On this page:
   34.13    Cluster Manager Kafka 34.15    Cross-Origin Resource Sharing (CORS)   

34.14Credentials

 

The Credentials configuration category includes the following configurable options:

  • Password Encoding Scheme

  • Cache Successful Credentials

  • Case-Sensitive Usernames

  • Case-Sensitive Passwords

  • Create Unknown Users

  • Minimum Password Requirements

  • Password Mismatch Error

  • Lock After Failed Attempts

34.14.1Property: Password Encoding Scheme

 
Property Name Password Encoding Scheme
Property Key
Property Type ENUM
Values
  • SHA256_1000_ROUND
  • SHA256_10000_ROUND
  • SHA256_100000_ROUND
  • PBKDF2_256_1000_RND
  • PBKDF2_256_10000_RND
  • PBKDF2_256_100000_RND
  • BCRYPT_10_ROUND
  • BCRYPT_12_ROUND
  • BCRYPT_14_ROUND
  • BCRYPT_16_ROUND
Description Specify the scheme that will be used to store passwords in the database. Note that changing this value will only affect newly created and updated passwords. Existing passwords will remain encoded using the scheme that was selected at the time that they were saved. See Password Hashing Algorithms for more information.
Default Value BCRYPT_12_ROUND
Example Property
module.[MODULE_ID].config.password_encoding_type = BCRYPT_12_ROUND

34.14.2Property: Cache Successful Credentials

 
Property Name Cache Successful Credentials
Property Key
Property Type BOOLEAN
Description If enabled, the authorization service will enable a very short-term cache of successful credentials. This is useful in environments where many requests are being made using username/password credentials in each request (i.e. a backend service secured with HTTP Basic Auth). Enable with caution as this setting also has security considerations.
Default Value true
Example Property
module.[MODULE_ID].config.cache_successful_credentials = true

34.14.3Property: Case-Sensitive Usernames

 
Property Name Case-Sensitive Usernames
Property Key
Property Type BOOLEAN
Description If enabled, usernames are treated as case-sensitive. If you change this value after accounts are created, these accounts may be orphaned. Change with caution!
Default Value false
Example Property
module.[MODULE_ID].config.username_case_sensitive = false

34.14.4Property: Case-Sensitive Passwords

 
Property Name Case-Sensitive Passwords
Property Key
Property Type BOOLEAN
Description If enabled, passwords are case-sensitive. Note that any passwords created before this setting is changed are not affected. Change with caution!
Default Value true
Example Property
module.[MODULE_ID].config.password_case_sensitive = true

34.14.5Property: Create Unknown Users

 
Property Name Create Unknown Users
Property Key
Property Type BOOLEAN
Description If a user is requested and does not already exist, having this setting enabled will cause that user to be created. Use this setting with caution as it can result in an unlimited number of users being created within the Smile CDR database. This setting is useful only in situations where the client is trusted (e.g. a server-to-server communication).
Default Value false
Example Property
module.[MODULE_ID].config.create_unknown_users = false

34.14.6Property: Minimum Password Requirements

 
Property Name Minimum Password Requirements
Property Key
Property Type STRING
Description Specify password requirements using a regular expression (e.g. .{4,100}). Separate each requirement from the other with a single space. Note that these requirements will only be enforced when evaluating newly created and updated passwords; existing passwords remain unaffected.
Default Value .{4,100}
Example Property
module.[MODULE_ID].config.password_pattern = .{4,100}

34.14.7Property: Password Mismatch Error

 
Property Name Password Mismatch Error
Property Key
Property Type STRING
Description Error message that will be displayed to the user if the password they are trying to create/update does not match the regular expression specified in Minimum Password Requirements. This message needs to be updated for any change in the Minimum Password Requirements.
Default Value Invalid password
Example Property
module.[MODULE_ID].config.password_mismatch_pattern_error = Invalid password

34.14.8Property: Lock After Failed Attempts

 
Property Name Lock After Failed Attempts
Property Key
Property Type NON_NEGATIVE_INTEGER
Description Number of failed login attempts to lock account. Zero means no limit.
Default Value 0
Example Property
module.[MODULE_ID].config.max_failed_logins_until_lock = 0
   34.13    Cluster Manager Kafka 34.15    Cross-Origin Resource Sharing (CORS)