From 4c6c139fe0c7dbb6e6af5c19b340c41903d4160c Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Wed, 14 Mar 2012 11:14:11 +0000
Subject: [PATCH] Minor fix for OPENDJ-295: Dictionary password validator should verify that a password doesn't contain words, rather than match words.

---
 opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/DictionaryPasswordValidatorConfiguration.xml |    5 +++--
 opendj-sdk/opends/resource/schema/02-config.ldif                                                          |    6 +++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/opendj-sdk/opends/resource/schema/02-config.ldif b/opendj-sdk/opends/resource/schema/02-config.ldif
index f29ee10..4751b7d 100644
--- a/opendj-sdk/opends/resource/schema/02-config.ldif
+++ b/opendj-sdk/opends/resource/schema/02-config.ldif
@@ -4271,9 +4271,9 @@
   STRUCTURAL
   MUST ( ds-cfg-dictionary-file $
          ds-cfg-case-sensitive-validation $
-         ds-cfg-test-reversed-password $
-         ds-cfg-check-substrings )
-  MAY ds-cfg-min-substring-length
+         ds-cfg-test-reversed-password )
+  MAY  ( ds-cfg-check-substrings $
+         ds-cfg-min-substring-length )
   X-ORIGIN 'OpenDS Directory Server' )
 objectClasses: ( 1.3.6.1.4.1.26027.1.2.95
   NAME 'ds-cfg-attribute-value-password-validator'
diff --git a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/DictionaryPasswordValidatorConfiguration.xml b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/DictionaryPasswordValidatorConfiguration.xml
index e6bb853..834982b 100644
--- a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/DictionaryPasswordValidatorConfiguration.xml
+++ b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/DictionaryPasswordValidatorConfiguration.xml
@@ -24,7 +24,8 @@
   !
   !
   !      Copyright 2007-2008 Sun Microsystems, Inc.
-  |      Portions Copyright 2011 profiq, s.r.o.
+  !      Portions Copyright 2011 profiq, s.r.o.
+  !      Portions copyright 2012 ForgeRock AS.
   ! -->
 <adm:managed-object name="dictionary-password-validator"
   plural-name="dictionary-password-validators"
@@ -146,7 +147,7 @@
       </ldap:attribute>
     </adm:profile>
   </adm:property>
-  <adm:property name="check-substrings" mandatory="true">
+  <adm:property name="check-substrings" mandatory="false">
     <adm:synopsis>
       Indicates whether this password validator is to match portions of
       the password string against dictionary words.

--
Gitblit v1.10.0