The following code is from the eDirectory plug-in.
package com.novell.nidp.common.authority.ldap.jndi; import javax.naming.AuthenticationException; import javax.naming.OperationNotSupportedException; import javax.naming.directory.Attributes; import javax.naming.directory.BasicAttributes; import com.novell.nidp.NIDPException; public class LDAPStorePluginEDir extends LDAPStorePlugin { public String getDirectoryName() { return "Novell eDirectory"; } public String getGUIDAttributeName() { return "GUID"; } public String getMemberAttributeName() { return "member"; } public String getUserClassName() { return "User"; } public String getUserNamingAttrName() { return "cn"; } public Attributes preUserAccountCreation(String strCorrelationId, String name, String password, String context) { Attributes attrs = new BasicAttributes(); attrs.put("objectClass","User"); attrs.put("cn",name); attrs.put("sn","NAM Generated"); attrs.put("userPassword",password); return attrs; } public void onCreateConnectionException(AuthenticationException ae) throws NIDPException { // Check the return message to see if we can interpret it. String strDetails = ae.getMessage(); // Look for "Incorrect Password" int iIdxLdapErrorCode = strDetails.indexOf(" 49 "); int iIdxNDSErrorCode = strDetails.indexOf("(-669)"); if ((-1 != iIdxLdapErrorCode) && (-1 != iIdxNDSErrorCode)) { if (iIdxLdapErrorCode < iIdxNDSErrorCode) { // The user typed in an incorrect password throw new JNDIExceptionIncorrectPassword(ae, ae.getLocalizedMessage()); } } // Look for Expired Password iIdxLdapErrorCode = strDetails.indexOf(" 49 "); iIdxNDSErrorCode = strDetails.indexOf("(-222)"); if ((-1 != iIdxLdapErrorCode) && (-1 != iIdxNDSErrorCode)) { if (iIdxLdapErrorCode < iIdxNDSErrorCode) { // The password for this user account has expired. throw new JNDIExceptionExpiredPassword(ae, ae.getLocalizedMessage()); } } } public void onCreateConnectionException(OperationNotSupportedException onse) throws NIDPException { // Check the return message to see if we can interpret it. String strDetails = onse.getMessage(); // Look for "Incorrect Password" int iIdxLdapErrorCode = strDetails.indexOf(" 53 "); if (iIdxLdapErrorCode != -1) { int iIdxNDSErrorCode = strDetails.indexOf("(-220)"); // Check for account disabled (or a restriction has // disabled the account) if (iIdxNDSErrorCode != -1 && iIdxLdapErrorCode < iIdxNDSErrorCode) throw new JNDIExceptionDisabledAccount(onse, onse.getLocalizedMessage()); // Check for intruder detection disablement iIdxNDSErrorCode = strDetails.indexOf("(-218)"); if (iIdxNDSErrorCode != -1 && iIdxLdapErrorCode < iIdxNDSErrorCode) throw new JNDIExceptionRestrictedAccount(onse, onse.getLocalizedMessage()); // Check for intruder detection disablement iIdxNDSErrorCode = strDetails.indexOf("(-197)"); if (iIdxNDSErrorCode != -1 && iIdxLdapErrorCode < iIdxNDSErrorCode) throw new JNDIExceptionIntruderDetection(onse, onse.getLocalizedMessage()); } } }