You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by "Ate Douma (JIRA)" <je...@portals.apache.org> on 2005/09/22 22:04:28 UTC

[jira] Created: (JS2-371) Provide password expiration management and default "Change password on first loginfrom the admin UserDetailsPortlet

Provide password expiration management and default "Change password on first loginfrom the admin UserDetailsPortlet
-------------------------------------------------------------------------------------------------------------------

         Key: JS2-371
         URL: http://issues.apache.org/jira/browse/JS2-371
     Project: Jetspeed 2
        Type: Improvement
  Components: Admin Portlets  
    Reporter: Ate Douma




-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

[jira] Assigned: (JS2-371) Provide password expiration management and default "Change password on first loginfrom the admin UserDetailsPortlet

Posted by "Ate Douma (JIRA)" <je...@portals.apache.org>.

     [ http://issues.apache.org/jira/browse/JS2-371?page=all ]

Ate Douma reassigned JS2-371:
-----------------------------

    Assign To: Ate Douma

> Provide password expiration management and default "Change password on first loginfrom the admin UserDetailsPortlet
> -------------------------------------------------------------------------------------------------------------------
>
>          Key: JS2-371
>          URL: http://issues.apache.org/jira/browse/JS2-371
>      Project: Jetspeed 2
>         Type: Improvement
>   Components: Admin Portlets
>     Reporter: Ate Douma
>     Assignee: Ate Douma

>


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

[jira] Resolved: (JS2-371) Provide password expiration management and defaults for "Change password on first login" from the admin UserDetailsPortlet

Posted by "Ate Douma (JIRA)" <je...@portals.apache.org>.

     [ http://issues.apache.org/jira/browse/JS2-371?page=all ]
     
Ate Douma resolved JS2-371:
---------------------------

    Resolution: Fixed

> Provide password expiration management and defaults for "Change password on first login" from the admin UserDetailsPortlet
> --------------------------------------------------------------------------------------------------------------------------
>
>          Key: JS2-371
>          URL: http://issues.apache.org/jira/browse/JS2-371
>      Project: Jetspeed 2
>         Type: Improvement
>   Components: Security, Admin Portlets
>     Versions: 2.0-M4
>     Reporter: Ate Douma
>     Assignee: Ate Douma
>      Fix For: 2.0-M4

>
> The current password expiration functionality is rather inflexible.
> For certain users like administrators, password expiration is problematic and should preferrably be disabled.
> The solution I'm going to provide is that through the admin UserDetailsPortlet, the expiration date of a password credential can
> be modified:
> - Expired: directly expire an active password by setting its expiration date to today
> - Extend: reset the current expiration date (to null), the (new, see JS2-359) PasswordExpirationInterceptor then will derive a new date starting from today
> - Extend Unlimited: set the expiration date to January 1, 8099 (which is the formally higest date allowed for java.sql.Date)
> To be able to modify the expiration date, the UserManager and the CredentialHandler interfaces will be extended with a new
> setPasswordExpiration(userName,date) method.
> When password expiration is not wanted at all and the PasswordExpirationInterceptor is *not* configured, this new functionality, including the display of the password expiration date (which then always will be empty) doesn't need to be shown on the UserDetailsPortlet.
> I'll provide an additional portlet preference with which you can control if this functionality should be displayed or not.
> A similar problem exists with the "Change password on first login" functionality which currently is set to true by default when a new user is created. I'll provide a UserDetailsPortlet preference through which you can specify what the default value should be. And another preference controlling if you would want to be able to change this default on the Add User dialog.
> I'll also provide documentation, including screenshots, for this features, together with a bunch of docs for JS2-359.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

[jira] Updated: (JS2-371) Provide password expiration management and defaults for "Change password on first login" from the admin UserDetailsPortlet

Posted by "Ate Douma (JIRA)" <je...@portals.apache.org>.

     [ http://issues.apache.org/jira/browse/JS2-371?page=all ]

Ate Douma updated JS2-371:
--------------------------

      Component: Security
        Summary: Provide password expiration management and defaults for "Change password on first login" from the admin UserDetailsPortlet  (was: Provide password expiration management and default "Change password on first loginfrom the admin UserDetailsPortlet)
    Fix Version: 2.0-M4
    Description: 
The current password expiration functionality is rather inflexible.
For certain users like administrators, password expiration is problematic and should preferrably be disabled.
The solution I'm going to provide is that through the admin UserDetailsPortlet, the expiration date of a password credential can
be modified:
- Expired: directly expire an active password by setting its expiration date to today
- Extend: reset the current expiration date (to null), the (new, see JS2-359) PasswordExpirationInterceptor then will derive a new date starting from today
- Extend Unlimited: set the expiration date to January 1, 8099 (which is the formally higest date allowed for java.sql.Date)

To be able to modify the expiration date, the UserManager and the CredentialHandler interfaces will be extended with a new
setPasswordExpiration(userName,date) method.

When password expiration is not wanted at all and the PasswordExpirationInterceptor is *not* configured, this new functionality, including the display of the password expiration date (which then always will be empty) doesn't need to be shown on the UserDetailsPortlet.
I'll provide an additional portlet preference with which you can control if this functionality should be displayed or not.

A similar problem exists with the "Change password on first login" functionality which currently is set to true by default when a new user is created. I'll provide a UserDetailsPortlet preference through which you can specify what the default value should be. And another preference controlling if you would want to be able to change this default on the Add User dialog.

I'll also provide documentation, including screenshots, for this features, together with a bunch of docs for JS2-359.

  was:

        Version: 2.0-M4

> Provide password expiration management and defaults for "Change password on first login" from the admin UserDetailsPortlet
> --------------------------------------------------------------------------------------------------------------------------
>
>          Key: JS2-371
>          URL: http://issues.apache.org/jira/browse/JS2-371
>      Project: Jetspeed 2
>         Type: Improvement
>   Components: Security, Admin Portlets
>     Versions: 2.0-M4
>     Reporter: Ate Douma
>     Assignee: Ate Douma
>      Fix For: 2.0-M4

>
> The current password expiration functionality is rather inflexible.
> For certain users like administrators, password expiration is problematic and should preferrably be disabled.
> The solution I'm going to provide is that through the admin UserDetailsPortlet, the expiration date of a password credential can
> be modified:
> - Expired: directly expire an active password by setting its expiration date to today
> - Extend: reset the current expiration date (to null), the (new, see JS2-359) PasswordExpirationInterceptor then will derive a new date starting from today
> - Extend Unlimited: set the expiration date to January 1, 8099 (which is the formally higest date allowed for java.sql.Date)
> To be able to modify the expiration date, the UserManager and the CredentialHandler interfaces will be extended with a new
> setPasswordExpiration(userName,date) method.
> When password expiration is not wanted at all and the PasswordExpirationInterceptor is *not* configured, this new functionality, including the display of the password expiration date (which then always will be empty) doesn't need to be shown on the UserDetailsPortlet.
> I'll provide an additional portlet preference with which you can control if this functionality should be displayed or not.
> A similar problem exists with the "Change password on first login" functionality which currently is set to true by default when a new user is created. I'll provide a UserDetailsPortlet preference through which you can specify what the default value should be. And another preference controlling if you would want to be able to change this default on the Add User dialog.
> I'll also provide documentation, including screenshots, for this features, together with a bunch of docs for JS2-359.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org