You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Enrique Rodriguez (JIRA)" <ji...@apache.org> on 2005/09/30 06:35:48 UTC
[jira] Closed: (DIRCHANGEPW-2) Add basic password policy check
[ http://issues.apache.org/jira/browse/DIRCHANGEPW-2?page=all ]
Enrique Rodriguez closed DIRCHANGEPW-2:
---------------------------------------
Resolution: Fixed
Support for basic password policy checks has been added.
Committed to kerberos-common on revision 292621.
Committed to changepw tests on revision 292624.
Committed to changepw-protocol on revision 292627.
http://svn.apache.org/viewcvs.cgi?view=rev&rev=292621
http://svn.apache.org/viewcvs.cgi?view=rev&rev=292624
http://svn.apache.org/viewcvs.cgi?view=rev&rev=292627
> Add basic password policy check
> -------------------------------
>
> Key: DIRCHANGEPW-2
> URL: http://issues.apache.org/jira/browse/DIRCHANGEPW-2
> Project: Directory Change Password
> Type: New Feature
> Versions: 0.5.1
> Reporter: Enrique Rodriguez
> Assignee: Enrique Rodriguez
> Priority: Minor
> Fix For: 0.5.1
>
> The Change Password protocol does not currently apply any password policy checks. Besides being a desirable feature, this is also recommended by RFC 3244.
> Some implementation details:
> o Violations of the password policy should result in the return of a KRB5_KPASSWD_SOFTERROR. This is not clear from the RFC, but is my best guess from the available error codes.
> o The result string should contain feedback about the policy failure, encoded in UTF-8. Clients are supposed to display this string to the user.
> o My first cut of this will support the well-established policy checks of length, character mix, and username tokens.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira