通过 UnboundID LDAPSDK 从 Red Hat Directory Server 获取密码策略违规的原因
Get reason for Password Policy Violation from Red Hat Directory Server via UnboundID LDAPSDK
我正在尝试使用 UnboundID LDAPSDK and connecting to Red Hat Directory Server 提取特定密码被拒绝的原因。
但是,执行以下请求后:
PasswordModifyExtendedRequest passwordModifyExtendedRequest = new PasswordModifyExtendedRequest(userDN, currPassword, newPassword, new Control[]{new Control("1.3.6.1.4.1.42.2.27.8.5.1")});
passwordModifyExtendedRequest.setResponseTimeoutMillis(1000);
LDAPConnection ldapConnection = ldapManager.getLdapConnection();
PasswordModifyExtendedResult extendedResult = (PasswordModifyExtendedResult) ldapConnection.processExtendedOperation(passwordModifyExtendedRequest);
System.out.println(extendedResult);
我得到这个作为回应(描述性不够):
PasswordModifyExtendedResult(resultCode=19 (constraint violation), messageID=2, diagnosticMessage='Failed to update password', responseControls={PasswordPolicyResponseControl(errorType='insufficient password quality', isCritical=false)})
然而,当我通过 Apache Directory Studio 更改密码时,它提供了完美的错误消息:
[LDAP: error code 19 - invalid password syntax - password must be at least 8 characters long]
例如,它 returns 在 ApacheDS 上使用时如下(也可以):
[LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for MessageType : MODIFY_REQUEST Message ID : 15 Modify Request Object : 'cn=josef,ou=users,o=test' Modification[0] Operation : replace Modification userPassword: 0x70 0x65 0x70 0x61 org.apache.directory.api.ldap.model.message.ModifyRequestImpl@196d9db6: Password should have a minimum of 5 characters]
问题是,有没有办法获取 Apache Directory Studio 设法获取的信息?我尝试搜索他们的 codebase,但没找到。
换句话说,我需要以某种方式在响应中获取 "password must be at least 8 characters long"。
找到解决方案,使用正则ModifyRequest如下:
// ...
import com.unboundid.util.Base64;
// ...
Modification passwordReplacementModification = new Modification(
ModificationType.REPLACE, "userPassword",
newPassword.getBytes());
ModifyRequest modifyRequest = new ModifyRequest(
user.getDn(), passwordReplacementModification);
LDAPResult modifyResult = ldapManager.getLdapConnectionAsAdmin().modify(modifyRequest);
这会导致以下异常:
LDAPException(resultCode=19 (constraint violation), errorMessage='invalid password syntax - password must contain at least 1 uppercase characters', diagnosticMessage='invalid password syntax - password must contain at least 1 uppercase characters', ldapSDKVersion=4.0.1, revision='26090')
我正在尝试使用 UnboundID LDAPSDK and connecting to Red Hat Directory Server 提取特定密码被拒绝的原因。 但是,执行以下请求后:
PasswordModifyExtendedRequest passwordModifyExtendedRequest = new PasswordModifyExtendedRequest(userDN, currPassword, newPassword, new Control[]{new Control("1.3.6.1.4.1.42.2.27.8.5.1")});
passwordModifyExtendedRequest.setResponseTimeoutMillis(1000);
LDAPConnection ldapConnection = ldapManager.getLdapConnection();
PasswordModifyExtendedResult extendedResult = (PasswordModifyExtendedResult) ldapConnection.processExtendedOperation(passwordModifyExtendedRequest);
System.out.println(extendedResult);
我得到这个作为回应(描述性不够):
PasswordModifyExtendedResult(resultCode=19 (constraint violation), messageID=2, diagnosticMessage='Failed to update password', responseControls={PasswordPolicyResponseControl(errorType='insufficient password quality', isCritical=false)})
然而,当我通过 Apache Directory Studio 更改密码时,它提供了完美的错误消息:
[LDAP: error code 19 - invalid password syntax - password must be at least 8 characters long]
例如,它 returns 在 ApacheDS 上使用时如下(也可以):
[LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for MessageType : MODIFY_REQUEST Message ID : 15 Modify Request Object : 'cn=josef,ou=users,o=test' Modification[0] Operation : replace Modification userPassword: 0x70 0x65 0x70 0x61 org.apache.directory.api.ldap.model.message.ModifyRequestImpl@196d9db6: Password should have a minimum of 5 characters]
问题是,有没有办法获取 Apache Directory Studio 设法获取的信息?我尝试搜索他们的 codebase,但没找到。
换句话说,我需要以某种方式在响应中获取 "password must be at least 8 characters long"。
找到解决方案,使用正则ModifyRequest如下:
// ...
import com.unboundid.util.Base64;
// ...
Modification passwordReplacementModification = new Modification(
ModificationType.REPLACE, "userPassword",
newPassword.getBytes());
ModifyRequest modifyRequest = new ModifyRequest(
user.getDn(), passwordReplacementModification);
LDAPResult modifyResult = ldapManager.getLdapConnectionAsAdmin().modify(modifyRequest);
这会导致以下异常:
LDAPException(resultCode=19 (constraint violation), errorMessage='invalid password syntax - password must contain at least 1 uppercase characters', diagnosticMessage='invalid password syntax - password must contain at least 1 uppercase characters', ldapSDKVersion=4.0.1, revision='26090')