Package com.unboundid.ldap.sdk.unboundidds.extensions

Class PasswordPolicyStateOperation

java.lang.Object
com.unboundid.ldap.sdk.unboundidds.extensions.PasswordPolicyStateOperation
All Implemented Interfaces:
Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class PasswordPolicyStateOperation extends Object implements Serializable
This class defines an operation that may be used in conjunction with the password policy state extended operation. A password policy state operation can be used to get or set various properties of the password policy state for a user.
NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.

Operations that are available for use with the password policy state operation include:
  • Get the DN of the password policy configuration entry for the target user.
  • Determine whether an account is usable (may authenticate or be used as an alternate authorization identity.
  • Retrieve the set of account usability notice, warning, and error messages for a user.
  • Get, set, and clear the account disabled flag for the target user.
  • Get, set, and clear the account activation time for the target user.
  • Get, set, and clear the account expiration time for the target user.
  • Get the length of time in seconds until the target user account expires.
  • Get the time that the target user's password was last changed.
  • Get and clear the time that the first password expiration warning was sent to the user.
  • Get the length of time in seconds until the target user's password expires and the password expiration time for the account.
  • Get the length of time in seconds until the user should receive the first warning about an upcoming password expiration.
  • Determine whether the user's password is expired.
  • Determine whether the account is locked because of failed authentication attempts, an idle lockout, or a password reset lockout.
  • Get, update, set, and clear the list of times that the target user has unsuccessfully tried to authenticate since the last successful authentication.
  • Get the number of remaining failed authentication attempts for the target user before the account is locked.
  • Get the length of time in seconds until the target user's account is automatically unlocked after it was locked due to failed authentication attempts.
  • Get, set, and clear the time that the user last authenticated to the server.
  • Get, set, and clear the IP address of the client from which the user last authenticated to the server.
  • Get the length of time in seconds until the user account may be locked after remaining idle.
  • Get, set, and clear the flag that controls whether the target user must change his/her password before being allowed to perform any other operations.
  • Get the length of time in seconds until the user's account is locked after failing to change the password after an administrative reset.
  • Get, update, set, and clear the times that the target user has authenticated using a grace login after the password had expired.
  • Retrieve the number of remaining grace logins for the user.
  • Get, set, and clear the required password change time for the target user.
  • Retrieve the length of time in seconds until the target user's account will be locked as a result of failing to comply with a password change by required time.
  • Get the password history count for the target user.
  • Clear the password history for the target user.
  • Get information about or purge a user's retired password.
  • Get information about which SASL mechanisms are available for a user.
  • Get information about which OTP delivery mechanisms are available for a user.
  • Determine whether a user has any TOTP shared secrets and manipulate the registered secrets.
  • Get, set, and clear the public IDs of any YubiKey OTP devices registered for a user.
  • Determine whether the user has a static password.
  • Get, set, and clear the time that the server last performed validation on a password provided in a bind request.
  • Get and set whether the user's account is locked because it contains a password that does not satisfy all of the configured password validators.
  • Get and clear a user's recent login history.
Note that many of these methods are dependent upon the password policy configuration for the target user and therefore some of them may not be applicable for some users. For example, if password expiration is not enabled in the password policy associated with the target user, then operations that involve password expiration will have no effect and/or will have a return value that indicates that password expiration is not in effect.
See Also:

  • Field Details

  • Constructor Details

    • PasswordPolicyStateOperation

      public PasswordPolicyStateOperation(int opType)
      Creates a new password policy state operation with the specified operation type and no values.
      Parameters:
      opType - The operation type for this password policy state operation.

    • PasswordPolicyStateOperation

      public PasswordPolicyStateOperation(int opType, @Nullable ASN1OctetString[] values)
      Creates a new password policy state operation with the specified operation type and set of values.
      Parameters:
      opType - The operation type for this password policy state operation.
      values - The set of values for this password policy state operation.

  • Method Details

    • createGetPasswordPolicyDNOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordPolicyDNOperation()
      Creates a new password policy state operation that may be used to request the DN of the password policy configuration entry for the user. The result returned should include an operation of type OP_TYPE_GET_PW_POLICY_DN with a single string value that is the DN of the password policy configuration entry.
      Returns:
      The created password policy state operation.

    • createGetAccountDisabledStateOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountDisabledStateOperation()
      Creates a new password policy state operation that may be used to determine whether the user account is disabled. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_DISABLED_STATE with a single boolean value of true if the account is disabled, or false if the account is not disabled.
      Returns:
      The created password policy state operation.

    • createSetAccountDisabledStateOperation

      @NotNull public static PasswordPolicyStateOperation createSetAccountDisabledStateOperation(boolean isDisabled)
      Creates a new password policy state operation that may be used to specify whether the user account is disabled. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_DISABLED_STATE with a single boolean value of true if the account has been disabled, or false if the account is not disabled.
      Parameters:
      isDisabled - Indicates whether the user account should be disabled.
      Returns:
      The created password policy state operation.

    • createClearAccountDisabledStateOperation

      @NotNull public static PasswordPolicyStateOperation createClearAccountDisabledStateOperation()
      Creates a new password policy state operation that may be used to clear the user account disabled state in the user's entry. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_DISABLED_STATE with a single boolean value of true if the account is disabled, or false if the account is not disabled.
      Returns:
      The created password policy state operation.

    • createGetAccountActivationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountActivationTimeOperation()
      Creates a new password policy state operation that may be used to retrieve the time that the user's account will become active. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_ACTIVATION_TIME with a single string value that is the generalized time representation of the account activation time, or a null value if the account does not have an activation time.
      Returns:
      The created password policy state operation.

    • createSetAccountActivationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetAccountActivationTimeOperation(@Nullable Date expirationTime)
      Creates a new password policy state operation that may be used to set the time that the user's account expires. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_ACTIVATION_TIME with a single string value that is the generalized time representation of the account activation time, or a null value if the account does not have an activation time.
      Parameters:
      expirationTime - The time that the user's account should expire. It may be null if the server should use the current time.
      Returns:
      The created password policy state operation.

    • createClearAccountActivationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createClearAccountActivationTimeOperation()
      Creates a new password policy state operation that may be used to clear the account expiration time in the user's entry. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_ACTIVATION_TIME with a single string value that is the generalized time representation of the account activation time, or a null value if the account does not have an activation time.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilAccountActivationOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilAccountActivationOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds until the user's account becomes active. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_ACTIVATION with a single integer value representing the number of seconds until the account becomes active, or a null value if the account does not have an activation time.
      Returns:
      The created password policy state operation.

    • createGetAccountExpirationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountExpirationTimeOperation()
      Creates a new password policy state operation that may be used to retrieve the time that the user's account expires. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_EXPIRATION_TIME with a single string value that is the generalized time representation of the account expiration time, or a null value if the account does not have an expiration time.
      Returns:
      The created password policy state operation.

    • createSetAccountExpirationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetAccountExpirationTimeOperation(@Nullable Date expirationTime)
      Creates a new password policy state operation that may be used to set the time that the user's account expires. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_EXPIRATION_TIME with a single string value that is the generalized time representation of the account expiration time, or a null value if the account does not have an expiration time.
      Parameters:
      expirationTime - The time that the user's account should expire. It may be null if the server should use the current time.
      Returns:
      The created password policy state operation.

    • createClearAccountExpirationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createClearAccountExpirationTimeOperation()
      Creates a new password policy state operation that may be used to clear the account expiration time in the user's entry. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_EXPIRATION_TIME with a single string value that is the generalized time representation of the account expiration time, or a null value if the account does not have an expiration time.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilAccountExpirationOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilAccountExpirationOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds until the user's account is expired. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION with a single integer value representing the number of seconds until the account will expire, or a null value if the account does not have an expiration time.
      Returns:
      The created password policy state operation.

    • createGetPasswordChangedTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordChangedTimeOperation()
      Creates a new password policy state operation that may be used to determine when the user's password was last changed. The result returned should include an operation of type OP_TYPE_GET_PW_CHANGED_TIME with a single string value that is the generalized time representation of the time the password was last changed.
      Returns:
      The created password policy state operation.

    • createSetPasswordChangedTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetPasswordChangedTimeOperation(@Nullable Date passwordChangedTime)
      Creates a new password policy state operation that may be used to specify when the user's password was last changed. The result returned should include an operation of type OP_TYPE_GET_PW_CHANGED_TIME with a single string value that is the generalized time representation of the time the password was last changed.
      Parameters:
      passwordChangedTime - The time the user's password was last changed. It may be null if the server should use the current time.
      Returns:
      The created password policy state operation.

    • createClearPasswordChangedTimeOperation

      @NotNull public static PasswordPolicyStateOperation createClearPasswordChangedTimeOperation()
      Creates a new password policy state operation that may be used to clear the password changed time from a user's entry. The result returned should include an operation of type OP_TYPE_GET_PW_CHANGED_TIME with a single string value that is the generalized time representation of the time the password was last changed, or null if it can no longer be determined.
      Returns:
      The created password policy state operation.

    • createGetPasswordExpirationWarnedTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordExpirationWarnedTimeOperation()
      Creates a new password policy state operation that may be used to determine when the user first received a password expiration warning. The result returned should include an operation of type OP_TYPE_GET_PW_EXPIRATION_WARNED_TIME with a single string value that is the generalized time representation of the time the user received the first expiration warning.
      Returns:
      The created password policy state operation.

    • createSetPasswordExpirationWarnedTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetPasswordExpirationWarnedTimeOperation(@Nullable Date passwordExpirationWarnedTime)
      Creates a new password policy state operation that may be used to specify when the user first received a password expiration warning. The result returned should include an operation of type OP_TYPE_GET_PW_EXPIRATION_WARNED_TIME with a single string value that is the generalized time representation of the time the user received the first expiration warning.
      Parameters:
      passwordExpirationWarnedTime - The password expiration warned time for the user. It may be null if the server should use the current time.
      Returns:
      The created password policy state operation.

    • createClearPasswordExpirationWarnedTimeOperation

      @NotNull public static PasswordPolicyStateOperation createClearPasswordExpirationWarnedTimeOperation()
      Creates a new password policy state operation that may be used to clear the password expiration warned time from the user's entry. The result returned should include an operation of type OP_TYPE_GET_PW_EXPIRATION_WARNED_TIME with a single string value that is the generalized time representation of the time the user received the first expiration warning.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilPasswordExpirationOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilPasswordExpirationOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds until the user's password expires. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION with a single integer value that is the number of seconds until the user's password expires, or a null value if the user's password will not expire.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilPasswordExpirationWarningOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilPasswordExpirationWarningOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds until the user is eligible to start receiving password expiration warnings. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_PW_EXPIRATION_WARNING with a single integer value that is the number of seconds until the user is eligible to receive the first expiration warning, or a null value if the user's password will not expire.
      Returns:
      The created password policy state operation.

    • createGetAuthenticationFailureTimesOperation

      @NotNull public static PasswordPolicyStateOperation createGetAuthenticationFailureTimesOperation()
      Creates a new password policy state operation that may be used to retrieve the times that the user has unsuccessfully tried to authenticate since the last successful authentication. The result returned should include an operation of type OP_TYPE_GET_AUTH_FAILURE_TIMES with an array of string values representing the timestamps (in generalized time format) of the authentication failures.
      Returns:
      The created password policy state operation.

    • createAddAuthenticationFailureTimeOperation

      @NotNull public static PasswordPolicyStateOperation createAddAuthenticationFailureTimeOperation()
      Creates a new password policy state operation that may be used to add the current time to the set of times that the user has unsuccessfully tried to authenticate since the last successful authentication. The result returned should include an operation of type OP_TYPE_GET_AUTH_FAILURE_TIMES with an array of string values representing the timestamps (in generalized time format) of the authentication failures.
      Returns:
      The created password policy state operation.

    • createAddAuthenticationFailureTimeOperation

      @NotNull public static PasswordPolicyStateOperation createAddAuthenticationFailureTimeOperation(@Nullable Date[] authFailureTimes)
      Creates a new password policy state operation that may be used to add the specified values to the set of times that the user has unsuccessfully tried to authenticate since the last successful authentication. The result returned should include an operation of type OP_TYPE_GET_AUTH_FAILURE_TIMES with an array of string values representing the timestamps (in generalized time format) of the authentication failures.
      Parameters:
      authFailureTimes - The set of authentication failure time values to add. It may be null or empty if the server should add the current time.
      Returns:
      The created password policy state operation.

    • createSetAuthenticationFailureTimesOperation

      @NotNull public static PasswordPolicyStateOperation createSetAuthenticationFailureTimesOperation(@Nullable Date[] authFailureTimes)
      Creates a new password policy state operation that may be used to specify the set of times that the user has unsuccessfully tried to authenticate since the last successful authentication. The result returned should include an operation of type OP_TYPE_GET_AUTH_FAILURE_TIMES with an array of string values representing the timestamps (in generalized time format) of the authentication failures.
      Parameters:
      authFailureTimes - The set of times that the user has unsuccessfully tried to authenticate since the last successful authentication. It may be null or empty if the server should use the current time as the only failure time.
      Returns:
      The created password policy state operation.

    • createClearAuthenticationFailureTimesOperation

      @NotNull public static PasswordPolicyStateOperation createClearAuthenticationFailureTimesOperation()
      Creates a new password policy state operation that may be used to clear the set of times that the user has unsuccessfully tried to authenticate since the last successful authentication. The result returned should include an operation of type OP_TYPE_GET_AUTH_FAILURE_TIMES with an array of string values representing the timestamps (in generalized time format) of the authentication failures.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilAuthenticationFailureUnlockOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilAuthenticationFailureUnlockOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds until the user's account is automatically unlocked after too many failed authentication attempts. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_AUTH_FAILURE_UNLOCK with a single integer value that represents the number of seconds until the account becomes unlocked, or a null value if the account is not temporarily locked as a result of authentication failures.
      Returns:
      The created password policy state operation.

    • createGetRemainingAuthenticationFailureCountOperation

      @NotNull public static PasswordPolicyStateOperation createGetRemainingAuthenticationFailureCountOperation()
      Creates a new password policy state operation that may be used to determine the number of authentication failures required to lock the user's account. The result returned should include an operation of type OP_TYPE_GET_REMAINING_AUTH_FAILURE_COUNT with a single integer value that represents the number of authentication failures that a user will be permitted before the account is locked, or a null value if the password policy is not configured to lock accounts as a result of too many failed authentication attempts.
      Returns:
      The created password policy state operation.

    • createGetLastLoginTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetLastLoginTimeOperation()
      Creates a new password policy state operation that may be used to determine the time that the user last successfully authenticated to the server. The result returned should include an operation of type OP_TYPE_GET_LAST_LOGIN_TIME with a single string value that is the generalized time representation of the user's last login time, or a null value if no last login time is available.
      Returns:
      The created password policy state operation.

    • createSetLastLoginTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetLastLoginTimeOperation(@Nullable Date lastLoginTime)
      Creates a new password policy state operation that may be used to set the time that the user last successfully authenticated to the server. The result returned should include an operation of type OP_TYPE_GET_LAST_LOGIN_TIME with a single string value that is the generalized time representation of the user's last login time, or a null value if no last login time is available.
      Parameters:
      lastLoginTime - The last login time to set in the user's entry. It may be null if the server should use the current time.
      Returns:
      The created password policy state operation.

    • createClearLastLoginTimeOperation

      @NotNull public static PasswordPolicyStateOperation createClearLastLoginTimeOperation()
      Creates a new password policy state operation that may be used to clear the last login time from the user's entry. The result returned should include an operation of type OP_TYPE_GET_LAST_LOGIN_TIME with a single string value that is the generalized time representation of the user's last login time, or a null value if no last login time is available.
      Returns:
      The created password policy state operation.

    • createGetLastLoginIPAddressOperation

      @NotNull public static PasswordPolicyStateOperation createGetLastLoginIPAddressOperation()
      Creates a new password policy state operation that may be used to determine the IP address from which the user last successfully authenticated to the server. The result returned should include an operation of type OP_TYPE_GET_LAST_LOGIN_IP_ADDRESS with a single string value that is the user's last login IP address, or a null value if no last login IP address is available.
      Returns:
      The created password policy state operation.

    • createSetLastLoginIPAddressOperation

      @NotNull public static PasswordPolicyStateOperation createSetLastLoginIPAddressOperation(@NotNull String lastLoginIPAddress)
      Creates a new password policy state operation that may be used to set the IP address from which the user last successfully authenticated to the server. The result returned should include an operation of type OP_TYPE_GET_LAST_LOGIN_IP_ADDRESS with a single string value that is the user's last login IP address, or a null value if no last login IP address is available.
      Parameters:
      lastLoginIPAddress - The last login IP address to set in the user's entry. It must not be null.
      Returns:
      The created password policy state operation.

    • createClearLastLoginIPAddressOperation

      @NotNull public static PasswordPolicyStateOperation createClearLastLoginIPAddressOperation()
      Creates a new password policy state operation that may be used to clear the last login IP address from the user's entry. The result returned should include an operation of type OP_TYPE_GET_LAST_LOGIN_IP_ADDRESS with a single string value that is the user's last login IP address, or a null value if no last login IP address is available.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilIdleLockoutOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilIdleLockoutOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds until the user's account is locked due to inactivity. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_IDLE_LOCKOUT with a single integer value that represents the number of seconds until the user's account is locked as a result of being idle for too long, or a null value if no idle account lockout is configured.
      Returns:
      The created password policy state operation.

    • createGetPasswordResetStateOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordResetStateOperation()
      Creates a new password policy state operation that may be used to determine whether the user's password has been reset by an administrator and must be changed before performing any other operations. The result returned should include an operation of type OP_TYPE_GET_PW_RESET_STATE with a single boolean value of true if the user's password must be changed before the account can be used, or false if not.
      Returns:
      The created password policy state operation.

