[geeklog-cvs] Auth_Enterprise/Server AEServerConfig.php,1.4,1.5

tony at iowaoutdoors.org tony at iowaoutdoors.org
Thu Jul 1 14:06:48 EDT 2004 

Update of /var/cvs/Auth_Enterprise/Server
In directory www:/tmp/cvs-serv18446

Modified Files:
	AEServerConfig.php 
Log Message:
Updates to account for how password rules are handled

Index: AEServerConfig.php
===================================================================
RCS file: /var/cvs/Auth_Enterprise/Server/AEServerConfig.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** AEServerConfig.php	24 Jun 2004 21:55:19 -0000	1.4
--- AEServerConfig.php	1 Jul 2004 18:06:44 -0000	1.5
***************
*** 13,17 ****
  * @copyright 2004
  * @version $Id$
! *
  */
  
--- 13,20 ----
  * @copyright 2004
  * @version $Id$
! * @todo We should move all configuration options minus the database settings to a database.  This
! * would make it so upgrades don't step on existing settings plus we can make a nice GUI around
! * all this crap.
! * 
  */
  
***************
*** 39,42 ****
--- 42,49 ----
  // Global password rule settings
  
+ // Minimum Password Length
+ $gConf['pw_min_length'] = 7;
+ // Maximum Password Length
+ $gConf['pw_max_length'] = 20;
  // Indicates if at least one lower case character is required in passwords
  $gConf['pw_require_lower']        = 1;
***************
*** 47,54 ****
  // Indicates if at least one special character is required in passwords
  $gConf['pw_require_special_char'] = 1;
- // This sets the set of possible special characters that can be used in a password
- $gConf['pw_special_chars']        = array('!','@','#','$','^','&','(',')','_','-'); 
  // Set maximum number of times a user can change their password within 24 hrs, set to 0 to disable.
  $gConf['pw_max_resets_in_day']    = 2;
  
  // Settings for the PEAR DB provider
--- 54,81 ----
  // Indicates if at least one special character is required in passwords
  $gConf['pw_require_special_char'] = 1;
  // Set maximum number of times a user can change their password within 24 hrs, set to 0 to disable.
  $gConf['pw_max_resets_in_day']    = 2;
+ // Indicates if we should employ the use of pspell to see if we recognize words in a password.
+ // Enable this for greater password strength
+ $gConf['pw_pspell']   = false;
+ // Sets the dictionary that should be used.
+ $gConf['pspell_dict'] = 'en';
+ // Indicates if we should employ the use of crack to determine the relative strength of a password
+ // Enable this for greater password stength
+ $gConf['pw_crack']    = false;
+ // The location of the crack dictionary on your system
+ $gConf['crack_dict']  = '/usr/lib/cracklib';
+ // This identifies the set of characters to use for generating random passwords.  You better be
+ // sure these will meet the config settings above and any custom rules.
+ $gConf['randompasswordchars']  = array('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O',
+                                        'P','Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d',
+                                        'e','f','g','h','i','j','k','l','m','n','o','p','q','r','s',
+                                        't','u','v','w','x','y','z','$','!','@','#','&','^','(',')',
+                                        '_','-');
+ /**
+ * Password rules can be complicated so to simplify this configuration file we have moved them to
+ * their own location.  Folks wishing to add custom password rules should do so there
+ */
+ include_once 'Auth_Enterprise/AEPasswordRules.php';
  
  // Settings for the PEAR DB provider
***************
*** 60,65 ****
  // Sets how many old passwords we should keep the user from reusing
  $gConf[AE_PROVIDER_PEAR_DB]['numoldpasswords']    = 5;
- // Sets the minimum length for passwords
- $gConf[AE_PROVIDER_PEAR_DB]['passwordminlength']  = 8;
  // Sets the max number of authentication attempts before we lock the account
  $gConf[AE_PROVIDER_PEAR_DB]['maxauthattempts']    = 5;
--- 87,90 ----
***************
*** 75,78 ****
--- 100,109 ----
  $gConf[AE_PROVIDER_LDAP]['adminUser']           = '';
  $gConf[AE_PROVIDER_LDAP]['adminPass']           = '';
+ // Sets how many old passwords we should keep the user from reusing
+ $gConf[AE_PROVIDER_LDAP]['numoldpasswords']    = 5;
+ // Sets the max number of authentication attempts before we lock the account
+ $gConf[AE_PROVIDER_LDAP]['maxauthattempts']    = 5;
+ // Sets the number of days a password is good for.  Set to 0 to disable password expiration
+ $gConf[AE_PROVIDER_LDAP]['passwordexpiration'] = 30;

More information about the geeklog-cvs mailing list