/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at
* docs/licenses/cddl.txt
* or http://www.opensource.org/licenses/cddl1.php.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at
* docs/licenses/cddl.txt. If applicable,
* add the following below this CDDL HEADER, with the fields enclosed
* by brackets "[]" replaced with your own identifying information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2010-2018 Ping Identity Corporation
*/
package com.unboundid.directory.sdk.examples.groovy;
import java.util.Date;
import java.util.List;
import com.unboundid.directory.sdk.common.types.AlertSeverity;
import com.unboundid.directory.sdk.ds.config.
AccountStatusNotificationHandlerConfig;
import com.unboundid.directory.sdk.ds.scripting.
ScriptedAccountStatusNotificationHandler;
import com.unboundid.directory.sdk.ds.types.AccountStatusNotification;
import com.unboundid.directory.sdk.ds.types.AccountStatusNotificationProperty;
import com.unboundid.directory.sdk.ds.types.AccountStatusNotificationType;
import com.unboundid.directory.sdk.ds.types.DirectoryServerContext;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.args.ArgumentParser;
/**
* This class provides a simple example of a scripted account status
* notification handler which will generate an administrative alert any time a
* user account has been locked as a result of too many failed bind attempts.
*/
public final class ExampleScriptedAccountStatusNotificationHandler
extends ScriptedAccountStatusNotificationHandler
{
// The server context for the server in which this extension is running.
private DirectoryServerContext serverContext = null;
/**
* Creates a new instance of this account status notification handler. All
* account status notification handler implementations must include a default
* constructor, but any initialization should generally be done in the
* {@code initializeAccountStatusNotificationHandler} method.
*/
public ExampleScriptedAccountStatusNotificationHandler()
{
// No implementation required.
}
/**
* Initializes this account status notification handler.
*
* @param serverContext A handle to the server context for the server in
* which this extension is running.
* @param config The general configuration for this account status
* notification handler.
* @param parser The argument parser which has been initialized from
* the configuration for this account status
* notification handler.
*
* @throws LDAPException If a problem occurs while initializing this account
* status notification handler.
*/
@Override()
public void initializeAccountStatusNotificationHandler(
final DirectoryServerContext serverContext,
final AccountStatusNotificationHandlerConfig config,
final ArgumentParser parser)
throws LDAPException
{
serverContext.debugInfo(
"Beginning account status notification handler initialization");
this.serverContext = serverContext;
}
/**
* Performs any processing that may be necessary in conjunction with the
* provided account status notification.
*
* @param notification The account status notification to be processed.
*/
@Override()
public void handleStatusNotification(
final AccountStatusNotification notification)
{
switch (notification.getNotificationType())
{
case AccountStatusNotificationType.ACCOUNT_PERMANENTLY_LOCKED:
case AccountStatusNotificationType.ACCOUNT_TEMPORARILY_LOCKED:
// These notification types will result in administrative alerts. That
// will be done later in this method.
break;
default:
// We will not generate an alert for these notification types.
return;
}
// See if there is an unlock time.
Date unlockTime = null;
try
{
final List<String> unlockTimeValues =
notification.getNotificationProperty(
AccountStatusNotificationProperty.ACCOUNT_UNLOCK_TIME);
if ((unlockTimeValues != null) && (! unlockTimeValues.isEmpty()))
{
unlockTime = StaticUtils.decodeGeneralizedTime(unlockTimeValues.get(0));
}
}
catch (final Exception e)
{
serverContext.debugCaught(e);
}
// Generate a message to include in the alert.
final StringBuilder alertMessage = new StringBuilder();
alertMessage.append("User account '");
alertMessage.append(notification.getUserDN());
alertMessage.append("' has been locked as a result of too many failed "+
"authentication attempts. The account will remain locked until ");
if (unlockTime != null)
{
alertMessage.append(unlockTime);
alertMessage.append(" or until ");
}
alertMessage.append("an administrator resets the user's password.");
serverContext.sendAlert(AlertSeverity.INFO, alertMessage.toString());
}
}
|