yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1391116] Re: keystone user-password-update also accept blank password.

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Lin Hua Cheng <1391116@xxxxxxxxxxxxxxxxxx>
Date: Tue, 14 Apr 2015 19:20:50 -0000
Reply-to: Bug 1391116 <1391116@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Marking as invalid for keystone, here's the related response from
samuel: "As discussed with Brant Knudson on IRC channel, Keystone
already has support for password validation by using LDAP as a backend
and configuring the LDAP server to validate passwords."

** Changed in: keystone
       Status: In Progress => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1391116

Title:
  keystone user-password-update also accept blank password.

Status in OpenStack Identity (Keystone):
  Invalid
Status in Python client library for Keystone:
  In Progress

Bug description:
  If we enter blank password for a user than it accepts it and then user
  can not log in using either older password or blank password. I
  reproduce it following way.

  1)   I entered "keystone user-password-update username" this command.
  It prompt for new password then i hit enter without giving any
  password. And during confirmation also i hit enter. Command run
  successfully without any error.

  2) I tried to log in using blank password, i was not able to log in.

  3) I tried with older password also, it did not work either.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1391116/+subscriptions