OpenAM Custom Password Generator : I told you in a previous post about the OpenLDAP Password Policy Module which allows defining the password complexity rules by configuring an external file. OpenAM-CPG is an OpenAM reset password plugin using the same configuration file rules to generate random passwords .
Lately, one of our clients having OpenLDAP wanted his OpenAM reset password module being able to generate passwords compatible with the Password Policy Module. Fortunately, OpenAM allows the administrator to define a custom class to generate random passwords. So all we had to do, is to develop a class that implements the PasswordGenerator interface and reads the rules of generation from the OpenLDAP PPM configuration file ppm.conf.
You can find this OpenAM plugin project here : https://bitbucket.org/januadev/openam-cpg
For more information, here is it’s README file :
1 2 3 4 5 |
<strong><em> OpenAM Custom Password Generator (OpenLDAP PPM Compatible) </em></strong> The CustomPasswodGenerator class is an OpenAM plugin for password generation wich is compatible with the Password Policy Module for OpenLDAP (<a href="https://bitbucket.org/januadev/ppm" rel="nofollow">https://bitbucket.org/januadev/ppm</a>) <strong> Installation </strong> |
- Put CustomPasswordGenerator.class in the following folder of OpenAM web application : WEB-INF/classes
- Put ppm.conf in the following path of OpenAM web application : WEB-INF/classes/com/sun/identity/password/plugins
- In OpenAM set the Password Reset Option value to com.sun.identity.password.plugins.CustomPasswordGenerator (http://docs.forgerock.org/en/openam/11.0.0/admin-guide/index/chap-pwd-reset.html#forgotten-pwd-reset )
1 2 3 |
<strong> Configuration </strong> Edit ppm.conf to configure. OpenAM-CPG is compatible with the OpenLDAP Password Policy Module, wich means if you have it, you should just copy it's ppm.conf to the OpenAM web application following path : WEB-INF/classes/com/sun/identity/password/plugins. |
Daly
Specialised in IAM (security, access control, identity management) and Open Source integration, settled in 2004 by IAM industry veteran, JANUA offers high value-added products and services to businesses and governements with a concern for Identity Management and Open Source components.
JANUA provides better security, build relationships, and enable new cloud, mobile, and IoT offerings from any device or connected thing.
JANUA provides better security, build relationships, and enable new cloud, mobile, and IoT offerings from any device or connected thing.
Les derniers articles par Daly (tout voir)
- OpenAM : Saving OAuth2 consent - 14 avril 2016
- OpenAM : Login with email on OpenID Connect provider - 14 octobre 2015
- OpenID Connect with OpenAM - 3 septembre 2015