Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagexml
titleSecurity Policy sample
<securityPolicy oid="6df80eb2-0a63-11e7-8ced-af0e536f33e1" xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
	<name>Security Policy</name>
	<authentication>
    	<mailAuthentication>
       		<name>confirmationLink</name>
        	<displayName>Additional mail authentication</displayName>
        	<mailNonce>mailNonce</mailNonce>
    	</mailAuthentication>
	</authentication>
	<credentials>
		<password>
			<maxAge>P180D</maxAge>
			<lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
			<lockoutFailedAttemptsDuration>PT3M</lockoutFailedAttemptsDuration>
			<lockoutDuration>PT15M</lockoutDuration>
			<valuePolicyRef oid="6df08ed7-0b13-11e7-8ced-af0e536f33e1" type="ValuePolicyType"/>
		</password>
		<nonce>
			<maxAge>PT10M</maxAge>
			<lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
			<lockoutFailedAttemptsDuration>PT3M</lockoutFailedAttemptsDuration>
			<lockoutDuration>PT15M</lockoutDuration>
			<valuePolicyRef oid="6df08ed7-0b13-11e7-8ced-af0e536f33e2" type="ValuePolicyType"/>
		</nonce>
		<securityQuestions>
			<maxAge>P90D</maxAge>
			<lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
			<lockoutFailedAttemptsDuration>PT3M</lockoutFailedAttemptsDuration>
			<lockoutDuration>PT15M</lockoutDuration>
			<valuePolicyRef oid="6df08ed7-0b13-11e7-8ced-af0e536f33e3" type="ValuePolicyType"/>
			<questionNumber>1</questionNumber>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q001</identifier>
				<enabled>true</enabled>
				<questionText>How much wood would a woodchuck chuck if woodchuck could chuck wood?</questionText>
			</question>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q002</identifier>
				<questionText>What is your mother's best friend's uncle's grandaughter's dog's mother maiden name?</questionText>
			</question>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q003</identifier>
				<enabled>true</enabled>
				<questionText>What's your favorite color?</questionText>
			</question>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q004</identifier>
				<enabled>false</enabled>
				<questionText>What's your favorite film?</questionText>
			</question>
		</securityQuestions>
	</credentials>
	<registration>
      <selfRegistration>
         <name>selfRegistration</name>
         <initialLifecycleState>proposed</initialLifecycleState>
         <displayName>Self Registration</displayName>
         <additionalAuthenticationName>confirmationLink</additionalAuthenticationName>
         <defaultRole xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
                      oid="00000000-0000-0000-0000-000000000008"
                      relation="org:default"
                      type="c:RoleType"/>
      </selfRegistration>
   </registration>
   <credentialsReset>
      <mailReset>
         <name>Reset password using mail</name>
         <additionalAuthenticationName>confirmationLink</additionalAuthenticationName>
      </mailReset>
   </credentialsReset>
</securityPolicy>
 

...

Code Block
languagexml
titleCredentials - Password
<securityPolicy oid="6df80eb2-0a63-11e7-8ced-af0e536f33e1" xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
	<name>Security Policy</name>
	...
	<credentials>
		<password>
			<maxAge>P180D</maxAge>
			<lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
			<lockoutFailedAttemptsDuration>PT3M</lockoutFailedAttemptsDuration>
			<lockoutDuration>PT15M</lockoutDuration>
			<valuePolicyRef oid="6df08ed7-0b13-11e7-8ced-af0e536f33e1" type="ValuePolicyType"/>
		</password>
	....
	</credentials>
	...
</securityPolicy>

...

Code Block
languagexml
titleCredentials - Nonce
<securityPolicy oid="6df80eb2-0a63-11e7-8ced-af0e536f33e1" xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
	...
	<credentials>
		...
		<nonce>
			<maxAge>PT10M</maxAge>
			<lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
			<lockoutFailedAttemptsDuration>PT3M</lockoutFailedAttemptsDuration>
			<lockoutDuration>PT15M</lockoutDuration>
			<valuePolicyRef oid="6df08ed7-0b13-11e7-8ced-af0e536f33e2" type="ValuePolicyType"/>
		</nonce>
		...
	</credentials>
	...
</securityPolicy>

...

Code Block
languagexml
titleCredentials - Security questions
<securityPolicy oid="6df80eb2-0a63-11e7-8ced-af0e536f33e1" xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
	<name>Security Policy</name>
	...
	<credentials>
		...
		<securityQuestions>
			<maxAge>P90D</maxAge>
			<lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
			<lockoutFailedAttemptsDuration>PT3M</lockoutFailedAttemptsDuration>
			<lockoutDuration>PT15M</lockoutDuration>
			<valuePolicyRef oid="6df08ed7-0b13-11e7-8ced-af0e536f33e3" type="ValuePolicyType"/>
			<questionNumber>1</questionNumber>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q001</identifier>
				<enabled>true</enabled>
				<questionText>How much wood would a woodchuck chuck if woodchuck could chuck wood?</questionText>
			</question>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q002</identifier>
				<questionText>What is your mother's best friend's uncle's grandaughter's dog's mother maiden name?</questionText>
			</question>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q003</identifier>
				<enabled>true</enabled>
				<questionText>What's your favorite color?</questionText>
			</question>
			<question>
				<identifier>http://midpoint.evolveum.com/xml/ns/public/security/question-2#q004</identifier>
				<enabled>false</enabled>
				<questionText>What's your favorite film?</questionText>
			</question>
		</securityQuestions>
	</credentials>
	...
</securityPolicy>

 


Referencing Security Policy

...