[
https://issues.apache.org/jira/browse/DIRSERVER-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12494179
]
Enrique Rodriguez commented on DIRSERVER-899:
---------------------------------------------
Committed initial version of PasswordPolicyService interceptor on rev 536046 to
'kerberos-encryption-types' branch, to test in conjunction with
KeyDerivationService interceptor. This initial version does not support
pluggable policies in the spirit of the AuthenticationService.
URL: http://svn.apache.org/viewvc?view=rev&rev=536046
> Support centralized password policy enforcement
> -----------------------------------------------
>
> Key: DIRSERVER-899
> URL: https://issues.apache.org/jira/browse/DIRSERVER-899
> Project: Directory ApacheDS
> Issue Type: Improvement
> Components: changepw, core
> Reporter: Enrique Rodriguez
> Assigned To: Enrique Rodriguez
> Priority: Minor
> Fix For: 1.5.2
>
>
> Currently, password policy is not applied centrally, let alone per "realm" or
> subtree/subtree refinement. The Change Password protocol provider enforces a
> best-practice password policy. However, this is bypassed during other
> password sets, such as during LDIF load or LDAP add and modify operations.
> Password policy enforcement should move to the core, for reuse by other
> mechanisms for password changes.
> Password policy is currently enforced in the CheckPasswordPolicy
> IoHandlerCommand.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
