portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r1816783 - /portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml
Date Fri, 01 Dec 2017 00:52:27 GMT
Author: taylor
Date: Fri Dec  1 00:52:27 2017
New Revision: 1816783

URL: http://svn.apache.org/viewvc?rev=1816783&view=rev
Log:
JS2-1356: new password overrides configuration

Added:
    portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml

Added: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml?rev=1816783&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml
(added)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml
Fri Dec  1 00:52:27 2017
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
+
+    <bean id="org.apache.jetspeed.security.spi.CredentialPasswordValidator" name="org.apache.jetspeed.security.CredentialPasswordValidator"
+          class="org.apache.jetspeed.security.spi.impl.DefaultCredentialPasswordValidator">
+        <meta key="j2:cat" value="default or security" />
+
+        <!-- UNCOMMENT TO TURN ON Regex-based password validation. The pattern below gives:
+          * Must be at least 6 characters
+          * Must contain at least one one lower case letter, one upper case letter, one digit
and one special character
+          * Valid special characters are @#$%^&+=
+          -->
+        <constructor-arg index="0"><value><![CDATA[^.*(?=.{6,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=]).*$]]></value></constructor-arg>
+    </bean>
+
+    <bean id="loginValidationValve"
+          class="org.apache.jetspeed.security.impl.LoginValidationValveImpl"
+          init-method="initialize">
+        <!-- maxNumberOfAuthenticationFailures
+             This value should be in sync with the value for
+             org.apache.jetspeed.security.spi.impl.MaxPasswordAuthenticationFailuresInterceptor
+             (if used) to make sense.
+             Any value < 2 will suppress the LoginConststants.ERROR_FINAL_LOGIN_ATTEMPT
+             error code when only one last attempt is possible before the credential
+             will be disabled after the next authentication failure.
+        -->
+        <constructor-arg index="0"><value>3</value></constructor-arg>
+    </bean>
+
+    <bean id="org.apache.jetspeed.security.spi.impl.UserPasswordCredentialPolicyManagerImpl"
+          class="org.apache.jetspeed.security.spi.impl.UserPasswordCredentialPolicyManagerImpl">
+        <meta key="j2:cat" value="default or security" />
+        <constructor-arg index="0" ref="org.apache.jetspeed.security.CredentialPasswordEncoder"
/>
+        <constructor-arg index="1" ref="org.apache.jetspeed.security.CredentialPasswordValidator"
/>
+        <constructor-arg index="2">
+            <list>
+                <!-- enforce an invalid preset password value in the persisent store is
required to be changed -->
+                <bean class="org.apache.jetspeed.security.spi.impl.ValidatePasswordOnLoadInterceptor"
/>
+                <!-- ensure preset cleartext passwords in the persistent store  will be
encoded on first use -->
+                <bean class="org.apache.jetspeed.security.spi.impl.EncodePasswordOnFirstLoadInterceptor"
/>
+
+                <bean class="org.apache.jetspeed.security.spi.impl.MaxPasswordAuthenticationFailuresInterceptor">
+                    <constructor-arg index="0"><value>3</value></constructor-arg>
+                </bean>
+                <!-- set value in days for password expiration interceptor -->
+                <bean class="org.apache.jetspeed.security.spi.impl.PasswordExpirationInterceptor">
+                    <constructor-arg index="0"><value>30</value></constructor-arg>
+                </bean>
+                <bean class="org.apache.jetspeed.security.spi.impl.PasswordHistoryInterceptor">
+                    <constructor-arg index="0"><value>3</value></constructor-arg>
+                </bean>
+            </list>
+        </constructor-arg>
+    </bean>
+
+    <bean class="org.apache.jetspeed.security.spi.impl.MaxPasswordAuthenticationFailuresInterceptor">
+        <constructor-arg index="0"><value>3</value></constructor-arg>
+    </bean>
+
+    <!-- set value in days for password expiration interceptor -->
+    <bean class="org.apache.jetspeed.security.spi.impl.PasswordExpirationInterceptor">
+        <constructor-arg index="0"><value>30</value></constructor-arg>
+    </bean>
+
+    <bean id="passwordCredentialValve"
+          class="org.apache.jetspeed.security.impl.PasswordCredentialValveImpl"
+          init-method="initialize">
+        <constructor-arg>
+            <!-- expirationWarningDays -->
+            <list>
+                <value>2</value>
+                <value>3</value>
+                <value>7</value>
+            </list>
+        </constructor-arg>
+    </bean>
+
+
+</beans>
+



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message