Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/athiththan11/countersign-validator

A custom password validator implementation for WSO2 Identity Server using WSO2 Custom Password Validator extension
https://github.com/athiththan11/countersign-validator

extension password-validator wso2 wso2-extensions wso2-identity-server wso2-password-validators

Last synced: 26 days ago
JSON representation

A custom password validator implementation for WSO2 Identity Server using WSO2 Custom Password Validator extension

Host: GitHub
URL: https://github.com/athiththan11/countersign-validator
Owner: athiththan11
Created: 2019-05-31T08:02:35.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2019-07-05T18:27:13.000Z (over 5 years ago)
Last Synced: 2024-11-08T15:00:09.916Z (3 months ago)
Topics: extension, password-validator, wso2, wso2-extensions, wso2-identity-server, wso2-password-validators
Language: Java
Homepage:
Size: 3.91 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Countersign Validator

A custom password validator (custom password policy extension) implementation to validate password against a set of commonly used dictionary values and username.

Simple put, the custom password validator (countersign validator) throws an error if the password is same as the useranem, and if the password contains any of the following strings ...

* admin
* password
* root
* 123

## Build

Build the project by running ...

```shell
mvn clean package
```

## Deploy

After a successful build, copy the `countersign-validator-1.0.0.jar` artifact from the `target` folder and paste it inside `/repository/components/dropins` folder. And specify the deployed password validator as an extension inside the `/repository/conf/identity/identity-mgt.properties` file.

Simply add the following lines at the end of the `identity-mgt.properties` file to use the custom password validator implementation

```properties
Password.policy.extensions.1=com.athiththan.sample.CountersignValidator
Password.policy.extensions.1.faultMsg="Validation failed :: according to Countersign Validator"
```

Navigate to `/repository/conf/identity/identity.xml` and enable the following `EventListener` to `enable=true`

```xml

```

## Run

Start your WSO2 Identity Server by executing the command from your `/bin` folder

```shell
sh wso2server.sh
```

```shell
wso2is-5.5.0
```

## Test & Results

Navigate to the [`Carbon Management console`](https://localhost:9443/carbon) and login as admin using `admin` for both the username and password.

Navigate to [`Main -> Identity -> Users and Roles -> Add -> Add New User`](https://localhost:9443/carbon/user/add-step1.jsp)

![Add User Screen WSO2 Identity Server](https://docs.wso2.com/download/attachments/60494066/Add%20New%20User.png?version=1&modificationDate=1508308523000&api=v2)

and provide

1. your favourite string as both username and password
2. enter any username and enter a password containing any above mentioned strings

click finish and see the prompted error messages.