com.hidglobal.ia.service.protectionpolicy

Interface PasswordPolicy

All Superinterfaces:

ProtectionPolicy

All Known Subinterfaces:

BioPasswordPolicy

public interface PasswordPolicy
extends ProtectionPolicy

Protection Policy with password specific constraints. The restrictions may be any or all of the following:

• Min and max character length
• Min number of uppercase characters
• Min number of lowercase characters
• Min number of numeric characters
• Min number of letter characters
• Min number of special characters (non alphanumeric)
• Max number of uppercase characters
• Max number of lowercase characters
• Max number of numeric characters
• Max number of letter characters
• Max number of special characters (non alphanumeric)
• Min and max password age
• Max password history

Nested Class Summary

Nested classes/interfaces inherited from interface com.hidglobal.ia.service.protectionpolicy.ProtectionPolicy

ProtectionPolicy.PolicyType

Method Summary

Modifier and Type	Method and Description
boolean	changePassword(char[] oldpwdvalue, char[] newpwdvalue) Changes the password bound to the protection policy identified by the protection policyId parameter.
int	getCacheTimeout() Returns timeout of cached memory in seconds
long	getCurrentAge() Current password age since last change.
int	getMaxAge() Returns the maximum age for a password.
int	getMaxAlpha() Get maximum number of letter characters
int	getMaxHistory() "Returns the max password history limit.
int	getMaxLength() Get maximum password length
int	getMaxLowerCase() Get maximum number of lowercase letters
int	getMaxNonAlpha() Get maximum number of special characters (non alphanumeric)
int	getMaxNumeric() Get maximum number of numeric characters
int	getMaxUpperCase() Get maximum number of uppercase letters
int	getMinAge() Get minimum age for password.
int	getMinAlpha() Get minimum number of letter characters
int	getMinLength() Get minimum password length
int	getMinLowerCase() Get minimum number of lowercase letters
int	getMinNonAlpha() Get minimum number of special characters (non alphanumeric)
int	getMinNumeric() Get minimum number of numeric characters
int	getMinUpperCase() Get minimum number of uppercase letters
boolean	isCacheEnabled() Returns true if password cache is enabled
void	verifyPassword(char[] password) Verifies whether password protecting the key is correct (RSA keys ONLY).

Methods inherited from interface com.hidglobal.ia.service.protectionpolicy.ProtectionPolicy

getId, getLockPolicy, getType

Method Detail

getMinLength

int getMinLength()

Get minimum password length

Returns:

the minLength

getMaxLength

int getMaxLength()

Get maximum password length

Returns:

the maxLength

getMinUpperCase

int getMinUpperCase()

Get minimum number of uppercase letters

Returns:

the minUpperCase

getMinLowerCase

int getMinLowerCase()

Get minimum number of lowercase letters

Returns:

the minLowerCase

getMinNumeric

int getMinNumeric()

Get minimum number of numeric characters

Returns:

the minNumeric

getMinAlpha

int getMinAlpha()

Get minimum number of letter characters

Returns:

the minAlpha

getMinNonAlpha

int getMinNonAlpha()

Get minimum number of special characters (non alphanumeric)

Returns:

the minNonAlpha

getMaxUpperCase

int getMaxUpperCase()

Get maximum number of uppercase letters

Returns:

the maxUpperCase

getMaxLowerCase

int getMaxLowerCase()

Get maximum number of lowercase letters

Returns:

the maxLowerCase

getMaxNumeric

int getMaxNumeric()

Get maximum number of numeric characters

Returns:

the minNumeric

getMaxAlpha

int getMaxAlpha()

Get maximum number of letter characters

Returns:

the maxAlpha

getMaxNonAlpha

int getMaxNonAlpha()

Get maximum number of special characters (non alphanumeric)

Returns:

the maximum number of special characters.

getMaxHistory

int getMaxHistory()

"Returns the max password history limit. This security setting determines the number of unique new passwords that have to be associated with the key before an old password can be reused.

Returns:

the maxHistory

getMaxAge

int getMaxAge()

Returns the maximum age for a password. This determines how long users can keep a password before they have to change it. 0 means password never expires.

Returns:

the maxAge

getMinAge

int getMinAge()

Get minimum age for password. This security setting determines the period of time (in days) that a password must be used before the user can change it. It must be less than the maximum password age. 0 allow changes immediately.

Returns:

the minAge

getCurrentAge

long getCurrentAge()

Current password age since last change.

Returns:

the currentAge

isCacheEnabled

boolean isCacheEnabled()

Returns true if password cache is enabled

Returns:

the currentAge

getCacheTimeout

int getCacheTimeout()

Returns timeout of cached memory in seconds

Returns:

the currentAge

verifyPassword

void verifyPassword(char[] password)
             throws InternalException,
                    UnsupportedDeviceException,
                    LostCredentialsException,
                    AuthenticationException,
                    PasswordExpiredException,
                    FingerprintAuthenticationRequiredException,
                    FingerprintNotEnrolledException,
                    PasswordRequiredException

Verifies whether password protecting the key is correct (RSA keys ONLY).

Parameters:

password - the key password.

Throws:

InternalException - if an unexpected error occurred.

UnsupportedDeviceException - if device is not supported by policy.

LostCredentialsException - if provisioning key data has been corrupted or lost.

AuthenticationException - if password is incorrect.

PasswordExpiredException - if expired password is given (changePassword required).

FingerprintAuthenticationRequiredException - if fingerprint authentication is required by policy.

FingerprintNotEnrolledException - if fingerprint enrollment is required.

PasswordRequiredException - if required password was not provided and cached password is not available.

changePassword

boolean changePassword(char[] oldpwdvalue,
                       char[] newpwdvalue)
                throws AuthenticationException,
                       PasswordNotYetUpdatableException,
                       InvalidPasswordException,
                       LostCredentialsException,
                       InternalException,
                       FingerprintAuthenticationRequiredException,
                       UnsupportedDeviceException,
                       FingerprintNotEnrolledException,
                       PasswordRequiredException

Changes the password bound to the protection policy identified by the protection policyId parameter. New password must respect the defined protection policy restrictions.

Parameters:

oldpwdvalue - old key password.

newpwdvalue - new key password.

Returns:

true if password was successfully changed.

Throws:

AuthenticationException - if password is incorrect.

PasswordNotYetUpdatableException - if the policy indicates that it is too early to update the password.

InvalidPasswordException - if password validation fails.

LostCredentialsException - if provisioning key data has been corrupted or lost.

InternalException - if an unexpected error occurred.

FingerprintAuthenticationRequiredException - if fingerprint authentication is required by policy.

FingerprintNotEnrolledException - if fingerprint enrollment is required.

UnsupportedDeviceException - if device is not supported by policy.

PasswordRequiredException - if required password was not provided and cached password is not available.