private void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, ProtectedStringType protectedString, MetadataType passwordMetadata,
CredentialPolicyType passwordCredentialsPolicy) {
if (protectedString == null) {
recordAuthenticationFailure(principal, connEnv, "no stored password value");
throw new AuthenticationCredentialsNotFoundException("web.security.provider.password.bad");
}
if (passwordCredentialsPolicy == null) {
return;
}
Duration maxAge = passwordCredentialsPolicy.getMaxAge();
if (maxAge != null) {
XMLGregorianCalendar changeTimestamp = MiscSchemaUtil.getChangeTimestamp(passwordMetadata);
if (changeTimestamp != null) {
XMLGregorianCalendar passwordValidUntil = XmlTypeConverter.addDuration(changeTimestamp, maxAge);
if (clock.isPast(passwordValidUntil)) {
recordAuthenticationFailure(principal, connEnv, "password expired");
throw new CredentialsExpiredException("web.security.provider.credential.expired");
}
}
}
}
AuthenticationEvaluatorImpl.java 文件源码
java
阅读 25
收藏 0
点赞 0
评论 0
项目:midpoint
作者:
评论列表
文章目录
