[jboss-jira] [JBoss JIRA] (WFCORE-986) Add-user script should reject weak passwords
Darran Lofthouse (JIRA)
issues at jboss.org
Mon Sep 21 13:25:00 EDT 2015
[ https://issues.jboss.org/browse/WFCORE-986?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse resolved WFCORE-986.
-------------------------------------
Fix Version/s: 2.0.0.CR2
Resolution: Rejected
Current behaviour is as requested by [~jason.greene]
> Add-user script should reject weak passwords
> --------------------------------------------
>
> Key: WFCORE-986
> URL: https://issues.jboss.org/browse/WFCORE-986
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Affects Versions: 2.0.0.Beta4
> Reporter: Marek Kopecký
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 2.0.0.CR2
>
>
> *Description of problem:*
> Add-user script should reject weak passwords. Users should use stronger passwords to improve security. Restriction of password should be same as in EAP 6.4.x.
> * Restriction policy is defined in jboss-eap-7.0/bin/add-user.properties
> ** {{password.restriction=WARN}} should be replaced by {{password.restriction=REJECT}}
> *How reproducible:*
> Always
> *Steps to Reproduce:*
> # ./add-user.sh -u ccc -p ddd -s
> *Actual results:*
> No error.
> *Expected results:*
> {noformat}WFLYDM0053: Password must have at least 8 characters!{noformat}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list