    • createSetPasswordResetStateOperation

      @NotNull public static PasswordPolicyStateOperation createSetPasswordResetStateOperation(boolean isReset)
      Creates a new password policy state operation that may be used to specify whether the user's password has been reset by an administrator and must be changed before performing any other operations. The result returned should include an operation of type OP_TYPE_GET_PW_RESET_STATE with a single boolean value of true if the user's password must be changed before the account can be used, or false if not.
      Parameters:
      isReset - Specifies whether the user's password must be changed before performing any other operations.
      Returns:
      The created password policy state operation.

    • createClearPasswordResetStateOperation

      @NotNull public static PasswordPolicyStateOperation createClearPasswordResetStateOperation()
      Creates a new password policy state operation that may be used to clear the password reset state information in the user's entry. The result returned should include an operation of type OP_TYPE_GET_PW_RESET_STATE with a single boolean value of true if the user's password must be changed before the account can be used, or false if not.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilPasswordResetLockoutOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilPasswordResetLockoutOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds that the user has left to change his/her password after an administrative reset before the account is locked. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_PW_RESET_LOCKOUT with a single integer value that represents the number of seconds until the user's account will be locked unless the password is reset, or a null value if the user's password is not in a "must change" state.
      Returns:
      The created password policy state operation.

    • createGetGraceLoginUseTimesOperation

      @NotNull public static PasswordPolicyStateOperation createGetGraceLoginUseTimesOperation()
      Creates a new password policy state operation that may be used to retrieve the set of times that the user has authenticated using grace logins since his/her password expired. The result returned should include an operation of type OP_TYPE_GET_GRACE_LOGIN_USE_TIMES with an array of string values in generalized time format.
      Returns:
      The created password policy state operation.

    • createAddGraceLoginUseTimeOperation

      @NotNull public static PasswordPolicyStateOperation createAddGraceLoginUseTimeOperation()
      Creates a new password policy state operation that may be used to add the current time to the set of times that the user has authenticated using grace logins since his/her password expired. The result returned should include an operation of type OP_TYPE_GET_GRACE_LOGIN_USE_TIMES with an array of string values in generalized time format.
      Returns:
      The created password policy state operation.

    • createAddGraceLoginUseTimeOperation

      @NotNull public static PasswordPolicyStateOperation createAddGraceLoginUseTimeOperation(@Nullable Date[] graceLoginUseTimes)
      Creates a new password policy state operation that may be used to add the current time to the set of times that the user has authenticated using grace logins since his/her password expired. The result returned should include an operation of type OP_TYPE_GET_GRACE_LOGIN_USE_TIMES with an array of string values in generalized time format.
      Parameters:
      graceLoginUseTimes - The set of grace login use times to add. It may be null or empty if the server should add the current time to the set of grace login times.
      Returns:
      The created password policy state operation.

    • createSetGraceLoginUseTimesOperation

      @NotNull public static PasswordPolicyStateOperation createSetGraceLoginUseTimesOperation(@Nullable Date[] graceLoginUseTimes)
      Creates a new password policy state operation that may be used to specify the set of times that the user has authenticated using grace logins since his/her password expired. The result returned should include an operation of type OP_TYPE_GET_GRACE_LOGIN_USE_TIMES with an array of string values in generalized time format.
      Parameters:
      graceLoginUseTimes - The set of times that the user has authenticated using grace logins since his/her password expired. It amy be null or empty if the server should use the current time as the only grace login use time.
      Returns:
      The created password policy state operation.

    • createClearGraceLoginUseTimesOperation

      @NotNull public static PasswordPolicyStateOperation createClearGraceLoginUseTimesOperation()
      Creates a new password policy state operation that may be used to clear the set of times that the user has authenticated using grace logins since his/her password expired. The result returned should include an operation of type OP_TYPE_GET_GRACE_LOGIN_USE_TIMES with an array of string values in generalized time format.
      Returns:
      The created password policy state operation.

    • createGetRemainingGraceLoginCountOperation

      @NotNull public static PasswordPolicyStateOperation createGetRemainingGraceLoginCountOperation()
      Creates a new password policy state operation that may be used to retrieve the number of remaining grace logins available to the user. The result returned should include an operation of type OP_TYPE_GET_REMAINING_GRACE_LOGIN_COUNT with a single integer value that represents the number of remaining grace logins, or a null value if grace login functionality is not enabled for the user.
      Returns:
      The created password policy state operation.

    • createGetPasswordChangedByRequiredTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordChangedByRequiredTimeOperation()
      Creates a new password policy state operation that may be used to retrieve the last required password change time that with which the user has complied. The result returned should include an operation of type OP_TYPE_GET_PW_CHANGED_BY_REQUIRED_TIME with a single string value that is the generalized time representation of the most recent required password change time with which the user complied, or a null value if this is not available for the user.
      Returns:
      The created password policy state operation.

    • createSetPasswordChangedByRequiredTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetPasswordChangedByRequiredTimeOperation()
      Creates a new password policy state operation that may be used to update the user's entry to indicate that he/she has complied with the required password change time. The result returned should include an operation of type OP_TYPE_GET_PW_CHANGED_BY_REQUIRED_TIME with a single string value that is the generalized time representation of the most recent required password change time with which the user complied, or a null value if this is not available for the user.
      Returns:
      The created password policy state operation.

    • createSetPasswordChangedByRequiredTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetPasswordChangedByRequiredTimeOperation(@Nullable Date requiredTime)
      Creates a new password policy state operation that may be used to update the user's entry to indicate that he/she has complied with the required password change time. The result returned should include an operation of type OP_TYPE_GET_PW_CHANGED_BY_REQUIRED_TIME with a single string value that is the generalized time representation of the most recent required password change time with which the user complied, or a null value if this is not available for the user.
      Parameters:
      requiredTime - The required password changed time with which the user has complied. It may be null if the server should use the most recent required change time.
      Returns:
      The created password policy state operation.

