Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-4379

Error code(500) is returning when updating a password that exists in the password history(policy configured)

    Details

    • Type: Improvement
    • Status: Done
    • Priority: Minor
    • Resolution: Not a defect
    • Affects Version/s: 3.5.2
    • Fix Version/s: Not applicable
    • Component/s: None
    • Labels:
      None
    • Environment:
      OpenAM 13.5.0
      OpenDJ 3.5.2 (User Store)

      Description

      1. Configuring OpenDJ(3.5.2) as external user directory and editing the Default password policy:

      23)  password-history-count                    10
      24)  password-history-duration                 0s

        
      2. Authenticate as amadmin in OpenAM(13.5)
      3. create the user "testy" with password = password99
      then update the password to password88(successfully) and then again to password99(failed) via Postman:

      PUT: http://openam.example.com:8080/openam/json/users/testy

      Headers:

      Key

      Value

      iplanetDirectoryPro AQIC5.....c5AAJTMQAA*
      Content-Type application/json

      Body:

      JSON(application/json)

      {
        "userpassword": "password99"
       }

      Response:

      {
          "code": 500,
          "reason": "Internal Server Error",
          "message": "The provided new password was found in the password history for the user"
      }

      not clear where the error code is coming from (code: performAdditionalPasswordChangedProcessing: 1425). Raised as OpenDJ as the exception(DirectoryException) is returned by the performAdditionalPasswordChangedProcessing class.

       

      Customer:

      The error code 500 may be interpreted as a server malfunction when it is not, and we think it should return another error code (maybe a 401 with the same descriptive message?

      Sounds valid, a different code would make more sense(e.g 400?)

       

      Note, this also happening on DS 5.0

        Attachments

          Activity

            People

            • Assignee:
              matthew Matthew Swift
              Reporter:
              anastasios.kampas Tasos Kampas
              Dev Assignee:
              Matthew Swift
            • Votes:
              3 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: