[jira] [Resolved] (DIRSERVER-1932) Password policy pwdMinAge check should check for required reset

Kiran Ayyagari (JIRA) Fri, 13 Dec 2013 23:36:17 -0800

     [ 
https://issues.apache.org/jira/browse/DIRSERVER-1932?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Kiran Ayyagari resolved DIRSERVER-1932.
---------------------------------------

       Resolution: Fixed
    Fix Version/s: 2.0.0-M16
         Assignee: Kiran Ayyagari

Patch applied with slight modifications. See http://svn.apache.org/r1550894

> Password policy pwdMinAge check should check for required reset
> ---------------------------------------------------------------
>
>                 Key: DIRSERVER-1932
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1932
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M15, 2.0.0-M16
>            Reporter: lucas theisen
>            Assignee: Kiran Ayyagari
>             Fix For: 2.0.0-M16
>
>         Attachments: DIRSERVER-1932.patch
>
>
> According to the rfc 
> (http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-7.8):
> 7.8 Password Too Young Check
>   If the Section 7.2 check returned true then this check will return
>   false, to allow the password to be changed.
>   ...
> 7.2 Password Must be Changed Now Check</b>
>   A status of true is returned to indicate that the password must be
>   changed if all of these conditions are met:   
>   o  The pwdMustChange attribute is set to TRUE.
>   o  The pwdReset attribute is set to TRUE.
>   Otherwise a status of false is returned.
> Therefore, if the admin sets the password, the user should be allowed
> to change it even if pwdMinAge has not expired.



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

[jira] [Resolved] (DIRSERVER-1932) Password policy pwdMinAge check should check for required reset

Reply via email to