OFBiz OFBiz - Dev

[jira] [Commented] (OFBIZ-5009) Enforce user to reset his password in a pre-defined regular interval of time.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (OFBIZ-5009) Enforce user to reset his password in a pre-defined regular interval of time.

Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-5009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13604770#comment-13604770 ]

Jacques Le Roux commented on OFBIZ-5009:
----------------------------------------

I reviewed, apart that I'd have used a
> 0
in
if (reqToChangePwdInDays != 0) {

It's ok with me. I did not test and would appreciate other reviews, tests and votes, thanks.
               

> Enforce user to reset his password in a pre-defined regular interval of time.
> -----------------------------------------------------------------------------
>
>                 Key: OFBIZ-5009
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-5009
>             Project: OFBiz
>          Issue Type: New Feature
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Sumit Pandit
>            Assignee: Jacques Le Roux
>         Attachments: OFBIZ-5009.patch, Password-expiration-alert.GIF, Password-Expired-Alert.GIF
>
>
> For a user account in system, we can set password age for an additional security.
> Proposed system will start suggesting to user to reset his password few days before password expiration. Then Once password expired, system will enforce him to reset his password before processing further.
> Following will be control points and would be part of system configuration-
> * *Control Points -*
> ** Admin can enable/disable the reset password functionality.
> *** -It will control by a flag in propriety file where admin can enable/disable it by setting true/false.
> ** Number of days in which password will expired.
> *** - It will defined in propriety file so that admin can control it.
> ** Number of days before when password expiration alert display at user's screen.
> *** - It will defined in propriety file so that admin can control it.
> * *How should it processed -*
> ** After user logged-in, display password expiration notification message to user if his password will expire in comming days.
> ** After user logged-in, display change password screen, when password is expired. i.e. The difference in days since last time password updated is exceed to number of days specified in system policies. Enforce user to reset his password.
> * *What will be the out-put -*
> ** Please find the screenhot in attachment.
> ** Password is about to expire : Password-expiration-alert.gif : Observe alert message after login.
> ** Password is expired : Password-Expired-Alert : Observe the alert message with reset password screen.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
Free forum by Nabble Edit this page