```
public interface ResettablePasswordCredential
```
Implemented by a PasswordCredentialValidator to support resetting user passwords through the 'Forgot Password' link in the backing data store.

Since:

8.3

See Also:

PasswordCredentialValidator

Nested Class Summary

Nested Classes
Modifier and Type Interface Description

static class ResettablePasswordCredential.AccountEnabledStatus
Indicates the account enabled status.

Method Summary

All Methods Instance Methods Abstract Methods Default Methods
Modifier and Type	Method	Description
`AttributeMap`	`findUser(String username)`	Retrieves a map of attributes from the user in the data store.
`default ResettablePasswordCredential.AccountEnabledStatus`	`getAccountEnabledStatus(AttributeMap attributeMap)`	Check to see if an account is enabled or not.
`String`	`getMailAttribute()`	The attribute/field that contains the registered email for the user.
`String`	`getMailVerifiedAttribute()`	The boolean attribute/field that contains the status of email verification for the user.
`String`	`getNameAttribute()`	The attribute/field that contains for the common name for the user.
`String`	`getPingIdUsernameAttribute()`	The attribute/field containing the username to use for PingID based password reset.
`String`	`getSmsAttribute()`	The attribute/field that contains the phone number to send the password reset SMS text to.
`boolean`	`isPasswordResettable()`	Indicate whether passwords can be changed in the current state.
`void`	`resetPassword(String username, String password)`	Resets the password for the given user.

- Method Detail
  - findUser
```
AttributeMap findUser(String username)
               throws PasswordResetException
```
    Retrieves a map of attributes from the user in the data store.
    If the user is found, an AttributeMap is returned with the following attributes:
    Key Value =========================== =========================== Value of getMailAttribute() The email address of the user to send the password reset email to. Value of getNameAttribute() The name of the user. Value of getSmsAttribute() The phone number of the user to send the password reset SMS text to. Value of getPingIdUsernameAttribute() The username to use for PingID based password reset.
    
    If the user is not found a PasswordResetException is thrown.
    Parameters:
    
    username - the name of the user to find.
    
    Returns:
    
    a map of user attributes
    
    Throws:
    
    PasswordResetException
  - resetPassword
```
void resetPassword(String username,
                   String password)
            throws PasswordResetException
```
    Resets the password for the given user. If there is an error setting the password due to a policy violation, a PasswordResetException is thrown, which should be recoverable (the user could try a different password). Any other error is likely a system error that is not recoverable (by trying a different password).
    
    Parameters:
    
    username - The user account to reset
    
    password - The new password to set
    
    Throws:
    
    PasswordResetException - if password reset fails
  - isPasswordResettable
```
boolean isPasswordResettable()
```
    Indicate whether passwords can be changed in the current state.
    
    In some cases implementing this interface is not sufficient for enabling password changes through a PasswordCredentialValidator, it could also depend on some system configuration or current condition. For example, passwords can only be changed in Active Directory if SSL is enabled on the LDAP data store.
    
    If this method returns false, it's recommended that a warning be logged indicating the reason and to help the admin resolve the issue.
    
    Returns:
    
    if conditions allow for password changes
  - getNameAttribute
```
String getNameAttribute()
```
    The attribute/field that contains for the common name for the user. This value is used for email communication with the user.
  - getMailAttribute
```
String getMailAttribute()
```
    The attribute/field that contains the registered email for the user. This value is used for email communication with the user.
  - getSmsAttribute
```
String getSmsAttribute()
```
    The attribute/field that contains the phone number to send the password reset SMS text to.
  - getPingIdUsernameAttribute
```
String getPingIdUsernameAttribute()
```
    The attribute/field containing the username to use for PingID based password reset.
  - getMailVerifiedAttribute
```
String getMailVerifiedAttribute()
```
    The boolean attribute/field that contains the status of email verification for the user.
  - getAccountEnabledStatus
```
default ResettablePasswordCredential.AccountEnabledStatus getAccountEnabledStatus(AttributeMap attributeMap)
```
    Check to see if an account is enabled or not. ResettablePasswordCredential.AccountEnabledStatus.UNDEFINED is returned by default. The user attribute AttributeMap can be obtained by calling findUser(String) method.
    
    Parameters:
    
    attributeMap - a map of user attributes
    
    Returns:
    
    the ResettablePasswordCredential.AccountEnabledStatus of the user
    
    Since:
    
    12.0

Interface ResettablePasswordCredential

Nested Class Summary

Method Summary

Method Detail

findUser

resetPassword

isPasswordResettable

getNameAttribute

getMailAttribute

getSmsAttribute

getPingIdUsernameAttribute

getMailVerifiedAttribute

getAccountEnabledStatus