mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
blame | history | raw
mkeyes
11.24.2007 295680dfafa1cff7ac23da6a2c7ea541edf6ff73 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

<?xml version="1.0" encoding="UTF-8"?>


<adm:managed-object name="attribute-value-password-validator"


plural-name="attribute-value-password-validators"


package="org.opends.server.admin.std" extends="password-validator"


xmlns:adm="http://www.opends.org/admin"


xmlns:ldap="http://www.opends.org/admin-ldap">


  <adm:synopsis>


    The


    <adm:user-friendly-name />


    is used to determine whether a proposed password is acceptable based on


    whether the given password value appears the user's entry.


  </adm:synopsis>


  <adm:profile name="ldap">


    <ldap:object-class>


      <ldap:oid>1.3.6.1.4.1.26027.1.2.96</ldap:oid>


      <ldap:name>ds-cfg-attribute-value-password-validator</ldap:name>


      <ldap:superior>ds-cfg-password-validator</ldap:superior>


    </ldap:object-class>


  </adm:profile>


 


  <adm:property name="match-attribute" mandatory="false" multi-valued="true">


    <adm:synopsis>


      Specifies the name(s) of the attribute(s) whose values should be checked


      to determine whether they match the provided password.  If this is not


      provided, then all attributes in the user's entry will be checked.


    </adm:synopsis>


    <adm:default-behavior>


      <adm:alias>


        <adm:synopsis>


          All attributes in the user entry will be checked.


        </adm:synopsis>


      </adm:alias>


    </adm:default-behavior>


    <adm:syntax>


      <adm:attribute-type />


    </adm:syntax>


    <adm:profile name="ldap">


      <ldap:attribute>


        <ldap:oid>1.3.6.1.4.1.26027.1.1.146</ldap:oid>


        <ldap:name>ds-cfg-match-attribute</ldap:name>


      </ldap:attribute>


    </adm:profile>


  </adm:property>


 


  <adm:property name="test-reversed-password" mandatory="true">


    <adm:synopsis>


      Indicates whether this password validator should test the reversed value


      of the provided password as well as the order in which it was given.


    </adm:synopsis>


    <adm:syntax>


      <adm:boolean />


    </adm:syntax>


    <adm:profile name="ldap">


      <ldap:attribute>


        <ldap:oid>1.3.6.1.4.1.26027.1.1.337</ldap:oid>


        <ldap:name>ds-cfg-test-reversed-password</ldap:name>


      </ldap:attribute>


    </adm:profile>


  </adm:property>


</adm:managed-object>