Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-1917

User can search using resetted password when force-change-on-reset is enabled.

    XMLWordPrintable

Details

    • Bug
    • Status: Done
    • Major
    • Resolution: Fixed
    • 3.0.0
    • 2.8.0, 3.0.0
    • access control
    • Linux 64-bit
      OpenDJ 3.0.0
      Build ID: 20150401011000
      Major Version: 3
      Minor Version: 0
      Point Version: 0
      Version Qualifier: SNAPSHOT
      Revision Number: 12013

    Description

      1. Problem:
        1. User can search without previous set of his password while the force-change-on-reset is enabled.
      2. Prerequisite:
        1. OpenDJ 3.0.0 deployed.
        2. Property force-change-on-reset enabled
        3. Reset user's password with admin account.
      3. Steps to reproduce:
        1. Provide basic ldapsearch with password used with ldappassword command from prerequisite.

      I have attached script to quickly reproduce the problem.

      1. Download
      2. Put into "XY" directory
      3. Copy OpenDJ-3.0.0.zip to "XY" directory
      4. From "XY" directory run ./reproduce.sh

      Attachments

        1. pwp_startup.ldif
          131 kB
        2. reproduce.sh
          2 kB
        3. test.ldif
          0.4 kB

        Issue Links

          Activity

            People

              ylecaillez Yannick Lecaillez
              ondrej.fuchsik Ondrej Fuchsik
              Ondrej Fuchsik Ondrej Fuchsik
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: