directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shawn McKinney (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FC-211) Support apacheds password policies
Date Sat, 10 Jun 2017 15:47:19 GMT

    [ https://issues.apache.org/jira/browse/FC-211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16045585#comment-16045585
] 

Shawn McKinney commented on FC-211:
-----------------------------------

Here is what was done:

1. If ldap.server.type=apacheds, process password policy operations and flow

2. Add a separate policy root location, apacheds requires it to be under ou=config:
ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config

3. Pre-prepend the apacheds prefix, "ads-", to all pw policy attribute names.

4. Set mustchange=FALSE on the default pw policy for fortress tests = 'TEST1'.  This is to
prevent apacheds server from setting the pwdreset attritute to TRUE when users are first created.

That's about it.  All password policy tests work now with apacheds.



> Support apacheds password policies
> ----------------------------------
>
>                 Key: FC-211
>                 URL: https://issues.apache.org/jira/browse/FC-211
>             Project: FORTRESS
>          Issue Type: Improvement
>    Affects Versions: 2.0.0-RC2
>            Reporter: Shawn McKinney
>            Assignee: Shawn McKinney
>             Fix For: 2.0.0
>
>
> Currently fortress supports two modes for server:
> ldap.server.type=openldap
> ldap.server.type=apacheds
> the problem is the apacheds server mode doesn't verify/check password policies which
needs to be fixed.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message