IdStory Identity Manager

• Base agenda for password policy,
• password validation for IDM,
• password validation for systems,
• default password generate,
• validation messages.

Thank you

• password policy detail should be the same as role detail (headers, panels, tabs ...)
• add columns to password policy table:
  • standard policy
  • type will be first with some width (smallest as possible)
  • other important columns ...
• prevent tab label break (enhanced quality control)
• tab with systems - remove bulk operations at all
• all details - showLoading is shown twice
• policy save - duplicit standard policy is not saved. Please change behaviour about standard policy:
  • standard policy will be saved every time - just change previous standard policy to newly chosen policy
  • if standard policy for password validation is not found, then password change will work without it
  • if standard policy for password generation is not found, then password generation will work without it (use existing FE func)
  • add policy name to notification message (will be in message history)
  • hide form fields, when policy types (type, generation alg.) are changed - only valid fields will be shown
  • identity attributes enumeration is dead in editation (fill some attribute - save - open detail again)
    *some notification messages are not translated (error result codes)
• remove btoa conversion from passwords - use the second deserializer for GuardedStrings (accent characters does not work in password now)
• when password is successfully changed, then all error validation message should be hidden
• when enhanced quality control is on, then validation message about password length is missing.
• if standard policy exists is checked even if dm password is not changed.
• what to do, when some password policies are in collision - e.g. min vs max password length?
• nullpointer occurs on identity login, when password valid till is undefined
• LoginDto - skipMustChange is propagated to client after login and could be defined in login. Hide this information to client or separate LoginDto (in / out)
• PasswordChangeDto - magPasswordAge - the same as LoginDto
• Password change works even when minPasswordAge is filled
• IdmPassword - constructor is defined before fields
• IdmPasswordPolicyRepository - find default type could return one password policy
• Disabled password policy is used
• IdmPasswordPolicyService, IdmPasswordService - javadoc is missing
• IdmPasswordPolicy - wrong column names - see https://proj.bcvsolutions.eu/ngidm/doku.php?id=navrh:identifikatory
• PasswordGenarator - Assert.notNull should be used instead custom method
• wrong permisions on policies (FE) - RULE_...
• remove redundant "public" modifier in all interfaces
• IdmPasswordPolicyController - endpoint "/validate" and "/generate" colide with default endpoints (if some policy will have name "validate" etc.)
• InitApplicationData - move default password policies to InitDemoData

• Using more result models in password validation

• I was try to unite detail with role detail, please check design :),
• add columns: generateType, enchancedControl, minPasswordLength, maxPasswordLength. Also print info about default type,
• tab label was reduced (enhanced control),
• remove bulk operations,
• showloading was reduced only to once,
• policy save - all your notes was implemented,
• btoa was removed, Guarded string - replace deserializer,
• after success password change was removed valdiation message,
• enhanced control and validation message about length was fixed, but problem was comparing enhanced error and minimal rules to fulfill, everything is now ok,
• add validation to password policy attributes,
• disabled password policy is no longer used,
• permisions on policies (FE) updated,
• modifier in all interfaces changed,
• Method Assert.NotNull is not used in class PasswordGenerator, you work to much :D,
• javadoc for services was added.

Some you issue now is still missing.

• localization validation message,
• add method Asssert.NotNull,
• add @JsonIgnore to not used attributes in DTOs - loginDto, passwordValidationDto,
• add better update method for change default type, thank you for information,
• test init application, fix create default password policies,
• add help block and change localization message to password policy detail (basic, advanced, characters),
• endpoints generate and validat was changed to similar logic like search/quick -> validate/default and generate/default,
• update ERD diagram.

For new logic (save default type policy change old one) create new tests.

Please check password policy now try to found hidden teapot.

• hide form fields, when policy type is empty (or prefill some default type)
• when minimum length or password expiration is filled, then maximums are required (they could be empty)
• onEnter on form does not works
• Use @Enumerated(EnumType.STRING) for all enums used in entities
• when standard policy is changed, then previous default policy detail is shown - default policy checkbox is still checked
• add date format for dates in error notifications (passwod could be changed after 2011-05-02)

I like new help blocks and alerts on forms, very nice. Source code looks nice too, good job.

It works, everything looks fine, thx.