https://connect.hyland.com/t5/alfresco-archive/regulation-requirements/m-p/70157#M45193 <HTML><HEAD></HEAD><BODY><SPAN>I know that Alfresco is hopefully getting the DOD certification. But going thru the spec I didn't saw reference to some FDA 21 CFR requirements that are not clearly stated in the Alfresco ducumentation I've read so far. I'll appreciate if someone can answer these questions:</SPAN><BR /><BR /><SPAN>1. Full audit trail includes account information? (i.e. password changes, info changes, etc)</SPAN><BR /><BR /><SPAN>2. Does the password comply with the aging and automatic lock of accounts after 3 consecutive fails?</SPAN><BR /><BR /><SPAN>I'm going to implement ALfresco shortly but I want to make sure I assumed correctly.</SPAN><BR /><BR /><SPAN>Thanks in advance!</SPAN></BODY></HTML> Wed, 01 Nov 2006 11:54:23 GMT javydreamercsw 2006-11-01T11:54:23Z https://connect.hyland.com/t5/alfresco-archive/regulation-requirements/m-p/70157#M45193 I know that Alfresco is hopefully getting the DOD certification. But going thru the spec I didn't saw reference to some FDA 21 CFR requirements that are not clearly stated in the Alfresco ducumentation I've read so far. I'll appreciate if someone can answer these questions:1. Full audit trail includ Wed, 01 Nov 2006 11:54:23 GMT https://connect.hyland.com/t5/alfresco-archive/regulation-requirements/m-p/70157#M45193 javydreamercsw 2006-11-01T11:54:23Z https://connect.hyland.com/t5/alfresco-archive/regulation-requirements/m-p/70158#M45194 <HTML><HEAD></HEAD><BODY><SPAN>Hi</SPAN><BR /><BR /><SPAN>1) Yes. You can audit calls made to any public service. See </SPAN><A href="http://wiki.alfresco.com/wiki/Audit" rel="nofollow noopener noreferrer">http://wiki.alfresco.com/wiki/Audit</A><SPAN>. </SPAN><BR /><BR /><SPAN>2) It depends ….. Not in the default implementation. We/you can provide an authentication component and linked DAO to support this, as the implementation is pluggable. It may be that this requirement is enforcd externally - e.g. if you have configured this in your ldap server …or SSO layer etc…..or back end JAAS authentication ……and you are not using the inbuilt alfresco authentication.</SPAN><BR /><BR /><SPAN>Is this required of the inbuilt authentication component?</SPAN><BR /><SPAN>Where do the 3 logins count - all applications using the account or just Alfresco?</SPAN><BR /><BR /><SPAN>Regards</SPAN><BR /><BR /><SPAN>Andy</SPAN></BODY></HTML> Mon, 20 Nov 2006 14:48:33 GMT https://connect.hyland.com/t5/alfresco-archive/regulation-requirements/m-p/70158#M45194 andy 2006-11-20T14:48:33Z https://connect.hyland.com/t5/alfresco-archive/regulation-requirements/m-p/70159#M45195 <HTML><HEAD></HEAD><BODY><SPAN>The 3 logins are in a per application basis. I've been trying to make the authentication work with active directory but no luck so far. Waiting for more detailed info from IT to check if the info I provide to the bean is incorrect.</SPAN></BODY></HTML> Tue, 21 Nov 2006 11:44:50 GMT https://connect.hyland.com/t5/alfresco-archive/regulation-requirements/m-p/70159#M45195 javydreamercsw 2006-11-21T11:44:50Z