001/* 002 * Copyright 2013-2018 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright (C) 2015-2018 Ping Identity Corporation 007 * 008 * This program is free software; you can redistribute it and/or modify 009 * it under the terms of the GNU General Public License (GPLv2 only) 010 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 011 * as published by the Free Software Foundation. 012 * 013 * This program is distributed in the hope that it will be useful, 014 * but WITHOUT ANY WARRANTY; without even the implied warranty of 015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 016 * GNU General Public License for more details. 017 * 018 * You should have received a copy of the GNU General Public License 019 * along with this program; if not, see <http://www.gnu.org/licenses>. 020 */ 021package com.unboundid.ldap.sdk.unboundidds.controls; 022 023 024 025import com.unboundid.ldap.sdk.Control; 026import com.unboundid.ldap.sdk.LDAPException; 027import com.unboundid.ldap.sdk.ResultCode; 028import com.unboundid.util.NotMutable; 029import com.unboundid.util.ThreadSafety; 030import com.unboundid.util.ThreadSafetyLevel; 031 032import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 033 034 035 036/** 037 * This class provides a request control that can be included in a modify 038 * request or a password modify extended request in order to indicate that if 039 * the operation results in changing the password for a user, the user's former 040 * password should be purged from the entry rather than retired, and any 041 * existing retired password should also be purged. 042 * <BR> 043 * <BLOCKQUOTE> 044 * <B>NOTE:</B> This class, and other classes within the 045 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 046 * supported for use against Ping Identity, UnboundID, and Alcatel-Lucent 8661 047 * server products. These classes provide support for proprietary 048 * functionality or for external specifications that are not considered stable 049 * or mature enough to be guaranteed to work in an interoperable way with 050 * other types of LDAP servers. 051 * </BLOCKQUOTE> 052 * <BR> 053 * This control has an OID of "1.3.6.1.4.1.30221.2.5.32" and does not have a 054 * value. The criticality may be either true (in which case the operation will 055 * succeed only if the user's password policy allows passwords to be retired by 056 * a request control) or false (in which case if the password policy does not 057 * allow the use of this control, the operation will be processed as if the 058 * control had not been included in the request). 059 * <BR><BR> 060 * <H2>Example</H2> 061 * The following example demonstrates the use of the purge password request 062 * control to request that a user's current password be purged in the course of 063 * a password change. 064 * <PRE> 065 * Control[] requestControls = 066 * { 067 * new PurgePasswordRequestControl(true) 068 * }; 069 * 070 * PasswordModifyExtendedRequest passwordModifyRequest = 071 * new PasswordModifyExtendedRequest( 072 * "uid=test.user,ou=People,dc=example,dc=com", // The user to update 073 * null, // The current password -- we don't know it. 074 * "newPassword", // The new password to assign to the user. 075 * requestControls); // The controls to include in the request. 076 * PasswordModifyExtendedResult passwordModifyResult = 077 * (PasswordModifyExtendedResult) 078 * connection.processExtendedOperation(passwordModifyRequest); 079 * </PRE> 080 * 081 * @see RetirePasswordRequestControl 082 */ 083@NotMutable() 084@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 085public final class PurgePasswordRequestControl 086 extends Control 087{ 088 /** 089 * The OID (1.3.6.1.4.1.30221.2.5.32) for the purge password request control. 090 */ 091 public static final String PURGE_PASSWORD_REQUEST_OID = 092 "1.3.6.1.4.1.30221.2.5.32"; 093 094 095 096 /** 097 * The serial version UID for this serializable class. 098 */ 099 private static final long serialVersionUID = -3756801088881565921L; 100 101 102 103 /** 104 * Creates a new retire password request control with the specified 105 * criticality. 106 * 107 * @param isCritical Indicates whether the control should be considered 108 * critical. 109 */ 110 public PurgePasswordRequestControl(final boolean isCritical) 111 { 112 super(PURGE_PASSWORD_REQUEST_OID, isCritical, null); 113 } 114 115 116 117 /** 118 * Creates a new retire password request control which is decoded from the 119 * provided generic control. 120 * 121 * @param control The generic control to be decoded as a retire password 122 * request control. 123 * 124 * @throws LDAPException If the provided control cannot be decoded as a 125 * retire password request control. 126 */ 127 public PurgePasswordRequestControl(final Control control) 128 throws LDAPException 129 { 130 super(control); 131 132 if (control.hasValue()) 133 { 134 throw new LDAPException(ResultCode.DECODING_ERROR, 135 ERR_PURGE_PASSWORD_REQUEST_CONTROL_HAS_VALUE.get()); 136 } 137 } 138 139 140 141 /** 142 * {@inheritDoc} 143 */ 144 @Override() 145 public String getControlName() 146 { 147 return INFO_CONTROL_NAME_PURGE_PASSWORD_REQUEST.get(); 148 } 149 150 151 152 /** 153 * {@inheritDoc} 154 */ 155 @Override() 156 public void toString(final StringBuilder buffer) 157 { 158 buffer.append("PurgePasswordRequestControl(isCritical="); 159 buffer.append(isCritical()); 160 buffer.append(')'); 161 } 162}