User Management

Owned by Baseer Khan
Last updated: Feb 17, 2020 by nam phan
2 min read


Overview

User Management component is used to apply role based authentication and access control for any other solution. Using this component/framework solution will enable user authentication and access on solution API. In this framework solution can create user and apply role to user role has It's capability with permission, capability has It's model associated with it with permission.

  • User             : User related information , Email, Password, UserName and Role associated with it
  • Role             : Set of capability and it’s permission’s
  • Capability    : Set of Model’s with permission’s
  • Permission : ReadWrite,  ReadOnly,  Hidden

Repository

https://bitbucket.org/MQTeam/tql-user-management/src

Framework Data Flow Model



Password Policy

  • Minimum password length must be 8(eight) characters.
  • Cannot be the same (meaning exactly the same) or similar (defined as 80%) to your user name
  • Must contain all of the following four:
    1. Upper case letters e.g. A,B,C
    2. Lower case letters e.g. a,b,c
    3. Numbers e.g. 1,2,3
    4. Symbols e.g. @,#,+ !)
  • Should be changed at least every three months
  • Ensure that passwords are not displayed on screen
  • Issue temporary passwords that must be changed on first use
  • Users must set their own password
  • Reuse of passwords must be restricted. Reuse of the last eight passwords used is not allowed
  • Lockout account after 5 times within 30 minutes
  • Lockout duration 30 minutes

User Status Flag

S.NoStatusDescriptionRemark
1ResetUser status will be set to reset whenever new user is created or password is reset. While login this flag should be checked and if it is set to Reset then user should be forced to change the password. There will be no password expiry check for the user if it is set to Reset.
2ActiveUser status will be set to active when user will change the password for the first time.When the user change the password, status flag changes to Active and password expiry schedulers starts.
3InActiveUser status will be set to InActive whenever user password expires.User will get an email 10 days before password expiry to change the password.
4SystemRestartWhenever the whole system is down and restarted, user flag is set to SystemRestart.This will restart all the required schedulers for all the users.