Add customized logic for password rules with a customized rule

A customized password rule is used for validating both new passwords that are generated by IBM Security Identity Manager Server and existing passwords.

1. Create a class by implementing com.ibm.passwordrules.Rule interface.
2. Register the class in passwordrules.properties by entering a line like the following one:

   password.rule.com.ibm.tivoli.itim.CustomPasswordRule1=true 

   The value of this expression determines the type of interface widget used to create a customized rule when you define a password policy. The following values are valid:
   • A value of true means that the instantiated rule object requires a parameter. The widget is a text box. If any value is entered, a customized rule is used. If the value is optional, typing in any printing character marks the rule for use.
   • A value of false means that the rule does not require parameters. If the box is selected, a customized rule is used.

   If more than one parameter value is required, a user-defined delimiter might separate individual values. Alternatively, the value might contain a structure that is represented by a user-defined XML document.

3. Optional: Add a label for the customized rule name. The key for the value is the fully qualified name of the customized class. The specified value is displayed on all screens that show the password rules password.rule.com.ibm.tivoli.itim.CustomPasswordRule1=Use Complexity Level 1. In this example, the required prefix is followed by the fully qualified name of the customized rule class. Both parts constitute the entire property key for any customized rule. If the customized label is not defined in CustomLabels.properties, the fully qualified name of the customized Java™ class is displayed on the interface forms.

Parent topic: Customized password rules