mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/admin/defn/org/opends/server/admin/std/DictionaryPasswordValidatorConfiguration.xml
@@ -23,7 +23,7 @@ ! CDDL HEADER END ! ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! Portions Copyright 2007-2008 Sun Microsystems, Inc. ! --> <adm:managed-object name="dictionary-password-validator" plural-name="dictionary-password-validators" @@ -33,10 +33,16 @@ <adm:synopsis> The <adm:user-friendly-name /> is used to determine whether a proposed password is acceptable based determines whether a proposed password is acceptable based on whether the given password value appears in a provided dictionary file. file. </adm:synopsis> <adm:description> A large dictionary file is provided with the server, but the administrator can supply an alternate dictionary. In this case, then the dictionary must be a plain-text file with one word per line. </adm:description> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-dictionary-password-validator</ldap:name> @@ -54,17 +60,34 @@ </adm:property-override> <adm:property name="dictionary-file" mandatory="true"> <adm:synopsis> Specifies the path to the file containing a list of words that may not be used as passwords. Specifies the path to the file containing a list of words that cannot be used as passwords. </adm:synopsis> <adm:description> It should be formatted with one word per line. The value may be an absolute path, or a path that is relative to the It should be formatted with one word per line. The value can be an absolute path or a path that is relative to the <adm:product-name /> instance root. </adm:description> <adm:default-behavior> <adm:defined> <adm:value> For Unix and Linux systems: config/wordlist.txt. For Windows systems: config\\wordlist.txt </adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:string /> <adm:string> <adm:pattern> <adm:regex>.*</adm:regex> <adm:usage>FILE</adm:usage> <adm:synopsis> The path to any text file contained on the system that is readable by the server. </adm:synopsis> </adm:pattern> </adm:string> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> @@ -74,16 +97,19 @@ </adm:property> <adm:property name="case-sensitive-validation" mandatory="true"> <adm:synopsis> Indicates whether this password validator should treat password Indicates whether this password validator is to treat password characters in a case-sensitive manner. </adm:synopsis> <adm:description> A value of false indicates that any differences in capitalization should be ignored when looking for consecutive characters in the password. A value of true indicates that a character should only be considered repeating if all consecutive occurrences use the same capitalization. If it is set to true, then the validator rejects a password only if it appears in the dictionary with exactly the same capitalization as provided by the user. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>false</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:boolean /> </adm:syntax> @@ -95,10 +121,21 @@ </adm:property> <adm:property name="test-reversed-password" mandatory="true"> <adm:synopsis> Indicates whether this password validator should test the reversed Indicates whether this password validator is to test the reversed value of the provided password as well as the order in which it was given. was given. </adm:synopsis> <adm:description> For example, if the user provides a new password of "password" and this configuration attribute is set to true, then the value "drowssap" is also tested against attribute values in the user's entry. </adm:description> <adm:default-behavior> <adm:defined> <adm:value>true</adm:value> </adm:defined> </adm:default-behavior> <adm:syntax> <adm:boolean /> </adm:syntax>
