[jboss-user] [JBoss Portal] - Re: New user forced to change password

PeterJ do-not-reply at jboss.com
Thu May 29 10:39:12 EDT 2008

Are you using the database-based security mechanism built into Portal? If so, then before the user can login, the user must register and provide a password as part of that registration. Would that not qualify as "changing the password on first login" as required by ISO 9001?

I know that the inspectors can be a little anal, but it is worth asking. Usually the "change password" requirement assumes that someone else, such as the Portal or a Portal admin, created the login id along with a temporary password.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4154329#4154329

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4154329

More information about the jboss-user mailing list