public void validate()

in core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordPolicyConfiguration.java [435:542]

• 88 lines of code
• 25 McCabe index (conditional complexity)

    public void validate() throws LdapException
    {
        StringBuilder sb = new StringBuilder();

        int errCount = 0;

        if ( pwdMinAge < 0 )
        {
            sb.append( ++errCount ).append( ". password minimum age cannot be negative\n" );
        }

        if ( pwdMaxAge < 0 )
        {
            sb.append( ++errCount ).append( ". password maximum age cannot be negative\n" );
        }

        if ( ( pwdMaxAge > 0 ) && ( pwdMaxAge < pwdMinAge ) )
        {
            sb.append( ++errCount ).append( ". password maximum age should be greater than the minimum age\n" );
        }

        if ( pwdInHistory < 0 )
        {
            sb.append( ++errCount ).append( ". password history count cannot be negative\n" );
        }

        if ( pwdCheckQuality == CheckQualityEnum.UNKNOW )
        {
            sb.append( ++errCount ).append( ". invalid password quality check value, valid values are 0, 1 and 2 \n" );
        }

        if ( pwdMinLength < 0 )
        {
            sb.append( ++errCount ).append( ". password minimum length cannot be negative\n" );
        }

        if ( pwdMaxLength < 0 )
        {
            sb.append( ++errCount ).append( ". password maximum length cannot be negative\n" );
        }

        if ( ( pwdMaxLength > 0 ) && ( pwdMaxLength < pwdMinLength ) )
        {
            sb.append( ++errCount ).append( ". password maximum length should be greater than minimum length\n" );
        }

        if ( pwdExpireWarning < 0 )
        {
            sb.append( ++errCount ).append( ". password expire warning time cannot be negative\n" );
        }

        if ( pwdGraceAuthNLimit < 0 )
        {
            sb.append( ++errCount ).append( ". password grace authentication limits cannot be negative\n" );
        }

        if ( pwdGraceExpire < 0 )
        {
            sb.append( ++errCount ).append( ". password grace expiration time cannot be negative\n" );
        }

        if ( pwdLockoutDuration < 0 )
        {
            sb.append( ++errCount ).append( ". password lockout duration time cannot be negative\n" );
        }

        if ( pwdMaxFailure < 0 )
        {
            sb.append( ++errCount ).append( ". password maximum failure count cannot be negative\n" );
        }

        if ( pwdFailureCountInterval < 0 )
        {
            sb.append( ++errCount ).append( ". password failure count interval time cannot be negative\n" );
        }

        if ( ( ( pwdMinDelay > 0 ) && ( pwdMaxDelay <= 0 ) )
            || ( ( pwdMaxDelay > 0 ) && ( pwdMinDelay <= 0 ) ) )
        {
            sb
                .append( ++errCount )
                .append(
                    ". if password minimum or maximum delay time is specified then the correspomding maximu or minimum delay time should also be specified\n" );
        }
        else
        // just to avoid both warnings
        {
            if ( pwdMinDelay < 0 )
            {
                sb.append( ++errCount ).append( ". password minimum delay time cannot be negative\n" );
            }

            if ( pwdMaxDelay < 0 )
            {
                sb.append( ++errCount ).append( ". password maximum delay time cannot be negative\n" );
            }
        }

        if ( pwdMaxIdle < 0 )
        {
            sb.append( ++errCount ).append( ". password maximum idle time cannot be negative\n" );
        }

        if ( errCount > 0 )
        {
            throw new LdapException( "There are errors in password policy configuration\n" + sb.toString() );
        }
    }