Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5158

PWResetQuestion is using hard coded attribute to expire password

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 11.0.2
    • Fix Version/s: None
    • Component/s: console
    • Labels:
    • Rank:
      1|hzoxd3:
    • Support Ticket IDs:

      Description

      Currently PWResetQuestion function doesn't work for user datastore other than SunDS because it's using "passwordExpirationTime", which is operational/virtual attribute in DSEE.

      Also, steps on how to use "Force Change Password on Next Login" is not clear/undocumented.

      How to recreate :
      1. login to admin console
      2. [Configuration] -> [ Global] -> "Password Reset" link
      3. check "Force Change Password on Next Login:"
      4. click [Save] button (you need to configure secret QA setting as well)
      5. create test user "testuser01" under [Subjects] tab
      6. edit "testuser01" and click "Password Reset Options: Edit" link
      7. check "Force Change Password on Next Login:"
      8. click [Save] button
      9. access /<openam_context>/UI/Login and login as "testuser01"
      10. provide question and answer
      11. click [Save]
      12. access /ui/PWResetQuestion
      13. provide "testuser01" and click [Next]
      14. provide answer to secret questions and click [OK]

      At this point, PWResetQuestionModelImpl is kicked. If "Force Change Password on Next Login" is enabled on user entry, then PWResetQuestionModelImpl will set "passwordExpirationTime: 19700101000000Z" to user's entry. This will make user's password expire and user will be forced to change password if OpenAM's user datastore is SunDS.

      Unfortunately, this doesn't work for other types of datastore.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                sachiko Sachiko Wallace
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: