I probably should have specifically said that this is for the built-in users; it could only be them since they are the only ones which would use the MD5 or plaintext authentication plugins.
I don't think updateUser will help here. The case is for users to change their passwords and not admins; so while an admin could change everyone's passwords and then send out e-mails with those new passwords that probably isn't an option that would scale. It's also not particularly security friendly. -----Original Message----- From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] Sent: Tuesday, August 26, 2014 5:29 PM To: dev@cloudstack.apache.org Subject: Re: Should CloudStack support forced password reset? The cloud operator can call the updateUser API themselves? Then they can send an email to their users telling them their new password. There is no 'password change' protocol at the moment. It is assumed that user provisioning and user lifecycle is best left to a different system. From: Demetrius Tsitrelis <demetrius.tsitre...@citrix.com<mailto:demetrius.tsitre...@citrix.com>> Reply-To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" <dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>> Date: Thursday, August 21, 2014 at 11:28 AM To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" <dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>> Subject: Should CloudStack support forced password reset? For legacy reasons the MD5 and plaintext plugins are included in the list of authenticators. If a company has been using CloudStack for awhile they may want to move all their users to a stronger plugin such as SHA256SALTED (which is now the default). Is there a mechanism to do that? It doesn't appear that there is so I propose modify the API as follows: 1) Include a result in the response to the login API which indicates whether a user must change his password. 2) If a user is in this state have him call a new API called changeMyPassword. That API would require his old password and a new password. If the calls succeeds then the user can retry the login API with his new password. 3) Add a new parameter named forceUserToChangePassword to the UpdateUser API. An admin would set that parameter value to indicate that a user is required to change his password. Thoughts?
