external-software/github_OpenIdentityPlatform_OpenDJ.git

			@@ -5,6 +5,14 @@
			constraint.1.synopsis=One or more mapped attributes must be specified when using the "mapped-bind" or "mapped-search" mapping policies.
			constraint.2.synopsis=One or more search base DNs must be specified when using the "mapped-search" mapping policy.
			constraint.3.synopsis=The mapped search bind password must be specified when using the "mapped-search" mapping policy and a mapped-search-bind-dn is defined.
			constraint.4.synopsis=The cached password storage scheme must be specified when password caching is enabled.
			property.cached-password-max-age.synopsis=Specifies the maximum length of time that a locally cached password may be used for authentication before it is refreshed from the remote LDAP service.
			property.cached-password-max-age.description=This property represents a cache timeout. Increasing the timeout period decreases the frequency that bind operations are delegated to the remote LDAP service, but increases the risk of users authenticating using stale passwords. Note that authentication attempts which fail because the provided password does not match the locally cached password will always be retried against the remote LDAP service, unless the cached password is newer than the minimum age.
			property.cached-password-min-age.synopsis=Specifies the minimum length of time that a locally cached password must be used for authentication.
			property.cached-password-min-age.description=This property should be used in order to control the rate at which failed authentication attempts are forwarded to the remote LDAP server and, as a consequence, reduce the impact of a denial of service attack. An authentication attempt which fails because the provided password does not match the locally cached password will be retried against the remote LDAP service only if the cached password is older than the minimum age. Increasing the minimum age increases the period a user will have to wait before being able to authenticate using a new password.
			property.cached-password-storage-scheme.synopsis=Specifies the name of a password storage scheme which should be used for encoding cached passwords.
			property.cached-password-storage-scheme.description=Changing the password storage scheme will cause all existing cached passwords to be discarded.
			property.cached-password-storage-scheme.syntax.aggregation.constraint-synopsis=The referenced password storage schemes must be enabled.
			property.connection-timeout.synopsis=Specifies the timeout used when connecting to remote LDAP director servers, performing SSL negotiation, and for individual search and bind requests.
			property.connection-timeout.description=If the timeout expires then the current operation will be aborted and retried against another LDAP server if one is available.
			property.java-class.synopsis=Specifies the fully-qualified name of the Java class which provides the LDAP Pass Through Authentication Policy implementation.
			@@ -39,6 +47,7 @@
			property.trust-manager-provider.default-behavior.alias.synopsis=By default, no trust manager is specified indicating that only certificates signed by the authorities associated with this JVM will be accepted.
			property.trust-manager-provider.requires-admin-action.synopsis=Changes to this property take effect immediately, but only impact subsequent SSL connection negotiations.
			property.trust-manager-provider.syntax.aggregation.constraint-synopsis=The referenced trust manager provider must be enabled when SSL is enabled.
			property.use-password-caching.synopsis=Indicates whether passwords should be cached locally within the user's entry.
			property.use-ssl.synopsis=Indicates whether the LDAP Pass Through Authentication Policy should use SSL.
			property.use-ssl.description=If enabled, the LDAP Pass Through Authentication Policy will use SSL to encrypt communication with the clients.
			property.use-tcp-keep-alive.synopsis=Indicates whether LDAP connections should use TCP keep-alive.