[jira] [Commented] (GUACAMOLE-36) Add support for password policies

Tue, 23 Aug 2016 12:44:01 -0700 

    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-36?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15433466#comment-15433466
 ] 

Michael Jumper commented on GUACAMOLE-36:
-----------------------------------------

Should be all done now, pending future review and merge. The changes are in a 
hierarchy of branches in my fork on GitHub:

h4. Current branch hierarchy for future merge

h5. {{incubator-guacamole-client}}

{{master}} → {{translatable-messages}} → {{password-policies}} → 
{{password-aging}} → {{password-history}}

|| Branch name || Description ||
| {{translatable-messages}} | Define mechanism for throwing translatable error 
messages from extensions, allowing for substitution of arbitrary values and 
pluralization. |
| {{password-policies}} | Password policies based on content only (length, 
forbid username, require uppercase/lowercase/digits/symbols). |
| {{password-aging}} | Password policies based on password age only (password 
expiry, password reset too recently). |
| {{password-history}} | Password policies based on historical password records 
(do not repeat any of last N passwords). |

h5. {{incubator-guacamole-manual}}

{{master}} → {{password-policies}}

|| Branch name || Description ||
| {{password-policies}} | Documentation of password policy options and schema 
changes. |

Obviously can't move forward with PRs until after 0.9.10-incubating.

> Add support for password policies
> ---------------------------------
>
>                 Key: GUACAMOLE-36
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-36
>             Project: Guacamole
>          Issue Type: New Feature
>          Components: guacamole-auth-jdbc
>            Reporter: Michael Jumper
>            Assignee: Michael Jumper
>
> Guacamole currently lacks support for enforcement of password policies within 
> the existing authentication backends. This is not relevant for the backends 
> which are read-only, but definitely makes a difference for the database 
> authentication.
> We should provide password policies in line with current de facto standards. 
> Specifically, the following restrictions need to be supported:
> # Minimum password age (how long before the password CAN be changed)
> # Maximum password age (how long before the password MUST be changed)
> # Minimum password length
> # Minimum number of character classes:
> ## Uppercase
> ## Lowercase
> ## Symbols
> ## Digits
> # Must not containing the username
> # Must not match last N passwords



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to