yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1630092] Re: Admin password reset should be exempt from password history validation

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1630092@xxxxxxxxxxxxxxxxxx>
Date: Thu, 06 Oct 2016 20:41:50 -0000
Reply-to: Bug 1630092 <1630092@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/379030
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=432fa4acd6d6297fdfd32de86a043488b87c7c43
Submitter: Jenkins
Branch:    master

commit 432fa4acd6d6297fdfd32de86a043488b87c7c43
Author: Ronald De Rose <ronald.de.rose@xxxxxxxxx>
Date:   Wed Sep 28 23:06:02 2016 +0000

    Remove password history validation from admin password resets
    
    This patch removes password history validation from the update_user
    (admin password reset) backend method.
    
    backport: newton
    Closes-Bug: #1630092
    Change-Id: Ic567841703c1da495131cbb052636bbe90d54819


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1630092

Title:
  Admin password reset should be exempt from password history validation

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  In Newton, we added password history validation for all password
  changes. However, for administrative password resets, we shouldn't
  validate against the end-user's password history.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1630092/+subscriptions

References

[Bug 1630092] [NEW] Admin password reset should be exempt from password history validation
From: Ron De Rose, 2016-10-04