Package com.unboundid.ldap.sdk.unboundidds

Class PasswordPolicyStateJSON

  • All Implemented Interfaces:
    java.io.Serializable
    @NotMutable
@ThreadSafety(level=COMPLETELY_THREADSAFE)
public final class PasswordPolicyStateJSON
extends java.lang.Object
implements java.io.Serializable
    This class provides support for reading and decoding the value of the ds-pwp-state-json virtual attribute, which holds information about a user's password policy state.
    NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.
    See Also:
    ModifiablePasswordPolicyStateJSON, PasswordPolicyStateExtendedRequest, PasswordPolicyStateJSONField, Serialized Form

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String PASSWORD_POLICY_STATE_JSON_ATTRIBUTE
      The name of the operational attribute that holds a JSON representation of a user's password policy state.

    • Constructor Summary

      Constructors 
      Constructor Description
      PasswordPolicyStateJSON​(JSONObject passwordPolicyStateObject)
      Creates a new instance of this object from the provided JSON object.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static PasswordPolicyStateJSON get​(Entry userEntry)
      Attempts to retrieve and decode the password policy state information from the provided user entry.
      static PasswordPolicyStateJSON get​(LDAPInterface connection, java.lang.String userDN)
      Attempts to retrieve and decode the password policy state information for the specified user.
      java.util.Date getAccountActivationTime()
      Retrieves the time that the user's account became (or will become) active.
      java.util.Date getAccountExpirationTime()
      Retrieves the time that the user's account will (or did) expire.
      java.lang.Boolean getAccountIsDisabled()
      Retrieves the value of a flag that indicates whether the user's account has been administratively disabled.
      java.lang.Boolean getAccountIsExpired()
      Retrieves the value of a flag that indicates whether the user's account is expired.
      java.lang.Boolean getAccountIsFailureLocked()
      Retrieves the value of a flag that indicates whether the user account is currently locked as a result of too many failed authentication attempts.
      java.lang.Boolean getAccountIsIdleLocked()
      Retrieves the value of a flag that indicates whether the user's account is currently locked because it has been too long since they last authenticated to the server.
      java.lang.Boolean getAccountIsNotYetActive()
      Retrieves the value of a flag that indicates whether the user's account is not yet active because it has an activation time that is in the future.
      java.lang.Boolean getAccountIsResetLocked()
      Retrieves the value of a flag that indicates whether the user's account is locked because they failed to choose a new password in a timely manner after an administrative reset.
      java.lang.Boolean getAccountIsUsable()
      Retrieves the value of a flag that indicates whether the user's account is in a state that the server considers usable.
      java.lang.Boolean getAccountIsValidationLocked()
      Retrieves the value of a flag that indicates whether the user account is currently locked because it contains a password that does not satisfy all of the configured password validators.
      java.util.List<PasswordPolicyStateAccountUsabilityError> getAccountUsabilityErrors()
      Retrieves a list of information about any error conditions that may affect usability of the user's account.
      java.util.List<PasswordPolicyStateAccountUsabilityNotice> getAccountUsabilityNotices()
      Retrieves a list of information about any notices related to the usability of the user's account.
      java.util.List<PasswordPolicyStateAccountUsabilityWarning> getAccountUsabilityWarnings()
      Retrieves a list of information about any warning conditions that may soon affect usability of the user's account.
      java.util.List<PasswordQualityRequirement> getAddPasswordQualityRequirements()
      Retrieves the list of quality requirements that must be satisfied for passwords included in new entries that are added using the same password policy as the associated entry.
      java.util.List<PasswordQualityRequirement> getAdministrativeResetPasswordQualityRequirements()
      Retrieves the list of quality requirements that must be satisfied when an administrator attempts to change the user's password.
      java.util.List<java.util.Date> getAuthenticationFailureTimes()
      Retrieves a list of the outstanding authentication failure times for the user account.
      java.util.List<java.lang.String> getAvailableOTPDeliveryMechanisms()
      Retrieves a list of the names of the OTP delivery mechanisms that the user can use to receive one-time passwords, password reset tokens, and single-use tokens.
      java.util.List<java.lang.String> getAvailableSASLMechanisms()
      Retrieves a list of the names of the SASL mechanisms that the user can use to authenticate.
      java.util.List<PasswordQualityRequirement> getBindPasswordQualityRequirements()
      Retrieves the list of quality requirements that must be satisfied when the associated user authenticates in a manner that makes the clear-text password available to the server.
      java.lang.String getBindPasswordValidationFailureAction()
      Retrieves the name of the action that the server should take if the password provided during a bind operation fails to satisfy one or more password validators.
      java.lang.Integer getCurrentAuthenticationFailureCount()
      Retrieves the current number of failed authentication attempts for the user account.
      java.lang.Integer getCurrentPasswordHistoryCount()
      Retrieves the number of passwords currently held in the user's password history.
      java.lang.Boolean getExpirePasswordsWithoutWarning()
      Retrieves the value of a flag that indicates whether the server will allow a user's password to expire even if they have not yet received any warnings about an upcoming expiration.
      java.lang.Integer getFailureLockoutCount()
      Retrieves the number of consecutive failed authentication attempts that are required to lock the user's account.
      java.lang.Integer getFailureLockoutDurationSeconds()
      Retrieves the length of time in seconds that a user's account will be locked after too many failed authentication attempts.
      java.util.Date getFailureLockoutExpirationTime()
      Retrieves the time that the user's failure-locked account will be automatically unlocked.
      java.util.Date getFailureLockoutTime()
      Retrieves the time that the user's account was locked as a result of too many failed authentication attempts.
      java.lang.Boolean getForceChangeOnAdd()
      Retrieves the value of a flag that indicates whether the password policy that governs the user is configured to require users to choose a new password the first time they authenticate after their account is created.
      java.lang.Boolean getForceChangeOnReset()
      Retrieves the value of a flag that indicates whether the password policy that governs the user is configured to require users to choose a new password the first time they authenticate after their password has been reset by an administrator.
      java.util.List<java.util.Date> getGraceLoginUseTimes()
      Retrieves a list of the times that the user has used a grace login to authenticate.
      java.lang.Boolean getHasRegisteredYubiKeyOTPDevice()
      Retrieves the value of a flag that indicates whether the user account has at least one registered YubiKey OTP device that can be used to authenticate via the UNBOUNDID-YUBIKEY-OTP SASL mechanism.
      java.lang.Boolean getHasRetiredPassword()
      Retrieves the value of a flag that indicates whether the user account has a retired former password that may still be used to authenticate.
      java.lang.Boolean getHasStaticPassword()
      Retrieves the value of a flag that indicates whether the user's account contains at least one static password.
      java.lang.Boolean getHasTOTPSharedSecret()
      Retrieves the value of a flag that indicates whether the user account has at least one TOTP shared secret that can be used to authenticate with time-based one-time passwords via the UNBOUNDID-TOTP SASL mechanism.
      java.lang.Integer getIdleLockoutIntervalSeconds()
      Retrieves the maximum length of time in seconds that can elapse between successful authentications before the user's account is locked.
      java.util.Date getIdleLockoutTime()
      Retrieves the time that the user's account will be (or was) locked for allowing too much time to elapse between successful authentications.
      java.lang.Boolean getIsWithinMinimumPasswordAge()
      Indicates whether the user is currently prohibited from changing their password because not enough time has elapsed since they last changed their password.
      java.util.Date getLastBindPasswordValidationTime()
      Retrieves the time that the server last invoked password validators during a bind operation for the user.
      java.lang.String getLastLoginIPAddress()
      Retrieves the IP address of the client from which the user last successfully authenticated.
      java.util.Date getLastLoginTime()
      Retrieves the time that the user last successfully authenticated to the server.
      java.lang.Integer getMaximumGraceLoginCount()
      Retrieves the maximum number of grace login attempts that the user will have to allow them to change an expired password.
      java.lang.Integer getMaximumPasswordAgeSeconds()
      Retrieves the maximum length of time in seconds after a password change that the user is allowed to keep using that password.
      java.lang.Integer getMaximumPasswordHistoryCount()
      Retrieves the maximum number of passwords that the server will maintain in the user's password history.
      java.lang.Integer getMaximumPasswordHistoryDurationSeconds()
      Retrieves the maximum length of time in seconds that the server will maintain passwords in the user's password history.
      java.lang.Integer getMaximumPasswordResetAgeSeconds()
      Retrieves the maximum length of time in seconds that a user has to change their password after an administrative reset before their account will be locked.
      java.lang.Integer getMaximumRecentLoginHistoryFailedAuthenticationCount()
      Retrieves the maximum number of recent failed login attempts the server should maintain for a user.
      java.lang.Integer getMaximumRecentLoginHistoryFailedAuthenticationDurationSeconds()
      Retrieves the maximum age in seconds of recent failed login attempts the server should maintain for a user.
      java.lang.Integer getMaximumRecentLoginHistorySuccessfulAuthenticationCount()
      Retrieves the maximum number of recent successful login attempts the server should maintain for a user.
      java.lang.Integer getMaximumRecentLoginHistorySuccessfulAuthenticationDurationSeconds()
      Retrieves the maximum age in seconds of recent successful login attempts the server should maintain for a user.
      java.lang.Integer getMinimumBindPasswordValidationFrequencySeconds()
      Retrieves the minimum length of time in seconds that should pass between invocations of password validators during a bind operation for the user.
      java.util.Date getMinimumPasswordAgeExpirationTime()
      Retrieves the earliest time that the user will be permitted to change their password as a result of the minimum password age.
      java.lang.Integer getMinimumPasswordAgeSeconds()
      Retrieves the minimum length of time in seconds that must elapse after a user changes their password before they will be permitted to change it again.
      java.lang.Boolean getMustChangePassword()
      Retrieves the value of a flag that indicates whether the user must change their password before they will be allowed to perform any other operations in the server.
      java.util.Date getPasswordChangedTime()
      Retrieves the time that the user's password was last changed.
      java.util.Date getPasswordExpirationTime()
      Retrieves the time that the user's password will (or did) expire.
      java.lang.Integer getPasswordExpirationWarningIntervalSeconds()
      Retrieves the length of time in seconds before an upcoming password expiration that the user will be eligible to start receving warnings about that expiration.
      java.lang.Boolean getPasswordExpirationWarningIssued()
      Retrieves the value of a flag that indicates whether the user has received at least one warning about an upcoming password expiration.
      java.util.Date getPasswordExpirationWarningTime()
      Retrieves the time that the user will be eligible to receive (or the time that the user first received) a warning about an upcoming password expiration.
      java.lang.Boolean getPasswordIsExpired()
      Retrieves the value of a flag that indicates whether the user's password is expired.
      java.lang.String getPasswordPolicyDN()
      Retrieves the DN of the entry that defines the password policy that governs the associated user.
      JSONObject getPasswordPolicyStateJSONObject()
      Retrieves the JSON object that contains the encoded password policy state information.
      RecentLoginHistory getRecentLoginHistory()
      Retrieves the recent login history for the user.
      java.lang.Integer getRemainingAuthenticationFailureCount()
      Retrieves the remaining number of failed authentication attempts required to lock the user account.
      java.lang.Integer getRemainingGraceLoginCount()
      Retrieves the remaining number of grace logins for the user.
      java.lang.Boolean getRequireSecureAuthentication()
      Retrieves the value of a flag that indicates whether the user will be required to authenticate in a secure manner that does not reveal their credentials to an observer.
      java.lang.Boolean getRequireSecurePasswordChanges()
      Retrieves the value of a flag that indicates whether the user will be required to change their password in a secure manner that does not reveal their credentials to an observer.
      java.util.Date getResetLockoutTime()
      Retrieves the time that the user's account will be (or was) locked after failing to choose a new password in a timely manner after an administrative reset.
      java.util.Date getRetiredPasswordExpirationTime()
      Retrieves the time that the user's retired password will expire and can no longer be used to authenticate.
      java.lang.Integer getSecondsRemainingInFailureLockout()
      Retrieves the length of time in seconds remaining until the user's failure-locked account will be automatically unlocked.
      java.lang.Integer getSecondsRemainingInMinimumPasswordAge()
      Retrieves the length of time in seconds remaining until the user will be permitted to change their password as a result of the minimum password age.
      java.lang.Integer getSecondsSinceAccountActivation()
      Retrieves the length of time in seconds since the user's account became active.
      java.lang.Integer getSecondsSinceAccountExpiration()
      Retrieves the length of time in seconds since the user's account expired.
      java.lang.Integer getSecondsSinceIdleLockout()
      Retrieves the length of time in seconds since the user's account was locked for allowing too much time to elapse between successful authentications.
      java.lang.Integer getSecondsSinceLastBindPasswordValidation()
      Retrieves the length of time in seconds that has passed since the server last invoked password validators during a bind operation for the user.
      java.lang.Integer getSecondsSinceLastLogin()
      Retrieves the length of time in seconds since the user last successfully authenticated to the server.
      java.lang.Integer getSecondsSincePasswordChange()
      Retrieves the length of time in seconds that has passed since the user's password was last changed.
      java.lang.Integer getSecondsSincePasswordExpiration()
      Retrieves the length of time in seconds since the user's password expired.
      java.lang.Integer getSecondsSincePasswordExpirationWarning()
      Retrieves the length of time in seconds since the user received the first warning about an upcoming password expiration.
      java.lang.Integer getSecondsUntilAccountActivation()
      Retrieves the length of time in seconds until the user's account will become active.
      java.lang.Integer getSecondsUntilAccountExpiration()
      Retrieves the length of time in seconds until the user's account will expire.
      java.lang.Integer getSecondsUntilIdleLockout()
      Retrieves the length of time in seconds until the user's account will be locked for allowing too much time to elapse between successful authentications.
      java.lang.Integer getSecondsUntilPasswordExpiration()
      Retrieves the length of time in seconds until the user's password will expire.
      java.lang.Integer getSecondsUntilPasswordExpirationWarning()
      Retrieves the length of time in seconds until the user will be eligible to receive a warning about an upcoming password expiration.
      java.lang.Integer getSecondsUntilResetLockout()
      Retrieves the length of time in seconds until the user's account will be locked for failing to choose a new password after an administrative reset.
      java.lang.Integer getSecondsUntilRetiredPasswordExpiration()
      Retrieves the length of time in seconds remaining until the user's retired password expires and can no longer be used to authenticate.
      java.util.List<PasswordQualityRequirement> getSelfChangePasswordQualityRequirements()
      Retrieves the list of quality requirements that must be satisfied when the associated user attempts to change their own password.
      java.lang.Integer getUsedGraceLoginCount()
      Retrieves the number of grace logins that the user has currently used.
      java.lang.String toString()
      Retrieves a string representation of the password policy state information.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    • Constructor Detail

