[opencms-dev] Cuestions about Password configuration and resultcache settings
Ramon Gavira
ramon.gavira at sagasoluciones.com
Wed Jan 30 10:46:15 CET 2013
Thanx Christoph, well try to add a custom handler, we let you know the
results
De: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org]
En nombre de Christoph Fröhlich
Enviado el: miércoles, 30 de enero de 2013 8:05
Para: The OpenCms mailing list
Asunto: Re: [opencms-dev] Cuestions about Password configuration and
resultcache settings
Hi Ramon,
3)
add an element <loginmanager> in opencms-system.xml, between
<validationhandler> and <sites>
.....
<validationhandler
class="org.opencms.security.CmsDefaultValidationHandler"/>
<loginmanager>
<disableMinutes>20</disableMinutes>
<maxBadAttempts>3</maxBadAttempts>
<enableSecurity>false</enableSecurity>
</loginmanager>
<sites>
...
I think you can set maxBadAttempts to -1 if you don't want users to be
locked temporarily.
2)
As far as I know it is not configurable but you have to implement a custom
password handler.
To do so, you can subclass "org.opencms.security.CmsDefaultPasswordHandler"
and overwrite "validatePassword(String)."
To enable your custom handler, set the class attribute of element
<passwordhandler> in opencms-system.xml
1)
I can't see an easy solution for this. I would say you have to write a
custom LoginManager which subclasses
org.opencms.db.CmsLoginManager.CmsLoginManager(int, int, boolean).
Since the LoginManager-Implementation is not configurable in
org.opencms.configuration.CmsSystemConfiguration you have to provide a
custom implementation of CmsSystemConfiguration and enable it in
opencms.xml. Your custom system configuration could overwrite
getLoginManager() and return your custom loginmanager implementation. Sounds
complex. I haven't tried it by myself.
Regards
Christoph
Am 24.01.2013 um 19:54 schrieb Ramon Gavira (POP)
<ramon.gavira at sagasoluciones.com>:
Hello, I have bee looking up information on the net and miss my try. Ive
have some questions about user´s passwords:
(I am using OpenCms 8.5)
1. Is it possible to configure a password caducity, so user´s has to
reset the password?
2. Is it possible to configure password`s minimum length?
3. Is it possible to configure an specific Logon attempts before to
lock user account?
Other than that questions I have another one:
What is this configuration in opencms-system.xml for?
<resultcache>
<keygenerator>org.opencms.db.CmsCacheKey</keygenerator>
<size-users>64</size-users>
<size-groups>64</size-groups>
<size-orgunits>64</size-orgunits>
<size-usergroups>256</size-usergroups>
<size-projects>32</size-projects>
<size-projectresources>64</size-projectresources>
<size-resources>8192</size-resources>
<size-resourcelists>256</size-resourcelists>
<size-properties>1024</size-properties>
<size-propertylists>1024</size-propertylists>
<size-accesscontrollists>1024</size-accesscontrollists>
<size-permissions>1024</size-permissions>
</resultcache>
Which are good parameter for 2000 users groups of users? Each group will
have 3-4 users
Thank you in advance
_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
<http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev>
http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20130130/309db2e4/attachment.htm>
More information about the opencms-dev
mailing list