Announcement Announcement Module
Collapse
No announcement yet.
Why PasswordPolicyAwareContextSource doesn't throw exception for expired passwords? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Why PasswordPolicyAwareContextSource doesn't throw exception for expired passwords?

    I am using org.springframework.security.ldap.ppolicy.Password PolicyAwareContextSource to connect to an OpenLDAP server with ppolicy enabled.
    I am binding with an account that its password is expired but I never get PasswordPolicyException.
    By browsing the source code (spring-security-ldap-3.1.0) I can see that a PasswordPolicyExceptions is thrown only when an account is locked. Why is that?
    In order to get PasswordPolicyExceptions, I 've replaced the original code:
    <original code>
    if (ctrl != null) {
    if (ctrl.isLocked()) {
    throw new PasswordPolicyException(ctrl.getErrorStatus());
    }
    }
    </original code>
    with:
    <my code>
    if (ctrl != null && ctrl.getErrorStatus()!=null) {
    throw new PasswordPolicyException(ctrl.getErrorStatus());
    }
    </my code>

    I don't know if it' s the "right" way, but it seems to work. Any comments?

    Thanks
Working...
X