Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-1094

Add-user script should reject weak passwords

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • 7.0.0.DR9
    • Scripts, Security
    • None

    Description

      Description of problem:
      Add-user script should reject weak passwords. Users should use stronger passwords to improve security. Restriction of password should be same as in EAP 6.4.x.

      • Restriction policy is defined in jboss-eap-7.0/bin/add-user.properties
        • password.restriction=WARN should be replaced by password.restriction=REJECT

      How reproducible:
      Always

      Steps to Reproduce:

      1. ./add-user.sh -u ccc -p ddd -s

      Actual results:
      No error.

      Expected results:

      WFLYDM0053: Password must have at least 8 characters!

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-986 Add-user script should reject weak passwords

          • Critical - To be worked on immediately following BLOCKER issues.
          • Resolved
          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-2859 Document that EAP installer no longer reject weak passwords

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-4372 Migration Guide: changed default behavior of the add-user utility around weak passwords

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              mkopecky@redhat.com Marek Kopecky
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: