View Issue Details

IDProjectCategoryView StatusLast Update
0000752savapage-server[All Projects] Securitypublic2017-07-14 13:29
ReporterrijkrAssigned Torijkr 
PrioritynormalSeverityfeatureReproducibilityN/A
Status closedResolutionfixed 
Product Version0.9.11 
Target Version0.9.12Fixed in Version0.9.12 
Summary0000752: Disable password reset in User Web App when password is not set
DescriptionIST: When password of internal user is not set (or erased), a user cannot log into the User Web App by name. But, when he is able to login with other credentials (ID, NFC card, YubiKey, Google Sign-In), he is able to reset the password.
SOLL: Do not offer password reset in User Web App when password is not set. This gives administrators a means to disable login by name/password.
TagsNo tags attached.

Relationships

related to 0000753 closedrijkr Add option to erase internal user password in Admin Web App 

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2016-11-29 21:56 rijkr New Issue
2016-11-29 21:56 rijkr Status new => assigned
2016-11-29 21:56 rijkr Assigned To => rijkr
2016-11-29 21:57 rijkr Relationship added related to 0000753
2016-11-29 22:09 rijkr Status assigned => resolved
2016-11-29 22:09 rijkr Resolution open => fixed
2016-11-29 22:09 rijkr Fixed in Version => 0.9.12
2017-07-14 13:29 rijkr Status resolved => closed