You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2018/07/31 14:24:31 UTC
[1/2] syncope git commit: Clarifying about default account and
password rules with Syncope 2.1 and later
Repository: syncope
Updated Branches:
refs/heads/2_1_X 21aeaaaa8 -> 174588acc
refs/heads/master 0de2236d6 -> 348f15064
Clarifying about default account and password rules with Syncope 2.1 and later
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/174588ac
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/174588ac
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/174588ac
Branch: refs/heads/2_1_X
Commit: 174588acc8fdd82dbcc21201f8e3cfd707b14ff9
Parents: 21aeaaa
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Tue Jul 31 16:21:42 2018 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Tue Jul 31 16:21:42 2018 +0200
----------------------------------------------------------------------
.../reference-guide/concepts/policies.adoc | 109 ++++++++++++-------
.../concepts/typemanagement.adoc | 6 +-
2 files changed, 75 insertions(+), 40 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/174588ac/src/main/asciidoc/reference-guide/concepts/policies.adoc
----------------------------------------------------------------------
diff --git a/src/main/asciidoc/reference-guide/concepts/policies.adoc b/src/main/asciidoc/reference-guide/concepts/policies.adoc
index 9435e64..a6b612d 100644
--- a/src/main/asciidoc/reference-guide/concepts/policies.adoc
+++ b/src/main/asciidoc/reference-guide/concepts/policies.adoc
@@ -58,6 +58,46 @@ suspended on associated resources or not?
Account rules define constraints to apply to username values.
+Some implementations are provided out-of-the-box, custom ones can be provided on given deployment.
+
+[TIP]
+====
+As `JAVA` <<implementations,implementation>>, writing custom account rules means:
+
+. providing configuration parameters in an implementation of
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/2_1_X/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+endif::[]
+. enforcing in an implementation of
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+annotated via
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+endif::[]
+referring to the configuration class.
+
+As `GROOVY` <<implementations,implementation>>, writing custom account rules means implementing
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+====
+
+====== Default Account Rule
+
The default account rule (enforced by
ifeval::["{snapshotOrRelease}" == "release"]
https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/DefaultAccountRule.java[DefaultAccountRule^]
@@ -76,7 +116,7 @@ endif::[]
* maximum length - the maximum length to allow; `0` means no limit set;
* minimum length - the minimum length to allow; `0` means no limit set;
-* pattern - http://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html[Java regular expression pattern^] to
+* pattern - http://docs.oracle.com/javase/8/docs/api/java/util/regex/Pattern.html[Java regular expression pattern^] to
match; `NULL` means no match is attempted;
* all uppercase - are lowercase characters allowed?
* all lowercase - are uppercase characters allowed?
@@ -85,33 +125,10 @@ match; `NULL` means no match is attempted;
* prefixes not permitted - list of strings that cannot be present as a prefix;
* suffixes not permitted - list of strings that cannot be present as a suffix.
-[TIP]
-====
-Writing custom account rules means:
-
-. providing configuration parameters in an implementation of
-ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
-endif::[]
-ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/2_1_X/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
-endif::[]
-. implementing enforcement in an implementation of
-ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
-endif::[]
-ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
-endif::[]
-annotated via
-ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
-endif::[]
-ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
-endif::[]
-referring to the configuration class
-====
+[NOTE]
+Before being able to configure the default account rule as mentioned above, you will need to first create a `JAVA`
+`ACCOUNT_RULE` <<implementations,implementation>> for the `org.apache.syncope.common.lib.policy.DefaultAccountRuleConf`
+class.
===== Pass-through Authentication
@@ -149,30 +166,38 @@ Some implementations are provided out-of-the-box, custom ones can be provided on
[TIP]
====
-Writing custom account rules means:
+As `JAVA` <<implementations,implementation>>, writing custom password rules means:
. providing configuration parameters in an implementation of
ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/PasswordRuleConf.java[PasswordRuleConf^]
endif::[]
ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/2_1_X/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+https://github.com/apache/syncope/blob/2_1_X/common/lib/src/main/java/org/apache/syncope/common/lib/policy/PasswordRuleConf.java[PasswordRuleConf^]
endif::[]
-. implementing enforcement in an implementation of
+. enforcing in an implementation of
ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
endif::[]
ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
endif::[]
annotated via
ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRuleConfClass.java[@PasswordRuleConfClass^]
endif::[]
ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRuleConfClass.java[@PasswordRuleConfClass^]
+endif::[]
+referring to the configuration class.
+
+As `GROOVY` <<implementations,implementation>>, writing custom account rules means implementing
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/2_1_X/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
endif::[]
-referring to the configuration class
====
====== Default Password Rule
@@ -218,6 +243,11 @@ endif::[]
* prefixes not permitted - list of strings that cannot be present as a prefix;
* suffixes not permitted - list of strings that cannot be present as a suffix.
+[NOTE]
+Before being able to configure the default password rule as mentioned above, you will need to first create a `JAVA`
+`PASSWORD_RULE` <<implementations,implementation>> for the `org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf`
+class.
+
====== "Have I Been Pwned?" Password Rule
This password rule (enforced by
@@ -237,6 +267,11 @@ endif::[]
) checks the provided password values against the popular
https://haveibeenpwned.com["Have I Been Pwned?"^] service.
+[NOTE]
+Before being able to configure the "Have I Been Pwned?" password rule as mentioned above, you will need to first create
+a `JAVA` `PASSWORD_RULE` <<implementations,implementation>> for the
+`org.apache.syncope.common.lib.policy.HaveIBeenPwnedPasswordRuleConf` class.
+
[[policies-pull]]
==== Pull
http://git-wip-us.apache.org/repos/asf/syncope/blob/174588ac/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
----------------------------------------------------------------------
diff --git a/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc b/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
index f6a561b..7ee7e7d 100644
--- a/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
+++ b/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
@@ -36,12 +36,12 @@ When defining a plain schema, the following information must be provided:
* Type
** `String`
** `Long` - allows to specify a _conversion pattern_ to / from string, according to
-http://docs.oracle.com/javase/7/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
+http://docs.oracle.com/javase/8/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
** `Double` - allows to specify a _conversion pattern_ to / from string, according to
-http://docs.oracle.com/javase/7/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
+http://docs.oracle.com/javase/8/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
** `Boolean`
** `Date` - allows to specify a _conversion pattern_ to / from string, according to
-http://docs.oracle.com/javase/7/docs/api/java/text/DateFormat.html[DateFormat^]
+http://docs.oracle.com/javase/8/docs/api/java/text/DateFormat.html[DateFormat^]
** `Enum`
*** enumeration values (mandatory)
*** enumeration labels (optional, values will be used alternatively)
[2/2] syncope git commit: Clarifying about default account and
password rules with Syncope 2.1 and later
Posted by il...@apache.org.
Clarifying about default account and password rules with Syncope 2.1 and later
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/348f1506
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/348f1506
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/348f1506
Branch: refs/heads/master
Commit: 348f150640e49bec33165e3cd214a1297b783780
Parents: 0de2236
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Tue Jul 31 16:21:42 2018 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Tue Jul 31 16:24:19 2018 +0200
----------------------------------------------------------------------
.../reference-guide/concepts/policies.adoc | 109 ++++++++++++-------
.../concepts/typemanagement.adoc | 6 +-
2 files changed, 75 insertions(+), 40 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/348f1506/src/main/asciidoc/reference-guide/concepts/policies.adoc
----------------------------------------------------------------------
diff --git a/src/main/asciidoc/reference-guide/concepts/policies.adoc b/src/main/asciidoc/reference-guide/concepts/policies.adoc
index d5463ce..9909fcb 100644
--- a/src/main/asciidoc/reference-guide/concepts/policies.adoc
+++ b/src/main/asciidoc/reference-guide/concepts/policies.adoc
@@ -58,6 +58,46 @@ suspended on associated resources or not?
Account rules define constraints to apply to username values.
+Some implementations are provided out-of-the-box, custom ones can be provided on given deployment.
+
+[TIP]
+====
+As `JAVA` <<implementations,implementation>>, writing custom account rules means:
+
+. providing configuration parameters in an implementation of
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/master/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+endif::[]
+. enforcing in an implementation of
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+annotated via
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+endif::[]
+referring to the configuration class.
+
+As `GROOVY` <<implementations,implementation>>, writing custom account rules means implementing
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+endif::[]
+====
+
+====== Default Account Rule
+
The default account rule (enforced by
ifeval::["{snapshotOrRelease}" == "release"]
https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/DefaultAccountRule.java[DefaultAccountRule^]
@@ -76,7 +116,7 @@ endif::[]
* maximum length - the maximum length to allow; `0` means no limit set;
* minimum length - the minimum length to allow; `0` means no limit set;
-* pattern - http://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html[Java regular expression pattern^] to
+* pattern - http://docs.oracle.com/javase/8/docs/api/java/util/regex/Pattern.html[Java regular expression pattern^] to
match; `NULL` means no match is attempted;
* all uppercase - are lowercase characters allowed?
* all lowercase - are uppercase characters allowed?
@@ -85,33 +125,10 @@ match; `NULL` means no match is attempted;
* prefixes not permitted - list of strings that cannot be present as a prefix;
* suffixes not permitted - list of strings that cannot be present as a suffix.
