policy.json revision e82e853c4e62751f0adbacd5deaef860ce9a55e0
{
"type" : "text/javascript",
"file" : "bin/defaults/script/policy.js",
"resources" : [
{
"resource" : "managed/user/*",
"properties" : [
{
"name" : "_id",
"policies" : [
{
"policyId" : "cannot-contain-characters",
"params" : {
"forbiddenChars" : ["/"]
}
}
]
},
{
"name" : "userName",
"policies" : [
{
"policyId" : "required"
},
{
"policyId" : "not-empty"
},
{
"policyId" : "unique"
},
{
"policyId" : "no-internal-user-conflict"
},
{
"policyId" : "cannot-contain-characters",
"params" : {
"forbiddenChars" : ["/"]
}
}
]
},
{
"name" : "password",
"policies" : [
{
"policyId" : "required"
},
{
"policyId" : "not-empty"
},
{
"policyId" : "at-least-X-capitals",
"params" : {
"numCaps" : 1
}
},
{
"policyId" : "at-least-X-numbers",
"params" : {
"numNums" : 1
}
},
{
"policyId" : "minimum-length",
"params" : {
"minLength" : 8
}
},
{
"policyId" : "cannot-contain-others",
"params" : {
"disallowedFields" : "userName,givenName,familyName"
}
},
{
"policyId" : "re-auth-required",
"params" : {
"exceptRoles" : [
"openidm-admin",
"openidm-reg"
]
}
}
]
},
{
"name" : "email",
"policies" : [
{
"policyId" : "required"
},
{
"policyId" : "not-empty"
},
{
"policyId" : "valid-email-address-format"
}
]
},
{
"name" : "givenName",
"policies" : [
{
"policyId" : "required"
},
{
"policyId" : "not-empty"
},
{
"policyId" : "valid-name-format"
}
]
},
{
"name" : "familyName",
"policies" : [
{
"policyId" : "required"
},
{
"policyId" : "not-empty"
},
{
"policyId" : "valid-name-format"
}
]
},
{
"name" : "phoneNumber",
"policies" : [
{
"policyId" : "required"
},
{
"policyId" : "not-empty"
},
{
"policyId" : "valid-phone-format"
}
]
},
{
"name" : "securityQuestion",
"policies" : [
{
"policyId" : "required-if-configured",
"params" : {
"configBase" : "ui/configuration",
"baseKey" : "configuration.securityQuestions",
"exceptRoles" : [
"openidm-admin"
]
}
}
]
},
{
"name" : "securityAnswer",
"policies" : [
{
"policyId" : "required-if-configured",
"params" : {
"configBase" : "ui/configuration",
"baseKey" : "configuration.securityQuestions",
"exceptRoles" : [
"openidm-admin"
]
}
},
{
"policyId" : "minimum-length",
"params" : {
"minLength" : 16
}
},
{
"policyId" : "re-auth-required",
"params" : {
"exceptRoles" : [
"openidm-admin",
"openidm-reg"
]
}
}
]
},
{
"name" : "securityAnswerAttempts",
"policies" : [
{
"policyId" : "max-attempts-triggers-lock-cooldown",
"params" : {
"max" : 3,
"numMinutes" : 15,
"dateTimeField" : "lastSecurityAnswerAttempt"
}
}
]
},
{
"name" : "lastSecurityAnswerAttempt",
"policies" : [
{
"policyId" : "valid-date"
}
]
},
{
"name" : "passPhrase",
"policies" : [
{
"policyId" : "minimum-length",
"params" : {
"minLength" : 4
}
},
{
"policyId" : "required-if-configured",
"params" : {
"configBase" : "ui/configuration",
"baseKey" : "configuration.siteIdentification",
"exceptRoles" : [
"openidm-admin"
]
}
}
]
}
]
},
{
"resource" : "repo/internal/user/*",
"properties" : [
{
"name" : "_id",
"policies" : [
{
"policyId" : "cannot-contain-characters",
"params" : {
"forbiddenChars" : ["/"]
}
}
]
},
{
"name" : "password",
"policies" : [
{
"policyId" : "required"
},
{
"policyId" : "not-empty"
},
{
"policyId" : "at-least-X-capitals",
"params" : {
"numCaps" : 1
}
},
{
"policyId" : "at-least-X-numbers",
"params" : {
"numNums" : 1
}
},
{
"policyId" : "minimum-length",
"params" : {
"minLength" : 8
}
}
]
}
]
}
]
}