You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@archiva.apache.org by "Brett Porter (JIRA)" <ji...@codehaus.org> on 2009/03/19 16:34:12 UTC
[jira] Closed: (MRM-1047) Archiva allows deployment by user with
expired password
[ http://jira.codehaus.org/browse/MRM-1047?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brett Porter closed MRM-1047.
-----------------------------
Resolution: Fixed
already taken care of by redback changes to throw exception if password must be changed on authz. The other instances in my comment do not need to do the secondary check as you must already be logged in to the interface for them to succeed
> Archiva allows deployment by user with expired password
> -------------------------------------------------------
>
> Key: MRM-1047
> URL: http://jira.codehaus.org/browse/MRM-1047
> Project: Archiva
> Issue Type: Bug
> Components: Users/Security
> Affects Versions: 1.1.3
> Reporter: Wendy Smoak
> Assignee: Brett Porter
> Priority: Minor
> Fix For: 1.2-M2
>
>
> If a user has the repo manager role, he can still deploy artifacts even if his password is expired and/or flagged as must be changed.
> An expired password is no longer valid, and Archiva should prevent access to the repository until it is changed.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira