3 Replies Latest reply: Nov 12, 2012 12:51 AM by 915609 RSS

    Password Policies.

      I am developing an Event Handler to generate password, while creating an user. The problem is the password policy should vary with the organisation of the user? How can I acheive this?
        • 1. Re: Password Policies.
          Nishith Nayan
          in case of oim11gr1 it can be done based on resource object. where R2 has feature to attach password policy directly on Organization and there are Organization API from which you can get the Password Policy
          • 2. Re: Password Policies.
            Nishith Nayan
            below code will be used in case of R1.(you can genereate random password based on passoword policy by knowing the Resource Object)

            UserRepository ur = new DBUserRepository();
            UserInfo user = ur.getUserInfo(userKey);

            ResourceRepository rrepo = new ResourceDBRepository();
            Resource resource = rrepo.findResource(RESOURCE_OBJECT_NAME);

            PasswordPolicyAssignmentsRepository par = new PasswordPolicyAssignmentsDBRepository();
            PasswordPolicyRepository ppr = new DBPasswordPolicyRepository();
            List passwordPolicyAssignments = par.getPasswordPolicyAssigments(resource);
            PasswordPolicy passwordPolicy;

            PasswordPolicyAssignment passwordPolicyAssignment = (PasswordPolicyAssignment) passwordPolicyAssignments.get(0);
            if (isApplicable(passwordPolicyAssignment, getMappedAttributes(userInfo.getAttributes()))) {
            passwordPolicy = ppr.find(passwordPolicyAssignment.getPasswordPolicyID());
            RandomPasswordGeneratorImpl rpg = new RandomPasswordGeneratorImpl();
            password = rpg.generatePassword(userInfo, passwordPolicy);

            In case of R2 easily you can get the Passwordpolicy attached on Organization and then use below code
            eneratorImpl rpg = new RandomPasswordGeneratorImpl();
            password = rpg.generatePassword(userInfo, passwordPolicy);
            • 3. Re: Password Policies.
              Hi Nayan,
              We are using OIM 11g. Since I want the user password be generated at the time of user creation and be different for different organisations, should I just read the User's Organisation and call Orgaisation corresponding custom code for password generation instead of APIs?
              If so, how to implement the Password Expiry and Forgot/Reset as expiry days and last usuage numbers vary depending up on the organisation ?