java - JAAS with LDAP password policy -
A user is accessing restricted web applications with JAAS (on Glassfish 2.1). LDAPRealm is used, and the authentication is done successfully with LDAP. For users, a password policy should be established so that they are forced to change passwords, some complexity / length, password failure password and last N password should be checked. The Password Policy (OpenADS) of the used LDAP server supports all of this, but it is not clear how we are using this kind of information in a JASE form login so that the information (i.e. "please change password") The user is displayed.
Do you have any idea how to know about implementing it? Database access is not just an option, users should be in LDAP. It is not clear whether LDAP password policies are to be used at all, or it is programmed in our web application. I would like to avoid it and use the LDAP's original password policies.
Thanks for the answer and best regards, the burden
Unfortunately, , Which is constrained to a small set of any operation that any login system can support. While LDAP supports a password policy, there may be other login systems (such as mainstores), so JAAS can not find the necessary code for it.
So, you have to use JNDI directly from LDAP server or possibly.
Comments
Post a Comment