Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-1014

Reset Password functionality does not consider directory password configuration

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 2.1
    • 1.3.2
    • Core features
    • None

    • standalone, java version "1.5.0_11", windows xp professional

      The reset password functionality does not work when a directory password configuration has been set. For example, create a directory, set a password regex and try to reset a user's password in that directory. The password reset fails. This is described in more detail in this issue http://jira.atlassian.com/browse/CWD-362.

      I don't think this is a duplicate as the CWD-362 issue simply requests that the error reporting be fixed. In this issue I am requesting that the reset password functionality should respect the password configuration set for a directory. If not, it cannot be used when a password configuration is set.

            [CWD-1014] Reset Password functionality does not consider directory password configuration

            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 - restricted [ 1510110 ] New: JAC Bug Workflow v3 [ 3365505 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 [ 1392891 ] New: Simplified Crowd Development Workflow v2 - restricted [ 1510110 ]
            Owen made changes -
            Workflow Original: Crowd Development Workflow v2 [ 273604 ] New: Simplified Crowd Development Workflow v2 [ 1392891 ]
            joe made changes -
            Link New: This issue supersedes CWD-1028 [ CWD-1028 ]
            jawong.adm made changes -
            Workflow Original: JIRA Bug Workflow v2 [ 173458 ] New: Crowd Development Workflow v2 [ 273604 ]
            David O'Flynn [Atlassian] made changes -
            Fix Version/s New: 2.1 [ 14496 ]
            Resolution New: Fixed [ 1 ]
            Status Original: Open [ 1 ] New: Resolved [ 5 ]
            David O'Flynn [Atlassian] made changes -
            Link New: This issue is duplicated by CWD-1551 [ CWD-1551 ]
            David O'Flynn [Atlassian] made changes -
            Link New: This issue is incorporated by CWD-1875 [ CWD-1875 ]

            shihab added a comment -

            Implementation of a regex generator will likely be non-trivial and randomly generating a password till it matches the regexp is non-deterministic.

            An easier approach would be to allow users to specify a password generation pattern per directory as either:

            • letter (l): a-zA-Z
            • digit (d): 0-9
            • symbol (s): ~!@#$%^&*(),.

            So someone with the restriction of "at least six characters with at least one number and at least one symbol" could create a password generation pattern like "llldllls". This is a subset of all possible strings that match the restriction, but it much easier to specify and generate. The password validation pattern could still be the original regexp.

            shihab added a comment - Implementation of a regex generator will likely be non-trivial and randomly generating a password till it matches the regexp is non-deterministic. An easier approach would be to allow users to specify a password generation pattern per directory as either: letter (l): a-zA-Z digit (d): 0-9 symbol (s): ~!@#$%^&*(),. So someone with the restriction of "at least six characters with at least one number and at least one symbol" could create a password generation pattern like "llldllls". This is a subset of all possible strings that match the restriction, but it much easier to specify and generate. The password validation pattern could still be the original regexp.

            Will Phillipson added a comment -

            Hi,

            Not sure if this is the appropriate place to comment, but having the same issue but using an external Active Directory directory. AD has a requirement of "at least six characters with at least one number and at least one symbol". Trying to reset a password for an AD user usually fails with "LDAP: error code 53 - 0000052D: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0" due to Crowd generating an invalid pw for AD.

            It would be nice if we could define a Regex expression for generated passwords for each directory, whether an internal or external directory.

            We're running Crowd 2.0.1 (Build:#408 - 27-08-2009 10:10:32), using SSL to connect to AD on Windows 2008.

            Thanks.

            Will Phillipson added a comment - Hi, Not sure if this is the appropriate place to comment, but having the same issue but using an external Active Directory directory. AD has a requirement of "at least six characters with at least one number and at least one symbol". Trying to reset a password for an AD user usually fails with "LDAP: error code 53 - 0000052D: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0" due to Crowd generating an invalid pw for AD. It would be nice if we could define a Regex expression for generated passwords for each directory, whether an internal or external directory. We're running Crowd 2.0.1 (Build:#408 - 27-08-2009 10:10:32), using SSL to connect to AD on Windows 2008. Thanks.

              rbattaglin Renan Battaglin
              35675a1fff3b Manish Shah
              Affected customers:
              10 This affects my team
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: