Project

General

Profile

Actions
Copy link

Defect #540

closed

Password policy - changing password on RO system

Added by Marcel Poul almost 7 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
Urgent
Assignee:
Vít Švanda
Category:
Password
Target version:
Citrine (7.3.0)
Start date:
06/26/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Owner:

Description

I have a readonly system - HR system and when I change the password for the user, I can select also RO system (it is in fact selected by default). Then I see green info message that the password was changed on both CzechIdM and HR systems, which is not true

Actions
Copy link
 #2

Updated by Marcel Poul almost 7 years ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Ondřej Kopr almost 7 years ago

  • Status changed from New to In Progress
Actions
Copy link
 #4

Updated by Ondřej Kopr almost 7 years ago

  • Category changed from Password to 20
Actions
Copy link
 #5

Updated by Ondřej Kopr almost 7 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Ondřej Kopr to Marcel Poul
  • % Done changed from 0 to 90

I tested this scenario. The password does not change for the readOnly system. On the system you tried, is set mapping only for sync, not for provisioning.

Actions
Copy link
 #6

Updated by Ondřej Kopr almost 7 years ago

  • Status changed from Needs feedback to In Progress
  • Assignee changed from Marcel Poul to Ondřej Kopr
  • % Done changed from 90 to 0

After consultation will be removed readOnly, inactive and sytem without mapping for provisioning from change password form.

Actions
Copy link
 #7

Updated by Radek Tomiška almost 7 years ago

  • Category changed from 20 to Password
Actions
Copy link
 #8

Updated by Marcel Poul almost 7 years ago

  • Priority changed from Normal to Urgent
  • Target version set to Citrine (7.3.0)
Actions
Copy link
 #11

Updated by Vít Švanda almost 7 years ago

  • Assignee changed from Ondřej Kopr to Vít Švanda
Conclusion:
  • For reset will be acquired only Systems with provisioning mapping and password attribute (PASSWORD) and user have accounts for this systems.
  • Inactive and disabled system will be acquired.
Actions
Copy link
 #12

Updated by Vít Švanda almost 7 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 90
  • Now is offered user's accounts with Provisioning mapping and with attribute mapped on Schema attribute with name "__PASSWORD__".
  • Teoritically can be passoword mapped attribute overloaded in some role and can be here Enabled/disabled. For this reason I offering account with disabled password mapped attribute.
  • Validation message (password attribute missing..) was improved (name of system is now present) and message is now (System [{{system}}] not support change password ... ).
  • Problem with unsufficient right on search account was fixed (autocomplete is now used).
  • Problem with send all accounts IDs vs set property isAll fixed (different behavior on user profil detail and public password change).
  • Success message showing after success password change now show realy changed accounts (now is send from backend). This is not implemented on public password change. Works only for success event not for error situations.
  • Test for check unsupporeted accounts/systems for change password created.
Actions
Copy link
 #13

Updated by Vít Švanda almost 7 years ago

  • Status changed from Resolved to Closed
  • % Done changed from 90 to 100

Tested by Radek. All is in develop.

Actions
Copy link

Also available in: Atom PDF