Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-986

Add-user script should reject weak passwords

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Critical
    • 2.0.0.CR2
    • 2.0.0.Beta4
    • Security
    • None

    Description

      Description of problem:
      Add-user script should reject weak passwords. Users should use stronger passwords to improve security. Restriction of password should be same as in EAP 6.4.x.

      • Restriction policy is defined in jboss-eap-7.0/bin/add-user.properties
        • password.restriction=WARN should be replaced by password.restriction=REJECT

      How reproducible:
      Always

      Steps to Reproduce:

      1. ./add-user.sh -u ccc -p ddd -s

      Actual results:
      No error.

      Expected results:

      WFLYDM0053: Password must have at least 8 characters!

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-1094 Add-user script should reject weak passwords

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              mkopecky@redhat.com Marek Kopecky
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: