If you need to add custom password policy there are multiple layers you can add that. First one is user-mgt.xml file and other configuration file is identity-mgt.properties file.
If identity management listener is enabled(only), user passwords should be satisfied both both regrEx defined in user-mgt.xml and identity-mgt.properties files. Otherwise we will check user-mgt.xml to validate password policy.
/repository/conf/user-mgt.xml
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
Following properties will be picked only if we enabled identity listener(Identity.Listener.Enable=true). Otherwise configurations on user management xml will only affect.
/repository/conf/security/identity-mgt.properties
Password.policy.extensions.1.min.length=6
Password.policy.extensions.1.max.length=12
Password.policy.extensions.3.pattern=^((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%&*])).{0,100}$
No comments:
Post a Comment