Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-2085

The PasswordPolicyConfiguration holds the password attribute as a String

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.0-M20
    • Fix Version/s: 2.0.0-M21
    • Component/s: core
    • Labels:
      None

      Description

      When we are dealing with a password modification, we call the getPwdModDetails methods, which try to find if a Modification is impacting the password attribute. This attribute is configured in the PasswordPolicyConfiguration class (which is either read from the config, or default to userPassword).

      So far, so good, except that the password attribute is stored as a String in the PasswordPolicyConfiguration instance, which leads to code like :

                  if ( at.getUpId().equalsIgnoreCase( policyConfig.getPwdAttribute() ) )
      

      This is broken. If the Mods contain the OID of the password attribute instead of its name, it's not going to work. If the configured password attribute has many names, it won't work either.

      We must store the AttributeType and not the String of the password attribute, and compare it with the AttributeType we have in the Modification.

        Activity

        Hide
        elecharny Emmanuel Lecharny added a comment -
        Show
        elecharny Emmanuel Lecharny added a comment - Fixed with http://svn.apache.org/r1692890

          People

          • Assignee:
            Unassigned
            Reporter:
            elecharny Emmanuel Lecharny
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development