[DIRSERVER-2085] The PasswordPolicyConfiguration holds the password attribute as a String - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0-M20
Fix Version/s: 2.0.0-M21
Component/s: core
Labels:
None

Description

When we are dealing with a password modification, we call the getPwdModDetails methods, which try to find if a Modification is impacting the password attribute. This attribute is configured in the PasswordPolicyConfiguration class (which is either read from the config, or default to userPassword).

So far, so good, except that the password attribute is stored as a String in the PasswordPolicyConfiguration instance, which leads to code like :

            if ( at.getUpId().equalsIgnoreCase( policyConfig.getPwdAttribute() ) )

This is broken. If the Mods contain the OID of the password attribute instead of its name, it's not going to work. If the configured password attribute has many names, it won't work either.

We must store the AttributeType and not the String of the password attribute, and compare it with the AttributeType we have in the Modification.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Emmanuel Lécharny

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/Jul/15 13:02

Updated:: 27/Jul/15 14:45

Resolved:: 27/Jul/15 14:44