Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-7035

Provide a means for returning structured advice for invalid passwords over REST

    Details

    • Type: New Feature
    • Status: Done
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: security
    • Labels:

      Description

      This JIRA can be closed once we have REST support for the functionality described in OPENDJ-7034.

      Today IDM returns structured advice information like this (https://backstage.forgerock.com/docs/idm/6.5/integrators-guide/#policy-validate):

      curl \
 --header "X-OpenIDM-Username: openidm-admin" \
 --header "X-OpenIDM-Password: openidm-admin" \
 --header "Content-Type: application/json" \
 --request POST \
 --data '{
  "sn":"Jones",
  "givenName":"Bob",
  "telephoneNumber":"0827878921",
  "passPhrase":null,
  "mail":"bjones@example.com",
  "accountStatus":"active",
  "userName":"bjones@example.com",
  "password":"123"
 }' \
 "http://localhost:8080/openidm/policy/managed/user/test?_action=validateObject"
{
  "result": false,
  "failedPolicyRequirements": [
    {
      "policyRequirements": [
        {
          "policyRequirement": "MIN_LENGTH",
          "params": {
            "minLength": 8
          }
        }
      ],
      "property": "password"
    },
    {
      "policyRequirements": [
        {
          "policyRequirement": "AT_LEAST_X_CAPITAL_LETTERS",
          "params": {
            "numCaps": 1
          }
        }
      ],
      "property": "password"
    }
  ]
}

      Rest2Ldap does not have to mirror this exactly, but its response should be equivalent so that IDM can derive the above content.

        Attachments

          Issue Links

          depends on

          New Feature - A new feature of the product, which has yet to be developed. OPENDJ-7034 Provide a means for returning structured advice for invalid passwords during LDAP ADD, MODIFY, and password modify operations

          • Blocker - Blocks development and/or testing work, production could not run.
          • Done
          is related to

          New Feature - A new feature of the product, which has yet to be developed. OPENDJ-7036 Add Rest2Ldap support for the LDAP "no-op" control

          • Blocker - Blocks development and/or testing work, production could not run.
          • Done
          is required by

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. OPENIDM-15750 Create a DS passwordQualityAdvice policy error mapping to IDM policy error mapping

          • Major - Major loss of function.
          • In Review

          Task - A task that needs to be done. OPENDJ-7106 Doc REST APIs for passwordQualityAdvice and dryRun query parameters

          • Blocker - Blocks development and/or testing work, production could not run.
          • Done

            Activity

              People

              • Assignee:
                ondrej.fuchsik Ondrej Fuchsik
                Reporter:
                matthew Matthew Swift
                Dev Assignee:
                Matthew Swift
                QA Assignee:
                Ondrej Fuchsik
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: