diff --git a/src/main/java/jenkins/security/plugins/ldap/LDAPConfiguration.java b/src/main/java/jenkins/security/plugins/ldap/LDAPConfiguration.java index 7aa22444..aa80483e 100644 --- a/src/main/java/jenkins/security/plugins/ldap/LDAPConfiguration.java +++ b/src/main/java/jenkins/security/plugins/ldap/LDAPConfiguration.java @@ -36,6 +36,8 @@ import hudson.util.Secret; import jenkins.model.Jenkins; import java.nio.charset.StandardCharsets; + +import jenkins.security.FIPS140; import org.apache.commons.lang.StringUtils; import org.kohsuke.accmod.Restricted; import org.kohsuke.accmod.restrictions.NoExternalUse; @@ -411,6 +413,9 @@ public FormValidation doCheckServer(@QueryParameter String value, @QueryParamete if(!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) return FormValidation.ok(); + if(FIPS140.useCompliantAlgorithms() && managerPassword.length() < 14) + return FormValidation.error(Messages.LDAPSecurityRealm_AuthenticationFailedNotFipsCompliantPass()); + Context ctx = null; try { Hashtable props = new Hashtable<>(); diff --git a/src/main/resources/jenkins/security/plugins/ldap/Messages.properties b/src/main/resources/jenkins/security/plugins/ldap/Messages.properties index 081a03e3..e16cb22f 100644 --- a/src/main/resources/jenkins/security/plugins/ldap/Messages.properties +++ b/src/main/resources/jenkins/security/plugins/ldap/Messages.properties @@ -6,6 +6,7 @@ LDAPSecurityRealm.LoginHeader=Login LDAPSecurityRealm.AuthenticationSuccessful=Authentication: successful LDAPSecurityRealm.AuthenticationFailed=Authentication: failed for user "{0}" LDAPSecurityRealm.AuthenticationFailedEmptyPass=Authentication: failed for user "{0}" with empty password +LDAPSecurityRealm.AuthenticationFailedNotFipsCompliantPass=Authentication failed: your password must be at least 14 characters long LDAPSecurityRealm.UserId=User ID: {0} LDAPSecurityRealm.UserDn=User DN: {0} LDAPSecurityRealm.UserConfiguration=User Server: {0}