Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-6618

OpenAM "Forgot Password" makes the user change their password twice, if the OpenDJ Password Policy includes "force-change-on-reset"

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 12.0.1
    • Fix Version/s: None
    • Component/s: authentication
    • Labels:
      None
    • Support Ticket IDs:

      Description

      OpenAM's "Forgot Password" functionality allows the user to set a new password without authenticating - the password change counts as an "administrative" password change. When the user logs in with their new password (which they just set), they are made to change their password again.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                peter.major Peter Major
                Reporter:
                jmichell@thig.com Jeff Michell [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: