Filing a bug report
On 10/27/2015 09:19 AM, Rene Moser wrote: > Hi > > On 10/27/2015 06:55 AM, Rajani Karuturi wrote: >> ACS doesnt cache passwords. Everytime, the authentication requests goes to >> the LDAP server. > > This is what I expected, but our test results showing the opposite. > > While the old password didn't work ldap anymore, it did work on > CloudStack. Even older passwords worked, which you changed in the past, > as long you once successfully authenticated with it. A user was able to > use 3 different outdated passwords to authenticate to cloudstack! > > After "service cloudstack-management restart", the outdated passwords > did not work anymore. > > I am pretty sure that the password must be a cached (wanted or not) in > cloudstack. >
