【问题标题】:Get reason for Password Policy Violation from Red Hat Directory Server via UnboundID LDAPSDK通过 UnboundID LDAPSDK 从 Red Hat Directory Server 获取密码策略违规的原因
【发布时间】:2017-09-15 10:27:14
【问题描述】:

我正在尝试使用UnboundID LDAPSDK 并连接到Red Hat Directory Server 来提取某个密码被拒绝的原因。 但是,执行以下请求后:

PasswordModifyExtendedRequest passwordModifyExtendedRequest = new PasswordModifyExtendedRequest(userDN, currPassword, newPassword, new Control[]{new Control("1.3.6.1.4.1.42.2.27.8.5.1")});
passwordModifyExtendedRequest.setResponseTimeoutMillis(1000);
LDAPConnection ldapConnection = ldapManager.getLdapConnection();
PasswordModifyExtendedResult extendedResult = (PasswordModifyExtendedResult) ldapConnection.processExtendedOperation(passwordModifyExtendedRequest);
System.out.println(extendedResult);

我得到这个作为回应(描述性不够):

PasswordModifyExtendedResult(resultCode=19 (constraint violation), messageID=2, diagnosticMessage='Failed to update password', responseControls={PasswordPolicyResponseControl(errorType='insufficient password quality', isCritical=false)})

但是,当我通过Apache Directory Studio 更改密码时,它提供了非常好的错误消息:

[LDAP: error code 19 - invalid password syntax - password must be at least 8 characters long]

例如,在ApacheDS 上使用时它会返回以下内容(也可以):

[LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for MessageType : MODIFY_REQUEST Message ID : 15     Modify Request         Object : 'cn=josef,ou=users,o=test'             Modification[0]                 Operation :  replace                 Modification userPassword: 0x70 0x65 0x70 0x61 org.apache.directory.api.ldap.model.message.ModifyRequestImpl@196d9db6: Password should have a minimum of 5 characters]

问题是,有没有办法获取 Apache Directory Studio 设法获取的信息?我试过搜索他们的codebase,但找不到。

换句话说,我需要以某种方式在响应中获取“密码必须至少为 8 个字符”

【问题讨论】:

    标签: java apache redhat unboundid-ldap-sdk


    【解决方案1】:

    找到了解决方案,使用常规的ModifyRequest 如下:

    // ...
    import com.unboundid.util.Base64;
    // ...
    Modification passwordReplacementModification = new Modification(
            ModificationType.REPLACE, "userPassword",
            newPassword.getBytes());
    ModifyRequest modifyRequest = new ModifyRequest(
            user.getDn(), passwordReplacementModification);
    LDAPResult modifyResult = ldapManager.getLdapConnectionAsAdmin().modify(modifyRequest);
    

    这会导致以下异常:

    LDAPException(resultCode=19 (constraint violation), errorMessage='invalid password syntax - password must contain at least 1 uppercase characters', diagnosticMessage='invalid password syntax - password must contain at least 1 uppercase characters', ldapSDKVersion=4.0.1, revision='26090')
    

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2016-11-13
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多