[ 
https://issues.apache.org/jira/browse/DIRSERVER-2202?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Emmanuel Lecharny updated DIRSERVER-2202:
-----------------------------------------
    Component/s: ppolicy

> pwdHistory not getting maintained when doing modify password with ldaptive 
> client
> ---------------------------------------------------------------------------------
>
>                 Key: DIRSERVER-2202
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2202
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: ppolicy
>    Affects Versions: 2.0.0-M23
>         Environment: windows, ldaptive latest, java 8
>            Reporter: Hal Deadman
>            Priority: Major
>
> If I connect as a non admin user and modify my own password with directory 
> studio, a new pwdHistory is added. 
> If I modify the password programatically, using the old/new password 
> modifyPassword extended operation that should respect history, it is deleting 
> all my history (and leaving a single pwdHistory entry). The code looks like 
> this:
> {noformat}
> // connecting as user that is trying to change their password
>               org.ldaptive.Credential cred = new 
> org.ldaptive.Credential(oldPassword);
>               org.ldaptive.BindConnectionInitializer bindConnectionInit = new 
> org.ldaptive.BindConnectionInitializer(userDn,cred);
>               org.ldaptive.ConnectionConfig connectionConfig = new 
> org.ldaptive.ConnectionConfig(ldapUrl);
>               connectionConfig.setUseStartTLS(false);
>               connectionConfig.setConnectionInitializer(bindConnectionInit);
>               DefaultConnectionFactory userLdapConnectionFactory = new 
> DefaultConnectionFactory(connectionConfig);
>               try (Connection conn = 
> userLdapConnectionFactory.getConnection()) {
>                 conn.open();
>                 PasswordModifyOperation modify = new 
> PasswordModifyOperation(conn);
>                 Response<Credential> response = modify.execute(new 
> PasswordModifyRequest(userDn, new Credential(oldPassword), new 
> Credential(plaintextPassword)));
>               } 
> {noformat}
> Isn't the pwdHistory being maintained by the server? Why does a different 
> client determine whether pwdHistory entries are added or not? (In this case 
> they are not only not added but multiple entries are replaced by a single 
> one).
> Ldaptive doesn't implement ldap protocol, in this case it is using JNDI as 
> the provider of ldap protocol. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org

Reply via email to