Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java System Identity Manager 6.0 Deployment Tools 2005Q4M3  

6

Configuring Dictionary Support

This chapter describes how to configure and set up dictionary support in Sun Java™ System Identity Manager.

About the Dictionary Policy

The dictionary policy enables Identity Manager to check passwords against a word database to ensure that they are protected from a simple dictionary attack. If you use this policy with other policy settings to enforce the length and make-up of passwords, Identity Manager makes it difficult for anyone to use a dictionary to guess passwords that are generated or changed in the system.

This dictionary policy extends the password exclusion list specified using the Must Not Contain Words feature on the Edit Policy page (Configure –> Policies –> Password Policies ).

Configuring the Dictionary Policy

To set up the dictionary policy, you must configure dictionary server support and then load the dictionary, as follows:

  1. From the Identity Manager administrator user interface, select Configure –> Policies and click the Configure Dictionary button.
  2. When the Dictionary Configuration page displays, provide the following database information:
    • Database Type — Select the database type (Oracle, DB2, SQLServer, or MySQL) that you will use to store the dictionary.
    • Host — Enter the name of the host where the database is running.
    • User — Enter the user name to use when connecting to the database.
    • Password — Enter the password to use when connecting to the database.
    • Port — Enter the port on which the database is listening.
    • Connection URL — Enter the URL to use when connecting.

      • These template variables are available:

      • %h - host
      • %p - port
      • %d - database name
    • Driver Class — Enter the JDBC driver class to use while interacting with the database.
    • Database Name — Enter the name of the database where the dictionary will be loaded.
    • Table Naming Context — Enter the prefix used to name the dictionary table in the database.
    • Dictionary Filename — Enter the name of the file to use when loading the dictionary.
  3. Click Test to test the database connection.
  4. If the connection test is successful, click Load Words to load the dictionary.

    5. Note  The load task may take a few minutes to complete.

  5. Click Test to ensure that the dictionary was loaded correctly.
  6. Click Save to save your changes.

Implementing the Dictionary Policy

You implement the dictionary policy from the Identity Manager policies area as follows:

  1. From the Policies page, click the Password Policy link to edit the password policy.
  2. On the Edit Policy page, enable the Check passwords against dictionary words option.
  3. Click Save to save your changes.

Once implemented, all changed and generated passwords will be checked against the dictionary.



Previous      Contents      Index      Next     

Copyright 2006 Sun Microsystems, Inc. All rights reserved.