directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kiran Ayyagari (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (DIRSERVER-1932) Password policy pwdMinAge check should check for required reset
Date Sat, 14 Dec 2013 07:35:07 GMT

     [ https://issues.apache.org/jira/browse/DIRSERVER-1932?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kiran Ayyagari resolved DIRSERVER-1932.
---------------------------------------

       Resolution: Fixed
    Fix Version/s: 2.0.0-M16
         Assignee: Kiran Ayyagari

Patch applied with slight modifications. See http://svn.apache.org/r1550894

> Password policy pwdMinAge check should check for required reset
> ---------------------------------------------------------------
>
>                 Key: DIRSERVER-1932
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1932
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M15, 2.0.0-M16
>            Reporter: lucas theisen
>            Assignee: Kiran Ayyagari
>             Fix For: 2.0.0-M16
>
>         Attachments: DIRSERVER-1932.patch
>
>
> According to the rfc (http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-7.8):
> 7.8 Password Too Young Check
>   If the Section 7.2 check returned true then this check will return
>   false, to allow the password to be changed.
>   ...
> 7.2 Password Must be Changed Now Check</b>
>   A status of true is returned to indicate that the password must be
>   changed if all of these conditions are met:   
>   o  The pwdMustChange attribute is set to TRUE.
>   o  The pwdReset attribute is set to TRUE.
>   Otherwise a status of false is returned.
> Therefore, if the admin sets the password, the user should be allowed
> to change it even if pwdMinAge has not expired.



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

Mime
View raw message