      • PasswordPolicyStateJSON

        public PasswordPolicyStateJSON​(@NotNull
                               JSONObject passwordPolicyStateObject)
        Creates a new instance of this object from the provided JSON object.
        Parameters:
        passwordPolicyStateObject - The JSON object containing the encoded password policy state.

    • Method Detail

      • get

        @Nullable
public static PasswordPolicyStateJSON get​(@NotNull
                                          LDAPInterface connection,
                                          @NotNull
                                          java.lang.String userDN)
                                   throws LDAPException
        Attempts to retrieve and decode the password policy state information for the specified user.
        Parameters:
        connection - The connection to use to communicate with the server. It must not be null, and it must be established and authenticated as an account with permission to access the target user's password policy state information.
        userDN - The DN of the user for whom to retrieve the password policy state. It must not be null.
        Returns:
        The password policy state information for the specified user, or null because no password policy state information is available for the user.
        Throws:
        LDAPException - If a problem is encountered while trying to retrieve the user's entry or decode the password policy state JSON object.

      • get

        @Nullable
public static PasswordPolicyStateJSON get​(@NotNull
                                          Entry userEntry)
                                   throws LDAPException
        Attempts to retrieve and decode the password policy state information from the provided user entry.
        Parameters:
        userEntry - The entry for the user for whom to obtain the password policy state information. It must not be null.
        Returns:
        The password policy state information from the provided user entry, or null if no password policy state information is available for the user.
        Throws:
        LDAPException - If a problem is encountered while trying to decode the password policy state JSON object.

      • getPasswordPolicyStateJSONObject

        @NotNull
public JSONObject getPasswordPolicyStateJSONObject()
        Retrieves the JSON object that contains the encoded password policy state information.
        Returns:
        The JSON object that contains the encoded password policy state information.

      • getPasswordPolicyDN

        @Nullable
public java.lang.String getPasswordPolicyDN()
        Retrieves the DN of the entry that defines the password policy that governs the associated user.
        Returns:
        The DN of the entry that defines hte password policy that governs the associated user, or null if this was not included in the password policy state JSON object.

      • getAccountIsUsable

        @Nullable
public java.lang.Boolean getAccountIsUsable()
        Retrieves the value of a flag that indicates whether the user's account is in a state that the server considers usable.
        Returns:
        Boolean.TRUE if the account is in a usable state, Boolean.FALSE if the account is not in a usable state, or null if this flag was not included in the password policy state JSON object.

      • getAccountUsabilityErrors

        @NotNull
public java.util.List<PasswordPolicyStateAccountUsabilityErrorgetAccountUsabilityErrors()
        Retrieves a list of information about any error conditions that may affect usability of the user's account.
        Returns:
        A list of information about any error conditions that may affect the usability of the user's account. The returned list may be empty if there are no account usability errors or if this was not included in the password policy state JSON object.

      • getAccountUsabilityWarnings

        @NotNull
public java.util.List<PasswordPolicyStateAccountUsabilityWarninggetAccountUsabilityWarnings()
        Retrieves a list of information about any warning conditions that may soon affect usability of the user's account.
        Returns:
        A list of information about any warning conditions that may soon affect the usability of the user's account. The returned list may be empty if there are no account usability warnings or if this was not included in the password policy state JSON object.

      • getAccountUsabilityNotices

        @NotNull
public java.util.List<PasswordPolicyStateAccountUsabilityNoticegetAccountUsabilityNotices()
        Retrieves a list of information about any notices related to the usability of the user's account.
        Returns:
        A list of information about any notices related to the usability of the user's account. The returned list may be empty if there are no account usability notices or if this was not included in the password policy state JSON object.

      • getHasStaticPassword

        @Nullable
public java.lang.Boolean getHasStaticPassword()
        Retrieves the value of a flag that indicates whether the user's account contains at least one static password.
        Returns:
        Boolean.TRUE if the account has at least one static password, Boolean.FALSE if the account does not have any static password, or null if this flag was not included in the password policy state JSON object.

      • getPasswordChangedTime

        @Nullable
public java.util.Date getPasswordChangedTime()
        Retrieves the time that the user's password was last changed.
        Returns:
        The time that the user's password was last changed, or null if this was not included in the password policy state JSON object.

