Hi all,
I'd go for more, like as adding to password policy specifications the
options for
1. not allowing values from other fields (including password) - note
that this feature for password and encrypted fields might not always be
available during user update, depending on the cipher algorithm
2. not allowing values from a user-provided dictionary
WDYT?
On 29/12/2014 14:40, Marco Di Sabatino Di Diodoro wrote:
Hi Guido,
On 29/12/2014 09:58, Guido Wimmel wrote:
Hi,
is it possible currently in Syncope to disallow a password that is equal to the
username?
Currentlyis not possible to configure your policy.
You can open an improvement on Apache Syncope.
Regards
Marco
As far as I understand, using the password policy one can only disallow
passwords equal to schema attributes - but maybe there is some trick?
Regards,
Guido
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
