Feature #3125

Password policy page

Added by Davide Principi over 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-password
Target version:v6.6
Resolution: NEEDINFO:No

Description

Implement a new Server Manager page where the admin can tweak

  • password complexity policy
  • password expiration policy

Also add per-user checkbox to set a non-expiring password.


Related issues

Related to NethServer 6 - Enhancement #2887: Localize "password expire" notifications CLOSED
Related to NethServer 6 - Feature #2980: Expired password visual notification CLOSED

Associated revisions

Revision 745bb52c
Added by Giacomo Sanchietti about 6 years ago

Web UI: add todo when password strenght is disabled. Refs #3125

Revision ba7795f3
Added by Giacomo Sanchietti about 6 years ago

Web UI: add todo when password strenght is disabled. Refs #3125

Revision 028b2029
Added by Giacomo Sanchietti about 6 years ago

Update translations and inline help. Refs #3125

Revision 0e8a8b2a
Added by Giacomo Sanchietti about 6 years ago

Update translations and inline help. Refs #3125

Revision 73682bf9
Added by Davide Principi about 6 years ago

Password page: moved under Security category. Refs #3125

Revision 04eae624
Added by Davide Principi about 6 years ago

Password page: moved under Security category. Refs #3125

Revision 60b77757
Added by Davide Principi about 6 years ago

nethserver-lang: imported Help files from nethserver-password. Refs #3125

History

#1 Updated by Davide Principi over 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to stephane de Labrusse
  • % Done changed from 20 to 30

#2 Updated by Davide Principi over 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (stephane de Labrusse)
  • % Done changed from 30 to 60

#3 Updated by Davide Principi over 6 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-password-1.0.2-1.ns6.noarch.rpm

#4 Updated by Giacomo Sanchietti over 6 years ago

#5 Updated by Davide Principi over 6 years ago

  • Related to Feature #2980: Expired password visual notification added

#6 Updated by Davide Principi over 6 years ago

  • Status changed from ON_QA to TRIAGED
  • % Done changed from 70 to 20

We should add a scaring TODO notification if the admin sets passwordstrength none

#7 Updated by stephane de Labrusse over 6 years ago

Ok I'm on it, I will add a TODO notification if the admin sets passwordstrength none

#8 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • % Done changed from 20 to 30

#9 Updated by Giacomo Sanchietti about 6 years ago

  • Assignee set to Giacomo Sanchietti

#10 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60
Modifications: Test case

#11 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-password-1.0.2-1.3.g028b202.ns6.noarch.rpm

#12 Updated by stephane de Labrusse about 6 years ago

  • Assignee set to stephane de Labrusse

I take this one

#13 Updated by stephane de Labrusse about 6 years ago

Verification

[root@nethserver-dev ~]# rpm -qa | grep nethserver-password
nethserver-password-1.0.2-1.3.g028b202.ns6.noarch

at first after the installation

[root@nethserver-dev ~]# config show passwordstrength 
passwordstrength=configuration
    Admin=strong
    Ibays=strong
    MaxPassAge=180
    MinPassAge=0
    PassExpires=yes
    PassWarning=7
    Users=strong
  • GUI modification
    I set custom values from the GUI and look db
    [root@nethserver-dev ~]# config show passwordstrength 
    passwordstrength=configuration
        Admin=none
        Ibays=strong
        MaxPassAge=365
        MinPassAge=365
        PassExpires=no
        PassWarning=30
        Users=none
    

the event signal-event password-policy-update is launched in log and therefore the action nethserver-directory-password-policy

  • todo list
    After that the Todo list display a yellow box with a reminder with that :
    Change password strength
    Password policy is too weak
  • Password Expiration

a user can be dispensed to have a password expiration
by default it is set to yes (mean the password must expire)

[root@nethserver-dev ~]# db accounts show plop
plop=user
    City=
    Company=
    Department=
    FirstName=artur
    LastName=de labrusse
    PassExpires=yes
    PhoneNumber=
    Street=
    Uid=5000
    __state=new

after action in the user panel the property 'PassExpires' is set to 'no'

[root@nethserver-dev ~]# db accounts show plop
plop=user
    City=
    Company=
    Department=
    FirstName=artur
    LastName=de labrusse
    PassExpires=no
    PhoneNumber=
    Shell=/usr/libexec/openssh/sftp-server
    Street=
    Uid=5000
    __state=new
  • help page

the online help is here, no problem

  • Translations

italian and english are here

  • Logs

no errors in logs

-----------> verified

side note : why the rpm needs so much time to be in the mirror, you pushed it monday around 10AM and around 10PM there was nothing on mirror, only this morning ?????

#14 Updated by Giacomo Sanchietti about 6 years ago

side note : why the rpm needs so much time to be in the mirror, you pushed it monday around 10AM and around 10PM there was nothing on mirror, only this morning ?????

Because repositories are kept in sync from our data center during the night, and any mirror has its own scheduled sync.
We are planning to fix this situation and make mirror.nethserver.org a master repository always in sync with our facility.

#15 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (stephane de Labrusse)
  • % Done changed from 70 to 90

#16 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-password-1.0.3-1.ns6.noarch.rpm

Also available in: Atom PDF