[OAK-2156] UserAuthentication: Allow Password Change Via SimpleCredentials Attribute - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.1.1
Component/s: core
Labels:
None

Description

since the advent of ~~OAK-1922~~ a pice of the puzzle has been missing: it is currently not possible for a user whose password has expired to change the same in the context of her own session, as login will fail prior to obtaining the session with which to change the password.

the suggestion is therefore to allow a user to change his password in the course of the login process, namely by specifying an attribute of the SimpleCredentials object: "newPassword".

upon verifying the user's credentials, before checking expiry, said attribute would then be used by the UserAuthentication to change the password.

this way the user can change the password while expiry check succeeds (password = not expired) and a login is provided at the same time.

a patch will be provided.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

OAK-2156_-_UserAuthentication__Allow_Password_Change_Via_SimpleCredentials_Attribute_(V2).patch
01/Oct/14 14:26
5 kB
Dominique Jäggi
OAK-2156_-_UserAuthentication__Allow_Password_Change_Via_SimpleCredentials_Attribute_(V3).patch
02/Oct/14 12:25
11 kB
Dominique Jäggi
OAK-2156_-_UserAuthentication__Allow_Password_Change_Via_SimpleCredentials_Attribute.patch
01/Oct/14 09:31
4 kB
Dominique Jäggi

Issue Links

is related to

SLING-3991 Support Password Change Upon Expiry Via SimpleCredentials Attribute

Closed

relates to

OAK-1922 Introduce Password Expiry With Max Password Age and On First Login

Closed

Activity

People

Assignee:: Angela Schreiber

Reporter:: Dominique Jäggi

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 01/Oct/14 09:25

Updated:: 17/Oct/14 07:50

Resolved:: 02/Oct/14 13:16