"cn: userMinAgeMustChange",
"sn: userMinAgeMustChange_sn",
"userPassword: 12345" );
adminConnection.add( userEntry );
LdapConnection userConnection = new LdapNetworkConnection( "localhost", getLdapServer().getPort() );
BindRequest bindRequest = new BindRequestImpl();
bindRequest.setDn( userDn );
bindRequest.setCredentials( "12345" );
bindRequest.addControl( PP_REQ_CTRL );
// successful bind but must require pwd reset as was set by admin
BindResponse bindResponse = userConnection.bind( bindRequest );
assertEquals( ResultCodeEnum.SUCCESS, bindResponse.getLdapResult().getResultCode() );
assertEquals( PasswordPolicyErrorEnum.CHANGE_AFTER_RESET,
getPwdRespCtrl( bindResponse ).getResponse().getPasswordPolicyError() );
ModifyRequest modifyRequest = new ModifyRequestImpl();
modifyRequest.setName( userDn );
modifyRequest.replace( "userPassword", "123456" );
modifyRequest.addControl( PP_REQ_CTRL );
// succeed because admin previously set password
ModifyResponse modifyResponse = userConnection.modify( modifyRequest );
assertEquals( ResultCodeEnum.SUCCESS, modifyResponse.getLdapResult().getResultCode() );
modifyRequest = new ModifyRequestImpl();
modifyRequest.setName( userDn );
modifyRequest.replace( "userPassword", "1234567" );
modifyRequest.addControl( PP_REQ_CTRL );
// fail cause password is too young
modifyResponse = userConnection.modify( modifyRequest );
assertEquals( ResultCodeEnum.CONSTRAINT_VIOLATION,
modifyResponse.getLdapResult().getResultCode() );
assertEquals( PasswordPolicyErrorEnum.PASSWORD_TOO_YOUNG,
getPwdRespCtrl( modifyResponse ).getResponse().getPasswordPolicyError() );
// Wait for the pwdMinAge delay to be over
Thread.sleep( 1000 );
// Now, we should be able to modify the password
modifyResponse = userConnection.modify( modifyRequest );
assertEquals( ResultCodeEnum.SUCCESS, modifyResponse.getLdapResult().getResultCode() );
userConnection.close();
adminConnection.close();
}