mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/admin/defn/org/opends/server/admin/std/CharacterSetPasswordValidatorConfiguration.xml
@@ -24,7 +24,7 @@ ! ! ! Copyright 2007-2008 Sun Microsystems, Inc. ! Portions copyright 2011 ForgeRock AS ! Portions Copyright 2011-2012 ForgeRock AS ! --> <adm:managed-object name="character-set-password-validator" plural-name="character-set-password-validators" @@ -36,7 +36,7 @@ <adm:user-friendly-name /> determines whether a proposed password is acceptable by checking whether it contains a sufficient number of characters from one or more user-defined character sets. from one or more user-defined character sets and ranges. </adm:synopsis> <adm:description> For example, @@ -44,6 +44,18 @@ have at least one lowercase letter, one uppercase letter, one digit, and one symbol. </adm:description> <adm:constraint> <adm:synopsis> The <adm:user-friendly-name/> must have at least one character set or range specified. </adm:synopsis> <adm:condition> <adm:or> <adm:is-present property="character-set" /> <adm:is-present property="character-set-ranges" /> </adm:or> </adm:condition> </adm:constraint> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-character-set-password-validator</ldap:name> @@ -59,7 +71,7 @@ </adm:defined> </adm:default-behavior> </adm:property-override> <adm:property name="character-set" mandatory="true" <adm:property name="character-set" mandatory="false" multi-valued="true"> <adm:synopsis> Specifies a character set containing characters that a password @@ -76,6 +88,14 @@ character sets can be defined in separate values, although no character can appear in more than one character set. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If no sets are specified, the validator only uses the defined character ranges. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string case-insensitive="false" /> </adm:syntax> @@ -85,16 +105,51 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="character-set-ranges" mandatory="false" multi-valued="true"> <adm:synopsis> Specifies a character range containing characters that a password may contain and a value indicating the minimum number of characters required from that range. </adm:synopsis> <adm:description> Each value must be an integer (indicating the minimum required characters from the range which may be zero, indicating that the character range is optional) followed by a colon and one or more range specifications. A range specification is 3 characters: the first character allowed, a minus, and the last character allowed. For example, "3:A-Za-z0-9". The ranges in each value should not overlap, and the characters in each range specification should be ordered. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> If no ranges are specified, the validator only uses the defined character sets. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string case-insensitive="false" /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-character-set-ranges</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="allow-unclassified-characters" mandatory="true"> <adm:synopsis> Indicates whether this password validator allows passwords to contain characters outside of any of the user-defined character sets. sets and ranges. </adm:synopsis> <adm:description> If this is "false", then only those characters in the user-defined character sets may be used in passwords. Any password containing a character not included in any character set will be rejected. character sets and ranges may be used in passwords. Any password containing a character not included in any character set or range will be rejected. </adm:description> <adm:syntax> <adm:boolean /> @@ -107,26 +162,28 @@ </adm:property> <adm:property name="min-character-sets" mandatory="false"> <adm:synopsis> Specifies the minimum number of character sets that a password must contain. Specifies the minimum number of character sets and ranges that a password must contain. </adm:synopsis> <adm:description> This property should only be used in conjunction with optional character sets (those requiring zero characters). Its value must include any mandatory character sets (those requiring great than zero characters). This is useful in situations where a password must contain characters from mandatory character sets, and characters from at least N optional character sets. For example, it is quite common to require that a password contains at least one non-alphanumeric character as well as characters from two alphanumeric character sets (lower-case, upper-case, digits). In this case, this property should be set to 3. sets and ranges (those requiring zero characters). Its value must include any mandatory character sets and ranges (those requiring greater than zero characters). This is useful in situations where a password must contain characters from mandatory character sets and ranges, and characters from at least N optional character sets and ranges. For example, it is quite common to require that a password contains at least one non-alphanumeric character as well as characters from two alphanumeric character sets (lower-case, upper-case, digits). In this case, this property should be set to 3. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> The password must contain characters from each of the mandatory character sets and, if there are optional character sets, at least one character from one of the optional character sets. character sets and ranges and, if there are optional character sets and ranges, at least one character from one of the optional character sets and ranges. </adm:synopsis> </adm:alias> </adm:default-behavior>
