[midPoint] ProtectedString and attributes

John Bigornia johnbigo at hawaii.edu
Thu Nov 9 21:01:16 CET 2023


Hi all!

I am having trouble isolating the valuePolicy for passwords to just the
password attribute.

I have a user schema extension:

<xsd:element name="ssn" type="t:ProtectedStringType" minOccurs="0"
maxOccurs="1">
    <xsd:annotation>
        <xsd:appinfo>
            <a:indexed>false</a:indexed>
             <a:displayName>ssn</a:displayName>
             <a:help>Social Security Number</a:help>
         </xsd:appinfo>
     </xsd:annotation>
</xsd:element>

I noticed after implementing my own custom valuePolicy and adding it to the
global security policy it's also treating the ssn like a password. It seems
by default ProtectedStringType by default treats every attribute as a
password and will enforce the value policy. Is there a work around?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20231109/4a8c3c57/attachment-0001.htm>


More information about the midPoint mailing list