When a user password is set using the command
user withLogin login set password
or a new user is created specifying the password using
user create login newuser defaultGroup testers password herPassword
the Content Management Server executes the passwordPolicyCheck
Tcl
procedure. If a new user is created in the GUI, he can only login after a password
has been given to him by means of the corresponding dialog or Tcl procedure.
In this procedure, administrators can implement the rules passwords must obey
and reject inacceptable passwords using error {error
message}
. The error message is then displayed in the Tcl shell and in
the GUI. The procedure is not executed for passwords that have already been
assigned.
A sample implementation can be found in the file
share/script/cm/serverCmds/passwordPolicyCheck.tcl
which can be found
in the CMS directory. It rejects passwords whose length is less than 4
characters:
proc passwordPolicyCheck {password} { if {[string length $password] < 4} { error "Das Passwort ist zu kurz. / The password is too short." } }