[jboss-jira] [JBoss JIRA] Updated: (JBAS-2845) Look at supporting web session password update for password change
Dimitris Andreadis (JIRA)
jira-events at jboss.com
Mon Sep 11 04:42:44 EDT 2006
[ http://jira.jboss.com/jira/browse/JBAS-2845?page=all ]
Dimitris Andreadis updated JBAS-2845:
-------------------------------------
Fix Version/s: JBossAS-4.0.6.CR1
(was: JBossAS-4.0.5.GA)
Assignee: Anil Saldhana
Anil could provide input, for the next CR release.
> Look at supporting web session password update for password change
> ------------------------------------------------------------------
>
> Key: JBAS-2845
> URL: http://jira.jboss.com/jira/browse/JBAS-2845
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Security, Web (Tomcat) service
> Reporter: Scott M Stark
> Assigned To: Anil Saldhana
> Fix For: JBossAS-4.0.6.CR1
>
>
> A common problem for form authentication is wanting to have a password change feature that does not require a logout/login cycle to update the session id/password association. We need to look into whether there is a secure way to support updating the session password to avoid this.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list