[jira] Commented: (DIRSERVER-1543) Password Policy forbid to import entries with a non clear text password

Thu, 19 Aug 2010 22:19:01 -0700 

    [ 
https://issues.apache.org/jira/browse/DIRSERVER-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12900576#action_12900576
 ] 

Kiran Ayyagari commented on DIRSERVER-1543:
-------------------------------------------

when set to '0' the quality will never be checked, i.e max/min length values 
won't be considered (even if they are set). 
Whereas when set to '1' it checks for password quality but in some cases (like 
hashed password) even if it can't check will allow the password.

Here the idea is to allow clear text password and change it to hashed after 
completing the ppolicy checks (but at the moment we don't have
this feature of converting clear text password to a hashed one)

> Password Policy forbid to import entries with a non clear text password
> -----------------------------------------------------------------------
>
>                 Key: DIRSERVER-1543
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1543
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-RC1
>            Reporter: Emmanuel Lecharny
>            Priority: Critical
>             Fix For: 2.0.0-RC1
>
>
> If we try to import a LDIF file containing entries with an encrypted 
> password, we get a failure :
> #!RESULT ERROR
> #!CONNECTION ldap://iktek:10389
> #!DATE 2010-08-19T16:33:01.575
> #!ERROR [LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for     Add 
> Request : Entry     dn[n]: uid=elecharny,ou=People,dc=iktek,dc=com     
> objectClass: organizationalPerson     objectClass: person     objectClass: 
> inetOrgPerson     objectClass: top     uid: elecharny     mail: 
> [email protected]     sn: Lecharny     userPassword: '0x7B 0x53 0x53 0x48 
> 0x41 0x7D 0x72 0x32 0x56 0x4C 0x75 0x55 0x52 0x6C 0x75 0x46 ...'     cn: 
> Emmanuel Lecharny     givenName: Emmanuel    : cannot verify the quality of 
> the non-cleartext passwords]
> dn: uid=elcharny,ou=People,dc=iktek,dc=com
> changetype: add
> objectClass: organizationalPerson
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: top
> mail: [email protected]
> givenName: Emmanuel
> uid: seelmann
> userPassword: {SSHA}wnfS3DVTFB/FVbBwC47WfQNn29WN/.....
> sn: Lecharny
> cn: Emmanuel lecharny
> Seems like we should disable the password policy when it's not plain text...

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to