Page History
...
To check the strength of the password (Calculated entropy returned from the algorithm) and return it to the caller while creating an account/user or updating a user's password.
...
password strengths on their own way.
API Changes
The following API responses will be changed to support this as of now.
- CreateUserCmd
- UpdateUserCmd
- CreateAccountCmd
The following response parameter is started returning from above commands
- passwordstrength (a float value will be returned to the caller)
Interface
Add new Inerface "org.apache.cloudstack.security.password.PasswordChecker.java" to "server".
...
static final ConfigKey<Boolean> PasswordStrengthCheckerEnable = new ConfigKey<Boolean>("Advanced", Boolean.class, "user.password.strength.checker.enable", "false", "To enable password strength check. This will enable to check the strength and return it.", true);
If you enable this parameter then only system will check the password strength and will start return to the caller as part of API response
static final ConfigKey<Boolean> PasswordCStrengthCheckerEnforce = new ConfigKey<Boolean>("Advanced", Boolean.class, "user.password.strength.checker.enforce", "false", "To Impose the password strength. This will enforce the password rules to be verified",true);
If you enable this (With out above key value enabled enabling this will not make sense) then the system will also enforce the password strength rules for the given passwords.
it is the plugins responsibility to declare the bean that is implementing the above interface with in that plugin.
...
The sample Xml configuration to integrate the password checker plugin.
(From: spring-sha256salted-context.xml)
<bean id="SHA256SaltedUserAuthenticator" class="com.cloud.server.auth.SHA256SaltedUserAuthenticator">
<property name="name" value="SHA256SALT"/>
<property name="passwordCheckers" value="#{passwordCheckersRegistry.registered}"/>
</bean>
Overview
Content Tools
Apps