"Fossies" - the Fresh Open Source Software Archive

Member "perl-ldap-0.66/lib/Net/LDAP/Control/PasswordPolicy.pm" (8 Apr 2015, 5018 Bytes) of package /linux/privat/perl-ldap-0.66.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Perl source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "PasswordPolicy.pm" see the Fossies "Dox" file reference documentation.

    1 # Copyright (c) 2008 Chris Ridd <chris.ridd@isode.com>. All rights reserved.
    2 # This program is free software; you can redistribute it and/or
    3 # modify it under the same terms as Perl itself.
    4 
    5 package Net::LDAP::Control::PasswordPolicy;
    6 
    7 use Net::LDAP::Control;
    8 
    9 our @ISA = qw(Net::LDAP::Control);
   10 our $VERSION = '0.04';
   11 
   12 use Net::LDAP::ASN qw(ppControlResponse);
   13 use strict;
   14 
   15 sub init {
   16   my($self) = @_;
   17 
   18   delete $self->{asn};
   19 
   20   unless (exists $self->{value}) {
   21     $self->{asn} = \my %asn;
   22     if (defined($self->{time_before_expiration})) {
   23       $asn{warning}{timeBeforeExpiration} = defined($self->{time_before_expiration});
   24     }
   25     elsif (defined($self->{grace_authentications_remaining})) {
   26       $asn{warning}{graceAuthNsRemaining} = $self->{time_before_expiration};
   27     }
   28     if (defined($self->{pp_error})) {
   29       $asn{error} = $self->{pp_error};
   30     }
   31   }
   32 
   33   $self;
   34 }
   35 
   36 sub time_before_expiration {
   37   my $self = shift;
   38   $self->{asn} ||= $ppControlResponse->decode($self->{value});
   39   if (@_) {
   40     delete $self->{value};
   41     my $time = shift;
   42     if (defined $time) {
   43       $self->{asn}{warning} = { timeBeforeExpiration => $time };
   44     }
   45     elsif (my $warning = $self->{asn}{warning}) {
   46       if (exists $warning->{timeBeforeExpiration}) {
   47         delete $self->{asn}{warning};
   48       }
   49     }
   50     return $time;
   51   }
   52   my $warning = $self->{asn}{warning};
   53   $warning && $warning->{timeBeforeExpiration};
   54 }
   55 
   56 sub grace_authentications_remaining {
   57   my $self = shift;
   58   $self->{asn} ||= $ppControlResponse->decode($self->{value});
   59   if (@_) {
   60     delete $self->{value};
   61     my $remaining = shift;
   62     if (defined $remaining) {
   63       $self->{asn}{warning} = { graceAuthNsRemaining => $remaining };
   64     }
   65     elsif (my $warning = $self->{asn}{warning}) {
   66       if (exists $warning->{graceAuthNsRemaining}) {
   67         delete $self->{asn}{warning};
   68       }
   69     }
   70     return $remaining;
   71   }
   72   my $warning = $self->{asn}{warning};
   73   $warning && $warning->{graceAuthNsRemaining};
   74 }
   75 
   76 sub pp_error {
   77   my $self = shift;
   78   $self->{asn} ||= $ppControlResponse->decode($self->{value});
   79   if (@_) {
   80     delete $self->{value};
   81     return $self->{asn}{error} = shift;
   82   }
   83   $self->{asn}{error};
   84 }
   85 
   86 sub value {
   87   my $self = shift;
   88   return $self->{value}  if exists $self->{value};
   89   my $asn = $self->{asn};
   90   # Return undef if all optional values are missing
   91   return undef  unless $asn and (defined $asn->{error} or $asn->{warning});
   92   $self->{value} = $ppControlResponse->encode($self->{asn});
   93 }
   94 
   95 1;
   96 
   97 __END__
   98 
   99 =head1 NAME
  100 
  101 Net::LDAP::Control::PasswordPolicy - LDAPv3 Password Policy control object
  102 
  103 =head1 SYNOPSIS
  104 
  105  use Net::LDAP;
  106  use Net::LDAP::Control::PasswordPolicy;
  107  use Net::LDAP::Constant qw( LDAP_CONTROL_PASSWORDPOLICY );
  108 
  109  $ldap = Net::LDAP->new( "ldap.example.com" );
  110 
  111  $pp = Net::LDAP::Control::PasswordPolicy->new;
  112 
  113  $mesg = $ldap->bind( "cn=Bob Smith,dc=example,dc=com",
  114                       password => "secret",
  115                       control => [ $pp ] );
  116 
  117  # Get password policy response
  118  my($resp)  = $mesg->control( LDAP_CONTROL_PASSWORDPOLICY );
  119 
  120  if (defined($resp)) {
  121    my $v = $resp->pp_error;
  122    print "Password policy error $v\n"  if defined $v;
  123    $v = $resp->time_before_expiration;
  124    print "Password expires in $v second(s)\n"  if defined $v;
  125  }
  126 
  127 =head1 DESCRIPTION
  128 
  129 C<Net::LDAP::Control::PasswordPolicy> provides an interface for the
  130 creation and manipulation of objects that represent
  131 C<PasswordPolicyRequest>s and C<PasswordPolicyResponse>s as described by
  132 draft-behera-password-policy-09.
  133 
  134 This control can be passed to most operations, including the bind.
  135 
  136 =head1 CONSTRUCTOR ARGUMENTS
  137 
  138 There are no constructor arguments other than those provided by
  139 L<Net::LDAP::Control>.
  140 
  141 =head1 METHODS
  142 
  143 =over 4
  144 
  145 =item time_before_expiration
  146 
  147 If defined, this is an integer value holding the time left in seconds
  148 before the account's password will expire.
  149 
  150 =item grace_authentications_remaining
  151 
  152 If defined, this is an integer value holding the number of
  153 authentication requests allowed before the account is locked.
  154 
  155 =item pp_error
  156 
  157 If defined, this contains a more detailed error code for the account.
  158 See L<Net::LDAP::Constant> for definitions of each.
  159 Values can include:
  160 
  161 =over 4
  162 
  163 =item LDAP_PP_PASSWORD_EXPIRED
  164 
  165 =item LDAP_PP_ACCOUNT_LOCKED
  166 
  167 =item LDAP_PP_CHANGE_AFTER_RESET
  168 
  169 =item LDAP_PP_PASSWORD_MOD_NOT_ALLOWED
  170 
  171 =item LDAP_PP_MUST_SUPPLY_OLD_PASSWORD
  172 
  173 =item LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY
  174 
  175 =item LDAP_PP_PASSWORD_TOO_SHORT
  176 
  177 =item LDAP_PP_PASSWORD_TOO_YOUNG
  178 
  179 =item LDAP_PP_PASSWORD_IN_HISTORY
  180 
  181 =back
  182 
  183 =back
  184 
  185 =head1 SEE ALSO
  186 
  187 L<Net::LDAP>,
  188 L<Net::LDAP::Control>,
  189 L<Net::LDAP::Constant>,
  190 draft-behera-ldap-password-policy-09.txt
  191 
  192 =head1 AUTHOR
  193 
  194 Chris Ridd E<lt>chris.ridd@isode.comE<gt>
  195 
  196 Please report any bugs, or post any suggestions, to the perl-ldap
  197 mailing list E<lt>perl-ldap@perl.orgE<gt>
  198 
  199 =head1 COPYRIGHT
  200 
  201 Copyright (c) 2008 Chris Ridd. All rights reserved. This program is
  202 free software; you can redistribute it and/or modify it under the same
  203 terms as Perl itself.
  204 
  205 =cut
  206