Package org.apereo.cas.configuration.model.core.authentication

Class PasswordPolicyProperties

java.lang.Object
org.apereo.cas.configuration.model.core.authentication.PasswordPolicyProperties
All Implemented Interfaces:
Serializable
Direct Known Subclasses:
LdapPasswordPolicyProperties
@RequiresModule(name="cas-server-core-authentication", automated=true) public class PasswordPolicyProperties extends Object implements Serializable
Configuration properties class for password.policy.
Since:
5.0.0
See Also:

  • Constructor Details

    • PasswordPolicyProperties

      public PasswordPolicyProperties()

  • Method Details

    • getStrategy

      public PasswordPolicyProperties.PasswordPolicyHandlingOptions getStrategy()
      Decide how authentication should handle password policy changes.

    • getPolicyAttributes

      public Map<String,Class<? extends LoginException>> getPolicyAttributes()
      Key-value structure (Map) that indicates a list of boolean attributes as keys. If either attribute value is true, indicating an account state is flagged, the corresponding error can be thrown. Example accountLocked=javax.security.auth.login.AccountLockedException

    • isEnabled

      public boolean isEnabled()
      Whether password policy should be enabled.

    • isAccountStateHandlingEnabled

      public boolean isAccountStateHandlingEnabled()
      Indicates whether account state handling should be enabled to process warnings or errors reported back from the authentication response, produced by the source.

    • getLoginFailures

      public int getLoginFailures()
      When dealing with FreeIPA, indicates the number of allows login failures.

    • getWarningAttributeValue

      public String getWarningAttributeValue()
      Used by an account state handling policy that only calculates account warnings in case the entry carries an attribute warningAttributeName whose value matches this field.

    • getWarningAttributeName

      public String getWarningAttributeName()
      Used by an account state handling policy that only calculates account warnings in case the entry carries this attribute.

    • isDisplayWarningOnMatch

      public boolean isDisplayWarningOnMatch()
      Indicates if warning should be displayed, when the ldap attribute value matches the warningAttributeValue.

    • isWarnAll

      public boolean isWarnAll()
      Always display the password expiration warning regardless.

    • getWarningDays

      public int getWarningDays()
      This is used to calculate a warning period to see if account expiry is within the calculated window.

    • getGroovy

      public GroovyPasswordPolicyProperties getGroovy()
      Handle password policy via Groovy script.

    • setStrategy

      public PasswordPolicyProperties setStrategy(PasswordPolicyProperties.PasswordPolicyHandlingOptions strategy)
      Decide how authentication should handle password policy changes.
      Returns:
      this.

    • setPolicyAttributes

      public PasswordPolicyProperties setPolicyAttributes(Map<String,Class<? extends LoginException>> policyAttributes)
      Key-value structure (Map) that indicates a list of boolean attributes as keys. If either attribute value is true, indicating an account state is flagged, the corresponding error can be thrown. Example accountLocked=javax.security.auth.login.AccountLockedException
      Returns:
      this.

    • setEnabled

      public PasswordPolicyProperties setEnabled(boolean enabled)
      Whether password policy should be enabled.
      Returns:
      this.

    • setAccountStateHandlingEnabled

      public PasswordPolicyProperties setAccountStateHandlingEnabled(boolean accountStateHandlingEnabled)
      Indicates whether account state handling should be enabled to process warnings or errors reported back from the authentication response, produced by the source.
      Returns:
      this.

    • setLoginFailures

      public PasswordPolicyProperties setLoginFailures(int loginFailures)
      When dealing with FreeIPA, indicates the number of allows login failures.
      Returns:
      this.

    • setWarningAttributeValue

      public PasswordPolicyProperties setWarningAttributeValue(String warningAttributeValue)
      Used by an account state handling policy that only calculates account warnings in case the entry carries an attribute warningAttributeName whose value matches this field.
      Returns:
      this.

    • setWarningAttributeName

      public PasswordPolicyProperties setWarningAttributeName(String warningAttributeName)
      Used by an account state handling policy that only calculates account warnings in case the entry carries this attribute.
      Returns:
      this.

    • setDisplayWarningOnMatch

      public PasswordPolicyProperties setDisplayWarningOnMatch(boolean displayWarningOnMatch)
      Indicates if warning should be displayed, when the ldap attribute value matches the warningAttributeValue.
      Returns:
      this.

    • setWarnAll

      public PasswordPolicyProperties setWarnAll(boolean warnAll)
      Always display the password expiration warning regardless.
      Returns:
      this.

    • setWarningDays

      public PasswordPolicyProperties setWarningDays(int warningDays)
      This is used to calculate a warning period to see if account expiry is within the calculated window.
      Returns:
      this.

    • setGroovy

      public PasswordPolicyProperties setGroovy(GroovyPasswordPolicyProperties groovy)
      Handle password policy via Groovy script.
      Returns:
      this.