if ( userEntry == null )
{
LOG.error( "Cannot find an entry for DN " + userDn );
// We can't find the entry in the DIT
ioPipe.write( new PasswordModifyResponseImpl(
req.getMessageId(), ResultCodeEnum.NO_SUCH_OBJECT, "Cannot find an entry for DN " + userDn ) );
return;
}
Attribute at = userEntry.get( SchemaConstants.USER_PASSWORD_AT );
if ( ( oldPassword != null ) && ( at != null ) )
{
for( Value<?> v : at )
{
boolean equal = PasswordUtil.compareCredentials( oldPassword, v.getBytes() );
if( equal )
{
oldPassword = v.getBytes();
}
}
}
}
catch ( LdapException le )
{
LOG.error( "Cannot find an entry for DN " + userDn + ", exception : " + le.getMessage() );
// We can't find the entry in the DIT
ioPipe.write(
new PasswordModifyResponseImpl(
req.getMessageId(), ResultCodeEnum.NO_SUCH_OBJECT, "Cannot find an entry for DN " + userDn ) );
return;
}
// We can try to update the userPassword now
ModifyRequest modifyRequest = new ModifyRequestImpl();
modifyRequest.setName( userDn );
Control ppolicyControl = req.getControl( PasswordPolicy.OID );
if( ppolicyControl != null )
{
modifyRequest.addControl( ppolicyControl );
}
Modification modification = null;
if ( oldPassword != null )
{
modification = new DefaultModification( ModificationOperation.REMOVE_ATTRIBUTE,
SchemaConstants.USER_PASSWORD_AT, oldPassword );
modifyRequest.addModification( modification );
}
if ( newPassword != null )
{
if ( oldPassword == null )
{
modification = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
SchemaConstants.USER_PASSWORD_AT, newPassword );
}
else
{
modification = new DefaultModification( ModificationOperation.ADD_ATTRIBUTE,
SchemaConstants.USER_PASSWORD_AT, newPassword );
}
modifyRequest.addModification( modification );
}
else
{
// In this case, we could either generate a new password, or return an error
// Atm, we will return an unwillingToPerform error
LOG.error( "Cannot create a new password for user " + userDn + ", exception : " + userDn );
// We can't modify the password
ioPipe.write( new PasswordModifyResponseImpl(
req.getMessageId(), ResultCodeEnum.UNWILLING_TO_PERFORM, "Cannot generate a new password for user "
+ userDn ) );
return;
}
ResultCodeEnum errorCode = null;
String errorMessage = null;
try
{
userSession.modify( modifyRequest );
LOG.debug( "Password modified for user " + userDn );
// Ok, all done
PasswordModifyResponseImpl pmrl = new PasswordModifyResponseImpl(
req.getMessageId(), ResultCodeEnum.SUCCESS );
ppolicyControl = modifyRequest.getResultResponse().getControl( PasswordPolicy.OID );
if( ppolicyControl != null )
{
pmrl.addControl( ppolicyControl );
}
ioPipe.write( pmrl );
return;
}
catch ( LdapOperationException loe )
{
errorCode = loe.getResultCode();
errorMessage = loe.getMessage();
}
catch ( LdapException le )
{
// this exception means something else must be wrong
errorCode = ResultCodeEnum.OTHER;
errorMessage = le.getMessage();
}
// We can't modify the password
LOG.error( "Cannot modify the password for user " + userDn + ", exception : " + errorMessage );
PasswordModifyResponseImpl errorPmrl = new PasswordModifyResponseImpl(
req.getMessageId(), errorCode, "Cannot modify the password for user "
+ userDn + ", exception : " + errorMessage );
ppolicyControl = modifyRequest.getResultResponse().getControl( PasswordPolicy.OID );
if( ppolicyControl != null )
{
errorPmrl.addControl( ppolicyControl );
}
ioPipe.write( errorPmrl );
}