directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez (JIRA)" <j...@apache.org>
Subject [jira] Created: (DIRCHANGEPW-2) Add basic password policy check
Date Wed, 28 Sep 2005 16:19:49 GMT
Add basic password policy check
-------------------------------

         Key: DIRCHANGEPW-2
         URL: http://issues.apache.org/jira/browse/DIRCHANGEPW-2
     Project: Directory Change Password
        Type: New Feature
    Versions: 0.5.1    
    Reporter: Enrique Rodriguez
 Assigned to: Enrique Rodriguez 
    Priority: Minor
     Fix For: 0.5.1


The Change Password protocol does not currently apply any password policy checks.  Besides
being a desirable feature, this is also recommended by RFC 3244.

Some implementation details:
o  Violations of the password policy should result in the return of a KRB5_KPASSWD_SOFTERROR.
 This is not clear from the RFC, but is my best guess from the available error codes.
o  The result string should contain feedback about the policy failure, encoded in UTF-8. 
Clients are supposed to display this string to the user.
o  My first cut of this will support the well-established policy checks of length, character
mix, and username tokens.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message