[ Index ]

PHP Cross Reference of Unnamed Project

title

Body

[close]

/se3-unattended/var/se3/unattended/install/linuxaux/opt/perl/lib/site_perl/5.10.0/Net/LDAP/Control/ -> PasswordPolicy.pm (source)

   1  # Copyright (c) 2008 Chris Ridd <chris.ridd@isode.com>. All rights reserved.
   2  # This program is free software; you can redistribute it and/or
   3  # modify it under the same terms as Perl itself.
   4  
   5  package Net::LDAP::Control::PasswordPolicy;
   6  
   7  use vars qw(@ISA $VERSION);
   8  use Net::LDAP::Control;
   9  
  10  @ISA = qw(Net::LDAP::Control);
  11  $VERSION = "0.02";
  12  
  13  use Net::LDAP::ASN qw(ppControlResponse);
  14  use strict;
  15  
  16  sub init {
  17    my($self) = @_;
  18  
  19    delete $self->{asn};
  20  
  21    unless (exists $self->{value}) {
  22      $self->{asn} = \my %asn;
  23      if (defined($self->{time_before_expiration})) {
  24        $asn{warning}{timeBeforeExpiration} = defined($self->{time_before_expiration});
  25      }
  26      elsif (defined($self->{grace_authentications_remaining})) {
  27        $asn{warning}{graceAuthNsRemaining} = $self->{time_before_expiration};
  28      }
  29      if (defined($self->{pp_error})) {
  30        $asn{error} = $self->{pp_error};
  31      }
  32    }
  33  
  34    $self;
  35  }
  36  
  37  sub time_before_expiration {
  38    my $self = shift;
  39    $self->{asn} ||= $ppControlResponse->decode($self->{value});
  40    if (@_) {
  41      delete $self->{value};
  42      my $time = shift;
  43      if (defined $time) {
  44        $self->{asn}{warning} = { timeBeforeExpiration => $time };
  45      }
  46      elsif (my $warning = $self->{asn}{warning}) {
  47        if (exists $warning->{timeBeforeExpiration}) {
  48          delete $self->{asn}{warning};
  49        }
  50      }
  51      return $time;
  52    }
  53    my $warning = $self->{asn}{warning};
  54    $warning && $warning->{timeBeforeExpiration};
  55  }
  56  
  57  sub grace_authentications_remaining {
  58    my $self = shift;
  59    $self->{asn} ||= $ppControlResponse->decode($self->{value});
  60    if (@_) {
  61      delete $self->{value};
  62      my $remaining = shift;
  63      if (defined $remaining) {
  64        $self->{asn}{warning} = { graceAuthNsRemaining => $remaining };
  65      }
  66      elsif (my $warning = $self->{asn}{warning}) {
  67        if (exists $warning->{graceAuthNsRemaining}) {
  68          delete $self->{asn}{warning};
  69        }
  70      }
  71      return $remaining;
  72    }
  73    my $warning = $self->{asn}{warning};
  74    $warning && $warning->{graceAuthNsRemaining};
  75  }
  76  
  77  sub pp_error {
  78    my $self = shift;
  79    $self->{asn} ||= $ppControlResponse->decode($self->{value});
  80    if (@_) {
  81      delete $self->{value};
  82      return $self->{asn}{error} = shift;
  83    }
  84    $self->{asn}{error};
  85  }
  86  
  87  sub value {
  88    my $self = shift;
  89    return $self->{value} if exists $self->{value};
  90    my $asn = $self->{asn};
  91    # Return undef if all optional values are missing
  92    return undef unless $asn and (defined $asn->{error} or $asn->{warning});
  93    $self->{value} = $ppControlResponse->encode($self->{asn});
  94  }
  95  
