[jira] [Commented] (OFBIZ-5618) Update Password

Jacques Le Roux (Jira) Fri, 05 May 2023 02:06:31 -0700


    [ 
https://issues.apache.org/jira/browse/OFBIZ-5618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17719758#comment-17719758
 ]


Jacques Le Roux commented on OFBIZ-5618:
----------------------------------------

Hi Michael,

I see this possiblity only at lines 831 to 833. It depends on 
password.lowercase security property. That's what you talk about?

> Update Password
> ---------------
>
>                 Key: OFBIZ-5618
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-5618
>             Project: OFBiz
>          Issue Type: Bug
>          Components: framework
>    Affects Versions: Trunk
>            Reporter: Yachna chadha
>            Assignee: Chenghu Shan
>            Priority: Major
>         Attachments: LoginServices.java
>
>
> In LoginServices.updatePassword there is a check to see if the Logged in User 
> is equal to the user login the password is being changed for.  This check IS 
> case sensitive.  Since the logged in User has already passed validations in 
> signing in this check should NOT be case sensitive.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (OFBIZ-5618) Update Password

Reply via email to