Actions
Task #706
closed
Call the transform script to resource for PASSWORD attribute
Start date:
09/18/2017
Due date:
% Done:
0%
Estimated time:
Owner:
Description
Situation:
The system supports passwords in the form of MD5 hash. I need to transform the password to MD5 in IdM. So I set the mapping of attribute PASSWORD with the transform script to resource "toMd5". But the transform script is not called in the following scenarios:
The system supports passwords in the form of MD5 hash. I need to transform the password to MD5 in IdM. So I set the mapping of attribute PASSWORD with the transform script to resource "toMd5". But the transform script is not called in the following scenarios:
- creating a new account without supplying the password (= > password will be generated by IdM automatically)
- password change or password reset
The only way how to enforce calling the transform script is to map the attribute to some IdM attribute or EAV attribute. Then it's called (even if the EAV attribute doesn't have any value...). But this works only for password change.
The desired behaviour is to call transform script for all actions where the password is sent to the system.
Affected version 7.3.4.
Related issues
Updated by Marcel Poul over 6 years ago
We once again came across this request on our project. In general, we need to have an easy way of password tranformation - all usecases: reset, new, generate. Typical usecase
- password hashed in LDAP/AD
Updated by Radek Tomiška about 6 years ago
- Has duplicate Task #1285: Available transformation for password added
Updated by Ondřej Kopr about 6 years ago
- Status changed from New to Closed
- Target version set to Onyx (9.3.0)
ticket will be solved in #1285
Actions