You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Lukas Slebodnik (JIRA)" <ji...@apache.org> on 2014/02/04 11:06:09 UTC
[jira] [Created] (DIRSERVER-1955) Directory Apacheds sends wrong
empty response for password policy request
Lukas Slebodnik created DIRSERVER-1955:
------------------------------------------
Summary: Directory Apacheds sends wrong empty response for password policy request
Key: DIRSERVER-1955
URL: https://issues.apache.org/jira/browse/DIRSERVER-1955
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 2.0.0-M15
Reporter: Lukas Slebodnik
According to ldap password policy draft
(http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-6.2)
Response Control should contain controlType (1.3.6.1.4.1.42.2.27.8.5.1) and
the controlValue and the BER encoding of the following type:
PasswordPolicyResponseValue ::= SEQUENCE {
warning [0] CHOICE {
timeBeforeExpiration [0] INTEGER (0 .. maxInt),
graceAuthNsRemaining [1] INTEGER (0 .. maxInt) } OPTIONAL,
error [1] ENUMERATED {
passwordExpired (0),
accountLocked (1),
changeAfterReset (2),
passwordModNotAllowed (3),
mustSupplyOldPassword (4),
insufficientPasswordQuality (5),
passwordTooShort (6),
passwordTooYoung (7),
passwordInHistory (8) } OPTIONAL }
Empty response should also contain BER encoding of empty sequence.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)