public SecurityChallenge getDefaultSecurityChallenge(String username) {

    for (LdapServer ldapServer : ldapServers) {
      try {
        SecurityChallenge challenge = ldapServer.getDefaultSecurityChallenge(username);
        if (logger.isDebugEnabled()) {
          if (challenge != null) {
            logger.debug(
                "Successfully got default security challenge for "
                    + username
                    + " at "
                    + ldapServer.getDescription());
          } else {
            logger.debug(
                "Got null default security challenge for "
                    + username
                    + " at "
                    + ldapServer.getDescription());
          }
        }
        return challenge;
      } catch (NameNotFoundException ex) {
        logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
        // ignore... we'll try another server
      } catch (ObjectRetrievalException ex) {
        logger.debug("Multiple results found for " + username);
        // ignore it... try the next server
      }
    }

    logger.debug("Couldn't find default security questions for " + username);
    throw new NameNotFoundException(
        "Couldn't find username " + username + " in any of provided servers.");
  }
  @Override
  public void setUserPassword(String username, String password) {
    logger.debug("We have " + ldapServers.size() + " LDAP servers to look at.");
    for (LdapServer ldapServer : ldapServers) {
      logger.debug("Checking server " + ldapServer.getDescription() + " for user " + username);
      try {
        ldapServer.setPassword(username, password);
        logger.debug(
            "Successfully set password for " + username + " at " + ldapServer.getDescription());
        return;
      } catch (NameNotFoundException ex) {
        logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
        // ignore... we'll try another server
      } catch (ObjectRetrievalException ex) {
        logger.debug("Multiple results found for " + username);
        // ignore it... try the next server
      }
    }

    logger.debug("Couldn't find server for " + username);
    throw new NameNotFoundException(
        "Couldn't find username " + username + " in any of provided servers.");
  }
  @Override
  public void setUserSecurityChallenge(String username, SecurityChallenge securityChallenge) {

    for (LdapServer server : ldapServers) {
      try {
        server.setUserSecurityChallenge(username, securityChallenge);
        logger.debug(
            "Successfully set user security challenge for "
                + username
                + " at "
                + server.getDescription());
        return;
      } catch (NameNotFoundException ex) {
        logger.debug("Didn't find " + username + " in " + server.getDescription());
        // ignore it... try the next server
      } catch (ObjectRetrievalException ex) {
        logger.debug("Multiple results found for " + username);
        // ignore it... try the next server
      }
    }

    throw new NameNotFoundException(
        "Couldn't find username " + username + " in any of provided servers.");
  }
  @Override
  public void changeUserPassword(String username, String oldPassword, String newPassword)
      throws UserLockedOutException {

    // throws UserLockedOutException if this isn't allowed
    lockoutService.allowAttempt(username);

    for (LdapServer ldapServer : ldapServers) {
      try {
        if (ldapServer.verifyPassword(username, oldPassword)) {
          ldapServer.setPassword(username, newPassword);
          logger.debug(
              "Successfully changed password for "
                  + username
                  + " at "
                  + ldapServer.getDescription());
          lockoutService.clearIncorrectAttempts(username);
          return;
        }
      } catch (AuthenticationException ex) {
        logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
        // ignore... we'll try another server
      } catch (NameNotFoundException ex) {
        logger.debug("Didn't find " + username + " in " + ldapServer.getDescription());
        // ignore... we'll try another server
      } catch (ObjectRetrievalException ex) {
        logger.debug("Multiple results found for " + username);
        // ignore it... try the next server
      }
    }

    lockoutService.registerIncorrectAttempt(username);
    logger.debug("Couldn't find server for " + username + " or bad password.");
    throw new NameNotFoundException(
        "Couldn't find username " + username + " in any of provided servers or bad password.");
  }