Package org.keycloak.models

Class PasswordPolicy

java.lang.Object

org.keycloak.models.PasswordPolicy

All Implemented Interfaces:

Serializable

public class PasswordPolicy
extends Object
implements Serializable

Author:

Stian Thorgersen

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	PasswordPolicy.Builder

Field Summary

Fields

Modifier and Type	Field	Description
static final String	FORCE_EXPIRED_ID
static final String	HASH_ALGORITHM_DEFAULT
static final String	HASH_ALGORITHM_ID
static final int	HASH_ITERATIONS_DEFAULT
static final String	HASH_ITERATIONS_ID
static final String	MAX_AUTH_AGE_ID
static final String	PASSWORD_HISTORY_ID
static final int	RECOVERY_CODES_WARNING_THRESHOLD_DEFAULT
static final String	RECOVERY_CODES_WARNING_THRESHOLD_ID

Method Summary

Modifier and Type	Method	Description
static PasswordPolicy.Builder	build()
static PasswordPolicy	empty()
int	getDaysToExpirePassword()
int	getExpiredPasswords()
String	getHashAlgorithm()
int	getHashIterations()
int	getMaxAuthAge()	Policy to configure the maximum age of the authentication in seconds.
Set<String>	getPolicies()
<T> T	getPolicyConfig(String key)
int	getRecoveryCodesWarningThreshold()
static PasswordPolicy	parse(KeycloakSession session, String policyString)
PasswordPolicy.Builder	toBuilder()
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

HASH_ALGORITHM_ID

public static final String HASH_ALGORITHM_ID

See Also:

• Constant Field Values

HASH_ALGORITHM_DEFAULT

public static final String HASH_ALGORITHM_DEFAULT

See Also:

• Constant Field Values

HASH_ITERATIONS_ID

public static final String HASH_ITERATIONS_ID

See Also:

• Constant Field Values

HASH_ITERATIONS_DEFAULT

public static final int HASH_ITERATIONS_DEFAULT

See Also:

• Constant Field Values

PASSWORD_HISTORY_ID

public static final String PASSWORD_HISTORY_ID

See Also:

• Constant Field Values

FORCE_EXPIRED_ID

public static final String FORCE_EXPIRED_ID

See Also:

• Constant Field Values

RECOVERY_CODES_WARNING_THRESHOLD_DEFAULT

public static final int RECOVERY_CODES_WARNING_THRESHOLD_DEFAULT

See Also:

• Constant Field Values

RECOVERY_CODES_WARNING_THRESHOLD_ID

public static final String RECOVERY_CODES_WARNING_THRESHOLD_ID

See Also:

• Constant Field Values

MAX_AUTH_AGE_ID

public static final String MAX_AUTH_AGE_ID

See Also:

• Constant Field Values

Method Details

empty

public static PasswordPolicy empty()

build

public static PasswordPolicy.Builder build()

parse

public static PasswordPolicy parse(KeycloakSession session,
 String policyString)

getPolicies

public Set<String> getPolicies()

getPolicyConfig

public <T> T getPolicyConfig(String key)

getHashAlgorithm

public String getHashAlgorithm()

getHashIterations

public int getHashIterations()

getExpiredPasswords

public int getExpiredPasswords()

getDaysToExpirePassword

public int getDaysToExpirePassword()

getRecoveryCodesWarningThreshold

public int getRecoveryCodesWarningThreshold()

getMaxAuthAge

public int getMaxAuthAge()

Policy to configure the maximum age of the authentication in seconds. If the user authentication is older than the given value, a reauthentication is enforced. Examples:

• maxAuthAge(0) means the user has to reauthenticate immediately.
• maxAuthAge(60) means the user has to reauthenticate if authentication is older than 60 seconds.

Returns:

toString

public String toString()

Overrides:

toString in class Object

toBuilder

public PasswordPolicy.Builder toBuilder()