@Override public void raiseEvent(Object event) { // Used in ActiveDirectory to put account into "enabled" state (aka userAccountControl=512, see http://support.microsoft.com/kb/305144/en ) after password update. If value is -1, it's ignored if (updateUserAccountAfterPasswordUpdate && event instanceof CredentialUpdatedEvent) { CredentialUpdatedEvent credEvent = ((CredentialUpdatedEvent) event); PartitionManager partitionManager = credEvent.getPartitionMananger(); IdentityContext identityCtx = (IdentityContext)partitionManager.createIdentityManager(); CredentialStore store = ((StoreSelector)partitionManager).getStoreForCredentialOperation(identityCtx, credEvent.getCredential().getClass()); if (store instanceof LDAPIdentityStore) { LDAPIdentityStore ldapStore = (LDAPIdentityStore)store; LDAPOperationManager operationManager = ldapStore.getOperationManager(); User picketlinkUser = (User) credEvent.getAccount(); String userDN = ldapStore.getBindingDN(picketlinkUser, true); ModificationItem[] mods = new ModificationItem[1]; BasicAttribute mod0 = new BasicAttribute("userAccountControl", "512"); mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, mod0); operationManager.modifyAttribute(userDN, mod0); logger.debug("Attribute userAccountControls switched to 512 after password update of user " + picketlinkUser.getLoginName()); } else { logger.debug("Store for credential updates is not LDAPIdentityStore. Ignored"); } } } }
@Override public void updateCredential(Account account, Object credential, Date effectiveDate, Date expiryDate) { checkIfExists(account); if (credential == null) { throw MESSAGES.nullArgument("Credential"); } try { IdentityContext identityContext = getIdentityContext(); getStoreSelector().getStoreForCredentialOperation(identityContext, credential.getClass()).updateCredential(identityContext, account, credential, effectiveDate, expiryDate); fireEvent(new CredentialUpdatedEvent(account, credential, effectiveDate, expiryDate, this.partitionManager)); } catch (Exception e) { throw MESSAGES.credentialUpdateFailed(account, credential, e); } }
@Override public void updateCredential(Account account, Object credential, Date effectiveDate, Date expiryDate) { checkIfExists(account); if (credential == null) { throw MESSAGES.nullArgument("Credential"); } try { IdentityContext identityContext = getIdentityContext(); getStoreSelector().getStoreForCredentialOperation(identityContext, credential.getClass()).updateCredential(identityContext, account, credential, effectiveDate, expiryDate); fireEvent(new CredentialUpdatedEvent(account, credential, effectiveDate, expiryDate, this.partitionManager)); } catch (Exception e) { throw MESSAGES.credentialUpdateFailed(account, credential, e); } }