incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "gavin lee (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-648) The normal users could change their own login password
Date Mon, 17 Dec 2012 07:36:13 GMT


gavin lee commented on CLOUDSTACK-648:

Hi, Isaac
I think the discussion is beyond the scope of this case.
I originally thought every user inside CloudStack could change their own login password in
account entry.

For the domain entry, both change password or edit other changable items may need further

Though they called same api: updateUserCmd for all operations, they have different UI entry;
If there are security concerns, change password may need add another api rather than using

> The normal users could change their own login password
> ------------------------------------------------------
>                 Key: CLOUDSTACK-648
>                 URL:
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.1.0
>         Environment: DevCloud2 and others
>            Reporter: gavin lee
>            Priority: Minor
>              Labels: changes, password, user
>             Fix For: 4.1.0
>   Original Estimate: 48h
>  Remaining Estimate: 48h
> After created normal users by administrator, using the normal users login should let
them change their own password.
> The easiest way to change this is enable it on the UI by changing scripts/accounts.js
and changing access level for api: updateUser in file
> If there are concerns of security, new api may be introduced.
> please comment.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message