directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn McKinney <smckin...@apache.org>
Subject Re: PwPolicies on Apache
Date Wed, 22 Jun 2016 18:45:27 GMT

> On Jun 21, 2016, at 3:13 PM, Jan Sindberg <jan.sindberg@gmail.com> wrote:
> 
> The api documentation for PwPolicyMgr mentions OpenLDAP but not ApacheDS.
> Is the policies limited to OpenLDAP or do they work with ApacheDS?

Hi Jan,

Good question.  It ‘should’ but I have not tested it.  

First you will need to find out if apacheds supports the same control for pw policies as openldap:
public interface PasswordPolicy extends Control
{
    /** the password policy request control */
    String OID = "1.3.6.1.4.1.42.2.27.8.5.1”;

(my assumption is ‘yes’ but don’t know for sure)

Second, you will enable your test server to use the pw policy control.  Third, you will need
to set server type to ‘openldap’ in the fortress.properties.  Fourth, run the junit tests
and see what happens.  

Because you beed ti set the server type to openldap, the tests will try to interrogate the
slapo audit log and fail because it doesn’t work in apacheds.  But all of the other tests
should pass in particular the password policies that run at the end of the test sequence should
all pass.

I will support this effort by helping with bugs or config problems.  One thing I can see right
away is we’ll need to allow fortress to interrogate pw policies when server type is apacheds.
 But you can work around that problem in the way I’ve described on 3rd step.

Thanks,

Shawn



Mime
View raw message