      • getSecondsSincePasswordChange

        @Nullable
public java.lang.Integer getSecondsSincePasswordChange()
        Retrieves the length of time in seconds that has passed since the user's password was last changed.
        Returns:
        The length of time in seconds that has passed since the user's password was last changed, or null if this was not included in the password policy state JSON object.

      • getAccountIsDisabled

        @Nullable
public java.lang.Boolean getAccountIsDisabled()
        Retrieves the value of a flag that indicates whether the user's account has been administratively disabled.
        Returns:
        Boolean.TRUE if the account has been administratively disabled, Boolean.FALSE if the account has not been administratively disabled, or null if this flag was not included in the password policy state JSON object.

      • getAccountIsNotYetActive

        @Nullable
public java.lang.Boolean getAccountIsNotYetActive()
        Retrieves the value of a flag that indicates whether the user's account is not yet active because it has an activation time that is in the future.
        Returns:
        Boolean.TRUE if the account is not yet active, Boolean.FALSE if the account either does not have an activation time or if that time has already passed, or null if this flag was not included in the password policy state JSON object.

      • getAccountActivationTime

        @Nullable
public java.util.Date getAccountActivationTime()
        Retrieves the time that the user's account became (or will become) active.
        Returns:
        The time that the user's account became (or will become) active, or null if this was not included in the password policy state JSON object.

      • getSecondsUntilAccountActivation

        @Nullable
public java.lang.Integer getSecondsUntilAccountActivation()
        Retrieves the length of time in seconds until the user's account will become active.
        Returns:
        The length of time in seconds until the user's account will become active, or null if this was not included in the password policy state JSON object (e.g., because the user does not have an activation time in the future).

      • getSecondsSinceAccountActivation

        @Nullable
public java.lang.Integer getSecondsSinceAccountActivation()
        Retrieves the length of time in seconds since the user's account became active.
        Returns:
        The length of time in seconds since the user's account became active, or null if this was not included in the password policy state JSON object (e.g., because the user does not have an activation time in the past).

      • getAccountIsExpired

        @Nullable
public java.lang.Boolean getAccountIsExpired()
        Retrieves the value of a flag that indicates whether the user's account is expired.
        Returns:
        Boolean.TRUE if the account is expired, Boolean.FALSE if the account is not expired, or null if this flag was not included in the password policy state JSON object.

      • getAccountExpirationTime

        @Nullable
public java.util.Date getAccountExpirationTime()
        Retrieves the time that the user's account will (or did) expire.
        Returns:
        The time that the user's account will (or did) expire, or null if this was not included in the password policy state JSON object.

      • getSecondsUntilAccountExpiration

        @Nullable
public java.lang.Integer getSecondsUntilAccountExpiration()
        Retrieves the length of time in seconds until the user's account will expire.
        Returns:
        The length of time in seconds until the user's account will expire, or null if this was not included in the password policy state JSON object (e.g., because the user does not have an expiration time in the future).

      • getSecondsSinceAccountExpiration

        @Nullable
public java.lang.Integer getSecondsSinceAccountExpiration()
        Retrieves the length of time in seconds since the user's account expired.
        Returns:
        The length of time in seconds since the user's account expired, or null if this was not included in the password policy state JSON object (e.g., because the user does not have an expiration time in the past).

      • getPasswordIsExpired

        @Nullable
public java.lang.Boolean getPasswordIsExpired()
        Retrieves the value of a flag that indicates whether the user's password is expired.
        Returns:
        Boolean.TRUE if the password is expired, Boolean.FALSE if the password is not expired, or null if this flag was not included in the password policy state JSON object.

      • getMaximumPasswordAgeSeconds

        @Nullable
public java.lang.Integer getMaximumPasswordAgeSeconds()
        Retrieves the maximum length of time in seconds after a password change that the user is allowed to keep using that password.
        Returns:
        The maximum length of time in seconds after a password change that the user is allowed to keep using that password, or null if this flag was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user).

      • getPasswordExpirationTime

        @Nullable
public java.util.Date getPasswordExpirationTime()
        Retrieves the time that the user's password will (or did) expire.
        Returns:
        The time that the user's password will (or did) expire, or null if this was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user).

      • getSecondsUntilPasswordExpiration

        @Nullable
public java.lang.Integer getSecondsUntilPasswordExpiration()
        Retrieves the length of time in seconds until the user's password will expire.
        Returns:
        The length of time in seconds until the user's password will expire, or null if this was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user, or because the user's password is already expired).

      • getSecondsSincePasswordExpiration

        @Nullable
public java.lang.Integer getSecondsSincePasswordExpiration()
        Retrieves the length of time in seconds since the user's password expired.
        Returns:
        The length of time in seconds since the user's password expired, or null if this was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user, or because the user's password is not expired).

      • getPasswordExpirationWarningIntervalSeconds

        @Nullable
public java.lang.Integer getPasswordExpirationWarningIntervalSeconds()
        Retrieves the length of time in seconds before an upcoming password expiration that the user will be eligible to start receving warnings about that expiration.
        Returns:
        The length of time in seconds before an upcoming password expiration that the user will be eligible to start receiving messages about that expiration, or null if this was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user).

      • getExpirePasswordsWithoutWarning

        @Nullable
public java.lang.Boolean getExpirePasswordsWithoutWarning()
        Retrieves the value of a flag that indicates whether the server will allow a user's password to expire even if they have not yet received any warnings about an upcoming expiration.
        Returns:
        Boolean.TRUE if the server will allow a user's password to expire even if they have not been warned about an upcoming expiration, Boolean.FALSE if the server will ensure that the user receives at least one warning before expiring the password, or null if this flag was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user).

      • getPasswordExpirationWarningIssued

        @Nullable
public java.lang.Boolean getPasswordExpirationWarningIssued()
        Retrieves the value of a flag that indicates whether the user has received at least one warning about an upcoming password expiration.
        Returns:
        Boolean.TRUE if the user has received at least one warning about an upcoming password expiration, Boolean.FALSE if the user has not been warned about an upcoming password expiration, or null if this flag was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user).

      • getPasswordExpirationWarningTime

        @Nullable
public java.util.Date getPasswordExpirationWarningTime()
        Retrieves the time that the user will be eligible to receive (or the time that the user first received) a warning about an upcoming password expiration.
        Returns:
        The time that the user will be eligible to receive (or the time that the user first received) a warning about an upcoming password expiration, or null if this was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user).

      • getSecondsUntilPasswordExpirationWarning

        @Nullable
public java.lang.Integer getSecondsUntilPasswordExpirationWarning()
        Retrieves the length of time in seconds until the user will be eligible to receive a warning about an upcoming password expiration.
        Returns:
        The length of time in seconds until the user will be eligible to receive a warning about an upcoming password expiration, or null if this was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user, or because the user has already been warned about an upcoming expiration).

      • getSecondsSincePasswordExpirationWarning

        @Nullable
public java.lang.Integer getSecondsSincePasswordExpirationWarning()
        Retrieves the length of time in seconds since the user received the first warning about an upcoming password expiration.
        Returns:
        The length of time in seconds since the user received the first warning about an upcoming password expiration, or null if this was not included in the password policy state JSON object (e.g., because password expiration is not configured in the password policy that governs the user, or because the user has not yet been warned about an upcoming expiration).

      • getAccountIsFailureLocked

        @Nullable
public java.lang.Boolean getAccountIsFailureLocked()
        Retrieves the value of a flag that indicates whether the user account is currently locked as a result of too many failed authentication attempts.
        Returns:
        Boolean.TRUE if the user account is locked as a result of too many failed authentication attempts, Boolean.FALSE if the user account is not locked because of too many failed authentication attempts, or null if this flag was not included in the password policy state JSON object.

      • getFailureLockoutCount

        @Nullable
public java.lang.Integer getFailureLockoutCount()
        Retrieves the number of consecutive failed authentication attempts that are required to lock the user's account.
        Returns:
        The number of consecutive failed authentication attempts that are required to lock the user's account, or null if this was not included in the password policy state JSON object (e.g., because account lockout is not configured in the password policy that governs the user).

      • getCurrentAuthenticationFailureCount

        @Nullable
public java.lang.Integer getCurrentAuthenticationFailureCount()
        Retrieves the current number of failed authentication attempts for the user account.
        Returns:
        The current number of failed authentication attempts for the user account, or null if this was not included in the password policy state JSON object (e.g., because account lockout is not configured in the password policy that governs the user).

      • getRemainingAuthenticationFailureCount

        @Nullable
public java.lang.Integer getRemainingAuthenticationFailureCount()
        Retrieves the remaining number of failed authentication attempts required to lock the user account.
        Returns:
        The remaining number of failed authentication attempts required to lock the user account, or null if this was not included in the password policy state JSON object (e.g., because account lockout is not configured in the password policy that governs the user).

      • getAuthenticationFailureTimes

        @NotNull
public java.util.List<java.util.Date> getAuthenticationFailureTimes()
        Retrieves a list of the outstanding authentication failure times for the user account.
        Returns:
        A list of the outstanding authentication failure times for the user account, or an empty list if there are no outstanding authentication failures or if this was not included in the password policy state JSON object (e.g., because account lockout is not configured in the password policy that governs the user).

      • getFailureLockoutTime

        @Nullable
public java.util.Date getFailureLockoutTime()
        Retrieves the time that the user's account was locked as a result of too many failed authentication attempts.
        Returns:
        The time that the user's account was locked as a result of too many failed authentication attempts, or null if this was not included in the password policy state JSON object (e.g., because the user's account is not failure locked).

      • getFailureLockoutDurationSeconds

        @Nullable
public java.lang.Integer getFailureLockoutDurationSeconds()
        Retrieves the length of time in seconds that a user's account will be locked after too many failed authentication attempts.
        Returns:
        The length of time in seconds that a user's account will be locked after too many failed authentication attempts, or null if this was not included in the password policy state JSON object (e.g., because account lockout is not configured in the password policy that governs the user, or because account lockout is not temporary).

      • getFailureLockoutExpirationTime

        @Nullable
public java.util.Date getFailureLockoutExpirationTime()
        Retrieves the time that the user's failure-locked account will be automatically unlocked.
        Returns:
        The time that the user's failure-locked account will be automatically unlocked, or null if this was not included in the password policy state JSON object (e.g., because the user's account is not failure locked, or because the lockout is not temporary).

      • getSecondsRemainingInFailureLockout

        @Nullable
public java.lang.Integer getSecondsRemainingInFailureLockout()
        Retrieves the length of time in seconds remaining until the user's failure-locked account will be automatically unlocked.
        Returns:
        The length of time in seconds remaining until the user's failure-locked account will be automatically unlocked, or null if this was not included in the password policy state JSON object (e.g., because the user's account is not failure locked, or because the lockout is not temporary).

      • getLastLoginTime

        @Nullable
public java.util.Date getLastLoginTime()
        Retrieves the time that the user last successfully authenticated to the server.
        Returns:
        The time that the user last successfully authenticated to the server, or null if this was not included in the password policy state JSON object (e.g., because last login time tracking is not configured in the password policy that governs the user).

      • getSecondsSinceLastLogin

        @Nullable
public java.lang.Integer getSecondsSinceLastLogin()
        Retrieves the length of time in seconds since the user last successfully authenticated to the server.
        Returns:
        The length of time in seconds since the user last successfully authenticated to the server, or null if this was not included in the password policy state JSON object (e.g., because last login time tracking is not configured in the password policy that governs the user).

      • getLastLoginIPAddress

        @Nullable
public java.lang.String getLastLoginIPAddress()
        Retrieves the IP address of the client from which the user last successfully authenticated.
        Returns:
        The IP address of the client from which the user last successfully authenticated, or null if this was not included in the password policy state JSON object (e.g., because last login IP address tracking is not configured in the password policy that governs the user).

      • getAccountIsIdleLocked

        @Nullable
public java.lang.Boolean getAccountIsIdleLocked()
        Retrieves the value of a flag that indicates whether the user's account is currently locked because it has been too long since they last authenticated to the server.
        Returns:
        Boolean.TRUE if the user's account is currently idle-locked, Boolean.FALSE if the user's account is not currently idle-locked, or null if this flag was not included in the password policy state JSON object.

      • getIdleLockoutIntervalSeconds

        @Nullable
public java.lang.Integer getIdleLockoutIntervalSeconds()
        Retrieves the maximum length of time in seconds that can elapse between successful authentications before the user's account is locked.
        Returns:
        The maximum length of time in seconds that can elapse between successful authentications before the user's account is locked, or null if this was not included in the password policy state JSON object (e.g., because idle lockout is not configured in the password policy that governs the user).

