PasswordExpiredException signals that a user password has expired.

This exception is thrown by Connector when they determine that a password has expired. For example, a Connector, after successfully authenticating a user, may determine that the user's password has expired. In this case the Connector throws this exception to notify the application. The application can then take the appropriate steps to notify the user.

Inheritance: InvalidPasswordException
        public void TestExceptions()
        {
            {
                AlreadyExistsException v1 = new AlreadyExistsException("ex");
                AlreadyExistsException v2 = (AlreadyExistsException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                ConfigurationException v1 = new ConfigurationException("ex");
                ConfigurationException v2 = (ConfigurationException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                ConnectionBrokenException v1 = new ConnectionBrokenException("ex");
                ConnectionBrokenException v2 = (ConnectionBrokenException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                ConnectionFailedException v1 = new ConnectionFailedException("ex");
                ConnectionFailedException v2 = (ConnectionFailedException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                ConnectorException v1 = new ConnectorException("ex");
                ConnectorException v2 = (ConnectorException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }
            {
                ConnectorIOException v1 = new ConnectorIOException("ex");
                ConnectorIOException v2 = (ConnectorIOException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }
            {
                ConnectorSecurityException v1 = new ConnectorSecurityException("ex");
                ConnectorSecurityException v2 = (ConnectorSecurityException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                InvalidCredentialException v1 = new InvalidCredentialException("ex");
                InvalidCredentialException v2 = (InvalidCredentialException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                InvalidPasswordException v1 = new InvalidPasswordException("ex");
                InvalidPasswordException v2 = (InvalidPasswordException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                PasswordExpiredException v1 = new PasswordExpiredException("ex");
                v1.Uid = (new Uid("myuid"));
                PasswordExpiredException v2 = (PasswordExpiredException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
                Assert.AreEqual("myuid", v2.Uid.GetUidValue());
            }

            {
                OperationTimeoutException v1 = new OperationTimeoutException("ex");
                OperationTimeoutException v2 = (OperationTimeoutException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                PermissionDeniedException v1 = new PermissionDeniedException("ex");
                PermissionDeniedException v2 = (PermissionDeniedException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                UnknownUidException v1 = new UnknownUidException("ex");
                UnknownUidException v2 = (UnknownUidException)CloneObject(v1);
                Assert.AreEqual("ex", v2.Message);
            }

            {
                ArgumentException v1 = new ArgumentException("my msg");
                ArgumentException v2 = (ArgumentException)CloneObject(v1);
                Assert.AreEqual("my msg", v2.Message);
            }

            {
                ArgumentNullException v1 = new ArgumentNullException(null, "my msg 1");
                ArgumentException v2 = (ArgumentException)CloneObject(v1);
                Assert.AreEqual("my msg 1", v2.Message);
            }

            {
                Exception v1 = new Exception("my msg2");
                Exception v2 = (Exception)CloneObject(v1);
                Assert.AreEqual("my msg2", v2.Message);
            }
        }
        internal Uid ValidateUserCredentials(string username, string password)
        {
            IntPtr tokenHandle = new IntPtr(0);
            try
            {
                const int LOGON32_PROVIDER_DEFAULT = 0;
                const int LOGON32_LOGON_INTERACTIVE = 2;
                const int LOGON32_LOGON_NETWORK = 3;

                tokenHandle = IntPtr.Zero;
                bool success = LogonUser(username, null, password, LOGON32_LOGON_NETWORK,
                                         LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
                if(!success)
                {
                    int lastWindowsError = Marshal.GetLastWin32Error();
                    if(lastWindowsError == ERROR_PASSWORD_MUST_CHANGE)
                    {
                        string message = _configuration.ConnectorMessages.Format("ex_PasswordMustChange",
                                                         "User password must be changed");

                        PasswordExpiredException pweException = new PasswordExpiredException(message);
                        pweException.Uid = GetUidFromSamAccountName(username);

                        throw pweException;
                    }
                    else if(lastWindowsError == ERROR_LOGON_FAILURE)
                    {
                        string message = _configuration.ConnectorMessages.Format(
                            "ex_InvalidCredentials", "Invalid credentials supplied for user {0}", username);

                        throw new InvalidCredentialException(message);
                    }
                    else if (lastWindowsError == ERROR_ACCOUNT_LOCKED_OUT)
                    {
                        string message = _configuration.ConnectorMessages.Format("ex_AccountLocked",
                                                                                 "User's account has been locked");
                        throw new InvalidCredentialException(message);
                    }
                    else if (lastWindowsError == ERROR_ACCOUNT_EXPIRED)
                    {
                        string message = _configuration.ConnectorMessages.Format("ex_AccountExpired",
                                                                                 "User account expired for user {0}", username);
                        throw new InvalidCredentialException(message);
                    }
                    else
                    {
                        // no idea what could have gone wrong, so log it and throw connector error
                        string errorMessage = string.Format(
                            "Windows returned error number {0} from LogonUser call", lastWindowsError);
                        Trace.TraceError(errorMessage);
                        //TODO: Add localization
                        throw new ConnectorException(errorMessage);
                    }
                }
                WindowsIdentity windowsId = new WindowsIdentity(tokenHandle);
                Uid uid = GetUidFromSid(windowsId.User);
                return uid;
            }
            catch(Exception e)
            {
                Trace.TraceError(e.Message);
                throw;
            }
            finally
            {
                if(tokenHandle != IntPtr.Zero)
                {
                    CloseHandle(tokenHandle);
                }
            }
        }