1. Lets say, user password should meet the following requirements
* password should have at least one lower case
* password should have at least one upper case
* password should have at least one digit
* password should have at least one special character (!@#$%&*).
* password should have 6-8 characters.
You can write new custom password enforcer extending the AbstractPasswordPolicyEnforcer class.
1. You can download the java project from following git repository location [i]
[i]https://github.com/ajithnv/blog_resources/tree/master/passwordpolicy
2. Build the project (Follow the README.txt).
3. Copy the jar file in to <IS5.0.0_HOME>/repository/components/lib directory.
4. Open the identity-mgt.properties file (<IS5.0.0_HOME>/repository/conf/security/identity-mgt.properties).
5. Enable the identity listener.
Identity.Listener.Enable=true
6. Disable the default Password.policy.extensions configurations.
7. Add new configuration for custom policy enforcer.
8. Restart the server.
9. Test.
i) user : ajith password : 1Acws@d (this password meet above policy).
ii) user : ajith1 password : 1Acws@dgggg (this password doesn't meet above policy because length is 11.)
* password should have at least one lower case
* password should have at least one upper case
* password should have at least one digit
* password should have at least one special character (!@#$%&*).
* password should have 6-8 characters.
You can write new custom password enforcer extending the AbstractPasswordPolicyEnforcer class.
1. You can download the java project from following git repository location [i]
[i]https://github.com/ajithnv/blog_resources/tree/master/passwordpolicy
2. Build the project (Follow the README.txt).
3. Copy the jar file in to <IS5.0.0_HOME>/repository/components/lib directory.
4. Open the identity-mgt.properties file (<IS5.0.0_HOME>/repository/conf/security/identity-mgt.properties).
5. Enable the identity listener.
Identity.Listener.Enable=true
6. Disable the default Password.policy.extensions configurations.
#Password.policy.extensions.1=org.wso2.carbon.identity.mgt.policy.password.DefaultPasswordLengthPolicy
#Password.policy.extensions.1.min.length=6
#Password.policy.extensions.1.max.length=12
#Password.policy.extensions.2=org.wso2.carbon.identity.mgt.policy.password.DefaultPasswordNamePolicy
#Password.policy.extensions.3=org.wso2.carbon.identity.mgt.policy.password.DefaultPasswordPatternPolicy
#Password.policy.extensions.3.pattern=^((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%&*])).{0,100}$
7. Add new configuration for custom policy enforcer.
Password.policy.extensions.1=org.sample.policy.CustomPasswordPolicyEnforcer
Password.policy.extensions.1.pattern=^((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%&*])).{6,8}$
8. Restart the server.
9. Test.
i) user : ajith password : 1Acws@d (this password meet above policy).
ii) user : ajith1 password : 1Acws@dgggg (this password doesn't meet above policy because length is 11.)