Reviewed: https://review.openstack.org/404022 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=3ae73b67522bf388a0fdcecceb662831d853a313 Submitter: Jenkins Branch: master
commit 3ae73b67522bf388a0fdcecceb662831d853a313 Author: Gage Hugo <[email protected]> Date: Mon Nov 28 23:01:51 2016 -0600 Allow user to change own expired password Currently, if a users password expires, they must contact an administrator in order to have their password reset for them. This change allows a user to perform the change_password call without a token, which will allow a user with an expired password to change it if they are using PCI-DSS related features. This removes the issue of needing an administrator to reset any user's password that has expired. Also updated the api-ref with the related changes. Change-Id: I4d3421c56642cfdbb25cb33b3aaaacbac4c64dd1 Closes-Bug: #1641645 ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1641645 Title: PCI: A user who's password has expired must ask an admin to reset their password. Status in OpenStack Identity (keystone): Fix Released Bug description: As noted in the bug title, this is a cumbersome process, a user should be able to reset their password if it expired. (and potentially if locked out -- that's up for debate) (Discussed at 11/22/16 meeting, locked out from too many attempts should have to ask an admin) To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1641645/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
