You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@syncope.apache.org by "Marco Di Sabatino Di Diodoro (JIRA)" <ji...@apache.org> on 2014/06/20 15:29:25 UTC
[jira] [Commented] (SYNCOPE-391) Make password management optional
[ https://issues.apache.org/jira/browse/SYNCOPE-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14038779#comment-14038779 ]
Marco Di Sabatino Di Diodoro commented on SYNCOPE-391:
------------------------------------------------------
Hi all,
I added the possibility to make the password storage and management optional. The new field into PasswordPolicy allows you to decide if store or not the password.
Questions:
If I configured two PasswordPolicy where the first indicates to store the password and the second not, what is the behavior of Apache Syncope? Store or not a password into Syncope repository? Propagate or not to the resources?
In my opinion, if there is at least one password policy that says do not store the password, Syncope should not store it.
The propagation of the password to the resource is determined by the configuration of the password policy and resource mapping for that resource.
WDYT?
> Make password management optional
> ---------------------------------
>
> Key: SYNCOPE-391
> URL: https://issues.apache.org/jira/browse/SYNCOPE-391
> Project: Syncope
> Issue Type: Improvement
> Reporter: Francesco Chicchiriccò
> Assignee: Marco Di Sabatino Di Diodoro
> Fix For: 1.2.0
>
>
> Currently, SyncopeUser#password is annotated as @NotNull - this has several consequences to propagation / synchronization and even to admin console.
> However, it would be a nice addition to make the password storage and management optional - in complex IdM scenarios, in fact, it might even be a business requirement to NOT store passwords in Syncope internal storage.
--
This message was sent by Atlassian JIRA
(v6.2#6252)