OpenAM Custom Password Generator

OpenAM Custom Password Generator : I told you in a previous post about the OpenLDAP Password Policy Module which allows defining the password complexity rules by configuring an external file. OpenAM-CPG is an OpenAM reset password plugin using the same configuration file rules to generate random passwords .

Lately, one of our clients having OpenLDAP wanted his OpenAM reset password module being able to generate passwords compatible with the Password Policy Module. Fortunately, OpenAM allows the administrator to define a custom class to generate random passwords. So all we had to do, is to develop a class that implements the PasswordGenerator interface and reads the rules of generation from the OpenLDAP PPM configuration file ppm.conf.

You can find this OpenAM plugin project here : https://bitbucket.org/januadev/openam-cpg

For more information, here is it’s README file :

<strong><em> OpenAM Custom Password Generator (OpenLDAP PPM Compatible) </em></strong>

The CustomPasswodGenerator class is an OpenAM plugin for password generation wich is compatible with the Password Policy Module for OpenLDAP (<a href="https://bitbucket.org/januadev/ppm" rel="nofollow">https://bitbucket.org/januadev/ppm</a>)

<strong> Installation </strong>

OpenAM Custom Password Generator (OpenLDAP PPM Compatible)

The CustomPasswodGenerator class is an OpenAM plugin for password generation wich is compatible with the Password Policy Module for OpenLDAP (<a href="https://bitbucket.org/januadev/ppm" rel="nofollow">https://bitbucket.org/januadev/ppm</a>)

Installation

Put CustomPasswordGenerator.class in the following folder of OpenAM web application : WEB-INF/classes
Put ppm.conf in the following path of OpenAM web application : WEB-INF/classes/com/sun/identity/password/plugins
In OpenAM set the Password Reset Option value to com.sun.identity.password.plugins.CustomPasswordGenerator (http://docs.forgerock.org/en/openam/11.0.0/admin-guide/index/chap-pwd-reset.html#forgotten-pwd-reset )

<strong> Configuration </strong>

Edit ppm.conf to configure. OpenAM-CPG is compatible with the OpenLDAP Password Policy Module, wich means if you have it, you should just copy it's ppm.conf to the OpenAM web application following path : WEB-INF/classes/com/sun/identity/password/plugins.

Configuration

Edit ppm.conf to configure. OpenAM-CPG is compatible with the OpenLDAP Password Policy Module, wich means if you have it, you should just copy it's ppm.conf to the OpenAM web application following path : WEB-INF/classes/com/sun/identity/password/plugins.

À propos
Articles récents

Daly

Specialised in IAM (security, access control, identity management) and Open Source integration, settled in 2004 by IAM industry veteran, JANUA offers high value-added products and services to businesses and governements with a concern for Identity Management and Open Source components.
JANUA provides better security, build relationships, and enable new cloud, mobile, and IoT offerings from any device or connected thing.

Les derniers articles par Daly (tout voir)

OpenAM : Saving OAuth2 consent - 14 avril 2016
OpenAM : Login with email on OpenID Connect provider - 14 octobre 2015
OpenID Connect with OpenAM - 3 septembre 2015