Details
-
Type:
Feature Request
-
Status: CLOSED
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 2.9.x
-
Component/s: Kernel
-
Labels:
-
10 status:Resolved
-
Property addition/change required:Yes
-
CLE Team Issue:Yes
-
Previous Issue Keys:KNL-1123
Description
This is the kernel ticket related to SAK-24392 (password validation)
NOTE: aside from entitybroker_KNL-1123.patch.txt, the rest of these patches are out of date and differ substantially from what was applied to trunk, the final implementation is more focused and the provider is easier to implement
There is also a new REST endpoint which will do the password validation check based on the system password policy
Config params
- Control user password policy (
KNL-1123) - Enable the user password policy handling, must be true to enable the password policy
- Other "user.password" settings have no effect if this is false
- Default: false
#user.password.policy=true - Controls the name of the password policy provider class, changing this will make the settings below meaningless
- Default: org.sakaiproject.user.api.PasswordPolicyProvider
#user.password.policy.provider.name=name.of.the.spring.bean - default PasswordPolicyProvider: Controls the entropy settings for the password policy check
- Defaults: as shown below (minimum.entropy=16, medium.entropy=32, high.entropy=48)
#user.password.minimum.entropy=16
#user.password.medium.entropy=32
#user.password.high.entropy=48 - default PasswordPolicyProvider: Controls the maximum length of sequence of characters from the user EID that is allowed for the password
- Default: 3
#user.password.maximum.sequence.length=3
