-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 12.0.2, 12.0.3
-
Component/s: rest
-
Labels:
-
Environment:Active Directory user store
-
Rank:1|hzrtzb:
-
Sprint:AM Sustaining Sprint 63, AM Sustaining Sprint 64
-
Epic Link:
-
Support Ticket IDs:
After applying a patch for OPENAM-6867, some issues persist when the backend user store is Active Directory.
POST to http://openam.example.com:18080/openam/json/users/demo?_action=changePassword results in the following:
1. If the new password provided is short (less than 8 characters) :
{
"code": 500,
"reason": "Internal Server Error",
"message": "Internal Server Error"
}
2. If the new password violates any other password policy constraints other than password length, e.g. password in history:
{
"code": 400,
"reason": "Bad Request",
"message": "0000052D: AtrErr: DSID-03190F80, #1:"
}
The 500 error in the first instance is what OPENAM-6867 was meant to correct. It appears that AD may behave differently than DJ in this case and should be accounted for.
In the second case, the result is expected, but the message is opaque. A more user friendly message is desired.
The expectation is that the error messages returned will be fairly consistent for any LDAPv3 repository.
- duplicates
-
-
- Resolved
-
- is related to
-
OPENAM-9009 When using REST endpoint "json/users/?_action=create" with password policy violation, AM returns HTTP 400 "bad request", reason "Bad Request" , Message "Bad Request" rather than a more meaningful error message
-
- Resolved
-