Description
since the advent of OAK-1922 a pice of the puzzle has been missing: it is currently not possible for a user whose password has expired to change the same in the context of her own session, as login will fail prior to obtaining the session with which to change the password.
the suggestion is therefore to allow a user to change his password in the course of the login process, namely by specifying an attribute of the SimpleCredentials object: "newPassword".
upon verifying the user's credentials, before checking expiry, said attribute would then be used by the UserAuthentication to change the password.
this way the user can change the password while expiry check succeeds (password = not expired) and a login is provided at the same time.
a patch will be provided.
Attachments
Attachments
Issue Links
- is related to
-
SLING-3991 Support Password Change Upon Expiry Via SimpleCredentials Attribute
-
- Closed
-
- relates to
-
OAK-1922 Introduce Password Expiry With Max Password Age and On First Login
-
- Closed
-