directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Srinivasan A (JIRA)" <>
Subject [jira] [Created] (DIRAPI-296) Password reset does not respect password history policy
Date Mon, 03 Apr 2017 18:41:41 GMT
Srinivasan A created DIRAPI-296:

             Summary: Password reset does not respect password history policy
                 Key: DIRAPI-296
             Project: Directory Client API
          Issue Type: Bug
            Reporter: Srinivasan A

I'm using ldap connection template to allow the user to reset/change the password. My password
policy allows has a password history attribute value of 5. So user will not be able to use
previous 5 passwords.

When I'm using the modifyPassword method for changing the password(i.e. as a user by passing
current and new password), it respects the password history policy. i.e I'm not allowed to
use any of the previous 5 passwords. But when using the reset option(i.e. - only new password),
it does not honor the password policy. It takes any value(including current one).

How to make the reset password scenario honor the password history policy?

This message was sent by Atlassian JIRA

View raw message