[
https://issues.apache.org/jira/browse/USERGRID-1339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Brandon Shelley updated USERGRID-1339:
--------------------------------------
Affects Version/s: 2.2.0
Description:
Take the following params:
[email protected]
name=Test
password=x
If I attempt to create a user account with a password that doesn't meet
complexity requirements, the following error is returned:
{code}
{
"error": "error_password_policy_violation",
"timestamp": 1488401172596,
"duration": 0,
"error_description": "error_length_policy: must be at least 4 characters "
}
{code}
That's expected and good!
The problem is that the user account is created anyway, either without a
password entirely, or worse, with the weak password.
Component/s: Stack
> When creating a user account with a password that fails validation check, the
> account is created anyway
> -------------------------------------------------------------------------------------------------------
>
> Key: USERGRID-1339
> URL: https://issues.apache.org/jira/browse/USERGRID-1339
> Project: Usergrid
> Issue Type: Bug
> Components: Stack
> Affects Versions: 2.2.0
> Reporter: Brandon Shelley
>
> Take the following params:
> [email protected]
> name=Test
> password=x
> If I attempt to create a user account with a password that doesn't meet
> complexity requirements, the following error is returned:
> {code}
> {
> "error": "error_password_policy_violation",
> "timestamp": 1488401172596,
> "duration": 0,
> "error_description": "error_length_policy: must be at least 4 characters "
> }
> {code}
> That's expected and good!
> The problem is that the user account is created anyway, either without a
> password entirely, or worse, with the weak password.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
