Overview
User Management component is used to apply role based authentication and access control for any other solution. Using this component/framework solution will enable user authentication and access on solution API. In this framework solution can create user and apply role to user role has It's capability with permission, capability has It's model associated with it with permission.
- User : User related information , Email, Password, UserName and Role associated with it
- Role : Set of capability and it’s permission’s
- Capability : Set of Model’s with permission’s
- Permission : ReadWrite, ReadOnly, Hidden
Framework Data Flow Model
Password Policy
- Minimum password length must be 8(eight) characters.
- Cannot be the same (meaning exactly the same) or similar (defined as 80%) to your user name
- Must contain all of the following four:
- Upper case letters e.g. A,B,C
- Lower case letters e.g. a,b,c
- Numbers e.g. 1,2,3
- Symbols e.g. @,#,+ !)
- Should be changed at least every three months
- Ensure that passwords are not displayed on screen
- Issue temporary passwords that must be changed on first use
- Users must set their own password
- Reuse of passwords must be restricted. Reuse of the last eight passwords used is not allowed
- Lockout account after 5 times within 30 minutes
- Lockout duration 30 minutes