Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-2066

Backport OPENDJ-1917: User can search using resetted password when force-change-on-reset is enabled.

    Details

    • Type: Bug
    • Status: Done
    • Priority: Minor
    • Resolution: Not a defect
    • Affects Version/s: 2.6.2
    • Fix Version/s: 2.6.3
    • Component/s: access control
    • Environment:
      Linux 64-bit
      OpenDJ 3.0.0
      Build ID: 20150401011000
      Major Version: 3
      Minor Version: 0
      Point Version: 0
      Version Qualifier: SNAPSHOT
      Revision Number: 12013

      Description

      1. Problem:
        1. User can search without previous set of his password while the force-change-on-reset is enabled.
      2. Prerequisite:
        1. OpenDJ 3.0.0 deployed.
        2. Property force-change-on-reset enabled
        3. Reset user's password with admin account.
      3. Steps to reproduce:
        1. Provide basic ldapsearch with password used with ldappassword command from prerequisite.

      I have attached script to quickly reproduce the problem.

      1. Download
      2. Put into "XY" directory
      3. Copy OpenDJ-3.0.0.zip to "XY" directory
      4. From "XY" directory run ./reproduce.sh

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cjr Chris Ridd
                Reporter:
                cjr Chris Ridd
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: