OpenStack Identity (keystone)

Admin password reset should be exempt from password history validation

Bug #1630092 reported by Ron De Rose
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Medium
Ron De Rose
OpenStack Identity (keystone) ocata-1 "o1"
Newton
Fix Released
Medium
Unassigned

Bug Description

In Newton, we added password history validation for all password changes. However, for administrative password resets, we shouldn't validate against the end-user's password history.

Ron De Rose (ronald-de-rose)
Changed in keystone:
assignee: nobody → Ron De Rose (ronald-de-rose)
OpenStack Infra (hudson-openstack)
Changed in keystone:
status: New → In Progress
Lance Bragstad (lbragstad)
Changed in keystone:
importance: Undecided → Medium
milestone: none → ocata-1
tags: added: pci
Revision history for this message
Lance Bragstad (lbragstad) wrote :

For some reason the bot didn't pick this up - here is the patch:

https://review.openstack.org/#/c/379030/

Lance Bragstad (lbragstad)
tags: added: newton-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/379030
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=432fa4acd6d6297fdfd32de86a043488b87c7c43
Submitter: Jenkins
Branch: master

commit 432fa4acd6d6297fdfd32de86a043488b87c7c43
Author: Ronald De Rose <email address hidden>
Date: Wed Sep 28 23:06:02 2016 +0000

    Remove password history validation from admin password resets

    This patch removes password history validation from the update_user
    (admin password reset) backend method.

    backport: newton
    Closes-Bug: #1630092
    Change-Id: Ic567841703c1da495131cbb052636bbe90d54819

Changed in keystone:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (stable/newton)

Fix proposed to branch: stable/newton
Review: https://review.openstack.org/383846

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/newton)

Reviewed: https://review.openstack.org/383846
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=18d6eb76ce7bf46e9ced352b7af366112df62b11
Submitter: Jenkins
Branch: stable/newton

commit 18d6eb76ce7bf46e9ced352b7af366112df62b11
Author: Ronald De Rose <email address hidden>
Date: Wed Sep 28 23:06:02 2016 +0000

    Remove password history validation from admin password resets

    This patch removes password history validation from the update_user
    (admin password reset) backend method.

    backport: newton
    Closes-Bug: #1630092
    Change-Id: Ic567841703c1da495131cbb052636bbe90d54819
    (cherry-picked from 432fa4acd6d6297fdfd32de86a043488b87c7c43)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystone 11.0.0.0b1

This issue was fixed in the openstack/keystone 11.0.0.0b1 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystone 10.0.1

This issue was fixed in the openstack/keystone 10.0.1 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.