[
http://jira.amdatu.org/jira/browse/AMDATUAUTH-137?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ivo Ladage - van Doorn updated AMDATUAUTH-137:
----------------------------------------------
Estimated Eng Workload: 4
> UserAdmin 'create user' REST API not suited for password restrictions
> ---------------------------------------------------------------------
>
> Key: AMDATUAUTH-137
> URL: http://jira.amdatu.org/jira/browse/AMDATUAUTH-137
> Project: Amdatu Auth
> Issue Type: Improvement
> Components: Authorization & authentication
> Affects Versions: 0.2.1
> Reporter: Ivo Ladage - van Doorn
> Assignee: Ivo Ladage - van Doorn
> Labels: blueconic
> Fix For: 0.2.2
>
>
> In the UserAdmin REST API you can create a new user by a PUT to
> rest/users/[name] which does not take any input. Passing the password is not
> possible, and so a new user is always created without a password. The
> password is updated in a separate POST to
> /rest/users/[name]/credentials/password, but when that password does not meet
> the password policy a user is created without a password, violating that very
> same policy.
> In the current UI you end up with the situation that a new user is created
> but setting the password is rejected. When you change the password and try
> again, the system responds with an error that the user already exists.
> So this API should be refactored a but to support password restrictions.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
http://jira.amdatu.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
Amdatu-developers mailing list
[email protected]
http://lists.amdatu.org/mailman/listinfo/amdatu-developers
