Package org.bremersee.spring.security.ldaptive.authentication.provider

Class ActiveDirectoryAccountControlEvaluator

java.lang.Object

org.bremersee.spring.security.ldaptive.authentication.provider.ActiveDirectoryAccountControlEvaluator

All Implemented Interfaces:

AccountControlEvaluator

public class ActiveDirectoryAccountControlEvaluator
extends Object
implements AccountControlEvaluator

Evaluator of the ldap attributes userAccountControl and accountExpires of an Active Directory.

Author:

Christian Bremer

Constructor Summary

Constructors

Constructor	Description
ActiveDirectoryAccountControlEvaluator()

Method Summary

Modifier and Type	Method	Description
boolean	isAccountNonExpired(org.ldaptive.LdapEntry ldapEntry)	Indicates whether the user's account has expired.
boolean	isAccountNonLocked(org.ldaptive.LdapEntry ldapEntry)	Indicates whether the user is locked or unlocked.
boolean	isCredentialsNonExpired(org.ldaptive.LdapEntry ldapEntry)	Indicates whether the user's credentials (password) has expired.
boolean	isEnabled(org.ldaptive.LdapEntry ldapEntry)	Indicates whether the user is enabled or disabled.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ActiveDirectoryAccountControlEvaluator

public ActiveDirectoryAccountControlEvaluator()

Method Details

isAccountNonExpired

public boolean isAccountNonExpired(org.ldaptive.LdapEntry ldapEntry)

Description copied from interface: AccountControlEvaluator

Indicates whether the user's account has expired. An expired account cannot be authenticated.

Specified by:

isAccountNonExpired in interface AccountControlEvaluator

Parameters:

ldapEntry - the ldap entry

Returns:

true if the user's account is valid (ie non-expired), false if no longer valid (ie expired)

isAccountNonLocked

public boolean isAccountNonLocked(org.ldaptive.LdapEntry ldapEntry)

Description copied from interface: AccountControlEvaluator

Indicates whether the user is locked or unlocked. A locked user cannot be authenticated.

Specified by:

isAccountNonLocked in interface AccountControlEvaluator

Parameters:

ldapEntry - the ldap entry

Returns:

true if the user is not locked, false otherwise

isCredentialsNonExpired

public boolean isCredentialsNonExpired(org.ldaptive.LdapEntry ldapEntry)

Description copied from interface: AccountControlEvaluator

Indicates whether the user's credentials (password) has expired. Expired credentials prevent authentication.

Specified by:

isCredentialsNonExpired in interface AccountControlEvaluator

Parameters:

ldapEntry - the ldap entry

Returns:

true if the user's credentials are valid (ie non-expired), false if no longer valid (ie expired)

isEnabled

public boolean isEnabled(org.ldaptive.LdapEntry ldapEntry)

Description copied from interface: AccountControlEvaluator

Indicates whether the user is enabled or disabled. A disabled user cannot be authenticated.

Specified by:

isEnabled in interface AccountControlEvaluator

Parameters:

ldapEntry - the ldap entry

Returns:

true if the user is enabled, false otherwise