portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ate Douma (JIRA)" <jetspeed-...@portals.apache.org>
Subject [jira] Resolved: (JS2-371) Provide password expiration management and defaults for "Change password on first login" from the admin UserDetailsPortlet
Date Thu, 22 Sep 2005 21:47:29 GMT
     [ http://issues.apache.org/jira/browse/JS2-371?page=all ]
Ate Douma resolved JS2-371:

    Resolution: Fixed

> Provide password expiration management and defaults for "Change password on first login"
from the admin UserDetailsPortlet
> --------------------------------------------------------------------------------------------------------------------------
>          Key: JS2-371
>          URL: http://issues.apache.org/jira/browse/JS2-371
>      Project: Jetspeed 2
>         Type: Improvement
>   Components: Security, Admin Portlets
>     Versions: 2.0-M4
>     Reporter: Ate Douma
>     Assignee: Ate Douma
>      Fix For: 2.0-M4

> The current password expiration functionality is rather inflexible.
> For certain users like administrators, password expiration is problematic and should
preferrably be disabled.
> The solution I'm going to provide is that through the admin UserDetailsPortlet, the expiration
date of a password credential can
> be modified:
> - Expired: directly expire an active password by setting its expiration date to today
> - Extend: reset the current expiration date (to null), the (new, see JS2-359) PasswordExpirationInterceptor
then will derive a new date starting from today
> - Extend Unlimited: set the expiration date to January 1, 8099 (which is the formally
higest date allowed for java.sql.Date)
> To be able to modify the expiration date, the UserManager and the CredentialHandler interfaces
will be extended with a new
> setPasswordExpiration(userName,date) method.
> When password expiration is not wanted at all and the PasswordExpirationInterceptor is
*not* configured, this new functionality, including the display of the password expiration
date (which then always will be empty) doesn't need to be shown on the UserDetailsPortlet.
> I'll provide an additional portlet preference with which you can control if this functionality
should be displayed or not.
> A similar problem exists with the "Change password on first login" functionality which
currently is set to true by default when a new user is created. I'll provide a UserDetailsPortlet
preference through which you can specify what the default value should be. And another preference
controlling if you would want to be able to change this default on the Add User dialog.
> I'll also provide documentation, including screenshots, for this features, together with
a bunch of docs for JS2-359.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

View raw message