[midPoint] Different password requirements for different roles

Mon Sep 18 15:13:34 CEST 2017

You could configure your super-user role to induce an organization that has the more complex password policy attached to it.  A user can be a member of multiple organizations and thus subject to multiple password policies.  Watch the two password policies don't contradict one another.

----------------------------------------------------------------------

Message: 1
Date: Fri, 15 Sep 2017 19:23:29 +0200
From: Jan Melník - AMI Praha a.s. <jan.melnik at ami.cz>
To: midpoint at lists.evolveum.com
Subject: [midPoint] Different password requirements for different
	roles	(user/super-user)
Message-ID:
	<CAKcRzoLNd9CecKZjtNSsZqVguoV4EseU0XJ9CheqQgTv5t0G_g at mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

Hello guys,

We need to specify some password complexity for regular user and more strict one for super users. I'm unable to specify securityPolicy in RoleType. Any ideas how to implement this easily? I have two valuePolicies, but don't know how to "attach" them to role. I assume there is no chance to put some condition to valuePolicies (so I'd somehow apply different setting in one valuePolicy).

Any ideas appreciated!

Jan Melnik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/20170915/4a2bbedc/attachment-0001.html>

------------------------------

Subject: Digest Footer

_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
http://lists.evolveum.com/mailman/listinfo/midpoint

------------------------------

End of midPoint Digest, Vol 65, Issue 37
****************************************