公开(公告)号：US20090178106A1

公开(公告)日：2009-07-09

申请号：US11971510

申请日：2008-01-09

申请人： DAW FENG ,  Kristin Marie Hazlewood ,  Gary Dale Williams

发明人： DAW FENG ,  Kristin Marie Hazlewood ,  Gary Dale Williams

IPC分类号： G06F21/00

CPC分类号： H04L63/20 ,  H04L63/083 ,  H04L63/0884

摘要： A computer implemented method, data processing system, and computer program product for password policy enforcement in a distributed directory when policy information is distributed. When a proxy server is providing a request from a client to a backend directory server, the proxy server performs a series of LDAP operations on a targeted set of backend directory servers to collect password policy information applicable to a target user. The password policy information applicable to the target user is partitioned and distributed across the plurality of backend directory servers. When the password policy information for the target user has been collected, the proxy server evaluates the collected password policy information to determine an effective password policy for the target user. The proxy server then sends the request and subsequent requests with the effective password policy to a backend directory server.

摘要翻译： 一种计算机实现的方法，数据处理系统和计算机程序产品，用于在分布式目录中分发策略信息时执行密码策略。 当代理服务器向客户端向后端目录服务器提供请求时，代理服务器对目标一组后端目录服务器执行一系列LDAP操作，以收集适用于目标用户的密码策略信息。 适用于目标用户的密码策略信息被分割并分布在多个后端目录服务器中。 当收集目标用户的密码策略信息时，代理服务器评估收集的密码策略信息，以确定目标用户的有效密码策略。 然后，代理服务器将具有有效密码策略的请求和后续请求发送到后端目录服务器。