com.sun.jndi.ldap.ctl
Class PasswordExpiredResponseControl

java.lang.Object
  extended by com.sun.jndi.ldap.BasicControl
      extended by com.sun.jndi.ldap.ctl.PasswordExpiredResponseControl
All Implemented Interfaces:
java.io.Serializable, javax.naming.ldap.Control

public class PasswordExpiredResponseControl
extends com.sun.jndi.ldap.BasicControl

This class implements the LDAP response control for password expired notification. The password expired control is received if password needs to be changed when the user logs into newly created account. The control is also received if the user needs to change the password upon its reset.

This control should be checked whenever a LDAP bind operation is performed as a result of operations on the context such as when a new initial context is created or when InitialLdapContext.reconnect is called.

Note that if the password is not changed when the control is received during the creation of the context, or after reconnecting, the subsequent LDAP operations on the context will fail and the PasswordExpired control is received.

The Password Expired control is defined in draft-vchu-ldap-pwd-policy-00.txt

The object identifier for Password Expired control is 2.16.840.1.113730.3.4.4 and the control has no value.

The following code sample shows how the control may be used:


     // create an initial context using the supplied environment properties
     LdapContext ctx = new InitialLdapContext(env, null);
     retrieveControls(ctx); 
    
     try { 
         // Do some operations on the context
         ctx.lookup("");
     } catch (javax.naming.OperationNotSupportedException e) { 
         retrieveControls(ctx); 
     }


    public static void printControls(DirContext ctx)
        Control[] respControls;

        // retrieve response controls
        if ((respControls = ctx.getResponseControls()) != null) {
            for (int i = 0; i < respControls.length; i++) {
         
                // locate the password expired control
                if (respControls[i] instanceof PasswordExpiredResponseControl) {
                      System.out.println("Password has expired," +
                                " please change the password");
              }
          }
    }

 

Author:
Vincent Ryan
See Also:
PasswordExpiringResponseControl, Serialized Form

Field Summary
static java.lang.String OID
          The password expired control's assigned object identifier is 2.16.840.1.113730.3.4.4.
private static long serialVersionUID
           
 
Fields inherited from class com.sun.jndi.ldap.BasicControl
criticality, id, value
 
Fields inherited from interface javax.naming.ldap.Control
CRITICAL, NONCRITICAL
 
Constructor Summary
PasswordExpiredResponseControl(java.lang.String id, boolean criticality, byte[] value)
          Constructs a control to notify of password expiration.
 
Method Summary
 
Methods inherited from class com.sun.jndi.ldap.BasicControl
getEncodedValue, getID, isCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

serialVersionUID

private static final long serialVersionUID
See Also:
Constant Field Values

OID

public static final java.lang.String OID
The password expired control's assigned object identifier is 2.16.840.1.113730.3.4.4.

See Also:
Constant Field Values
Constructor Detail

PasswordExpiredResponseControl

PasswordExpiredResponseControl(java.lang.String id,
                               boolean criticality,
                               byte[] value)
Constructs a control to notify of password expiration.

Parameters:
id - The control's object identifier string.
criticality - The control's criticality.
value - The control's ASN.1 BER encoded value. May be null.
Throws:
IOException - if an error is encountered while decoding the control's value.