-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 11.0.0
-
Component/s: rest
-
Labels:
-
Environment:CentOS 6.4
Tomcat
-
Sprint:Sprint 76 - Sustaining
-
Epic Link:
-
Support Ticket IDs:
When changing password through the new REST interface, the IdentityResource#checkValidPassword method tries to authenticate the user in the realm (using the default chain for the realm), but does not have access to the AuthN context. If the authentication needs anything else than the username/oldpassword (e.g. historical IP address in adaptive risk module), the authentication fails and the password can not be changed.
- is duplicated by
-
OPENAM-5557 XUI fails on password change with WDSSO enabled
-
- Resolved
-
- relates to
-
OPENAM-5562 Users can't change password via XUI/REST API after OPENAM-3877 when using embedded
-
- Resolved
-
-
OPENAM-6867 changePassword REST endpoint is not returning LDAP issues that are related to a user mistake.
-
- Resolved
-
-
OPENAM-5159 Request to improve REST forgotPasswordReset page flow
-
- Resolved
-