From d3f125d4cffea5caff7edf2d2f1d64183fbf55b9 Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Wed, 28 Sep 2011 16:54:52 +0000
Subject: [PATCH] Issue OPENDJ-262: Implement pass through authentication (PTA)

---
 opends/src/admin/messages/LDAPPassThroughAuthenticationPolicyCfgDefn.properties |    6 ++----
 1 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/opends/src/admin/messages/LDAPPassThroughAuthenticationPolicyCfgDefn.properties b/opends/src/admin/messages/LDAPPassThroughAuthenticationPolicyCfgDefn.properties
index cb39f21..f1f4b91 100644
--- a/opends/src/admin/messages/LDAPPassThroughAuthenticationPolicyCfgDefn.properties
+++ b/opends/src/admin/messages/LDAPPassThroughAuthenticationPolicyCfgDefn.properties
@@ -6,13 +6,11 @@
 constraint.2.synopsis=One or more search base DNs must be specified when using the "mapped-search" mapping policy.
 constraint.3.synopsis=The mapped search bind password must be specified when using the "mapped-search" mapping policy and a mapped-search-bind-dn is defined.
 constraint.4.synopsis=The cached password storage scheme must be specified when password caching is enabled.
-property.cached-password-max-age.synopsis=Specifies the maximum length of time that a locally cached password may be used for authentication before it is refreshed from the remote LDAP service.
-property.cached-password-max-age.description=This property represents a cache timeout. Increasing the timeout period decreases the frequency that bind operations are delegated to the remote LDAP service, but increases the risk of users authenticating using stale passwords. Note that authentication attempts which fail because the provided password does not match the locally cached password will always be retried against the remote LDAP service, unless the cached password is newer than the minimum age.
-property.cached-password-min-age.synopsis=Specifies the minimum length of time that a locally cached password must be used for authentication.
-property.cached-password-min-age.description=This property should be used in order to control the rate at which failed authentication attempts are forwarded to the remote LDAP server and, as a consequence, reduce the impact of a denial of service attack. An authentication attempt which fails because the provided password does not match the locally cached password will be retried against the remote LDAP service only if the cached password is older than the minimum age. Increasing the minimum age increases the period a user will have to wait before being able to authenticate using a new password.
 property.cached-password-storage-scheme.synopsis=Specifies the name of a password storage scheme which should be used for encoding cached passwords.
 property.cached-password-storage-scheme.description=Changing the password storage scheme will cause all existing cached passwords to be discarded.
 property.cached-password-storage-scheme.syntax.aggregation.constraint-synopsis=The referenced password storage schemes must be enabled.
+property.cached-password-ttl.synopsis=Specifies the maximum length of time that a locally cached password may be used for authentication before it is refreshed from the remote LDAP service.
+property.cached-password-ttl.description=This property represents a cache timeout. Increasing the timeout period decreases the frequency that bind operations are delegated to the remote LDAP service, but increases the risk of users authenticating using stale passwords. Note that authentication attempts which fail because the provided password does not match the locally cached password will always be retried against the remote LDAP service.
 property.connection-timeout.synopsis=Specifies the timeout used when connecting to remote LDAP director servers, performing SSL negotiation, and for individual search and bind requests.
 property.connection-timeout.description=If the timeout expires then the current operation will be aborted and retried against another LDAP server if one is available.
 property.java-class.synopsis=Specifies the fully-qualified name of the Java class which provides the LDAP Pass Through Authentication Policy implementation.

--
Gitblit v1.10.0