Implement a maximum expire time on OpenNMS User password
Description
The openNMS pw is compliant with encryption requirements. The only problem is that it doesn't have a maximum expiricy time that need to be implemented according to general security policies.
Environment
opennms 1.8
Acceptance / Success Criteria
None
Attachments
1
Lucidchart Diagrams
Activity
Show:
Seth Leger April 11, 2013 at 10:53 AM
Spring Security 3.1 (included in OpenNMS 1.10+) has support for password expiration:
We should just have to throw this exception, set up a password change page, and then reauthenticate. This might be a good bite-size Google Summer of Code project.
Antonio Russo November 23, 2012 at 3:09 AM
Claudia, I deployed the add ons for CEMUS project. I can remember this discussion about the password policy. Let me say that the title of the issue is completely wrong. This is a general issue and is related to the fact that the opennms user's passwords does not expire. I'm going to change the title...
The openNMS pw is compliant with encryption requirements.
The only problem is that it doesn't have a maximum expiricy time that need to be implemented according to general security policies.