      • getIdleLockoutTime

        @Nullable
public java.util.Date getIdleLockoutTime()
        Retrieves the time that the user's account will be (or was) locked for allowing too much time to elapse between successful authentications.
        Returns:
        The time that the user's account will be (or was) locked for allowing too much time to elapse between successful authentications, or null if this was not included in the password policy state JSON object (e.g., because idle lockout is not configured in the password policy that governs the user).

      • getSecondsUntilIdleLockout

        @Nullable
public java.lang.Integer getSecondsUntilIdleLockout()
        Retrieves the length of time in seconds until the user's account will be locked for allowing too much time to elapse between successful authentications.
        Returns:
        The length of time in seconds until the user's account will be locked for allowing too much time to elapse between successful authentication, or null if this was not included in the password policy state JSON object (e.g., because idle lockout is not configured in the password policy that governs the user, or because the user's account is already idle-locked).

      • getSecondsSinceIdleLockout

        @Nullable
public java.lang.Integer getSecondsSinceIdleLockout()
        Retrieves the length of time in seconds since the user's account was locked for allowing too much time to elapse between successful authentications.
        Returns:
        The length of time in seconds since the user's account was locked for allowing too much time to elapse between successful authentication, or null if this was not included in the password policy state JSON object (e.g., because idle lockout is not configured in the password policy that governs the user, or because the user's account is not idle-locked).

      • getMustChangePassword

        @Nullable
public java.lang.Boolean getMustChangePassword()
        Retrieves the value of a flag that indicates whether the user must change their password before they will be allowed to perform any other operations in the server.
        Returns:
        Boolean.TRUE if the user must change their password before they will be allowed to perform any other operations in the server, Boolean.FALSE if the user is not required to change their password, or null if this flag was not included in the password policy state JSON object.

      • getAccountIsResetLocked

        @Nullable
public java.lang.Boolean getAccountIsResetLocked()
        Retrieves the value of a flag that indicates whether the user's account is locked because they failed to choose a new password in a timely manner after an administrative reset.
        Returns:
        Boolean.TRUE if the user's account is currently reset-locked, Boolean.FALSE if the user's account is not reset-locked, or null if this flag was not included in the password policy state JSON object.

      • getForceChangeOnAdd

        @Nullable
public java.lang.Boolean getForceChangeOnAdd()
        Retrieves the value of a flag that indicates whether the password policy that governs the user is configured to require users to choose a new password the first time they authenticate after their account is created.
        Returns:
        Boolean.TRUE if users are required to choose a new password the first time they authenticate after their account is created, Boolean.FALSE if users are not required to choose a new password after their account is created, or null if this flag was not included in the password policy state JSON object.

      • getForceChangeOnReset

        @Nullable
public java.lang.Boolean getForceChangeOnReset()
        Retrieves the value of a flag that indicates whether the password policy that governs the user is configured to require users to choose a new password the first time they authenticate after their password has been reset by an administrator.
        Returns:
        Boolean.TRUE if users are required to choose a new password the first time they authenticate after their password is reset, Boolean.FALSE if users are not required to choose a new password after their password is reset, or null if this flag was not included in the password policy state JSON object.

      • getMaximumPasswordResetAgeSeconds

        @Nullable
public java.lang.Integer getMaximumPasswordResetAgeSeconds()
        Retrieves the maximum length of time in seconds that a user has to change their password after an administrative reset before their account will be locked.
        Returns:
        The maximum length of time in seconds that a user has to change their password after an administrative reset before their account will be locked, or null if this was not included in the password policy state JSON object (e.g., because reset lockout is not configured in the password policy that governs the user).

      • getResetLockoutTime

        @Nullable
public java.util.Date getResetLockoutTime()
        Retrieves the time that the user's account will be (or was) locked after failing to choose a new password in a timely manner after an administrative reset.
        Returns:
        The time that the user's account will be (or wa) locked after failing to choose a new password in a timely manner after an administrative reset, or null if this was not included in the password policy state JSON object (e.g., because reset lockout is not configured in the password policy that governs the user, or because the user's password has not been reset).

      • getSecondsUntilResetLockout

        @Nullable
public java.lang.Integer getSecondsUntilResetLockout()
        Retrieves the length of time in seconds until the user's account will be locked for failing to choose a new password after an administrative reset.
        Returns:
        The length of time in seconds until the user's account will be locked for failing to choose a new password after an administrative reset, or null if this was not included in the password policy state JSON object (e.g., because reset lockout is not configured in the password policy that governs the user, because the user's password has not been reset, or because the user's account is already reset-locked).

      • getMaximumPasswordHistoryCount

        @Nullable
public java.lang.Integer getMaximumPasswordHistoryCount()
        Retrieves the maximum number of passwords that the server will maintain in the user's password history.
        Returns:
        The maximum number of passwords that the server will maintain in the user's password history, or null if this was not included in the password policy state JSON object (e.g., because the password policy that governs the user is not configured to maintain a password history, or because it maintains a password history based on a duration rather than a count).

      • getMaximumPasswordHistoryDurationSeconds

        @Nullable
public java.lang.Integer getMaximumPasswordHistoryDurationSeconds()
        Retrieves the maximum length of time in seconds that the server will maintain passwords in the user's password history.
        Returns:
        The maximum length of time in seconds that the server will maintain passwords in the user's password history, or null if this was not included in the password policy state JSON object (e.g., because the password policy that governs the user is not configured to maintain a password history, or because it maintains a password history based on a count rather than a duration).

      • getCurrentPasswordHistoryCount

        @Nullable
public java.lang.Integer getCurrentPasswordHistoryCount()
        Retrieves the number of passwords currently held in the user's password history.
        Returns:
        The number of passwords currently held in the user's password history, or null if this was not incldued in the password policy state JSON object (e.g., because the password policy that governs the user is not configured to maintain a password history).

      • getIsWithinMinimumPasswordAge

        @Nullable
public java.lang.Boolean getIsWithinMinimumPasswordAge()
        Indicates whether the user is currently prohibited from changing their password because not enough time has elapsed since they last changed their password.
        Returns:
        Boolean.TRUE if the user is currently prohibited from changing their password because not enough time has elapsed since they last changed their password, Boolean.FALSE if the user is not prohibited from changing their password because of the minimum password age, or null if this flag was not included in the password policy state JSON object.

