You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by "Michael Jumper (JIRA)" <ji...@apache.org> on 2016/08/23 19:43:20 UTC

[jira] [Commented] (GUACAMOLE-36) Add support for password policies

    [ https://issues.apache.org/jira/browse/GUACAMOLE-36?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15433466#comment-15433466 ] 

Michael Jumper commented on GUACAMOLE-36:
-----------------------------------------

Should be all done now, pending future review and merge. The changes are in a hierarchy of branches in my fork on GitHub:

h4. Current branch hierarchy for future merge

h5. {{incubator-guacamole-client}}

{{master}} → {{translatable-messages}} → {{password-policies}} → {{password-aging}} → {{password-history}}

|| Branch name || Description ||
| {{translatable-messages}} | Define mechanism for throwing translatable error messages from extensions, allowing for substitution of arbitrary values and pluralization. |
| {{password-policies}} | Password policies based on content only (length, forbid username, require uppercase/lowercase/digits/symbols). |
| {{password-aging}} | Password policies based on password age only (password expiry, password reset too recently). |
| {{password-history}} | Password policies based on historical password records (do not repeat any of last N passwords). |

h5. {{incubator-guacamole-manual}}

{{master}} → {{password-policies}}

|| Branch name || Description ||
| {{password-policies}} | Documentation of password policy options and schema changes. |

Obviously can't move forward with PRs until after 0.9.10-incubating.

> Add support for password policies
> ---------------------------------
>
>                 Key: GUACAMOLE-36
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-36
>             Project: Guacamole
>          Issue Type: New Feature
>          Components: guacamole-auth-jdbc
>            Reporter: Michael Jumper
>            Assignee: Michael Jumper
>
> Guacamole currently lacks support for enforcement of password policies within the existing authentication backends. This is not relevant for the backends which are read-only, but definitely makes a difference for the database authentication.
> We should provide password policies in line with current de facto standards. Specifically, the following restrictions need to be supported:
> # Minimum password age (how long before the password CAN be changed)
> # Maximum password age (how long before the password MUST be changed)
> # Minimum password length
> # Minimum number of character classes:
> ## Uppercase
> ## Lowercase
> ## Symbols
> ## Digits
> # Must not containing the username
> # Must not match last N passwords



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)