Public bug reported: Differently from the /v3/user/<user_id> route [1], the /v3/user/<user_id>/password is not enforcing the password history [2].
At [3] we are able to change a password that breaks the password history constraints [1] https://github.com/openstack/keystone/blob/master/keystone/identity/backends/sql.py#L161 [2] https://github.com/openstack/keystone/blob/master/keystone/identity/backends/sql.py#L189 [3] http://paste.openstack.org/show/583366/ ** Affects: keystone Importance: Undecided Assignee: Ron De Rose (ronald-de-rose) Status: New ** Summary changed: - Password constraints not enforced via /v3/users/<user_id>/password path + Password history constraints not enforced via /v3/users/<user_id>/password path -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1628692 Title: Password history constraints not enforced via /v3/users/<user_id>/password path Status in OpenStack Identity (keystone): New Bug description: Differently from the /v3/user/<user_id> route [1], the /v3/user/<user_id>/password is not enforcing the password history [2]. At [3] we are able to change a password that breaks the password history constraints [1] https://github.com/openstack/keystone/blob/master/keystone/identity/backends/sql.py#L161 [2] https://github.com/openstack/keystone/blob/master/keystone/identity/backends/sql.py#L189 [3] http://paste.openstack.org/show/583366/ To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1628692/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
