Hi, >From where an admin can configure this policies? Is it a file based configuration or can configure from admin portal UI? If it's configurable in UI, can you please point out a wire-frame for this to have better understanding.
If we are providing these policy properties to enable, I think we have to finalize what are the properties that should be added by default (Ex: I think "password should not be equal to user name" should be a default policy not a custom one etc.) And is this password policies configured globally or domain wise? I think it's better if we can configure it domain wise, since in a real environment policies normally enforced for a domain. Thanks and Regards On Thu, Mar 23, 2017 at 11:56 PM, Gayan Gunawardana <[email protected]> wrote: > Hi All, > > We are in the process of Implementing password policy validation feature > for IS 6.0.0. > Up to IS 5.3.0 there are set of default password policies. > > > - Password Length Policy (check max length, min length) > - Password Name Policy (check equality of username and password) > - Password Pattern Policy (check password against given regex pattern) > > In the password policy validation process, it goes through each and every > policies to check validity. If one of them fail password policy validation > will be failed. Further if we add custom policy it will be evaluated in > addition to default policies. > > IS 6.0.0 we have done bit of change. > > By default there are two ways to define password policies > > 1. From regex pattern. > 2. By using set of properties like min length, max length, lower case, > upper case. > > > *Identity Admin can define password policies by using regex pattern or set > of properties but not both. * > Also there is a flexibility to define custom password policies. You will > have two configurations under password policies, one is to enable password > policy validation and another one is to enable default password policy > validation. > > In case if you want to have both, default password policies and custom > password policies then you can keep both configurations are enabled. If you > want to enable only custom policy then you can disable default policies. > > Appreciate your suggestions regarding this. > > Thanks, > Gayan > > -- > Gayan Gunawardana > Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: [email protected] > Mobile: +94 (71) 8020933 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Indunil Upeksha Rathnayake Software Engineer | WSO2 Inc Email [email protected] Mobile 0772182255
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
