Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
devel:documentation:security:dev:authentication [2019/01/18 10:18] apeterova |
devel:documentation:security:dev:authentication [2020/06/24 06:07] kopro [Actual list of authenticators] change properties and information about deprecated authenticator |
||
---|---|---|---|
Line 43: | Line 43: | ||
=== DefaultAccAuthenticator === | === DefaultAccAuthenticator === | ||
+ | |||
+ | <note important> | ||
[[https:// | [[https:// | ||
Line 69: | Line 71: | ||
{{: | {{: | ||
- | ===== Password change & old password ===== | ||
- | When users want to change their password in IdM, they will be required to fill their old password (unless the configuration attribute requireOldPassword is set differently, | + | === DefaultAccMultipleSystemAuthenticator === |
+ | |||
+ | Since 10.4.0. | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | <note tip>All behavior with authentication is same as original **DefaultAccAuthenticator**. The original authenticator is now deprecated. Please use the newer.</ | ||
+ | |||
+ | The end systems are defined with configuration properties. For example: | ||
+ | < | ||
+ | idm.sec.acc.security.auth.order1.system=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a | ||
+ | idm.sec.acc.security.auth.order2.system=ea86a399-9b26-4f75-9b3a-d3f0049031ef | ||
+ | idm.sec.acc.security.auth.order3.system= | ||
+ | idm.sec.acc.security.auth.order4.system= | ||
+ | idm.sec.acc.security.auth.order5.system=SystemAD - User | ||
+ | idm.sec.acc.security.auth.order6.system= | ||
+ | idm.sec.acc.security.auth.order7.system=e6a8b1e7-d656-47ae-aa2d-1062d1583c1a | ||
+ | idm.sec.acc.security.auth.order8.system= | ||
+ | idm.sec.acc.security.auth.order9.system=LDAP User 2 | ||
+ | </ | ||
+ | |||
+ | Authentication is done from lowest | ||
+ | < | ||
+ | idm.sec.acc.security.auth.maximumSystemCount=50 | ||
+ | </ | ||
- | The configuration attribute **idm.pub.core.identity.passwordChange.requireOldPassword=** determines whether the users are required to fill in the old password when changing their password. The possible values are: | + | Configuration property can be null or empty. **These configurations will be skipped**. |
- | | + | |
- | | + |