Project

General

Profile

Actions
Copy link

Task #2858

closed

Check Minimum number of days when changing password via password filter using superAdmin

Added by Vladimír Kotýnek almost 3 years ago. Updated almost 3 years ago.

Status:
Rejected
Priority:
Low
Assignee:
Vladimír Kotýnek
Category:
Password policy
Target version:
-
Start date:
06/16/2021
Due date:
% Done:

0%

Estimated time:
Owner:

Description

In some development situations when using super admin as password filter user #2679 's requirement 3 is not fulfilled:

"if the password change comes from the password filter it always equals to the #1 case - the condition is mandatory"

I have Minimum number of days set to 1 in my password policy. The IdmPassword doesn't have set "Password change is required" attribute.
I can change password via ctrl+alt+delete anytimes I want. IdM let's me. The only place where this seems to be checked is when I am chagnign my own password from IdM GUI.

Tested also by @apeterova

Files

image_permissions.png (84.1 KB) image_permissions.png Alena Peterová, 06/16/2021 01:12 PM

Related issues

Related to IdStory Identity Manager - Task #2679: Change minimum number of days for password validity checkClosedRadek Tomiška02/10/2021

Actions
Actions
Copy link
 #1

Updated by Vladimír Kotýnek almost 3 years ago

  • Related to Task #2679: Change minimum number of days for password validity check added
Actions
Copy link
 #2

Updated by Vladimír Kotýnek almost 3 years ago

  • Priority changed from Immediate to Low

After consultation - this is an issue only for development when I don't want to create separate users for testing and use someone with Application Administration rights.

Actions
Copy link
 #3

Updated by Vladimír Kotýnek almost 3 years ago

  • Tracker changed from Defect to Task
  • Subject changed from Minimum number of days not checked when changing password via password filter to Check Minimum number of days when changing password via password filter using superAdmin
  • Description updated (diff)
  • Affected versions deleted (11.0.0)
Actions
Copy link
 #4

Updated by Alena Peterová almost 3 years ago

  • File image_permissions.png added
Actions
Copy link
 #5

Updated by Alena Peterová almost 3 years ago

Actions
Copy link
 #6

Updated by Alena Peterová almost 3 years ago

  • File deleted (image_permissions.png)
Actions
Copy link
 #7

Updated by Alena Peterová almost 3 years ago

For the record: password filter should be configured to run under a user who has following permissions, then the check of minimum number of days works fine:

Password filter - password change
Password filter - password validation

Actions
Copy link
 #8

Updated by Vladimír Kotýnek almost 3 years ago

  • Status changed from New to Rejected

I added a warning to https://wiki.czechidm.com/devel/documentation/uniform_password/password_filter_dll#password_filter_deployment tutorial for my future self or someone else who will test password filter.

After consultation with @husniko I am closing the ticket.

Actions
Copy link
 #9

Updated by Radek Tomiška almost 3 years ago

  • Assignee changed from Ondrej Husník to Vladimír Kotýnek
Actions
Copy link

Also available in: Atom PDF