The following code is from the eDirectory plug-in.
package com.novell.nidp.common.authority.ldap.jndi;
import javax.naming.AuthenticationException;
import javax.naming.OperationNotSupportedException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttributes;
import com.novell.nidp.NIDPException;
public class LDAPStorePluginEDir extends LDAPStorePlugin
{
public String getDirectoryName()
{
return "Novell eDirectory";
}
public String getGUIDAttributeName()
{
return "GUID";
}
public String getMemberAttributeName()
{
return "member";
}
public String getUserClassName()
{
return "User";
}
public String getUserNamingAttrName()
{
return "cn";
}
public Attributes preUserAccountCreation(String strCorrelationId, String name, String password, String context)
{
Attributes attrs = new BasicAttributes();
attrs.put("objectClass","User");
attrs.put("cn",name);
attrs.put("sn","NAM Generated");
attrs.put("userPassword",password);
return attrs;
}
public void onCreateConnectionException(AuthenticationException ae)
throws NIDPException
{
// Check the return message to see if we can interpret it.
String strDetails = ae.getMessage();
// Look for "Incorrect Password"
int iIdxLdapErrorCode = strDetails.indexOf(" 49 ");
int iIdxNDSErrorCode = strDetails.indexOf("(-669)");
if ((-1 != iIdxLdapErrorCode) && (-1 != iIdxNDSErrorCode))
{
if (iIdxLdapErrorCode < iIdxNDSErrorCode)
{ // The user typed in an incorrect password
throw new JNDIExceptionIncorrectPassword(ae, ae.getLocalizedMessage());
}
}
// Look for Expired Password
iIdxLdapErrorCode = strDetails.indexOf(" 49 ");
iIdxNDSErrorCode = strDetails.indexOf("(-222)");
if ((-1 != iIdxLdapErrorCode) && (-1 != iIdxNDSErrorCode))
{
if (iIdxLdapErrorCode < iIdxNDSErrorCode)
{ // The password for this user account has expired.
throw new JNDIExceptionExpiredPassword(ae, ae.getLocalizedMessage());
}
}
}
public void onCreateConnectionException(OperationNotSupportedException onse)
throws NIDPException
{
// Check the return message to see if we can interpret it.
String strDetails = onse.getMessage();
// Look for "Incorrect Password"
int iIdxLdapErrorCode = strDetails.indexOf(" 53 ");
if (iIdxLdapErrorCode != -1)
{
int iIdxNDSErrorCode = strDetails.indexOf("(-220)");
// Check for account disabled (or a restriction has
// disabled the account)
if (iIdxNDSErrorCode != -1 && iIdxLdapErrorCode < iIdxNDSErrorCode)
throw new JNDIExceptionDisabledAccount(onse, onse.getLocalizedMessage());
// Check for intruder detection disablement
iIdxNDSErrorCode = strDetails.indexOf("(-218)");
if (iIdxNDSErrorCode != -1 && iIdxLdapErrorCode < iIdxNDSErrorCode)
throw new JNDIExceptionRestrictedAccount(onse, onse.getLocalizedMessage());
// Check for intruder detection disablement
iIdxNDSErrorCode = strDetails.indexOf("(-197)");
if (iIdxNDSErrorCode != -1 && iIdxLdapErrorCode < iIdxNDSErrorCode)
throw new JNDIExceptionIntruderDetection(onse, onse.getLocalizedMessage());
}
}
}