    • createClearPasswordChangedByRequiredTimeOperation

      @NotNull public static PasswordPolicyStateOperation createClearPasswordChangedByRequiredTimeOperation()
      Creates a new password policy state operation that may be used to clear the last required password change time from the user's entry. The result returned should include an operation of type OP_TYPE_GET_PW_CHANGED_BY_REQUIRED_TIME with a single string value that is the generalized time representation of the most recent required password change time with which the user complied, or a null value if this is not available for the user.
      Returns:
      The created password policy state operation.

    • createGetSecondsUntilRequiredChangeTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsUntilRequiredChangeTimeOperation()
      Creates a new password policy state operation that may be used to retrieve the length of time in seconds until the required password change time arrives. The result returned should include an operation of type OP_TYPE_GET_SECONDS_UNTIL_REQUIRED_CHANGE_TIME with a single integer value that represents the number of seconds before the user will be required to change his/her password as a result of the require-change-by-time property, or a null value if the user is not required to change their password for this reason.
      Returns:
      The created password policy state operation.

    • createGetPasswordHistoryOperation

      @Deprecated @NotNull public static PasswordPolicyStateOperation createGetPasswordHistoryOperation()
      Deprecated.
      This method has been deprecated in favor of the createGetPasswordHistoryCountOperation() method.
      Creates a new password policy state operation that may be used to retrieve the password history values stored in the user's entry. The result returned should include an operation of type OP_TYPE_GET_PW_HISTORY with an array of strings representing the user's password history content.
      Returns:
      The created password policy state operation.

    • createClearPasswordHistoryOperation

      @NotNull public static PasswordPolicyStateOperation createClearPasswordHistoryOperation()
      Creates a new password policy state operation that may be used to clear the password history values stored in the user's entry. The result returned should include an operation of type OP_TYPE_GET_PW_HISTORY with an array of strings representing the user's password history content.
      Returns:
      The created password policy state operation.

    • createHasRetiredPasswordOperation

      @NotNull public static PasswordPolicyStateOperation createHasRetiredPasswordOperation()
      Creates a new password policy state operation that may be used to determine whether the user has a valid retired password. The result returned should include an operation of type OP_TYPE_HAS_RETIRED_PASSWORD with a single boolean value of true if the user has a valid retired password, or false if not.
      Returns:
      The created password policy state operation.

    • createGetPasswordRetiredTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordRetiredTimeOperation()
      Creates a new password policy state operation that may be used to determine the time that the user's former password was retired. The result returned should include an operation of type OP_TYPE_GET_PASSWORD_RETIRED_TIME with a single string value that is the generalized time representation of the time the user's former password was retired, or a null value if the user does not have a valid retired password.
      Returns:
      The created password policy state operation.

    • createGetRetiredPasswordExpirationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetRetiredPasswordExpirationTimeOperation()
      Creates a new password policy state operation that may be used to determine the length of time until the user's retired password expires. The result returned should include an operation of type OP_TYPE_GET_RETIRED_PASSWORD_EXPIRATION_TIME with a single string value that is the generalized time representation of the time the user's retired password will cease to be valid, or a null value if the user does not have a valid retired password.
      Returns:
      The created password policy state operation.

    • createPurgeRetiredPasswordOperation

      @NotNull public static PasswordPolicyStateOperation createPurgeRetiredPasswordOperation()
      Creates a new password policy state operation that may be used to purge any retired password from the user's entry. The result returned should include an operation of type OP_TYPE_HAS_RETIRED_PASSWORD with a single boolean value of true if the user has a valid retired password, or false if not.
      Returns:
      The created password policy state operation.

    • createGetAccountUsabilityNoticesOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountUsabilityNoticesOperation()
      Creates a new password policy state operation that may be used to retrieve information about any password policy state notices pertaining to the usability of the user's account. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_USABILITY_NOTICES with an array of strings that represent PasswordPolicyStateAccountUsabilityWarning values.
      Returns:
      The created password policy state operation.

    • createGetAccountUsabilityWarningsOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountUsabilityWarningsOperation()
      Creates a new password policy state operation that may be used to retrieve information about any password policy state warnings that may impact the usability of the user's account. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_USABILITY_WARNINGS with an array of strings that represent PasswordPolicyStateAccountUsabilityWarning values.
      Returns:
      The created password policy state operation.

    • createGetAccountUsabilityErrorsOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountUsabilityErrorsOperation()
      Creates a new password policy state operation that may be used to retrieve information about any password policy state errors that may impact the usability of the user's account. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_USABILITY_ERRORS with an array of strings that represent PasswordPolicyStateAccountUsabilityError values.
      Returns:
      The created password policy state operation.

    • createGetAccountIsUsableOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountIsUsableOperation()
      Creates a new password policy state operation that may be used to determine whether an account is usable (i.e., the account will be allowed to authenticate and/or be used as an alternate authorization identity. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_USABLE with a single boolean value that indicates whether the account is usable.
      Returns:
      The created password policy state operation.

    • createGetAccountIsNotYetActiveOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountIsNotYetActiveOperation()
      Creates a new password policy state operation that may be used to determine whether an account has an activation time that is in the future. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_NOT_YET_ACTIVE with a single boolean value that indicates whether the account is not yet active.
      Returns:
      The created password policy state operation.

    • createGetAccountIsExpiredOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountIsExpiredOperation()
      Creates a new password policy state operation that may be used to determine whether an account has an expiration time that is in the past. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_EXPIRED with a single boolean value that indicates whether the account is expired.
      Returns:
      The created password policy state operation.

    • createGetPasswordExpirationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordExpirationTimeOperation()
      Creates a new password policy state operation that may be used to determine when a user's password is expected to expire. The result returned should include an operation of type OP_TYPE_GET_PW_EXPIRATION_TIME with a single string value that is the generalized time representation of the password expiration time.
      Returns:
      The created password policy state operation.

    • createGetAccountIsFailureLockedOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountIsFailureLockedOperation()
      Creates a new password policy state operation that may be used to determine whether an account has been locked because of too many failed authentication attempts. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_FAILURE_LOCKED with a single boolean value that indicates whether the account is failure locked.
      Returns:
      The created password policy state operation.

