[
https://issues.jboss.org/browse/AS7-5634?page=com.atlassian.jira.plugin.s...
]
Maas van den Berg commented on AS7-5634:
----------------------------------------
Looks like a duplicate of AS7-5116
Password is checked for both types of users, but due to AS7-5116 the password check is
skipped when the username is weak itself.
add-user scripts not checking password strength for management users
--------------------------------------------------------------------
Key: AS7-5634
URL:
https://issues.jboss.org/browse/AS7-5634
Project: Application Server 7
Issue Type: Bug
Components: Security
Affects Versions: 7.2.0.CR1
Reporter: Cheng Fang
Assignee: Darran Lofthouse
So there is passwd check for app users, like at least x characters long, with mixed
letters, numbers, etc.
Is the same strength check applied to management user? I would assume management user
passwords have more stringent requirement, at least should be the same as app user. But I
can create a management user using password that consists of all letters (more than 8
letters).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira