[
https://issues.apache.org/jira/browse/OFBIZ-11206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16935305#comment-16935305 ]
Jacques Le Roux commented on OFBIZ-11206:
-----------------------------------------
Hi Nicolas,
I reviewed and tested. Things looks good to me. I just changed 2 things:
* trivial changes in labels
* prevent an user to access the security question when it's not own
I attach the patch [^OFBIZ-11206.patch] for that
Also in OFBIZ-4361 I wrote:
bq. It's about UserLoginSecurityQuestion not Password Hint. BTW I wonder if Password Hint is not confusing and should not be removed? tend) where an user is created and make it mandatory?
Actually when testing I realised that the security question is just a mean to refresh your mind about your password hint. I have still to check that reading OFBIZ-4983 closer. If it's really that then the the security question alone does not help: you need to have a password hint set too. So then we need to force user to set a password hint when they set a security question. Still to be confirmed, but 90% sure.
> Edit the user login security question from party profile
> --------------------------------------------------------
>
> Key: OFBIZ-11206
> URL:
https://issues.apache.org/jira/browse/OFBIZ-11206> Project: OFBiz
> Issue Type: Improvement
> Components: party
> Affects Versions: Trunk
> Reporter: Nicolas Malin
> Assignee: Nicolas Malin
> Priority: Major
> Attachments: OFBIZ-11206.patch, OFBIZ-11206.patch
>
>
> Currenlty we have a system to call a password hints when you lost your password with answer to a security question linked to the userLogin.
> The problem that you can only set this security question at the user login creation and never create or edit it after.
> I add with this issue: service, form, and label to edit it on the ProfileEditUserLogin [1] page.
> [1]
https://localhost:8443/partymgr/control/ProfileEditUserLogin?partyId=admin&userLoginId=admin--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Locked
