001/* 002 * Copyright 2013-2020 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2013-2020 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2015-2020 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import com.unboundid.ldap.sdk.Control; 041import com.unboundid.ldap.sdk.LDAPException; 042import com.unboundid.ldap.sdk.ResultCode; 043import com.unboundid.util.NotMutable; 044import com.unboundid.util.ThreadSafety; 045import com.unboundid.util.ThreadSafetyLevel; 046 047import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 048 049 050 051/** 052 * This class provides a request control that can be included in a modify 053 * request or a password modify extended request in order to indicate that if 054 * the operation results in changing the password for a user, the user's former 055 * password should be purged from the entry rather than retired, and any 056 * existing retired password should also be purged. 057 * <BR> 058 * <BLOCKQUOTE> 059 * <B>NOTE:</B> This class, and other classes within the 060 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 061 * supported for use against Ping Identity, UnboundID, and 062 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 063 * for proprietary functionality or for external specifications that are not 064 * considered stable or mature enough to be guaranteed to work in an 065 * interoperable way with other types of LDAP servers. 066 * </BLOCKQUOTE> 067 * <BR> 068 * This control has an OID of "1.3.6.1.4.1.30221.2.5.32" and does not have a 069 * value. The criticality may be either true (in which case the operation will 070 * succeed only if the user's password policy allows passwords to be retired by 071 * a request control) or false (in which case if the password policy does not 072 * allow the use of this control, the operation will be processed as if the 073 * control had not been included in the request). 074 * <BR><BR> 075 * <H2>Example</H2> 076 * The following example demonstrates the use of the purge password request 077 * control to request that a user's current password be purged in the course of 078 * a password change. 079 * <PRE> 080 * Control[] requestControls = 081 * { 082 * new PurgePasswordRequestControl(true) 083 * }; 084 * 085 * PasswordModifyExtendedRequest passwordModifyRequest = 086 * new PasswordModifyExtendedRequest( 087 * "uid=test.user,ou=People,dc=example,dc=com", // The user to update 088 * null, // The current password -- we don't know it. 089 * "newPassword", // The new password to assign to the user. 090 * requestControls); // The controls to include in the request. 091 * PasswordModifyExtendedResult passwordModifyResult = 092 * (PasswordModifyExtendedResult) 093 * connection.processExtendedOperation(passwordModifyRequest); 094 * </PRE> 095 * 096 * @see RetirePasswordRequestControl 097 */ 098@NotMutable() 099@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 100public final class PurgePasswordRequestControl 101 extends Control 102{ 103 /** 104 * The OID (1.3.6.1.4.1.30221.2.5.32) for the purge password request control. 105 */ 106 public static final String PURGE_PASSWORD_REQUEST_OID = 107 "1.3.6.1.4.1.30221.2.5.32"; 108 109 110 111 /** 112 * The serial version UID for this serializable class. 113 */ 114 private static final long serialVersionUID = -3756801088881565921L; 115 116 117 118 /** 119 * Creates a new retire password request control with the specified 120 * criticality. 121 * 122 * @param isCritical Indicates whether the control should be considered 123 * critical. 124 */ 125 public PurgePasswordRequestControl(final boolean isCritical) 126 { 127 super(PURGE_PASSWORD_REQUEST_OID, isCritical, null); 128 } 129 130 131 132 /** 133 * Creates a new retire password request control which is decoded from the 134 * provided generic control. 135 * 136 * @param control The generic control to be decoded as a retire password 137 * request control. 138 * 139 * @throws LDAPException If the provided control cannot be decoded as a 140 * retire password request control. 141 */ 142 public PurgePasswordRequestControl(final Control control) 143 throws LDAPException 144 { 145 super(control); 146 147 if (control.hasValue()) 148 { 149 throw new LDAPException(ResultCode.DECODING_ERROR, 150 ERR_PURGE_PASSWORD_REQUEST_CONTROL_HAS_VALUE.get()); 151 } 152 } 153 154 155 156 /** 157 * {@inheritDoc} 158 */ 159 @Override() 160 public String getControlName() 161 { 162 return INFO_CONTROL_NAME_PURGE_PASSWORD_REQUEST.get(); 163 } 164 165 166 167 /** 168 * {@inheritDoc} 169 */ 170 @Override() 171 public void toString(final StringBuilder buffer) 172 { 173 buffer.append("PurgePasswordRequestControl(isCritical="); 174 buffer.append(isCritical()); 175 buffer.append(')'); 176 } 177}