java.lang.Object | +--CacheableCommandImpl | +--com.ibm.commerce.command.AbstractECTargetableCommand | +--com.ibm.commerce.command.TaskCommandImpl | +--com.ibm.commerce.security.commands.AuthenticationPolicyCmdImpl
Use this task command to enforce policies such as minimum password length. This task command is called by every command that performs verification or update of a user credentials.
Before executing this task command, the methods listed below must be invoked.
setLogonId setPassword
Field Summary | |
---|---|
static java.lang.String |
ERRTASK_NAME Error task name. |
Fields inherited from class com.ibm.commerce.command. AbstractECTargetableCommand |
commandContext |
Fields inherited from interface com.ibm.commerce.security.commands. AuthenticationPolicyCmd |
COPYRIGHT,
defaultCommandClassName,
NAME |
Fields inherited from interface com.ibm.commerce.command. ECTargetableCommand |
COPYRIGHT |
Fields inherited from interface com.ibm.commerce.command. ECCommand |
defaultCommandClassName |
Constructor Summary | |
---|---|
AuthenticationPolicyCmdImpl() |
Method Summary | |
---|---|
protected
void |
analyzePassword() Loads the password rules which will be used to validate the user's new password. |
protected
java.lang.String |
getLogonId() Retrieves the logon ID of the current user. |
protected
java.lang.String |
getPassword() Retrieves the password to be used for verification against the password policy. |
boolean |
isPasswordCompliant() After this task is executed, you can call this function to determine whether the user had a password policy and if the supplied password complies with that policy. |
protected
boolean |
isPreviousPasswordDifferent() Determines whether the password supplied matches the user's previous password. |
protected
boolean |
isUserIDDissimilar() Determines whether the password supplied matches the current user's logonID. |
protected
boolean |
isValidConsecutiveCharacters() Determines whether the password supplied complies with the maximum number of consecutive characters allowed as specified by the password policy for this user. |
protected
boolean |
isValidMaximumCharacters() Determines whether the password supplied complies with the minimum number of digits requirements as specified by the password policy for this user. |
protected
boolean |
isValidMinimumDigits() Determines whether the password supplied complies with the minimum number of digits requirements as specified by the password policy for this user. |
protected
boolean |
isValidMinimumLength() Determines whether the password supplied complies with the minimum password length requirements as specified by the password policy for this user. |
protected
boolean |
isValidMinimumLetters() Determines whether the password supplied has the minimum of letters as specified by the password policy for this user. |
protected
boolean |
loadUserPasswordPolicy() Loads the password rules which will be used to check the user's new password. |
void |
performExecute() If the Security/passwordpolicy parameter has been set in the instance.xml, and we are using DB authentication, then this command will fetch the password policies, and delegate to the validatePasswordCompliance() method to determine if the password specified satisfies the policies. |
void |
setAccountPolicy(java.lang.String strDefinedAccountPolicy) Sets the account policy to be used to check this password. |
void |
setErrorTask(java.lang.String strErrorTask) This function allows for the default error view task of the command to be overwritten. |
void |
setLogonId(java.lang.String strLogonId) Sets the logon ID under which the current user wishes to logon. |
void |
setPassword(java.lang.String strPassword) Sets the password to be used for authentication with the new logon ID. |
void |
validateParameters() Validates the parameters. |
protected
void |
validatePasswordCompliance() Checks that the Password complies with the rules defined by the authentication policy for this user. |
Methods inherited from class com.ibm.commerce.command. AbstractECTargetableCommand |
accessControlCheck,
checkIsAllowed,
checkParameters,
checkResourcePermission,
createCommandExecutionEvent,
execute,
finalize,
getAccCheck,
getCommandContext,
getCommandIfName,
getCommandName,
getCommandStoreId,
getDefaultProperties,
getResources,
getStoreId,
getUser,
getUserId,
isReadyToCallExecute,
reset,
setAccCheck,
setCommandContext,
setCommandIfName,
setCommandStoreId,
setDefaultProperties |
Methods inherited from class java.lang.Object |
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait,
wait, wait |
Field Detail |
---|
public static java.lang.String ERRTASK_NAME
Constructor Detail |
---|
public AuthenticationPolicyCmdImpl()
Method Detail |
---|
protected void analyzePassword()
protected java.lang.String getLogonId()
protected java.lang.String getPassword()
public boolean isPasswordCompliant()
isPasswordCompliant
in interface
AuthenticationPolicyCmd
protected boolean isPreviousPasswordDifferent()
protected boolean isUserIDDissimilar()
protected boolean isValidConsecutiveCharacters()
protected boolean isValidMaximumCharacters()
protected boolean isValidMinimumDigits()
protected boolean isValidMinimumLength()
protected boolean isValidMinimumLetters()
protected boolean loadUserPasswordPolicy() throws ECException
ECException
public void performExecute() throws ECException
performExecute
in interface
ECCommand
performExecute
in class
AbstractECTargetableCommand
ECException
public void setAccountPolicy(java.lang.String strDefinedAccountPolicy)
setAccountPolicy
in interface
AuthenticationPolicyCmd
strDefinedAccountPolicy
- The account
policy.public void setErrorTask(java.lang.String strErrorTask)
setErrorTask
in interface
AuthenticationPolicyCmd
strErrorTask
- The name of the new error view
task.public void setLogonId(java.lang.String strLogonId)
setLogonId
in interface
AuthenticationPolicyCmd
public void setPassword(java.lang.String strPassword)
setPassword
in interface
AuthenticationPolicyCmd
strPassword
- The password.public void validateParameters() throws ECException
validateParameters
in interface
ECCommand
validateParameters
in class
AbstractECTargetableCommand
ECException
protected void validatePasswordCompliance() throws ECApplicationException
ECApplicationException