Package com.bloomreach.xm.repository.security

Interface ChangePasswordManager

  • public interface ChangePasswordManager
    The ChangePasswordManager allows a {link HippoSession} user to change its password

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static long ONEDAYMS
      Number of milliseconds in one day

    • Field Detail

    • Method Detail

      • getPasswordMaxAgeDays

        long getPasswordMaxAgeDays()
                    throws RepositoryException
        Provides the max age for passwords in days. When not configured (default) this returns -1L (no max age).
        Returns:
        the max age for passwords in days
        Throws:
        RepositoryException - if the underlying HippoSession is no longer live, or something else went wrong

      • getPasswordMaxAgeMs

        long getPasswordMaxAgeMs()
                  throws RepositoryException
        Provides the max age for passwords in milliseconds as convenience for calculating an expiration timestamp. When not configured (default) this returns -1L (no max age).
        Returns:
        the max age for passwords in milliseconds
        Throws:
        RepositoryException - if the underlying HippoSession is no longer live, or something else went wrong

      • getPasswordLastModified

        Calendar getPasswordLastModified()
                          throws RepositoryException
        Returns the current password last modified date, or null if never changed
        Returns:
        the current password last modified date, or null if never changed
        Throws:
        RepositoryException - if the underlying HippoSession is no longer live, or something else went wrong

      • checkPassword

        boolean checkPassword​(char[] password)
               throws RepositoryException
        Check the current user password
        Returns:
        true if the password is equal, false otherwise
        Throws:
        RepositoryException - if the underlying HippoSession is no longer live, or something else went wrong

      • checkNewPasswordUsedBefore

        boolean checkNewPasswordUsedBefore​(char[] newPassword,
                                   int numberOfPreviousPasswordsToCheck)
                            throws IllegalArgumentException,
                                   RepositoryException
        Check if a new user password has been used before
        Parameters:
        newPassword - the new candidate password, must be non-empty and at least 4 characters long
        numberOfPreviousPasswordsToCheck - the number of last used passwords which are not allowed to be reused (use value 0 to disable/ignore checking previous passwords)
        Returns:
        true when the password is equal to the current password or has been used at least numberOfPreviousPasswordsToCheck before
        Throws:
        IllegalArgumentException - For an empty/null newPassword
        RepositoryException - if the underlying HippoSession is no longer live, or something else went wrong

      • setPassword

        void setPassword​(char[] currentPassword,
                 char[] newPassword)
          throws IllegalArgumentException,
                 RepositoryException
        Update/set the current user password
        Parameters:
        currentPassword - the current password, must match otherwise IllegalStateException will be thrown. Note: for a first time password this parameter will be ignored!
        newPassword - the new password, must be non-empty and at least 4 characters long
        Throws:
        IllegalArgumentException - When the currentPassword doesn't match, for an empty/null newPassword, newPassword length < 4, or when newPassword is equal to the currentPassword
        RepositoryException - if the underlying HippoSession is no longer live, or something else went wrong