1- Is posible create users (local users) with commands running scripts?
2- We also need to implement policies for passwords. Is that possible?
Thanks
@1.: You can create users using HTTP-requests, when using the registration plugin
@2.: You mean policies to ensure strong passwords? Yes, but you will need to write an plugin for that.Take WebReg as example.
For 1 & 2: I suggest you take a look on the WebReg plugin, and modify it for your needs.
I have used “User Service” to create, modify and delete users. It´s perfect.
But there isn´t nothing for password change polices…
Thanks
But there isn´t nothing for password change polices…
You will need to write a plugin for that. Thats a start, it does only warn the user, but does not change anything.
public class PasswordEventListener implements UserEventListener { public void userCreated(User user, Map<String,Object> params) {
/* ignore */
}
public void userDeleting(User user, Map<String,Object> params) {
/* ignore */
}
public void userModified(User user, Map<String,Object> params) {
Object object = params.get("type");
if (!(object instanceof String)) {
return;
}
String type = (String)object;
if ("passwordModified".equals(type)) {
checkPassword(user);
}
} private void sendMessage(String to, String body) { Message packet = new Message(); packet.setType(Message.Type.chat); packet.setFrom(serverAddress); packet.setTo(to); packet.setBody(body); packetRouter.route(packet);
// XMPPServer.getInstance().getPacketRouter();
} private void checkPassword(User user) { String username = user.getUsername(); String password = null; try { password = AuthFactory.getPassword(username); } catch (UserNotFoundException e) { Log.error(e); return; } String msg = null; if (password == null || password.length() == 0) { msg = "\nWARNING: No password set!"; } else if (password.length() > 256) { msg = "\nWARNING: Your password is longer than 256 symbols, thats not useful..."; } else {
// simply point based system, at least 3 points are required int points = 0; if (password.length() < 6) { points -= 10; } // at least 6 symbols required if (password.matches(".*[a-z].*")) { points += 1; } // contains lowercase letters if (password.matches(".*[A-Z].*")) { points += 1; } // contains uppercase letters if (password.matches(".*[0-9].*")) { points += 1; } // contains digits if (password.matches(".*[^a-zA-Z0-9].*")) { points += 1; } // contains other symbols if (password.length() >= 8) { points += 1; } // is longer than 8 symbols if (points < 3) { msg = "\nWARNING: Your password is too weak."; } } if (msg != null) { sendMessage(username + "@" + serverName, msg); } } }