There is an api sec:user-set-password-extra and the corresponding getter: http://docs.marklogic.com/sec:user-set-password-extra
http://docs.marklogic.com/sec:user-get-password-extra That allows you to squirrel away information in the password document stored in the secutity database. You can use this to key some logic off of. For example, you can put the current date in the sec:password-extra element, then write a plugin that tests for how long it has been. I don't have any code that does that off the top of my head, but I think you should be able to write that. -Danny From: [email protected] [mailto:[email protected]] On Behalf Of Sudheer Yalaverthi Sent: Friday, August 14, 2015 11:32 AM To: MarkLogic Developer Discussion Subject: [MarkLogic Dev General] How to force a user to change password if the last password change date is more than 90days Hi, On my application server, I would like to enforce a password change for every 90days. If a user tries to access the app server or any resources on this server, I would like to be able to show a message that password is expired (though there is no password expiry in MarkLogic) as last change date is more than 90days. MarkLogic by default does not capture the last password change date but I captured it using a password plug-in with an element password-lastchangedon as child to password- extra element. I would like to use the authentication scheme as basic but still be able to validate this value whenever a user tries to login. Plug-ins registered under http://marklogic.com/xdmp/security/password-check are invoked only when passwords are updated. Is there a way I can achieve to validate the last change date with basic scheme of authentication whenever a user tries to login to the app server? Regards, Sudheer Yalaverthi --- This communication may contain confidential and/or privileged information. If you are not the intended recipient (or have received this communication in error) please notify the sender immediately and destroy this communication. Any unauthorized copying, disclosure or distribution of the material in this communication is strictly forbidden. Deutsche Bank does not render legal or tax advice, and the information contained in this communication should not be regarded as such.
_______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
