This directory contains the source code to some utility shims that may
be used to allow Ganymede to use Clyde Hoover's npasswd password
validation suite (at http://www.utexas.edu/cc/unix/software/npasswd/)
to implement extremely rigorous password quality checking and password
non-repeat history tracking for Ganymede user accounts.

To use these shims, you'll need to download, configure, and build
npasswd and in particular its libcheckpassword.a library file.  Once
you have installed npasswd and its libcheckpassword.a library, you can
build the utilities that userKit can use by editing and running the
Makefile in this directory.  The Makefile is not a super-smart
autoconfiguring thingy, but if you have what it takes to get npasswd
configured and installed, you'll find the Makefile for these utilities
to be trivially simple.

Once you have built the ganypassValidate and ganypassSave utilities,
you will need to configure the userKit to make use of these
utilities.  You do this by editing the "Schema Configuration"
object under the "Configuration" folder in the server, to specify
the location of ganypassValidate and ganypassSave as per your
installation.

The schema configuration object has the following relevant fields,
from the schema.xml file:

    <fielddef name="External_Password_Validator" id="262">
      <comment>External utility to validate proposed plaintext passwords for user accounts</comment>
      <typedef type="string"/>
    </fielddef>
    <fielddef name="External_Password_Saver" id="263">
      <comment>External utility to save plaintext passwords for history tracking</comment>
      <typedef type="string"/>
    </fielddef>
    <fielddef name="Temp_Directory" id="264">
      <comment>Directory to place temporary result files for the external password validator</comment>
      <typedef type="string"/>
    </fielddef>

that is, the fields "External Password Validator" and "External
Password Saver" should be set to the locations of the ganypassValidate
and ganypassSave utilities, respectively, wherever you have installed
them.  If these two fields are not set in your userKit's schema
configuration object, the npasswd shims will not be used, and you will
have to depend on the (limited-to-nonexistent) password quality
checking code that Ganymede proper has in it.

The "Temp Directory" field should be set to an appropriate temporary
files directory for your system.  This is the directory that the
userCustom code will place the temporary files that the code uses to
get results from the npasswd validator code.  If you don't set this
field, it will be assumed to be "/tmp", which is only useful on a Unix
type system.  But that's okay, because if you're somehow managing to
use npasswd on a non-Unix type system, you're probably up to the
challenge of dealing with anything else you might need to make all of
this work.

The idea is that the userCustom class will call the ganypassValidate
and ganypassSave programs to test a password selection for quality and
to save a chosen password into the npassword password history.
