Project

General

Profile

Actions

Task #269

closed

History password entity

Added by Ondřej Kopr almost 8 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ondřej Kopr
Category:
Password
Target version:
Start date:
01/10/2017
Due date:
% Done:

100%

Estimated time:
Owner:

Description

  • Create PasswordHistory table for audit change passwords,
  • save password in hash,
  • save password for idm and accounts.

Related issues

Related to IdStory Identity Manager - Task #263: Passwords policyClosedOndřej Kopr01/09/2017

Actions
Actions #1

Updated by Ondřej Kopr almost 8 years ago

  • Related to Task #263: Passwords policy added
Actions #2

Updated by Ondřej Kopr almost 8 years ago

  • Priority changed from Normal to Low
  • Target version changed from Citrine (7.3.0) to Diamond (7.4.0)
Actions #3

Updated by Vít Švanda about 7 years ago

  • Target version deleted (Diamond (7.4.0))
Actions #4

Updated by Ondřej Kopr about 7 years ago

  • Status changed from New to Closed

I close this task, entity IdmPassword is audited and also implement AuditSearchable for IdmIdentity.

Actions #5

Updated by Ondřej Kopr over 6 years ago

  • Status changed from Closed to In Progress
  • Assignee set to Ondřej Kopr
  • Priority changed from Low to Normal
  • Target version set to Jade (8.1.0)

This feature will be implement as password history.

Actions #6

Updated by Ondřej Kopr over 6 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Ondřej Kopr to Vít Švanda
  • % Done changed from 0 to 90

While I test the new feature I found strange behavior:

When I created new identity (IdmPassword doesn't exist) and password is filled is new password save twice during persist (IdentitySaveProcessor, IdentityPasswordProcessor) this isn't problem for now, but in password history table exists two records after I created new identity (we probably must change password change behavior during create identity).

Please Vitek could you make a review? Thank you :-)

Commit: https://github.com/bcvsolutions/CzechIdMng/commit/da91425db0ec68c9ed4f2dc017d4c79735f9eda1 (branch develop)

documentation: https://wiki.czechidm.com/devel/documentation/security/dev/password-policies#standard_policy_for_validation

Actions #7

Updated by Ondřej Kopr over 6 years ago

  • Description updated (diff)
Actions #8

Updated by Vít Švanda over 6 years ago

  • Status changed from Needs feedback to In Progress
  • Assignee changed from Vít Švanda to Ondřej Kopr
I did review and works awesome.
  • I canceled exception excluding the administrators from the basic condiction. After it, is problem with creation of more records for password history is much more bigger. New user cannot be created now.
  • Problem with multicall prevalidation is in the password reset component (is creating for ever render).
Actions #9

Updated by Ondřej Kopr over 6 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Ondřej Kopr to Vít Švanda

Description of double save password history: when I create identity with password (password is contained in identity DTO) is password persist during create identity and create first record. After is create identity create is create default contract and evaluate state for identity. In this step is password still in DTO and persist for second.

I remove password from IdmIdentity (entity) (thanks guys for help). Behavior works correctly. I fix all test that except password in dto, also return password by testHelper.

I also add test for check password in dto.

commit: https://github.com/bcvsolutions/CzechIdMng/commit/385148d38719d9c76dc56b54341d8d64d12b61a0

Please Vitek check commit a create of identity, thank you.

Actions #10

Updated by Vít Švanda over 6 years ago

  • Status changed from Needs feedback to Closed
  • Assignee changed from Vít Švanda to Ondřej Kopr
  • % Done changed from 90 to 100

I did reveiw and test. Works fine. Thanks for that.

Actions

Also available in: Atom PDF