/** * Checks to see if subentries for the search and list operations should be * made visible based on the availability of the search request control * * @param opContext the invocation object to use for determining subentry visibility * @return true if subentries should be visible, false otherwise * @throws Exception if there are problems accessing request controls */ private boolean isSubentryVisible( OperationContext opContext ) throws LdapException { if ( !opContext.hasRequestControls() ) { return false; } // found the subentry request control so we return its value if ( opContext.hasRequestControl( SUBENTRY_CONTROL ) ) { SubentriesDecorator subentriesDecorator = ( SubentriesDecorator ) opContext .getRequestControl( SUBENTRY_CONTROL ); return subentriesDecorator.getDecorated().isVisible(); } return false; }
/** * checks to see if the user's password should be changed before performing any operations * other than bind, password update, unbind, abandon or StartTLS * * @param opContext the operation's context * @throws LdapException */ private void checkPwdReset( OperationContext opContext ) throws LdapException { if ( directoryService.isPwdPolicyEnabled() ) { CoreSession session = opContext.getSession(); if ( session.isPwdMustChange() ) { boolean isPPolicyReqCtrlPresent = opContext .hasRequestControl( PasswordPolicy.OID ); if ( isPPolicyReqCtrlPresent ) { PasswordPolicyDecorator pwdRespCtrl = new PasswordPolicyDecorator( directoryService.getLdapCodecService(), true ); pwdRespCtrl.getResponse().setPasswordPolicyError( PasswordPolicyErrorEnum.CHANGE_AFTER_RESET ); opContext.addResponseControl( pwdRespCtrl ); } throw new LdapNoPermissionException( "password needs to be reset before performing this operation" ); } } }