directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: ApacheDS and password policy
Date Wed, 28 Nov 2012 13:56:44 GMT
Le 11/28/12 2:05 PM, Yevgen Ovchynnikov a écrit :
> Hello,
>
> As I can see from your page http://directory.apache.org/apacheds/1.5/account-and-password-policy-management.html
, password policy and password strength are in future development, am I correct?

They are already available in 2.0.0-M8.

> If yes, could you please provide any tools or recommends how to implement password strength
with ApacheDS? It will be great to your community.

The documentation is not yet ready, but for 2.0.0-M8, you have many
parameters you can set to manage the passwordPolicy in the
PasswordPolicies entry :
ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config

You have many possible parameters you can set.
> For example:
>
> -          Include at least one character from at least three of the following classes:
lowercase letters, uppercase letters, numerals, punctuation (for example, #, |, $, %    and
spaces)
>
> -          Are not found in common dictionaries, and are not well-known or predictable
phrases
>
> -          Do not resemble the name of the account holder

Some of those checks are done through the DefaultPasswordValidator, but
not all of them. We need to add some more validators.
Hope it helps...

-- 
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com 


Mime
View raw message