security.properties

国外的一套开源CRM

####
# OFBiz Security Settings
# $Id: security.properties,v 1.3 2004/02/03 05:18:55 jonesde Exp $
####

# -- define the default security context to be user
security.context=default

# -- define the password restrictions --
password.length.min=5

# -- disable the account after this many logins --
max.failed.logins=3

# -- disable the account for this many minutes (if 0, then indefinate) --
login.disable.minutes=30

# -- disable login on accounts already logged in --
login.lock.active=false

# -- store a record for each login attempt? --
store.login.history=true
store.login.history.on.service.auth=false

# -- should we encrypt (SHA Hash) the password? --
password.encrypt=true

# -- specify the type of hash to use for one-way encryption, will be passed to java.security.MessageDigest.getInstance() --
# -- options may include: SHA, MD5, etc
password.encrypt.hash.type=SHA

# -- this is helpful to recover old accounts or to be able to login at all sometimes --
# -- SHOULD GENERALLY NOT BE TRUE FOR PRODUCTION SITES, but is useful for interim periods when going to password encryption --
password.accept.encrypted.and.plain=true

# -- should we convert usernames and passwords to lowercase? (useful for case insensitive usernames and passwords) --
username.lowercase=false
password.lowercase=false