Details
-
Bug
-
Resolution: Fixed
-
High
-
4.2
-
4.02
-
Description
Steps to reproduce the behaviour:
- Enable External password or User management
- Navigate to 'Can't access your account?' page http://<host_name>/secure/ForgotLoginDetails.jspa
The following message is displayed:
which implies that user will be able to reset their password. - Provide required details and JIRA will confirm that password got reset
- The confirmation email sent to the user's mailbox will re-ensure them about the reset.
This application behaviour is confusing for users who are not aware of the back-end system configuration and will expect the password to get reset.
Attachments
Issue Links
- relates to
-
JRASERVER-22336 Password still can be changed although the 'External password management' is ON
- Closed