Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12446

Minimum Answer of Security Question is not Validated in User Profile


    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 13.5.0, 13.5.1, 6.5.3
    • Fix Version/s: None
    • Component/s: self-service
    • Labels:
    • Target Version/s:
    • Rank:
    • Support Ticket IDs:


      Bug description

      User is able to update their security question when they login. However, the Minimum Answers to Define field is not validated when user submit their security questions. This would result that the user is able to update less than the field value.

      How to reproduce the issue

      1. Add User Self Service 
      2. Modify the field for Minimum Answers to Define (e.g 3) in General Configuration
      3. Click on Save Changes
      4. Go to User Registration tab and enabled Security Questions 
      5. Click on Save Changes
      6. Login to user (e.g demo) and update Security Questions
      Expected behaviour
      OpenAM should only update if user enter the minimum answers to define value or more security question.
      For example, user must select 3 or more security questions in order to update their user profile.
      Current behaviour
      OpenAM allows user to update security question less than the minimum answers to define value.
      For example, the user is able to update their profile by selecting 1 security question (refer to img1).





            • Assignee:
              wanning.tan WanNing Tan
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: