Differentiating the causes of InvalidAttributeValueException
-
11-11-2019 - |
Question
I'm trying to determine via InvalidAttributeValueException
instance, what was the cause for the LDAP error code 19 (password policy error) so I will be able to display an informative error message in the UI.
The current LDAP service I'm using is openLDAP (as an embedded LDAP in the application) and it provides a pretty informative message that was good enough to display (i.e. "[LDAP: error code 19 - Password fails quality checking policy]"
& "[LDAP: error code 19 - Password is in history of old passwords]"
)
But now I want to support Active Directory & other LDAP providers (that will be external), and from what I've seen in rfc2251 and various other sources - every implementation puts it's own exception message and the only standard thing is the error code 19 mapping to InvalidAttributeValueException
and not to a specific issue.
Is there a solution (even a partial one) for differentiating between the different causes of an error code 19?
Is there a way, given an InvalidAttributeValueException
instance, to query the LDAP for an answer to that question?
Thanks
No correct solution