```
public interface ChangeablePasswordCredential
```
Implemented by a PasswordCredentialValidator to support changing user passwords in the backing data store.

Since:

6.11

See Also:

PasswordCredentialValidator

Method Summary

All Methods Instance Methods Abstract Methods Default Methods
Modifier and Type	Method	Description
`PasswordChangeResult`	`changePassword(String username, String oldPassword, String newPassword, Map<String,Object> inParameters)`	Change a user's password in the data store.
`default boolean`	`isChangePasswordEmailNotifiable()`	Indicates whether attributes required to email the user about password change will be returned by the `PasswordCredentialValidator`.
`boolean`	`isPasswordChangeable()`	Indicate whether passwords can be changed in the current state.
`default boolean`	`isPendingPasswordExpiryNotifiable()`	Indicates whether attributes required to warn the user about expiring password will be returned.

- Method Detail
  - changePassword
```
PasswordChangeResult changePassword(String username,
                                    String oldPassword,
                                    String newPassword,
                                    Map<String,Object> inParameters)
                             throws PasswordValidationException
```
    Change a user's password in the data store.
    
    Parameters:
    
    username - name of the user attempting to change their password
    
    oldPassword - the user's existing password
    
    newPassword - the user's new password
    
    inParameters - additional parameters that can be passed to an implementation
    
    Returns:
    
    PasswordChangeResult - for future use
    
    Throws:
    
    PasswordValidationException - for system errors
    
    PasswordCredentialValidatorAuthnException - for user authentication errors
  - isPasswordChangeable
```
boolean isPasswordChangeable()
```
    Indicate whether passwords can be changed in the current state.
    
    In some cases implementing this interface is not sufficient for enabling password changes through a PasswordCredentialValidator, it could also depend on some system configuration or current condition. For example, passwords can only be changed in Active Directory if SSL is enabled on the LDAP data store.
    
    If this method returns false, it's recommended that a warning be logged indicating the reason and to help the admin resolve the issue. Don't call this method if password changing is disabled by the admin otherwise the PCV may log errors for a disabled feature.
    
    Returns:
    
    if conditions allow for password changes
  - isPendingPasswordExpiryNotifiable
```
default boolean isPendingPasswordExpiryNotifiable()
```
    Indicates whether attributes required to warn the user about expiring password will be returned. The required attribute is password expiration time of the user with an attribute name 'passwordExpiryTime'. This attribute value should be number of milliseconds since January 1, 1970.
  - isChangePasswordEmailNotifiable
```
default boolean isChangePasswordEmailNotifiable()
```
    Indicates whether attributes required to email the user about password change will be returned by the PasswordCredentialValidator. Here are the attributes that should be returned: 1) The first name with the attribute name 'givenName'. 2) The email address with the attribute name 'mail'.

Interface ChangeablePasswordCredential

Method Summary

Method Detail

changePassword

isPasswordChangeable

isPendingPasswordExpiryNotifiable

isChangePasswordEmailNotifiable