2 Replies Latest reply: Feb 29, 2012 3:37 PM by Ron M-Oracle RSS

    How does one set the user password policy for Agile PLM for Process?

    Segal
      How does one set the password policy so that the password has a minimum length of 10 characters?
        • 1. Re: How does one set the user password policy for Agile PLM for Process?
          Segal
          The details of how to configure the Agile PLM for Process password policy for version 6.1 can be found in the Security Configuration Guide:
          http://docs.oracle.com/cd/E26308_04/otn/pdf/install/E23201_02.pdf

          The password policy can be set by modifying the EnvironmentSetting.config file.


          h1. Password Policy
          The password policy for Basic Authentication can be configured to meet the specific needs of each customer. In particular you can configure this attributes:

          h2. Password Expiration
          Purpose:
          Specifies the number of days a password is valid until it needs to be changed.

          Element:
          <config key="PasswordExpiration" value="{days}" />
          +{days}+: Days until expiration, -1 means never expire
          Default: -1

          h2. Password Length
          Purpose:
          Specifies the min and max length for the password

          Element:
            <EnvironmentManager configChildKey="key">
              <config key="MinPasswordSize" value="{minlength}" />
               <config key="MaxPasswordSize" value="{maxlength}" />
            </EnvironmentManager>

          { minlength }: Minimum length of password, Default: 8
          { maxlength }: Maximum length of password, Default: 15

          h2. Required Characters
          Purpose:
          Specifies what characters are required

          Element:
            <rule type="userPassword">
              <condition event="save" minRequirement="{ amounttomeet }: ">
                <if type="ReflectiveRegExValidator" property="Text" expression="[a-z]+" />
                <if type="ReflectiveRegExValidator" property="Text" expression="[A-Z]+" />
                <if type="ReflectiveRegExValidator" property="Text" expression="[0-9]+" />
                <if type="ReflectiveRegExValidator" property="Text" expression="[~!@#$%^&amp;*()_;:&lt;&gt;?=\[\]\+\-]+" />
               </condition>
             </rule>

          { amounttomeet }: Number of conditions that need to be met. For example if it is set to 3, at least 3 of the regular expressions in the list have to be met.
          Default: 3
          Additional regular expression can be added.
          • 2. Re: How does one set the user password policy for Agile PLM for Process?
            Ron M-Oracle
            The Required Characters section specified is set in the ValidationSettings.xml file, which uses the Validation Framework. To create more specific rules, such as rules not solely using RegEx, a custom Validator can be written. A custom Validator is a class written in C# that can perform a validation routine and return errors for display.

            See the Validation Framework documentation in the Extensibility Pack for details.