      • getMinimumPasswordAgeSeconds

        @Nullable
public java.lang.Integer getMinimumPasswordAgeSeconds()
        Retrieves the minimum length of time in seconds that must elapse after a user changes their password before they will be permitted to change it again.
        Returns:
        The minimum length of time in seconds that must elapse after a user changes their password before they will be permitted to change it again, or null if this was not included in the password policy state JSON object (e.g., because no minimum password age is configured in the password policy that governs the user).

      • getMinimumPasswordAgeExpirationTime

        @Nullable
public java.util.Date getMinimumPasswordAgeExpirationTime()
        Retrieves the earliest time that the user will be permitted to change their password as a result of the minimum password age.
        Returns:
        The earliest time that the user will be permitted to change their password as a result of the minimum password age, or null if this was not included in the password policy state JSON object (e.g., because no minimum password age is configured in the password policy that governs the user, or because it has been longer than the minimum age since they last changed their password).

      • getSecondsRemainingInMinimumPasswordAge

        @Nullable
public java.lang.Integer getSecondsRemainingInMinimumPasswordAge()
        Retrieves the length of time in seconds remaining until the user will be permitted to change their password as a result of the minimum password age.
        Returns:
        The length of time in seconds remaining until the user will be permitted to change their password as a result of the minimum password age, or null if this was not included in the password policy state JSON object (e.g., because no minimum password age is configured in the password policy that governs the user, or because it has been longer than the minimum age since they last changed their password).

      • getMaximumGraceLoginCount

        @Nullable
public java.lang.Integer getMaximumGraceLoginCount()
        Retrieves the maximum number of grace login attempts that the user will have to allow them to change an expired password.
        Returns:
        The maximum number of grace login attempts that the user will have to allow them to change an expired password, or null if this was not included in the password policy state JSON object (e.g., if grace logins are not configured in the password policy that governs the user).

      • getUsedGraceLoginCount

        @Nullable
public java.lang.Integer getUsedGraceLoginCount()
        Retrieves the number of grace logins that the user has currently used.
        Returns:
        The number of grace login attempts that the user has currently used, or null if this was not included in the password policy state JSON object (e.g., if grace logins are not configured in the password policy that governs the user).

      • getRemainingGraceLoginCount

        @Nullable
public java.lang.Integer getRemainingGraceLoginCount()
        Retrieves the remaining number of grace logins for the user.
        Returns:
        The remaining number of grace logins for the user, or null if this was not included in the password policy state JSON object (e.g., if grace logins are not configured in the password policy that governs the user).

      • getGraceLoginUseTimes

        @NotNull
public java.util.List<java.util.Date> getGraceLoginUseTimes()
        Retrieves a list of the times that the user has used a grace login to authenticate.
        Returns:
        A list of the times that the user has used a grace login to authenticate, or an empty list if the user has not used any grace logins, or if this was not included in the password policy state JSON object (e.g., if grace logins are not configured in the password policy that governs the user).

      • getHasRetiredPassword

        @Nullable
public java.lang.Boolean getHasRetiredPassword()
        Retrieves the value of a flag that indicates whether the user account has a retired former password that may still be used to authenticate.
        Returns:
        Boolean.TRUE if the user account currently has a valid retired password, Boolean.FALSE if the user account does not have a valid retired password, or null if this flag was not included in the password policy state JSON object.

      • getRetiredPasswordExpirationTime

        @Nullable
public java.util.Date getRetiredPasswordExpirationTime()
        Retrieves the time that the user's retired password will expire and can no longer be used to authenticate.
        Returns:
        The time that the user's retired password will expire, or null if this was not included in the password policy state JSON object (e.g., because the user does not have a retired password).

      • getSecondsUntilRetiredPasswordExpiration

        @Nullable
public java.lang.Integer getSecondsUntilRetiredPasswordExpiration()
        Retrieves the length of time in seconds remaining until the user's retired password expires and can no longer be used to authenticate.
        Returns:
        The length of time in seconds remaining until the user's retired password expires, or null if this was not included in the password policy state JSON object (e.g., because the user does not have a retired password).

      • getRequireSecureAuthentication

        @Nullable
public java.lang.Boolean getRequireSecureAuthentication()
        Retrieves the value of a flag that indicates whether the user will be required to authenticate in a secure manner that does not reveal their credentials to an observer.
        Returns:
        Boolean.TRUE if the user will be required to authenticate in a secure manner, Boolean.FALSE if the user will not be required to authenticate in a secure manner, or null if this flag was not included in the password policy state JSON object.

      • getRequireSecurePasswordChanges

        @Nullable
public java.lang.Boolean getRequireSecurePasswordChanges()
        Retrieves the value of a flag that indicates whether the user will be required to change their password in a secure manner that does not reveal their credentials to an observer.
        Returns:
        Boolean.TRUE if the user will be required to change their password in a secure manner, Boolean.FALSE if the user will not be required to change their password in a secure manner, or null if this flag was not included in the password policy state JSON object.

      • getAvailableSASLMechanisms

        @NotNull
public java.util.List<java.lang.String> getAvailableSASLMechanisms()
        Retrieves a list of the names of the SASL mechanisms that the user can use to authenticate.
        Returns:
        A list of the names of the SASL mechanisms that the user can use to authenticate, or an empty list if no SASL mechanisms are available to the user or if this was not included in the password policy state JSON object.

      • getAvailableOTPDeliveryMechanisms

        @NotNull
public java.util.List<java.lang.String> getAvailableOTPDeliveryMechanisms()
        Retrieves a list of the names of the OTP delivery mechanisms that the user can use to receive one-time passwords, password reset tokens, and single-use tokens.
        Returns:
        A list of the names of the OTP delivery mechanisms that the user can use, or an empty list if no OTP delivery mechanisms are available to the user or if this was not included in the password policy state JSON object.

      • getHasTOTPSharedSecret

        @Nullable
public java.lang.Boolean getHasTOTPSharedSecret()
        Retrieves the value of a flag that indicates whether the user account has at least one TOTP shared secret that can be used to authenticate with time-based one-time passwords via the UNBOUNDID-TOTP SASL mechanism.
        Returns:
        Boolean.TRUE if the user account has at least one TOTP shared secret, Boolean.FALSE if the user account does not have any TOTP shared secrets, or null if this flag was not included in the password policy state JSON object.

