directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Zoerner <>
Subject Re: Force Change Password
Date Sat, 02 May 2009 20:57:39 GMT
Hi Carlo,

Carlo Camerino wrote:
> I just want to know if Apache Directory server can do the following.
> 1.) Can it force the users to change password? (Expire password after a
> specific time period)
> 2.) Can I make a list of commonly used passwords that users shouldn't use?

The functionality w.r.t. password polices is not that impressive yet. 
There is a Password Policy Interceptor, which has to be enabled. It 
deals with minimal password complexity etc. defaults (if enabled) to this:

* The password is at least six characters long.
* The password contains a mix of characters.
* The password does not contain three letter (or more) tokens from the 
user's account name.

It would be quite easy to extend it to forbid certain password values. 
But you have to extend the corresponding class and modify the 
configuration in server.xml to accomplish that.

This helps at least for question 2 (hopefully).

Greetings from Hamburg,

View raw message