[OPENAM-12943] Regression: AM no longer displays an error when the old and the new password is the same Created: 18/Apr/18  Updated: 14/Feb/19  Resolved: 20/Apr/18

Status: Resolved
Project: OpenAM
Component/s: idrepo
Affects Version/s: 6.0.0
Fix Version/s: 6.0.0

Type: Bug Priority: Major
Reporter: Peter Major [X] (Inactive) Assignee: Dipu Seminlal
Resolution: Fixed Votes: 0
Labels: AME, Must-Fix, regression
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Regression
is caused by OPENDJ-4674 Rest2ldap update request which includ... Done
is caused by OPENDJ-6019 Backport OPENDJ-4674: Rest2ldap updat... QA Backlog
Relates
relates to OPENAM-7615 "500 - Internal Server Error" when tr... Closed
Target Version/s:
Needs QA verification:
Yes
Functional tests:
Yes
Are the reproduction steps defined?:
Yes and I used the same an in the description

 Description   

Bug description

It is currently possible to update the password on the profile screen to the current password.

How to reproduce the issue

  • Log in as demo
  • Try to change password by providing the current password for the new password.
Expected behaviour

The user receives an error about trying to use the old password as the new password.

Current behaviour

The update succeeds

Work around

Configure password policies in the user data store.

Code analysis

This was caused by OPENDJ-4674 which corrected a bug in the backend. If the previous behavior needs to be retained, we should probably implement it at the REST API/idrepo layer.

NB: the regression is now in AM, OPENDJ-4674 just corrected a bug in DJ on which AM depended previously.



 Comments   
Comment by Peter Major [X] (Inactive) [ 26/Jun/18 ]

The functional tests needs to be updated to no longer to refer to this issue as a known failure.

Generated at Tue Nov 24 06:06:26 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.