    • createSetAccountIsFailureLockedOperation

      @NotNull public static PasswordPolicyStateOperation createSetAccountIsFailureLockedOperation(boolean isFailureLocked)
      Creates a new password policy state operation that may be used to specify whether an account should be locked because of too many failed authentication attempts. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_FAILURE_LOCKED with a single boolean value that indicates whether the account is failure locked.
      Parameters:
      isFailureLocked - Indicates whether the account should be locked because of too many failed attempts.
      Returns:
      The created password policy state operation.

    • createGetFailureLockoutTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetFailureLockoutTimeOperation()
      Creates a new password policy state operation that may be used to determine when a user's password is was locked because of too many failed authentication attempts. The result returned should include an operation of type OP_TYPE_GET_FAILURE_LOCKOUT_TIME with a single string value that is the generalized time representation of the failure lockout time.
      Returns:
      The created password policy state operation.

    • createGetAccountIsIdleLockedOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountIsIdleLockedOperation()
      Creates a new password policy state operation that may be used to determine whether an account has been locked because it has remained idle for too long. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_IDLE_LOCKED with a single boolean value that indicates whether the account is idle locked.
      Returns:
      The created password policy state operation.

    • createGetIdleLockoutTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetIdleLockoutTimeOperation()
      Creates a new password policy state operation that may be used to determine when a user's password is was locked because of the idle account lockout. The result returned should include an operation of type OP_TYPE_GET_IDLE_LOCKOUT_TIME with a single string value that is the generalized time representation of the idle lockout time.
      Returns:
      The created password policy state operation.

    • createGetAccountIsResetLockedOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountIsResetLockedOperation()
      Creates a new password policy state operation that may be used to determine whether an account has been locked because the user failed to change their password in a timely manner after an administrative reset. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_RESET_LOCKED with a single boolean value that indicates whether the account is reset locked.
      Returns:
      The created password policy state operation.

    • createGetResetLockoutTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetResetLockoutTimeOperation()
      Creates a new password policy state operation that may be used to determine when a user's password is was locked because the user failed to change their password in a timely manner after an administrative reset. The result returned should include an operation of type OP_TYPE_GET_RESET_LOCKOUT_TIME with a single string value that is the generalized time representation of the reset lockout time.
      Returns:
      The created password policy state operation.

    • createGetPasswordHistoryCountOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordHistoryCountOperation()
      Creates a new password policy state operation that may be used to retrieve the number of passwords currently held in a user's password history. The result returned should include an operation of type OP_TYPE_GET_PW_HISTORY_COUNT with a single integer value that represents the number of passwords in the history, or a null value if a password history is not enabled for the user.
      Returns:
      The created password policy state operation.

    • createGetPasswordIsExpiredOperation

      @NotNull public static PasswordPolicyStateOperation createGetPasswordIsExpiredOperation()
      Creates a new password policy state operation that may be used to determine whether a user's password is expired. The result returned should include an operation of type OP_TYPE_GET_PW_IS_EXPIRED with a single Boolean value that indicates whether the password is expired, or a null value if password expiration is not enabled for the user.
      Returns:
      The created password policy state operation.

    • createGetAvailableSASLMechanismsOperation

      @NotNull public static PasswordPolicyStateOperation createGetAvailableSASLMechanismsOperation()
      Creates a new password policy state operation that may be used to retrieve a list of the SASL mechanisms that are available for a user. This will take into consideration the server's configuration, the types of credentials that a user has, and per-user constraints and preferences.
      Returns:
      The created password policy state operation.

    • createGetAvailableOTPDeliveryMechanismsOperation

      @NotNull public static PasswordPolicyStateOperation createGetAvailableOTPDeliveryMechanismsOperation()
      Creates a new password policy state operation that may be used to retrieve a list of the one-time password delivery mechanisms that are available for a user. If the user's entry includes information about which OTP delivery mechanisms are preferred, the list will be ordered from most preferred to least preferred.
      Returns:
      The created password policy state operation.

    • createHasTOTPSharedSecret

      @Deprecated @NotNull public static PasswordPolicyStateOperation createHasTOTPSharedSecret()
      Deprecated.
      Use createHasTOTPSharedSecretOperation() instead.
      Creates a new password policy state operation that may be used to determine whether the user has at least one TOTP shared secret. The result returned should include an operation of type OP_TYPE_HAS_TOTP_SHARED_SECRET with a single boolean value of true if the user has one or more TOTP shared secrets, or false if not.
      Returns:
      The created password policy state operation.

    • createHasTOTPSharedSecretOperation

      @NotNull public static PasswordPolicyStateOperation createHasTOTPSharedSecretOperation()
      Creates a new password policy state operation that may be used to determine whether the user has at least one TOTP shared secret. The result returned should include an operation of type OP_TYPE_HAS_TOTP_SHARED_SECRET with a single boolean value of true if the user has one or more TOTP shared secrets, or false if not.
      Returns:
      The created password policy state operation.

    • createAddTOTPSharedSecretOperation

      @NotNull public static PasswordPolicyStateOperation createAddTOTPSharedSecretOperation(@NotNull String... totpSharedSecrets)
      Creates a new password policy state operation that may be used to add one or more values to the set of TOTP shared secrets for a user. The result returned should include an operation of type OP_TYPE_HAS_TOTP_SHARED_SECRET with a single boolean value of true if the user has one or more TOTP shared secrets, or false if not.
      Parameters:
      totpSharedSecrets - The base32-encoded representations of the TOTP shared secrets to add to the user. It must not be null or empty.
      Returns:
      The created password policy state operation.

    • createRemoveTOTPSharedSecretOperation

      @NotNull public static PasswordPolicyStateOperation createRemoveTOTPSharedSecretOperation(@NotNull String... totpSharedSecrets)
      Creates a new password policy state operation that may be used to remove one or more values from the set of TOTP shared secrets for a user. The result returned should include an operation of type OP_TYPE_HAS_TOTP_SHARED_SECRET with a single boolean value of true if the user has one or more TOTP shared secrets, or false if not.
      Parameters:
      totpSharedSecrets - The base32-encoded representations of the TOTP shared secrets to remove from the user. It must not be null or empty.
      Returns:
      The created password policy state operation.

    • createSetTOTPSharedSecretsOperation

      @NotNull public static PasswordPolicyStateOperation createSetTOTPSharedSecretsOperation(@NotNull String... totpSharedSecrets)
      Creates a new password policy state operation that may be used to replace the set of TOTP shared secrets for a user. The result returned should include an operation of type OP_TYPE_HAS_TOTP_SHARED_SECRET with a single boolean value of true if the user has one or more TOTP shared secrets, or false if not.
      Parameters:
      totpSharedSecrets - The base32-encoded representations of the TOTP shared secrets for the user. It must not be null but may be empty.
      Returns:
      The created password policy state operation.

    • createClearTOTPSharedSecretsOperation

      @NotNull public static PasswordPolicyStateOperation createClearTOTPSharedSecretsOperation()
      Creates a new password policy state operation that may be used to clear the set of TOTP shared secrets for a user. The result returned should include an operation of type OP_TYPE_HAS_TOTP_SHARED_SECRET with a single boolean value of true if the user has one or more TOTP shared secrets, or false if not.
      Returns:
      The created password policy state operation.

    • createHasYubiKeyPublicIDOperation

      @NotNull public static PasswordPolicyStateOperation createHasYubiKeyPublicIDOperation()
      Creates a new password policy state operation that may be used to determine whether the user has at least one registered YubiKey OTP device. The result returned should include an operation of type OP_TYPE_HAS_REGISTERED_YUBIKEY_PUBLIC_ID with a single boolean value of true if the user has one or more registered devices, or false if not.
      Returns:
      The created password policy state operation.

    • createGetRegisteredYubiKeyPublicIDsOperation

      @NotNull public static PasswordPolicyStateOperation createGetRegisteredYubiKeyPublicIDsOperation()
      Creates a new password policy state operation that may be used to retrieve the public IDs of the YubiKey OTP devices registered for a user. The result returned should include an operation of type OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS with an array of string values that represent the public IDs of the registered YubiKey OTP devices.
      Returns:
      The created password policy state operation.

    • createAddRegisteredYubiKeyPublicIDOperation

      @NotNull public static PasswordPolicyStateOperation createAddRegisteredYubiKeyPublicIDOperation(@NotNull String... publicIDs)
      Creates a new password policy state operation that may be used to add one or more values to the set of the public IDs of the YubiKey OTP devices registered for a user. The result returned should include an operation of type OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS with an array of string values that represent the public IDs of the registered YubiKey OTP devices.
      Parameters:
      publicIDs - The set of public IDs to add to the set of YubiKey OTP devices registered for the user. It must not be null or empty.
      Returns:
      The created password policy state operation.

    • createRemoveRegisteredYubiKeyPublicIDOperation

      @NotNull public static PasswordPolicyStateOperation createRemoveRegisteredYubiKeyPublicIDOperation(@NotNull String... publicIDs)
      Creates a new password policy state operation that may be used to remove one or more values from the set of the public IDs of the YubiKey OTP devices registered for a user. The result returned should include an operation of type OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS with an array of string values that represent the public IDs of the registered YubiKey OTP devices.
      Parameters:
      publicIDs - The set of public IDs to remove from the set of YubiKey OTP devices registered for the user. It must not be null or empty.
      Returns:
      The created password policy state operation.

    • createSetRegisteredYubiKeyPublicIDsOperation

      @NotNull public static PasswordPolicyStateOperation createSetRegisteredYubiKeyPublicIDsOperation(@NotNull String... publicIDs)
      Creates a new password policy state operation that may be used to replace the set of the public IDs of the YubiKey OTP devices registered for a user. The result returned should include an operation of type OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS with an array of string values that represent the public IDs of the registered YubiKey OTP devices.
      Parameters:
      publicIDs - The set of public IDs for the YubiKey OTP devices registered for the user. It must not be null but may be empty.
      Returns:
      The created password policy state operation.

    • createClearRegisteredYubiKeyPublicIDsOperation

      @NotNull public static PasswordPolicyStateOperation createClearRegisteredYubiKeyPublicIDsOperation()
      Creates a new password policy state operation that may be used to clear the set of the public IDs of the YubiKey OTP devices registered for a user. The result returned should include an operation of type OP_TYPE_GET_REGISTERED_YUBIKEY_PUBLIC_IDS with an array of string values that represent the public IDs of the registered YubiKey OTP devices.
      Returns:
      The created password policy state operation.

    • createHasStaticPasswordOperation

      @NotNull public static PasswordPolicyStateOperation createHasStaticPasswordOperation()
      Creates a new password policy state operation that may be used to determine whether the user has a static password. The result should include an operation of type OP_TYPE_HAS_STATIC_PASSWORD with a single boolean value of true if the user has a static password, or false if not.
      Returns:
      The created password policy state operation.

    • createGetLastBindPasswordValidationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createGetLastBindPasswordValidationTimeOperation()
      Creates a new password policy state operation that may be used to retrieve the time that the server last invoked password validators during a bind operation for the target user. The result should include an operation of type OP_TYPE_GET_LAST_BIND_PASSWORD_VALIDATION_TIME with a single string value that is the generalized time representation of the last bind password validation time, or a null value if the account does not have a last bind password validation time.
      Returns:
      The created password policy state operation.

    • createGetSecondsSinceLastBindPasswordValidationOperation

      @NotNull public static PasswordPolicyStateOperation createGetSecondsSinceLastBindPasswordValidationOperation()
      Creates a new password policy state operation that may be used to determine the length of time in seconds since the server last invoked password validators during a bind operation for the target user. The result should include an operation of type OP_TYPE_GET_SECONDS_SINCE_LAST_BIND_PASSWORD_VALIDATION with a single integer value representing the number of seconds since the last bind password validation time, or a null value if the account does not have a last bind password validation time.
      Returns:
      The created password policy state operation.

    • createSetLastBindPasswordValidationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createSetLastBindPasswordValidationTimeOperation(@Nullable Date validationTime)
      Creates a new password policy state operation that may be used to set the time that the server last invoked password validators during a bind operation for the target user. The result returned should include an operation of type OP_TYPE_GET_LAST_BIND_PASSWORD_VALIDATION_TIME with a single string value that is the generalized time representation of the last bind password validation time, or a null value if the account does not have a last bind password validation time.
      Parameters:
      validationTime - The time that the server last invoke password validators during a bind operation for the target user. It may be null if the server should use the current time.
      Returns:
      The created password policy state operation.

    • createClearLastBindPasswordValidationTimeOperation

      @NotNull public static PasswordPolicyStateOperation createClearLastBindPasswordValidationTimeOperation()
      Creates a new password policy state operation that may be used to clear the last bind password validation time in the user's entry. The result returned should include an operation of type OP_TYPE_GET_LAST_BIND_PASSWORD_VALIDATION_TIME with a single string value that is the generalized time representation of the last bind password validation time, or a null value if the account does not have a last bind password validation time.
      Returns:
      The created password policy state operation.

    • createGetAccountIsValidationLockedOperation

      @NotNull public static PasswordPolicyStateOperation createGetAccountIsValidationLockedOperation()
      Creates a new password policy state operation that may be used to determine whether an account has been locked because it contains a password that does not satisfy all of the configured password validators. The result returned should include an operation of type OP_TYPE_GET_ACCOUNT_IS_VALIDATION_LOCKED with a single boolean value that indicates whether the account is validation locked.
      Returns:
      The created password policy state operation.

    • createSetAccountIsValidationLockedOperation

      @NotNull public static PasswordPolicyStateOperation createSetAccountIsValidationLockedOperation(boolean isValidationLocked)
      Creates a new password policy state operation that may be used to specify whether an account should be locked because it contains a password that does not satisfy all of the configured password validators. The result authentication attempts. The result returned should include an operation of type OP_TYPE_SET_ACCOUNT_IS_VALIDATION_LOCKED with a single boolean value that indicates whether the account is validation locked.
      Parameters:
      isValidationLocked - Indicates whether the account should be locked because it contains a password that does not satisfy all of the configured password validators.
      Returns:
      The created password policy state operation.

    • createGetRecentLoginHistoryOperation

      @NotNull public static PasswordPolicyStateOperation createGetRecentLoginHistoryOperation()
      Creates a new password policy state operation that may be used to retrieve the recent login history for a user. The result returned should include an operation of type OP_TYPE_GET_RECENT_LOGIN_HISTORY with a single string value that is a JSON object that represents the user's recent login history/
      Returns:
      The created password policy state operation.

    • createClearRecentLoginHistoryOperation

      @NotNull public static PasswordPolicyStateOperation createClearRecentLoginHistoryOperation()
      Creates a new password policy state operation that may be used to clear the recent login history for a user. The result returned should include an operation of type OP_TYPE_GET_RECENT_LOGIN_HISTORY with a single string value that is a JSON object that represents the user's recent login history/
      Returns:
      The created password policy state operation.

    • getOperationType

      public int getOperationType()
      Retrieves the operation type for this password policy state operation.
      Returns:
      The operation type for this password policy state operation.

    • getRawValues

      @NotNull public ASN1OctetString[] getRawValues()
      Retrieves the set of raw values for this password policy state operation.
      Returns:
      The set of raw values for this password policy state operation.

    • getStringValue

      @Nullable public String getStringValue()
      Retrieves the string representation of the value for this password policy state operation. If there are multiple values, then the first will be returned.
      Returns:
      The string representation of the value for this password policy state operation, or null if there are no values.

    • getStringValues

      @NotNull public String[] getStringValues()
      Retrieves the string representations of the values for this password policy state operation.
      Returns:
      The string representations of the values for this password policy state operation.

    • getBooleanValue

      public boolean getBooleanValue() throws IllegalStateException
      Retrieves the boolean representation of the value for this password policy state operation.
      Returns:
      The boolean representation of the value for this password policy state operation.
      Throws:
      IllegalStateException - If this operation does not have exactly one value, or if the value cannot be decoded as a boolean value.

    • getIntValue

      public int getIntValue() throws IllegalStateException, NumberFormatException
      Retrieves the integer representation of the value for this password policy state operation. If there are multiple values, then the first will be returned.
      Returns:
      The integer representation of the value for this password policy operation.
      Throws:
      IllegalStateException - If this operation does not have any values.
      NumberFormatException - If the value cannot be parsed as an integer.

    • getGeneralizedTimeValue

      @Nullable public Date getGeneralizedTimeValue() throws ParseException
      Retrieves the Date object represented by the value for this password policy state operation treated as a timestamp in generalized time form. If there are multiple values, then the first will be returned.
      Returns:
      The Date object represented by the value for this password policy state operation treated as a timestamp in generalized time form, or null if this operation does not have any values.
      Throws:
      ParseException - If the value cannot be decoded as a timestamp in generalized time form.

    • getGeneralizedTimeValues

      @NotNull public Date[] getGeneralizedTimeValues() throws ParseException
      Retrieves the Date objects represented by the values for this password policy state operation treated as timestamps in generalized time form.
      Returns:
      The Date objects represented by the values for this password policy state operation treated as timestamps in generalized time form.
      Throws:
      ParseException - If any of the values cannot be decoded as a timestamp in generalized time form.

    • encode

      @NotNull public ASN1Element encode()
      Encodes this password policy state operation for use in the extended request or response.
      Returns:
      An ASN.1 element containing an encoded representation of this password policy state operation.

    • decode

      @NotNull public static PasswordPolicyStateOperation decode(@NotNull ASN1Element element) throws LDAPException
      Decodes the provided ASN.1 element as a password policy state operation.
      Parameters:
      element - The ASN.1 element to be decoded.
      Returns:
      The decoded password policy state operation.
      Throws:
      LDAPException - If a problem occurs while attempting to decode the provided ASN.1 element as a password policy state operation.

    • toString

      @NotNull public String toString()
      Retrieves a string representation of this password policy state operation.
      Overrides:
      toString in class Object
      Returns:
      A string representation of this password policy state operation.

    • toString

      public void toString(@NotNull StringBuilder buffer)
      Appends a string representation of this password policy state operation to the provided buffer.
      Parameters:
      buffer - The buffer to which the information should be appended.