Jacques Le Roux created OFBIZ-11188:
---------------------------------------
Summary: Forgot Password feature in ecommerce needs an access to
partymngr
Key: OFBIZ-11188
URL: https://issues.apache.org/jira/browse/OFBIZ-11188
Project: OFBiz
Issue Type: Improvement
Components: framework
Affects Versions: Release Branch 16.11, Release Branch 15.12, Trunk,
Release Branch 14.12, Release Branch 13.07, Release Branch 17.12, Release
Branch 18.12
Reporter: Jacques Le Roux
As Pierre Smits initially reported in OFBIZ-4361
bq. another issue is that to change their passwords ecommerce clients need to
get access to partymngr. I think that's not secure enough and restriction of
the possible actions (eg only allowed to reset password) would be a good idea...
It should be noted that it was already like that before OFBIZ-4361
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
