Description
Probably needs a design discussion first but we need to review where password policies fit in to the overall solution.
We may say that policy handling is really the responsibility of the actual realm implementation, after all items such as history are going to be very realm specific.
However there may also be a case in the generic sense that where a modifiable realm is in use a policy is desired to cover the complexity of any passwords set on that realm.