Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Password policy specification is quite straightforward. However for this feature to work midPoint must be able to compare projection passwords (account passwords). As passwords are usually write-only attributes the comparison is not trivial. There are several ways how to compare passwords - in theory. However, midPoint currently (3.7.1) supports only one method: caching. This password policy specification works only if password value caching is enabled on the resource:

Code Block
languagexml
<resource oid="f4fd7e90-ff6a-11e7-a504-4b84f92fec0e">
    ...
    <schemaHandling>
        <objectType>
        ...
        <credentials>
                <password>
                    <compareStrategy>cached</compareStrategy>
                    <caching>
                        <cachingStategy>passive</cachingStategy>
                    </caching>
                </password>
            </credentials>
            ...
        </objectType>
    </schemaHandling>
    ...
</resource>

...