[jira] Created: (CONTINUUM-1555) Password set by Administrator is not verified against security rules

["Andreas Guther (JIRA)" <ji...@codehaus.org>]

Password set by Administrator is not verified against security rules
--------------------------------------------------------------------

                 Key: CONTINUUM-1555
                 URL: http://jira.codehaus.org/browse/CONTINUUM-1555
             Project: Continuum
          Issue Type: Bug
            Reporter: Andreas Guther


I have created user accounts using an administration account.  The password entered here is not verified against the security rules (at least one number).  I entered simple passwords and enabled that the user has to change the password.

User complained that their given password does not work.  It appears that Continuum is not accepting the password if it does not follow the rules during logon check.

Expected:  The admin user set-up must have the same password validation checks as for the normal users when they change their password.

I am not sure if my impression is correct that the logon does not validate the password against the system if the password does not conform with the password pattern rules.  But if that is the case, the system should not validate the password during logon against the rule.  It should only check the password against the stored one.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira