AEM user password expiry

Question

When setting up users with AEM I need to add extra security in terms of password expiry etc. There is nothing within the user admin or documentation to suggest how or if it's available as a config. I did see an article about 5.6.1 and the configuration in

http://localhost:4502/system/console/configMgr/org.apache.jackrabbit.oak.security.user.UserConfigurationImpl

It suggested that there is a max password age and also a change login password configuration. I'm using AEM 6.0 SP2 and when I check the same config there are not there. However when opening it is mentions something that the items displayed are based on defaults pre-defined. I assume I have to do something to get all items/descriptions displayed in the config dialog or is it that AEM 6.0 doesn't support password expiry age.

I want to be able to set at a global level only so applies to all. Assume that key system users e.g. admin etc will be unaffected...hope so.

Any thoughts anyone?

jayproulx · Answer

Password expiry is an Apache Jackrabbit thing:

Jackrabbit Oak - Password Expiry and Force Initial Password Change

You can change it in /system/console/configMgr, and grab the updated config in CRX DE in /apps/system/config, we drop that file in crx-quickstart/install for all of our servers.

Additionally, I can confirm that this has been working for us in AEM 6.1 and 6.2 as well.

http://localhost:4502/system/console/configMgr/org.apache.jackrabbit.oak.security.user.UserConfigurationImpl

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded