[英]Get reason for Password Policy Violation from Red Hat Directory Server via UnboundID LDAPSDK
我試圖使用UnboundID LDAPSDK並連接到Red Hat Directory Server來提取拒絕某個密碼的原因。 但是,執行以下請求后:
PasswordModifyExtendedRequest passwordModifyExtendedRequest = new PasswordModifyExtendedRequest(userDN, currPassword, newPassword, new Control[]{new Control("1.3.6.1.4.1.42.2.27.8.5.1")});
passwordModifyExtendedRequest.setResponseTimeoutMillis(1000);
LDAPConnection ldapConnection = ldapManager.getLdapConnection();
PasswordModifyExtendedResult extendedResult = (PasswordModifyExtendedResult) ldapConnection.processExtendedOperation(passwordModifyExtendedRequest);
System.out.println(extendedResult);
我將其作為響應(描述性不足):
PasswordModifyExtendedResult(resultCode=19 (constraint violation), messageID=2, diagnosticMessage='Failed to update password', responseControls={PasswordPolicyResponseControl(errorType='insufficient password quality', isCritical=false)})
但是,當我通過Apache Directory Studio更改密碼時,它會提供非常好的錯誤消息:
[LDAP: error code 19 - invalid password syntax - password must be at least 8 characters long]
例如,在ApacheDS上使用時,它返回以下內容(也可以):
[LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for MessageType : MODIFY_REQUEST Message ID : 15 Modify Request Object : 'cn=josef,ou=users,o=test' Modification[0] Operation : replace Modification userPassword: 0x70 0x65 0x70 0x61 org.apache.directory.api.ldap.model.message.ModifyRequestImpl@196d9db6: Password should have a minimum of 5 characters]
問題是,有沒有辦法獲取Apache Directory Studio設法獲取的信息? 我嘗試搜索他們的代碼庫 ,但找不到它。
換句話說,我需要以某種方式獲得“密碼必須至少8個字符長” 。
使用常規的ModifyRequest
找到了一個解決方案,如下所示:
// ...
import com.unboundid.util.Base64;
// ...
Modification passwordReplacementModification = new Modification(
ModificationType.REPLACE, "userPassword",
newPassword.getBytes());
ModifyRequest modifyRequest = new ModifyRequest(
user.getDn(), passwordReplacementModification);
LDAPResult modifyResult = ldapManager.getLdapConnectionAsAdmin().modify(modifyRequest);
這導致以下異常:
LDAPException(resultCode=19 (constraint violation), errorMessage='invalid password syntax - password must contain at least 1 uppercase characters', diagnosticMessage='invalid password syntax - password must contain at least 1 uppercase characters', ldapSDKVersion=4.0.1, revision='26090')
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.