directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Srinivasan A (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DIRAPI-296) Password reset does not respect password history policy
Date Mon, 03 Apr 2017 18:41:41 GMT
Srinivasan A created DIRAPI-296:
-----------------------------------

             Summary: Password reset does not respect password history policy
                 Key: DIRAPI-296
                 URL: https://issues.apache.org/jira/browse/DIRAPI-296
             Project: Directory Client API
          Issue Type: Bug
            Reporter: Srinivasan A


I'm using ldap connection template to allow the user to reset/change the password. My password
policy allows has a password history attribute value of 5. So user will not be able to use
previous 5 passwords.

When I'm using the modifyPassword method for changing the password(i.e. as a user by passing
current and new password), it respects the password history policy. i.e I'm not allowed to
use any of the previous 5 passwords. But when using the reset option(i.e. - only new password),
it does not honor the password policy. It takes any value(including current one).

How to make the reset password scenario honor the password history policy?



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message