Emmanuel Lecharny created DIRSERVER-2085:
--------------------------------------------
Summary: The PasswordPolicyConfiguration holds the password
attribute as a String
Key: DIRSERVER-2085
URL: https://issues.apache.org/jira/browse/DIRSERVER-2085
Project: Directory ApacheDS
Issue Type: Bug
Components: core
Affects Versions: 2.0.0-M20
Reporter: Emmanuel Lecharny
Fix For: 2.0.0-M21
When we are dealing with a password modification, we call the
{{getPwdModDetails}} methods, which try to find if a Modification is impacting
the password attribute. This attribute is configured in the
{{PasswordPolicyConfiguration}} class (which is either read from the config, or
default to {{userPassword}}).
So far, so good, except that the password attribute is stored as a String in
the {{PasswordPolicyConfiguration}} instance, which leads to code like :
{code}
if ( at.getUpId().equalsIgnoreCase( policyConfig.getPwdAttribute()
) )
{code}
This is *broken*. If the Mods contain the OID of the password attribute instead
of its name, it's not going to work. If the configured password attribute has
many names, it won't work either.
We *must* store the {{AttributeType}} and not the String of the password
attribute, and compare it with the {{AttributeType}} we have in the
Modification.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
