mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: f9751c83 | patch | commit | show whitespace
david_page
03.10.2007 e762d6b647d99816d60602a4c95170d59d126b8a 
Issue [1347] PwP: Administrative reset sets pwdReset:TRUE when ds-cfg-force-change-on-reset:FALSE if ds-cfg-force-change-on-add:TRUE

When ds-cfg-force-change-on-add:TRUE, but ds-cfg-force-change-on-reset:FALSE, any pwdReset:TRUE must be cleared on userPassword self-change (since it might be left by the entry add), but must not be set on administrative reset.
1 files modified
11 ■■■■■ changed files
opendj-sdk/opends/src/server/org/opends/server/core/ModifyOperation.java 11 ●●●●● patch | view | raw | blame | history 
 opendj-sdk/opends/src/server/org/opends/server/core/ModifyOperation.java


@@ -2344,8 +2344,8 @@




        // FIXME: earlier checks to see if the entry already exists may


        // have already exposed sensitive information to the client.


        if (AccessControlConfigManager.getInstance()


            .getAccessControlHandler().isAllowed(this) == false) {


        if (!AccessControlConfigManager.getInstance()


             .getAccessControlHandler().isAllowed(this)) {


          setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);




          int msgID = MSGID_MODIFY_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;


@@ -2370,8 +2370,11 @@


            pwPolicyState.clearGraceLoginTimes();


           pwPolicyState.clearWarnedTime();




            if (pwPolicyState.getPolicy().forceChangeOnAdd() ||


                    pwPolicyState.getPolicy().forceChangeOnReset())


          if (selfChange && pwPolicyState.getPolicy().forceChangeOnAdd())


          {


            pwPolicyState.setMustChangePassword(false);


          }


          else if( pwPolicyState.getPolicy().forceChangeOnReset())


            {


                pwPolicyState.setMustChangePassword(! selfChange);


            }