You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@syncope.apache.org by Mihai R <mi...@gmail.com> on 2013/11/01 11:32:50 UTC
Manage ldap passwords with syncope
Hi,
I need some help with two issues.
1. Every time I make a change to an attribute of an ldap user, using
syncope, the users password is also cleared /reseted. I wish to be abble
to modify users attributes but keep their passwords unchanged.
2. Is there any possibility to force users to choose (set) only strong
passwords (minimum 8 characters, symbols etc)?
Thank you very much.
Mihai
Re: Manage ldap passwords with syncope
Posted by Francesco Chicchiriccò <il...@apache.org>.
On 01/11/2013 11:32, Mihai R wrote:
> Hi,
> I need some help with two issues.
>
> 1. Every time I make a change to an attribute of an ldap user, using
> syncope, the users password is also cleared /reseted. I wish to be
> abble to modify users attributes but keep their passwords unchanged.
When updating an user via REST, you have several options to define
whether password should not updated at all, updated only on Syncope or
on one of connected resources: take a look at UserMod [1] and to its
'pwdPropRequest' attribute [2].
Naturally, if using admin console, it will take care of these aspects on
your behalf.
> 2. Is there any possibility to force users to choose (set) only strong
> passwords (minimum 8 characters, symbols etc)?
Of course: either define a global password policy or a specific policy
targeted to a role or an external resource (LDAP, in your case): see [3]
for how to do this via admin console.
If I remember correctly, you are only interacting with Syncope via REST,
and not using SyncopeClient: I'd suggest to deploy the admin console
anyway, at least in you dev environment, to set the 'org.apache.cxf'
console logger to DEBUG and then, while watching the log files, to
perform the operations you need via admin console, to look at the
generated (XML or JSON) payloads.
HTH
Regards.
[1]
http://svn.apache.org/repos/asf/syncope/branches/1_1_X/common/src/main/java/org/apache/syncope/common/mod/UserMod.java
[2]
http://svn.apache.org/repos/asf/syncope/branches/1_1_X/common/src/main/java/org/apache/syncope/common/to/PropagationRequestTO.java
[3]
https://cwiki.apache.org/confluence/display/SYNCOPE/Policies#Policies-PasswordPolicies
--
Francesco Chicchiriccò
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/