  96  1;
  97  
  98  __END__
  99  
 100  =head1 NAME
 101  
 102  Net::LDAP::Control::PasswordPolicy - LDAPv3 Password Policy control object
 103  
 104  =head1 SYNOPSIS
 105  
 106   use Net::LDAP;
 107   use Net::LDAP::Control::PasswordPolicy;
 108   use Net::LDAP::Constant qw( LDAP_CONTROL_PASSWORDPOLICY );
 109  
 110   $ldap = Net::LDAP->new( "ldap.example.com" );
 111  
 112   $pp = Net::LDAP::Control::PasswordPolicy->new;
 113  
 114   $mesg = $ldap->bind( "cn=Bob Smith,dc=example,dc=com",
 115                        password => "secret",
 116                        control => [ $pp ] );
 117  
 118   # Get password policy reponse
 119   my($resp)  = $mesg->control( LDAP_CONTROL_PASSWORDPOLICY );
 120  
 121   if (defined($resp)) {
 122     my $v = $resp->pp_error;
 123     print "Password policy error $v\n" if defined $v;
 124     $v = $resp->time_before_expiration;
 125     print "Password expires in $v second(s)\n" if defined $v;
 126   }
 127  
 128  =head1 DESCRIPTION
 129  
 130  C<Net::LDAP::Control::PasswordPolicy> provides an interface for the
 131  creation and manipulation of objects that represent
 132  C<PasswordPolicyRequest>s and C<PasswordPolicyResponse>s as described by
 133  draft-behera-password-policy-09.
 134  
 135  This control can be passed to most operations, including the bind.
 136  
 137  =head1 CONSTRUCTOR ARGUMENTS
 138  
 139  There are no constructor arguments other than those provided by
 140  L<Net::LDAP::Control>.
 141  
 142  =head1 METHODS
 143  
 144  =over 4
 145  
 146  =item time_before_expiration
 147  
 148  If defined, this is an integer value holding the time left in seconds
 149  before the account's password will expire.
 150  
 151  =item grace_authentications_remaining
 152  
 153  If defined, this is an integer value holding the number of
 154  authentication requests allowed before the account is locked.
 155  
 156  =item pp_error
 157  
 158  If defined, this contains a more detailed error code for the account.
 159  See L<Net::LDAP::Constant> for definitions of each.
 160  Values can include:
 161  
 162  =over 4
 163  
 164  =item LDAP_PP_PASSWORD_EXPIRED
 165  
 166  =item LDAP_PP_ACCOUNT_LOCKED
 167  
 168  =item LDAP_PP_CHANGE_AFTER_RESET
 169  
 170  =item LDAP_PP_PASSWORD_MOD_NOT_ALLOWED
 171  
 172  =item LDAP_PP_MUST_SUPPLY_OLD_PASSWORD
 173  
 174  =item LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY
 175  
 176  =item LDAP_PP_PASSWORD_TOO_SHORT
 177  
 178  =item LDAP_PP_PASSWORD_TOO_YOUNG
 179  
 180  =item LDAP_PP_PASSWORD_IN_HISTORY
 181  
 182  =back
 183  
 184  =back
 185  
 186  =head1 SEE ALSO
 187  
 188  L<Net::LDAP>,
 189  L<Net::LDAP::Control>,
 190  L<Net::LDAP::Constant>,
 191  draft-behera-ldap-password-policy-09.txt
 192  
 193  =head1 AUTHOR
 194  
 195  Chris Ridd E<lt>chris.ridd@isode.comE<gt>
 196  
 197  Please report any bugs, or post any suggestions, to the perl-ldap
 198  mailing list E<lt>perl-ldap@perl.orgE<gt>
 199  
 200  =head1 COPYRIGHT
 201  
 202  Copyright (c) 2008 Chris Ridd. All rights reserved. This program is
 203  free software; you can redistribute it and/or modify it under the same
 204  terms as Perl itself.
 205  
 206  =cut
 207  


Generated: Tue Mar 17 22:47:18 2015 Cross-referenced by PHPXref 0.7.1