IBM Security Verify Access for Web WebSEAL enable-passwd-warn stanza entry

enable-passwd-warn

Use the enable-passwd-warn stanza entry to configure WebSEAL to display a password warning form when it detects the REGISTRY_PASSWORD_EXPIRE_TIME attribute in the user credential at login. This attribute indicates the user password is soon to expire.

enable-passwd-warn = {yes|no}

Description

Enable WebSEAL to detect the attribute REGISTRY_PASSWORD_EXPIRE_TIME added to a users' credential when the LDAP password policy indicates their password is soon to expire. The value of this attribute is the number of seconds until their password expires. When this attribute is detected, at login to WebSEAL, a password warning form will appear.
NOTE: This option must be set in order to use the associated options, which are also in the [acnt-mgt] stanza: passwd-warn and passwd-warn-failure. The corresponding Security Verify Access LDAP option must be enabled ([ldap] enhanced-pwd-policy=yes) and supported for the particular LDAP registry type.
Options

yes Detection of the REGISTRY_PASSWORD_EXPIRE_TIME to ultimately warn the user when their password is soon to expire.
no Disable the detection of the REGISTRY_PASSWORD_EXPIRE_TIME attribute. WebSEAL will not be able to notify users when their passwords are soon to expire.

Usage:
This stanza entry is optional.
Default:
The option will default to yes if it is not specified in the configuration file.
NOTE: The value for this option in the template configuration file is no.
Example:
enable-passwd-warn = yes

Parent topic: [acnt-mgt] stanza

yes	Detection of the REGISTRY_PASSWORD_EXPIRE_TIME to ultimately warn the user when their password is soon to expire.
no	Disable the detection of the REGISTRY_PASSWORD_EXPIRE_TIME attribute. WebSEAL will not be able to notify users when their passwords are soon to expire.