      • getHasRegisteredYubiKeyOTPDevice

        @Nullable
public java.lang.Boolean getHasRegisteredYubiKeyOTPDevice()
        Retrieves the value of a flag that indicates whether the user account has at least one registered YubiKey OTP device that can be used to authenticate via the UNBOUNDID-YUBIKEY-OTP SASL mechanism.
        Returns:
        Boolean.TRUE if the user account has at least one registered YubiKey OTP device, Boolean.FALSE if the user account does not have any registered YubiKey OTP devices, or null if this flag was not included in the password policy state JSON object.

      • getAccountIsValidationLocked

        @Nullable
public java.lang.Boolean getAccountIsValidationLocked()
        Retrieves the value of a flag that indicates whether the user account is currently locked because it contains a password that does not satisfy all of the configured password validators.
        Returns:
        Boolean.TRUE if the user account is locked because it contains a password that does not satisfy all of the configured password validators, Boolean.FALSE if the account is not validation-locked, or null if this flag was not included in the password policy state JSON object.

      • getLastBindPasswordValidationTime

        @Nullable
public java.util.Date getLastBindPasswordValidationTime()
        Retrieves the time that the server last invoked password validators during a bind operation for the user.
        Returns:
        The time that the server last invoked password validators during a bind operation for the user, or null if this was not included in the password policy state JSON object.

      • getSecondsSinceLastBindPasswordValidation

        @Nullable
public java.lang.Integer getSecondsSinceLastBindPasswordValidation()
        Retrieves the length of time in seconds that has passed since the server last invoked password validators during a bind operation for the user.
        Returns:
        The length of time in seconds that has passed since the server last invoked password validators during a bind operation for the user, or null if this was not included in the password policy state JSON object.

      • getMinimumBindPasswordValidationFrequencySeconds

        @Nullable
public java.lang.Integer getMinimumBindPasswordValidationFrequencySeconds()
        Retrieves the minimum length of time in seconds that should pass between invocations of password validators during a bind operation for the user.
        Returns:
        The minimum length of time in seconds that should pass between invocations of password validators during a bind operation for each user, or null if this was not included in the password policy state JSON object.

      • getBindPasswordValidationFailureAction

        @Nullable
public java.lang.String getBindPasswordValidationFailureAction()
        Retrieves the name of the action that the server should take if the password provided during a bind operation fails to satisfy one or more password validators.
        Returns:
        The name of the action that the server should take if the password provided during a bind operation fails to satisfy one or more password validators, or null if this was not included in the password policy state JSON object.

      • getRecentLoginHistory

        @Nullable
public RecentLoginHistory getRecentLoginHistory()
                                         throws LDAPException
        Retrieves the recent login history for the user.
        Returns:
        The recent login history for the user, or null if this was not included in the password policy state JSON object.
        Throws:
        LDAPException - If a problem occurs while trying to parse the recent login history for the user.

      • getMaximumRecentLoginHistorySuccessfulAuthenticationCount

        @Nullable
public java.lang.Integer getMaximumRecentLoginHistorySuccessfulAuthenticationCount()
        Retrieves the maximum number of recent successful login attempts the server should maintain for a user.
        Returns:
        The maximum number of recent successful login attempts the server should maintain for a user, or nullif this was not included in the password policy state JSON object.

      • getMaximumRecentLoginHistorySuccessfulAuthenticationDurationSeconds

        @Nullable
public java.lang.Integer getMaximumRecentLoginHistorySuccessfulAuthenticationDurationSeconds()
        Retrieves the maximum age in seconds of recent successful login attempts the server should maintain for a user.
        Returns:
        The maximum age in seconds of recent successful login attempts the server should maintain for a user, or nullif this was not included in the password policy state JSON object.

      • getMaximumRecentLoginHistoryFailedAuthenticationCount

        @Nullable
public java.lang.Integer getMaximumRecentLoginHistoryFailedAuthenticationCount()
        Retrieves the maximum number of recent failed login attempts the server should maintain for a user.
        Returns:
        The maximum number of recent failed login attempts the server should maintain for a user, or nullif this was not included in the password policy state JSON object.

      • getMaximumRecentLoginHistoryFailedAuthenticationDurationSeconds

        @Nullable
public java.lang.Integer getMaximumRecentLoginHistoryFailedAuthenticationDurationSeconds()
        Retrieves the maximum age in seconds of recent failed login attempts the server should maintain for a user.
        Returns:
        The maximum age in seconds of recent failed login attempts the server should maintain for a user, or nullif this was not included in the password policy state JSON object.

      • getAddPasswordQualityRequirements

        @NotNull
public java.util.List<PasswordQualityRequirementgetAddPasswordQualityRequirements()
        Retrieves the list of quality requirements that must be satisfied for passwords included in new entries that are added using the same password policy as the associated entry.
        Returns:
        The list of password quality requirements that will be enforced for adds using the same password policy as the associated entry, or an empty list if no requirements will be imposed.

      • getSelfChangePasswordQualityRequirements

        @NotNull
public java.util.List<PasswordQualityRequirementgetSelfChangePasswordQualityRequirements()
        Retrieves the list of quality requirements that must be satisfied when the associated user attempts to change their own password.
        Returns:
        The list of password quality requirements that will be enforced for self password changes, or an empty list if no requirements will be imposed.

      • getAdministrativeResetPasswordQualityRequirements

        @NotNull
public java.util.List<PasswordQualityRequirementgetAdministrativeResetPasswordQualityRequirements()
        Retrieves the list of quality requirements that must be satisfied when an administrator attempts to change the user's password.
        Returns:
        The list of password quality requirements that will be enforced for administrative password resets, or an empty list if no requirements will be imposed.

      • getBindPasswordQualityRequirements

        @NotNull
public java.util.List<PasswordQualityRequirementgetBindPasswordQualityRequirements()
        Retrieves the list of quality requirements that must be satisfied when the associated user authenticates in a manner that makes the clear-text password available to the server.
        Returns:
        The list of password quality requirements that will be enforced for binds, or an empty list if no requirements will be imposed.

      • toString

        @NotNull
public java.lang.String toString()
        Retrieves a string representation of the password policy state information.
        Overrides:
        toString in class java.lang.Object
        Returns:
        A string representation of the password policy state information.