Details
-
Feature
-
Status: Deferred (View Workflow)
-
Minor
-
Resolution: Unresolved
-
2.2.2
-
None
-
None
Description
Current Situation
- Users can change their password just from the Profile page. Administrators can change the password for user accounts from the Manage Identity Services page: in tis situation
- the GUI forces the user to change the password if the password was assigned by an administrator.
- the REST API enforce password change only if requested by the flag forcePasswordChange=true in the REST API call.
- The API call
- joc/api/authentication/auth/store
- can change the password for an account. The password change flag is set only if the post body contains forcePasswordChange=true
- Example
{identityServiceName: "JOC-INITIAL",…} accounts: [{account: "root", password: "root", disabled: false, forcePasswordChange: true, roles: ["all"]}] 0: {account: "test", password: "12345", disabled: false, forcePasswordChange: true, roles: ["all"]} account: "test" disabled: false forcePasswordChange: true password: "12345" roles: ["all"] identityServiceName: "JOC-INITIAL"
Desired Behavior
- The REST API call
- joc/api/authentication/auth/store
- should no longer check the value of the forcePasswordChange flag but should always set the flag to true if the password is changed by an administrator for an account.