Credentials Administration

Managing Password Expiration

If the PasswordExpirationInterceptor is used, password expiration for a certain user can be directly managed through the UserDetailPortlet provided with the security portlet application.

If enabled, this portlet can display the current expiration date of a password and also allows to change its value:

As you can see, through the radio group, the password expiration date can be changed to:

Action Expires
Expired today
Extend today + maxLifeSpanInDays as configured for the PasswordExpirationInterceptor
Extend Unlimited January 1, 8099 (the maximum value allowed for java.sql.Date)

This feature can be enabled through the edit/preferences page of the UserDetailsPortlet:

Note: when a new password value is specified selected password expiration action Expired will be ignored!

Setting default 'Change Password required on First Login'

Through the same UserDetailsPortlet preferences as show above, the default updateRequired property of a password credential for a new user can be configured too.

And, if you always need the same setting for all users, you can even suppress the selection box normally displayed on the Add User dialog.

With the preferences set as in the example shown above, the Add User dialog will look like this:

A user added with the example preferences set, will have the updateRequired property set to true, the User role assigned and use the role-fallback profiling rule.