syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (SYNCOPE-939) Password history not checked when user changes password
Date Tue, 13 Sep 2016 13:21:20 GMT

     [ https://issues.apache.org/jira/browse/SYNCOPE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh resolved SYNCOPE-939.
-----------------------------------------
    Resolution: Fixed
      Assignee: Colm O hEigeartaigh

This issue has been fixed since 1.2.8..possibly by the fix for SYNCOPE-928.

> Password history not checked when user changes password
> -------------------------------------------------------
>
>                 Key: SYNCOPE-939
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-939
>             Project: Syncope
>          Issue Type: Bug
>    Affects Versions: 1.2.8
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.2.9
>
>
> When a user changes his/her password via the Console, the password history does not appear
to be checked. It is only checked when the admin user changes the password. This bug does
not appear to be present in the enduser application of Syncope 2.0.0.
> Steps to reproduce (Syncope 1.2.8):
> 1) Log onto the console as "admin". 
> 2) Change the global password policy to have a history of "10".
> 3) Now create a new user "alice" with password "password1" and save.
> 4) Edit "alice" (again as "admin") and change the password to "password2" and save.
> 5) Edit "alice" (again as "admin") and try to change the password back to "password1"
-> this should fail.
> 6) Logout and log back in as "alice"/"password2".
> 7) Click on "alice" and change the password back to "password1".
> 8) It displays no error message and "alice" can log back in with "password1" after logging
out.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message