yahoo-eng-team team mailing list archive

[OpenStack Infra <1641645@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/404022
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=3ae73b67522bf388a0fdcecceb662831d853a313
Submitter: Jenkins
Branch:    master

commit 3ae73b67522bf388a0fdcecceb662831d853a313
Author: Gage Hugo <gagehugo@xxxxxxxxx>
Date:   Mon Nov 28 23:01:51 2016 -0600

    Allow user to change own expired password
    
    Currently, if a users password expires, they must contact an
    administrator in order to have their password reset for them.
    
    This change allows a user to perform the change_password call
    without a token, which will allow a user with an expired password
    to change it if they are using PCI-DSS related features. This
    removes the issue of needing an administrator to reset any
    user's password that has expired.
    
    Also updated the api-ref with the related changes.
    
    Change-Id: I4d3421c56642cfdbb25cb33b3aaaacbac4c64dd1
    Closes-Bug: #1641645


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1641645

Title:
  PCI: A user who's password has expired must ask an admin to reset
  their password.

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  As noted in the bug title, this is a cumbersome process, a user should
  be able to reset their password if it expired.

  (and potentially if locked out -- that's up for debate) (Discussed at
  11/22/16 meeting, locked out from too many attempts should have to ask
  an admin)

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1641645/+subscriptions