[jboss-jira] [JBoss JIRA] Updated: (JBAS-2845) Look at supporting web session password update for password change
Dimitris Andreadis (JIRA)
jira-events at lists.jboss.org
Tue Feb 20 13:13:00 EST 2007
[ http://jira.jboss.com/jira/browse/JBAS-2845?page=all ]
Dimitris Andreadis updated JBAS-2845:
-------------------------------------
Fix Version/s: JBossAS-4.2.1.CR1
(was: JBossAS-4.2.0.CR1)
Moving issue to a next release
> Look at supporting web session password update for password change
> ------------------------------------------------------------------
>
> Key: JBAS-2845
> URL: http://jira.jboss.com/jira/browse/JBAS-2845
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Web (Tomcat) service, Security
> Reporter: Scott M Stark
> Assigned To: Anil Saldhana
> Fix For: JBossAS-4.2.1.CR1
>
>
> A common problem for form authentication is wanting to have a password change feature that does not require a logout/login cycle to update the session id/password association. We need to look into whether there is a secure way to support updating the session password to avoid this.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list