Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14644

improve error messages on change password screen of AD/LDAP auth module


    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 7.0.0
    • Fix Version/s: None
    • Component/s: authentication


      While testing OPENAM-11523 I saw:

      1. no old password entered -> The old password provided is empty
      2. wrong old password entered -> The password you have entered is invalid
      3. different new passwords entered -> The password and confirm password do not match
      4. new password does not meet password policy requirements -> The password you have entered is invalid

      From point of user, when I see error:

      "The password you have entered is invalid"

      I do not know if there is typo in my old password or problem with password policy in new password, so I would suggest to change "The password you have entered is invalid" to "The old password you have entered is invalid" in case 2.

      And also in case 4. there should be different message like "New password does not meet the password policy requirements." or perhaps "Password change was not allowed."

      Steps to reproduce:

      1. Install AM
      2. configure embedded DS to force password change after password reset
      3. do password reset for demo user
      4. login as demo user using module=LDAP
      5. Try described test cases


          Issue Links



              • Assignee:
                lubomir.mlich Ľubomír Mlích
              • Votes:
                0 Vote for this issue
                1 Start watching this issue


                • Created: