You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2017/12/01 00:52:27 UTC
svn commit: r1816783 -
/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml
Author: taylor
Date: Fri Dec 1 00:52:27 2017
New Revision: 1816783
URL: http://svn.apache.org/viewvc?rev=1816783&view=rev
Log:
JS2-1356: new password overrides configuration
Added:
portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml
Added: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml?rev=1816783&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml (added)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/alternate/credentials/password-overrides.xml Fri Dec 1 00:52:27 2017
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
+
+ <bean id="org.apache.jetspeed.security.spi.CredentialPasswordValidator" name="org.apache.jetspeed.security.CredentialPasswordValidator"
+ class="org.apache.jetspeed.security.spi.impl.DefaultCredentialPasswordValidator">
+ <meta key="j2:cat" value="default or security" />
+
+ <!-- UNCOMMENT TO TURN ON Regex-based password validation. The pattern below gives:
+ * Must be at least 6 characters
+ * Must contain at least one one lower case letter, one upper case letter, one digit and one special character
+ * Valid special characters are @#$%^&+=
+ -->
+ <constructor-arg index="0"><value><![CDATA[^.*(?=.{6,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=]).*$]]></value></constructor-arg>
+ </bean>
+
+ <bean id="loginValidationValve"
+ class="org.apache.jetspeed.security.impl.LoginValidationValveImpl"
+ init-method="initialize">
+ <!-- maxNumberOfAuthenticationFailures
+ This value should be in sync with the value for
+ org.apache.jetspeed.security.spi.impl.MaxPasswordAuthenticationFailuresInterceptor
+ (if used) to make sense.
+ Any value < 2 will suppress the LoginConststants.ERROR_FINAL_LOGIN_ATTEMPT
+ error code when only one last attempt is possible before the credential
+ will be disabled after the next authentication failure.
+ -->
+ <constructor-arg index="0"><value>3</value></constructor-arg>
+ </bean>
+
+ <bean id="org.apache.jetspeed.security.spi.impl.UserPasswordCredentialPolicyManagerImpl"
+ class="org.apache.jetspeed.security.spi.impl.UserPasswordCredentialPolicyManagerImpl">
+ <meta key="j2:cat" value="default or security" />
+ <constructor-arg index="0" ref="org.apache.jetspeed.security.CredentialPasswordEncoder" />
+ <constructor-arg index="1" ref="org.apache.jetspeed.security.CredentialPasswordValidator" />
+ <constructor-arg index="2">
+ <list>
+ <!-- enforce an invalid preset password value in the persisent store is required to be changed -->
+ <bean class="org.apache.jetspeed.security.spi.impl.ValidatePasswordOnLoadInterceptor" />
+ <!-- ensure preset cleartext passwords in the persistent store will be encoded on first use -->
+ <bean class="org.apache.jetspeed.security.spi.impl.EncodePasswordOnFirstLoadInterceptor" />
+
+ <bean class="org.apache.jetspeed.security.spi.impl.MaxPasswordAuthenticationFailuresInterceptor">
+ <constructor-arg index="0"><value>3</value></constructor-arg>
+ </bean>
+ <!-- set value in days for password expiration interceptor -->
+ <bean class="org.apache.jetspeed.security.spi.impl.PasswordExpirationInterceptor">
+ <constructor-arg index="0"><value>30</value></constructor-arg>
+ </bean>
+ <bean class="org.apache.jetspeed.security.spi.impl.PasswordHistoryInterceptor">
+ <constructor-arg index="0"><value>3</value></constructor-arg>
+ </bean>
+ </list>
+ </constructor-arg>
+ </bean>
+
+ <bean class="org.apache.jetspeed.security.spi.impl.MaxPasswordAuthenticationFailuresInterceptor">
+ <constructor-arg index="0"><value>3</value></constructor-arg>
+ </bean>
+
+ <!-- set value in days for password expiration interceptor -->
+ <bean class="org.apache.jetspeed.security.spi.impl.PasswordExpirationInterceptor">
+ <constructor-arg index="0"><value>30</value></constructor-arg>
+ </bean>
+
+ <bean id="passwordCredentialValve"
+ class="org.apache.jetspeed.security.impl.PasswordCredentialValveImpl"
+ init-method="initialize">
+ <constructor-arg>
+ <!-- expirationWarningDays -->
+ <list>
+ <value>2</value>
+ <value>3</value>
+ <value>7</value>
+ </list>
+ </constructor-arg>
+ </bean>
+
+
+</beans>
+
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org