The Enterprise Security SMAPI allows you to develop a password-strength verification component to verify new passwords. Once a password-strength verification component has been deployed and configured, it is called automatically when:
Passwords are set or changed using any of the GUI components: Enterprise Security Manager, Portal Studio, self-registration, and so on.
Users are created using one of the SubjectManagement.create methods.
Passwords are set using either the SubjectManagement.setPassword method or the SubjectManagement.setInfo(InfoConstants.PASSWORD) method.
If you are using the password validation component from a version of Enterprise Security earlier than 6.0, you can upgrade your existing component—see “Upgrading an existing password validation component”.
If a password verification fails, the information in an Exception object is passed to the client, and the current operation completes without modifying the underlying data store.
