in use 056 * for a brief period of time (as configured in the password policy governing 057 * that user) to allow for applications which may have been configured with that 058 * password can be updated to use the new password. 059 * <BR> 060 * <BLOCKQUOTE> 061 * <B>NOTE:</B> This class, and other classes within the 062 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 063 * supported for use against Ping Identity, UnboundID, and 064 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 065 * for proprietary functionality or for external specifications that are not 066 * considered stable or mature enough to be guaranteed to work in an 067 * interoperable way with other types of LDAP servers. 068 * </BLOCKQUOTE> 069 * <BR> 070 * This control has an OID of "1.3.6.1.4.1.30221.2.5.31" and does not have a 071 * value. The criticality may be either true (in which case the operation will 072 * succeed only if the user's password policy allows passwords to be retired by 073 * a request control) or false (in which case if the password policy does not 074 * allow the use of this control, the operation will be processed as if the 075 * control had not been included in the request). 076 * <BR><BR> 077 * <H2>Example</H2> 078 * The following example demonstrates the use of the retire password request 079 * control to request that a user's current password be retired in the course of 080 * a password change. 081 * <PRE> 082 * Control[] requestControls = 083 * { 084 * new RetirePasswordRequestControl(true) 085 * }; 086 * 087 * PasswordModifyExtendedRequest passwordModifyRequest = 088 * new PasswordModifyExtendedRequest( 089 * "uid=test.user,ou=People,dc=example,dc=com", // The user to update 090 * null, // The current password -- we don't know it. 091 * "newPassword", // The new password to assign to the user. 092 * requestControls); // The controls to include in the request. 093 * PasswordModifyExtendedResult passwordModifyResult = 094 * (PasswordModifyExtendedResult) 095 * connection.processExtendedOperation(passwordModifyRequest); 096 * </PRE> 097 * 098 * @see PurgePasswordRequestControl 099 */ 100@NotMutable() 101@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 102public final class RetirePasswordRequestControl 103 extends Control 104{ 105 /** 106 * The OID (1.3.6.1.4.1.30221.2.5.31) for the retire password request control. 107 */ 108 public static final String RETIRE_PASSWORD_REQUEST_OID = 109 "1.3.6.1.4.1.30221.2.5.31"; 110 111 112 113 /** 114 * The serial version UID for this serializable class. 115 */ 116 private static final long serialVersionUID = 7261376468186883355L; 117 118 119 120 /** 121 * Creates a new retire password request control with the specified 122 * criticality. 123 * 124 * @param isCritical Indicates whether the control should be considered 125 * critical. 126 */ 127 public RetirePasswordRequestControl(final boolean isCritical) 128 { 129 super(RETIRE_PASSWORD_REQUEST_OID, isCritical, null); 130 } 131 132 133 134 /** 135 * Creates a new retire password request control which is decoded from the 136 * provided generic control. 137 * 138 * @param control The generic control to be decoded as a retire password 139 * request control. 140 * 141 * @throws LDAPException If the provided control cannot be decoded as a 142 * retire password request control. 143 */ 144 public RetirePasswordRequestControl(final Control control) 145 throws LDAPException 146 { 147 super(control); 148 149 if (control.hasValue()) 150 { 151 throw new LDAPException(ResultCode.DECODING_ERROR, 152 ERR_RETIRE_PASSWORD_REQUEST_CONTROL_HAS_VALUE.get()); 153 } 154 } 155 156 157 158 /** 159 * {@inheritDoc} 160 */ 161 @Override() 162 public String getControlName() 163 { 164 return INFO_CONTROL_NAME_RETIRE_PASSWORD_REQUEST.get(); 165 } 166 167 168 169 /** 170 * {@inheritDoc} 171 */ 172 @Override() 173 public void toString(final StringBuilder buffer) 174 { 175 buffer.append("RetirePasswordRequestControl(isCritical="); 176 buffer.append(isCritical()); 177 buffer.append(')'); 178 } 179}