Hal Deadman created DIRSERVER-2202:
--------------------------------------
Summary: pwdHistory not getting maintained when doing modify
password with ldaptive client
Key: DIRSERVER-2202
URL: https://issues.apache.org/jira/browse/DIRSERVER-2202
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 2.0.0-M23
Environment: windows, ldaptive latest, java 8
Reporter: Hal Deadman
If I connect as a non admin user and modify my own password with directory
studio, a new pwdHistory is added.
If I modify the password programatically, using the old/new password
modifyPassword extended operation that should respect history, it is deleting
all my history (and leaving a single pwdHistory entry). The code looks like
this:
// connecting as user that is trying to change their password
org.ldaptive.Credential cred = new
org.ldaptive.Credential(oldPassword);
org.ldaptive.BindConnectionInitializer bindConnectionInit = new
org.ldaptive.BindConnectionInitializer(userDn,cred);
org.ldaptive.ConnectionConfig connectionConfig = new
org.ldaptive.ConnectionConfig(ldapUrl);
connectionConfig.setUseStartTLS(false);
connectionConfig.setConnectionInitializer(bindConnectionInit);
DefaultConnectionFactory userLdapConnectionFactory = new
DefaultConnectionFactory(connectionConfig);
try (Connection conn =
userLdapConnectionFactory.getConnection()) {
conn.open();
PasswordModifyOperation modify = new
PasswordModifyOperation(conn);
Response<Credential> response = modify.execute(new
PasswordModifyRequest(userDn, new Credential(oldPassword), new
Credential(plaintextPassword)));
}
Isn't the pwdHistory being maintained by the server? Why does a different
client determine whether pwdHistory entries are added or not? (In this case
they are not only not added but multiple entries are replaced by a single one).
Ldaptive doesn't implement ldap protocol, in this case it is using JNDI as the
provider of ldap protocol.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
