You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2014/10/02 15:16:34 UTC
[jira] [Resolved] (OAK-2156) UserAuthentication: Allow Password
Change Via SimpleCredentials Attribute
[ https://issues.apache.org/jira/browse/OAK-2156?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela resolved OAK-2156.
-------------------------
Resolution: Fixed
Fix Version/s: 1.1.1
> UserAuthentication: Allow Password Change Via SimpleCredentials Attribute
> -------------------------------------------------------------------------
>
> Key: OAK-2156
> URL: https://issues.apache.org/jira/browse/OAK-2156
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: security
> Reporter: Dominique Jäggi
> Assignee: angela
> Fix For: 1.1.1
>
> Attachments: OAK-2156_-_UserAuthentication__Allow_Password_Change_Via_SimpleCredentials_Attribute.patch, OAK-2156_-_UserAuthentication__Allow_Password_Change_Via_SimpleCredentials_Attribute_(V2).patch, OAK-2156_-_UserAuthentication__Allow_Password_Change_Via_SimpleCredentials_Attribute_(V3).patch
>
>
> since the advent of OAK-1922 a pice of the puzzle has been missing: it is currently not possible for a user whose password has expired to change the same in the context of her own session, as login will fail prior to obtaining the session with which to change the password.
> the suggestion is therefore to allow a user to change his password in the course of the login process, namely by specifying an attribute of the _SimpleCredentials_ object: "newPassword".
> upon verifying the user's credentials, before checking expiry, said attribute would then be used by the _UserAuthentication_ to change the password.
> this way the user can change the password while expiry check succeeds (password = not expired) and a login is provided at the same time.
> a patch will be provided.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)