Uploaded image for project: 'Archiva'
  1. Archiva
  2. MRM-1912

Guest password should never be reset

    Details

      Description

      This is an experience report from a user.

      I stood up a new Archiva instance about 90 days ago. As per default security configuration, user passwords began to expire recently.

      It seems that even the guest account has expired . As a result, guest access is now 403 Forbidden.

      Since the guest account is for anonymous access, and has no password, this account probably should be exempt from password expiration. Is this a bug?

      I can reset the guest password successfully, restoring access for this account. However, I cannot reset to the empty password using the web interface. The edit user form complains of the password field, "This field is required." Is this also a bug?

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              benjamin.heasly@gmail.com Benjamin Heasly
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: