Handling exceptions using ActiveDirectoryLdapAuthenticationProvider

[ale.jua]

I need to authenticate against ActiveDirectory and I need to handle an error which happens when the user is forced to renew password, so I expected to catch some kind of exception created for that error, the same way I can handle exceptions for account expired, credentials expired, locked account and so on.

When I log in using a user forced to reset password I get a BadCredentials exception so I cannot even get the Active directory or Ldap error code. I am expecting to handle errors like USER MUST RESET PASSWORD (error code 773) in https://wiki.servicenow.com/index.ph...AP_Error_Codes

I managed to authenticate using LdapTemplate.authenticate method passing a AuthenticationErrorCallback as a parameter, and then parse the exception message and interpret the error code, but I do not understand why ActiveDirectoryLdapAuthenticationProvider is not already handling that error code (but recognising it just for logging). Is there any specifi reason for that?

Could anybody tell me a better way of dealing with errors that are not represented by exceptions when working with LDAP / AD, please? Am I using the wrong class for whathever I want to do?

I have not found other Thread for the specific same problem, if I missed it, please direct me to it.

Thanks