Class LdapPasswordManagementProperties
java.lang.Object
org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties
org.apereo.cas.configuration.model.support.ldap.AbstractLdapSearchProperties
org.apereo.cas.configuration.model.support.pm.LdapPasswordManagementProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-support-pm-ldap")
public class LdapPasswordManagementProperties
extends AbstractLdapSearchProperties
This is
LdapPasswordManagementProperties
.- Since:
- 6.2.0
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties
AbstractLdapProperties.LdapConnectionPoolPassivator, AbstractLdapProperties.LdapConnectionStrategy, AbstractLdapProperties.LdapHostnameVerifierOptions, AbstractLdapProperties.LdapTrustManagerOptions, AbstractLdapProperties.LdapType
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionName of LDAP attribute that represents the account locked status.String[]
When CAS is about to unlock the user account, it will use theaccountLockedAttribute
setting to locate the appropriate attribute for the user entry.Collection of attribute names that indicate security questions answers.getType()
The specific variant of LDAP based on which update operations will be constructed.Username attribute required by LDAP.setAccountLockedAttribute
(String accountLockedAttribute) Name of LDAP attribute that represents the account locked status.setAccountUnlockedAttributeValues
(String[] accountUnlockedAttributeValues) When CAS is about to unlock the user account, it will use theaccountLockedAttribute
setting to locate the appropriate attribute for the user entry.setSecurityQuestionsAttributes
(Map<String, String> securityQuestionsAttributes) Collection of attribute names that indicate security questions answers.The specific variant of LDAP based on which update operations will be constructed.setUsernameAttribute
(String usernameAttribute) Username attribute required by LDAP.Methods inherited from class org.apereo.cas.configuration.model.support.ldap.AbstractLdapSearchProperties
getBaseDn, getPageSize, getSearchEntryHandlers, getSearchFilter, isSubtreeSearch, setBaseDn, setPageSize, setSearchEntryHandlers, setSearchFilter, setSubtreeSearch
Methods inherited from class org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties
getBinaryAttributes, getBindCredential, getBindDn, getBlockWaitTime, getConnectionStrategy, getConnectTimeout, getHostnameVerifier, getIdleTime, getKeystore, getKeystorePassword, getKeystoreType, getLdapUrl, getMaxPoolSize, getMinPoolSize, getName, getPoolPassivator, getPrunePeriod, getResponseTimeout, getSaslAuthorizationId, getSaslMechanism, getSaslMutualAuth, getSaslQualityOfProtection, getSaslRealm, getSaslSecurityStrength, getTrustCertificates, getTrustManager, getTrustStore, getTrustStorePassword, getTrustStoreType, getValidatePeriod, getValidateTimeout, getValidator, isAllowMultipleDns, isAllowMultipleEntries, isDisablePooling, isFailFast, isFollowReferrals, isUseStartTls, isValidateOnCheckout, isValidatePeriodically, setAllowMultipleDns, setAllowMultipleEntries, setBinaryAttributes, setBindCredential, setBindDn, setBlockWaitTime, setConnectionStrategy, setConnectTimeout, setDisablePooling, setFailFast, setFollowReferrals, setHostnameVerifier, setIdleTime, setKeystore, setKeystorePassword, setKeystoreType, setLdapUrl, setMaxPoolSize, setMinPoolSize, setName, setPoolPassivator, setPrunePeriod, setResponseTimeout, setSaslAuthorizationId, setSaslMechanism, setSaslMutualAuth, setSaslQualityOfProtection, setSaslRealm, setSaslSecurityStrength, setTrustCertificates, setTrustManager, setTrustStore, setTrustStorePassword, setTrustStoreType, setUseStartTls, setValidateOnCheckout, setValidatePeriod, setValidatePeriodically, setValidateTimeout, setValidator
-
Constructor Details
-
LdapPasswordManagementProperties
public LdapPasswordManagementProperties()
-
-
Method Details
-
getSecurityQuestionsAttributes
Collection of attribute names that indicate security questions answers. This is done via a key-value structure where the key is the attribute name for the security question and the value is the attribute name for the answer linked to the question. -
getAccountLockedAttribute
Name of LDAP attribute that represents the account locked status. The value of the attribute is typically set to"true"
if the account is ever updated to indicated a locked status. For Active Directory, this attribute might be calledlockoutTime
. -
getAccountUnlockedAttributeValues
When CAS is about to unlock the user account, it will use theaccountLockedAttribute
setting to locate the appropriate attribute for the user entry. This attribute will then be assigned the value(s) defined here to unlock the account.For Active Directory and in scenarios where
accountLockedAttribute
is set tolockoutTime
, this value might be set to zero. A value of zero means that the account is not currently locked out.Note that the value defined here may be treated as case sensitive by the LDAP server.
-
getType
The specific variant of LDAP based on which update operations will be constructed. Accepted values are: *AD
GENERIC
FreeIPA
EDirectory
-
getUsernameAttribute
Username attribute required by LDAP. -
setSecurityQuestionsAttributes
public LdapPasswordManagementProperties setSecurityQuestionsAttributes(Map<String, String> securityQuestionsAttributes) Collection of attribute names that indicate security questions answers. This is done via a key-value structure where the key is the attribute name for the security question and the value is the attribute name for the answer linked to the question.- Returns:
this
.
-
setAccountLockedAttribute
Name of LDAP attribute that represents the account locked status. The value of the attribute is typically set to"true"
if the account is ever updated to indicated a locked status. For Active Directory, this attribute might be calledlockoutTime
.- Returns:
this
.
-
setAccountUnlockedAttributeValues
public LdapPasswordManagementProperties setAccountUnlockedAttributeValues(String[] accountUnlockedAttributeValues) When CAS is about to unlock the user account, it will use theaccountLockedAttribute
setting to locate the appropriate attribute for the user entry. This attribute will then be assigned the value(s) defined here to unlock the account.For Active Directory and in scenarios where
accountLockedAttribute
is set tolockoutTime
, this value might be set to zero. A value of zero means that the account is not currently locked out.Note that the value defined here may be treated as case sensitive by the LDAP server.
- Returns:
this
.
-
setType
The specific variant of LDAP based on which update operations will be constructed. Accepted values are: *AD
GENERIC
FreeIPA
EDirectory
- Returns:
this
.
-
setUsernameAttribute
Username attribute required by LDAP.- Returns:
this
.
-