cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Demetrius Tsitrelis <Demetrius.Tsitre...@citrix.com>
Subject RE: Should CloudStack support forced password reset?
Date Wed, 27 Aug 2014 16:55:11 GMT
I probably should have specifically said that this is for the built-in users; it could only
be them since they are the only ones which would use the MD5 or plaintext authentication plugins.

I don't think updateUser will help here.  The case is for users to change their passwords
and not admins; so while an admin could change everyone's passwords and then send out e-mails
with those new passwords that probably isn't an option that would scale.  It's also not particularly
security friendly.

-----Original Message-----
From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com] 
Sent: Tuesday, August 26, 2014 5:29 PM
To: dev@cloudstack.apache.org
Subject: Re: Should CloudStack support forced password reset?

The cloud operator can call the updateUser API themselves? Then they can send an email to
their users telling them their new password. There is no 'password change' protocol at the
moment. It is assumed that user provisioning and user lifecycle is best left to a different
system.

From: Demetrius Tsitrelis <Demetrius.Tsitrelis@citrix.com<mailto:Demetrius.Tsitrelis@citrix.com>>
Reply-To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" <dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>>
Date: Thursday, August 21, 2014 at 11:28 AM
To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" <dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>>
Subject: Should CloudStack support forced password reset?

For legacy reasons the MD5 and plaintext plugins are included in the list of authenticators.
 If a company has been using CloudStack for awhile they may want to move all their users to
a stronger plugin such as SHA256SALTED (which is now the default).

Is there a mechanism to do that?  It doesn't appear that there is so I propose modify the
API as follows:


1)      Include a result in the response to the login API which indicates whether a user must
change his password.

2)      If a user is in this state have him call a new API called changeMyPassword.  That
API would require his old password and a new password.  If the calls succeeds then the user
can retry the login API with his new password.

3)      Add a new parameter named forceUserToChangePassword to the UpdateUser API.  An admin
would set that parameter value to indicate that a user is required to change his password.

Thoughts?


Mime
View raw message