yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #60710
[Bug 1641645] Re: PCI: A user who's password has expired must ask an admin to reset their password.
Reviewed: https://review.openstack.org/404022
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=3ae73b67522bf388a0fdcecceb662831d853a313
Submitter: Jenkins
Branch: master
commit 3ae73b67522bf388a0fdcecceb662831d853a313
Author: Gage Hugo <gagehugo@xxxxxxxxx>
Date: Mon Nov 28 23:01:51 2016 -0600
Allow user to change own expired password
Currently, if a users password expires, they must contact an
administrator in order to have their password reset for them.
This change allows a user to perform the change_password call
without a token, which will allow a user with an expired password
to change it if they are using PCI-DSS related features. This
removes the issue of needing an administrator to reset any
user's password that has expired.
Also updated the api-ref with the related changes.
Change-Id: I4d3421c56642cfdbb25cb33b3aaaacbac4c64dd1
Closes-Bug: #1641645
** Changed in: keystone
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1641645
Title:
PCI: A user who's password has expired must ask an admin to reset
their password.
Status in OpenStack Identity (keystone):
Fix Released
Bug description:
As noted in the bug title, this is a cumbersome process, a user should
be able to reset their password if it expired.
(and potentially if locked out -- that's up for debate) (Discussed at
11/22/16 meeting, locked out from too many attempts should have to ask
an admin)
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1641645/+subscriptions
References