Hyland Connect

plattnum · ‎03-02-2010

I am in a situation where I have Alfresco (Custom) Authentication and LDAP chained. Its working great however I was wondering if there is any out of the box configuration settings for Alfresco (Custom) Authentication that support:

Disabling user account after X number of password attempts.

Block the use of previous passwords.

At some point will be moving to a SAML2 SSO Federated authentication mechanism…but was wondering if those secutiry controls were available out of the box for configuration in the meantime?

Thanks,

Jeff

zaizi · ‎03-03-2010

Alfresco does not include ability to display accounts after failed login or block use of previous passwords.

You would typically configure this in LDAP service or Active Directory.

plattnum · ‎03-03-2010

Thanks for confirming!

I figured as much after seeing an absence of information in the WIKI and nothing in any of the configuration files that would enable or configure settings for the controls I mentioned.

…and I agree with you that this is typcially done in external authentication repository/services. I am in a temporary situation until we federate authentication between two different organizational domains…and the use of custom Alfresco authentication is the temporary means by which we will provide external users to access the repository. (I would have preferred to add them to our LDAP/Active directory or a secondary chained directory but have not been allowed to do so due to time frame and other business non-technical reasons.)

Thanks for responding to the question.

Jeff

Hyland Connect

Alfresco Authentication Configuration