Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Password aging etc...

Questions
Tags
Users
Badges
Norman Dignard
(356796177) Oct 09 '15, 12:48 p.m.

We're in the process of exposing our jazz instance to the outside world (our customers). As part of the security concerns we need to implement some password aging and usage (not the same as the previous pwd, lenght, upper/lower mix, etc..)

 We are using tomcat.

Any other implications that thi smay envoke?

0 votes

2 answers
4,928 views
0 votes

Accepted answer

Permanent link
Donald Nong
(14.5k614) Oct 11 '15, 8:03 p.m.
CLM does not manage the user passwords. Since Tomcat is mentioned in the post, I suppose you're using the Tomcat User Database as the user repository. In this case, it does not provide the feature that you request either. You really need a proper user directory service to have such features, in other words, you need an LDAP server, such as Microsoft Active Directory or Apache Directory Server (ApacheDS). When you integrate an LDAP server into the system, you will have to provide an interface for the users to update and reset the password, which varies depending on the choice of LDAP server.
Norman Dignard selected this answer as the correct answer

0 votes

Comments
Norman Dignard
Oct 15 '15, 7:47 a.m.

Can you tell me if IBM's WAS supports this?  

As for using a LDAP server - I'm not that familar with it but in our org we need to support users from 2 separate stand-alone AD forests (a bussiness and dev networks) as well as external users  (other companies - our customers).

We are in the process of enabling JAZZ access to our customers (raising defects, collaborating on requirements) using a F5 device .  Our security group has identified some concerns, password security features being one of them.

Donald Nong
Oct 15 '15, 7:09 p.m.

I'm not aware WebSphere has features such as prompting a user to change a password before expiry.

One other answer

Permanent link
Ted Mayer
(47649) Oct 09 '15, 1:18 p.m.

Hi Norman,

The JTS server does not handle the authentication of the users, this is handled through the application server itself. In your case, you're using the Apache Tomcat as the application server, I have not been able to find a way to configure Tomcat to set a password expiration or to set a certain length. One thing you can do is to post the question on the Apache Tomcat forums and see if this is possible.

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,495
× 6,121

Question asked: Oct 09 '15, 12:48 p.m.

Question was seen: 4,928 times

Last updated: Oct 15 '15, 7:09 p.m.

Confirmation Cancel Confirm