-[TIP]
-====
-Writing custom account rules means:
-
-. providing configuration parameters in an implementation of
-ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
-endif::[]
-ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/master/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
-endif::[]
-. implementing enforcement in an implementation of
-ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
-endif::[]
-ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
-endif::[]
-annotated via
-ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
-endif::[]
-ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
-endif::[]
-referring to the configuration class
-====
+[NOTE]
+Before being able to configure the default account rule as mentioned above, you will need to first create a `JAVA`
+`ACCOUNT_RULE` <<implementations,implementation>> for the `org.apache.syncope.common.lib.policy.DefaultAccountRuleConf`
+class.
===== Pass-through Authentication
@@ -149,30 +166,38 @@ Some implementations are provided out-of-the-box, custom ones can be provided on
[TIP]
====
-Writing custom account rules means:
+As `JAVA` <<implementations,implementation>>, writing custom password rules means:
. providing configuration parameters in an implementation of
ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/common/lib/src/main/java/org/apache/syncope/common/lib/policy/PasswordRuleConf.java[PasswordRuleConf^]
endif::[]
ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/master/common/lib/src/main/java/org/apache/syncope/common/lib/policy/AccountRuleConf.java[AccountRuleConf^]
+https://github.com/apache/syncope/blob/master/common/lib/src/main/java/org/apache/syncope/common/lib/policy/PasswordRuleConf.java[PasswordRuleConf^]
endif::[]
-. implementing enforcement in an implementation of
+. enforcing in an implementation of
ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
endif::[]
ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRule.java[AccountRule^]
+https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
endif::[]
annotated via
ifeval::["{snapshotOrRelease}" == "release"]
-https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRuleConfClass.java[@PasswordRuleConfClass^]
endif::[]
ifeval::["{snapshotOrRelease}" == "snapshot"]
-https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/AccountRuleConfClass.java[@AccountRuleConfClass^]
+https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRuleConfClass.java[@PasswordRuleConfClass^]
+endif::[]
+referring to the configuration class.
+
+As `GROOVY` <<implementations,implementation>>, writing custom account rules means implementing
+ifeval::["{snapshotOrRelease}" == "release"]
+https://github.com/apache/syncope/blob/syncope-{docVersion}/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
+endif::[]
+ifeval::["{snapshotOrRelease}" == "snapshot"]
+https://github.com/apache/syncope/blob/master/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/dao/PasswordRule.java[PasswordRule^]
endif::[]
-referring to the configuration class
====
====== Default Password Rule
@@ -218,6 +243,11 @@ endif::[]
* prefixes not permitted - list of strings that cannot be present as a prefix;
* suffixes not permitted - list of strings that cannot be present as a suffix.
+[NOTE]
+Before being able to configure the default password rule as mentioned above, you will need to first create a `JAVA`
+`PASSWORD_RULE` <<implementations,implementation>> for the `org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf`
+class.
+
====== "Have I Been Pwned?" Password Rule
This password rule (enforced by
@@ -237,6 +267,11 @@ endif::[]
) checks the provided password values against the popular
https://haveibeenpwned.com["Have I Been Pwned?"^] service.
+[NOTE]
+Before being able to configure the "Have I Been Pwned?" password rule as mentioned above, you will need to first create
+a `JAVA` `PASSWORD_RULE` <<implementations,implementation>> for the
+`org.apache.syncope.common.lib.policy.HaveIBeenPwnedPasswordRuleConf` class.
+
[[policies-pull]]
==== Pull
http://git-wip-us.apache.org/repos/asf/syncope/blob/348f1506/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
----------------------------------------------------------------------
diff --git a/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc b/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
index a38c33b..ea7f6d6 100644
--- a/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
+++ b/src/main/asciidoc/reference-guide/concepts/typemanagement.adoc
@@ -36,12 +36,12 @@ When defining a plain schema, the following information must be provided:
* Type
** `String`
** `Long` - allows to specify a _conversion pattern_ to / from string, according to
-http://docs.oracle.com/javase/7/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
+http://docs.oracle.com/javase/8/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
** `Double` - allows to specify a _conversion pattern_ to / from string, according to
-http://docs.oracle.com/javase/7/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
+http://docs.oracle.com/javase/8/docs/api/java/text/DecimalFormat.html[DecimalFormat^]
** `Boolean`
** `Date` - allows to specify a _conversion pattern_ to / from string, according to
-http://docs.oracle.com/javase/7/docs/api/java/text/DateFormat.html[DateFormat^]
+http://docs.oracle.com/javase/8/docs/api/java/text/DateFormat.html[DateFormat^]
** `Enum`
*** enumeration values (mandatory)
*** enumeration labels (optional, values will be used alternatively)