directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hal Deadman (JIRA)" <>
Subject [jira] [Created] (DIRSERVER-2202) pwdHistory not getting maintained when doing modify password with ldaptive client
Date Sat, 15 Jul 2017 01:44:00 GMT
Hal Deadman created DIRSERVER-2202:

             Summary: pwdHistory not getting maintained when doing modify password with ldaptive
                 Key: DIRSERVER-2202
             Project: Directory ApacheDS
          Issue Type: Bug
    Affects Versions: 2.0.0-M23
         Environment: windows, ldaptive latest, java 8
            Reporter: Hal Deadman

If I connect as a non admin user and modify my own password with directory studio, a new pwdHistory
is added. 

If I modify the password programatically, using the old/new password modifyPassword extended
operation that should respect history, it is deleting all my history (and leaving a single
pwdHistory entry). The code looks like this:

// connecting as user that is trying to change their password
		org.ldaptive.Credential cred = new org.ldaptive.Credential(oldPassword);
		org.ldaptive.BindConnectionInitializer bindConnectionInit = new org.ldaptive.BindConnectionInitializer(userDn,cred);
		org.ldaptive.ConnectionConfig connectionConfig = new org.ldaptive.ConnectionConfig(ldapUrl);
		DefaultConnectionFactory userLdapConnectionFactory = new DefaultConnectionFactory(connectionConfig);
		try (Connection conn = userLdapConnectionFactory.getConnection()) {;
		  PasswordModifyOperation modify = new PasswordModifyOperation(conn);
		  Response<Credential> response = modify.execute(new PasswordModifyRequest(userDn,
new Credential(oldPassword), new Credential(plaintextPassword)));

Isn't the pwdHistory being maintained by the server? Why does a different client determine
whether pwdHistory entries are added or not? (In this case they are not only not added but
multiple entries are replaced by a single one).

Ldaptive doesn't implement ldap protocol, in this case it is using JNDI as the provider of
ldap protocol. 

This message was sent by Atlassian JIRA

View raw message