Le 03/07/15 10:52, Luv Gupta a écrit : > Hi , > > Can you help me writing a custom password validator for ApacheDS for some > complexity validations for the password like enforcing one lowercase > letter, one uppercase letter, one numeric and one special character,
Short answer : you have to implement the PasswordValidator interface [1]. Put your check into the validate() method. Once you have implemented this class, you have to tell the server to use it : there is an ads-pwdValidator attribute that should contain the FQCN of your implementation. An exemple is : dn: ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config objectClass: top objectClass: ads-base objectClass: ads-passwordPolicy ads-pwdId: default ads-pwdSafeModify: FALSE ads-pwdMaxAge: 0 ads-pwdFailureCountInterval: 30 ads-pwdAttribute: userPassword ads-pwdMaxFailure: 5 ads-pwdLockout: TRUE ads-pwdMustChange: FALSE ads-pwdLockoutDuration: 0 ads-pwdMinLength: 5 ads-pwdInHistory: 5 ads-pwdExpireWarning: 600 ads-pwdMinAge: 0 ads-pwdAllowUserChange: TRUE ads-pwdGraceAuthNLimit: 5 ads-pwdCheckQuality: 1 ads-pwdMaxLength: 0 ads-pwdGraceExpire: 0 ads-pwdMinDelay: 0 ads-pwdMaxDelay: 0 ads-pwdMaxIdle: 0 ads-pwdValidator: org.apache.directory.server.core.api.authn.ppolicy.DefaultPasswordValidator ads-enabled: TRUE Note : you *must* activate the PasswordPolicy interceptor. [1] http://svn.apache.org/viewvc/directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordValidator.java?view=markup