Tribune

Home » Liferay Portal » English » 3. Development

Vista Combinata Vista Piatta Vista ad Albero
Discussioni [ Precedente | Successivo ]
toggle
Vishal Kumar
Password Policy
1 gennaio 2013 22.36
Risposta

Vishal Kumar

Punteggio: Regular Member

Messaggi: 198

Data di Iscrizione: 11 dicembre 2012

Messaggi recenti

If the user does not log in within 24h of the new password creation, the password must expire and the account be locked.

HOW CAN I ACHIEVE THIS?
Bart Simpson
RE: Password Policy
2 gennaio 2013 5.23
Risposta

Bart Simpson

Punteggio: Liferay Master

Messaggi: 524

Data di Iscrizione: 29 agosto 2011

Messaggi recenti

One way to do it would be via a schedule job and hook
You could add a modelListener hook on update of user model. So whenever the password is created add an expando value of date time of it's change.
Create a custom portlet and in the liferay-portlet.xml add a
1<scheduler-entry>
sepcifying the cron expression when it should run. Provide your custom implementation that
1implements MessageListener

Inside the
1public void receive(Message arg0) throws MessageListenerException {

retrieve all users with the custom expando field and compare the lastlogin time. In case it's more then 24 hours. then using UserLocalService util udpate user and lock the account.

There could be some changes or different ways to do it, may be some better ones as well, but it's a start emoticon
Hitoshi Ozawa
RE: Password Policy
2 gennaio 2013 6.53
Risposta

Hitoshi Ozawa

Punteggio: Liferay Legend

Messaggi: 7949

Data di Iscrizione: 23 marzo 2010

Messaggi recenti

sepcifying the cron expression when it should run


Setting when it should run is difficult in this case because he wants it to be 24 hours. If there are many accounts whose password has changed, cron job have to poll frequently.

The better approach is just to add password generation time check to the password validation method which will force password validation to fail when the password generation time is over 24 hours.
Vishal Kumar
RE: Password Policy
3 gennaio 2013 0.22
Risposta

Vishal Kumar

Punteggio: Regular Member

Messaggi: 198

Data di Iscrizione: 11 dicembre 2012

Messaggi recenti

Will my requirement work thorough this:
Contral Panel -> Password Policies -> Reset Ticket Max Age attribute.
Hitoshi Ozawa
RE: Password Policy
3 gennaio 2013 3.08
Risposta

Hitoshi Ozawa

Punteggio: Liferay Legend

Messaggi: 7949

Data di Iscrizione: 23 marzo 2010

Messaggi recenti

reset Ticket Max Age: determines how long a password reset link remains valid.


Yes, it seems it would. Didn't remember about the attribute, sorry.