Bug 1062602
Summary: | Installer accepts administrative user's password without alphabetic character | ||
---|---|---|---|
Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Petr Kremensky <pkremens> |
Component: | Installer | Assignee: | Ahmed Abu Lawi <aabulawi> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Petr Kremensky <pkremens> |
Severity: | medium | Docs Contact: | Russell Dickenson <rdickens> |
Priority: | unspecified | ||
Version: | 6.2.0 | CC: | aabulawi, mtjandra, smumford, thauser, tkirby |
Target Milestone: | ER7 | ||
Target Release: | EAP 6.3.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
In previous versions of JBoss EAP 6 it was found that the graphical installer utility was not honoring the username and password restrictions that govern user creation.
This issue has been addressed and the GUI installer now adheres to password and naming restrictions as expected.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2014-06-28 15:40:08 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1063861 |
Description
Petr Kremensky
2014-02-07 12:44:09 UTC
Sorry for confusion, there seem to be bug in add-user utility as it accepts aaa@aaa without complaining. Username obviously cannot contain non-alphanumeric character. Passwords now satisfy the following constraints - password min length is 8 - password must contain alphabetic character - password must contain digit - password must contain non-alphanumeric character Note that since passwords must have a non-alphanumeric and usernames cannot contain an non-alphanumeric, the username and password will never match. http://git.app.eng.bos.redhat.com/jbossas-installer.git/commit/?h=eap-6.2&id=17a0608bc9bee29099458b0dd753330edde12a0f That is correct. I created BZ1063639 to fix the documentation. We should fix also the text on User panel to reflect the change: id="security.text" txt="Create an administrative user. The user will be added to the ManagementRealm, and can be used to access the Management Console, as well as any other applications secured using the ManagementRealm. The password must have no fewer than 8 characters, and contain at least one number and one non-alphanumeric symbol." String has been updated to contain. Create an administrative user. The user will be added to the ManagementRealm, and can be used to access the Management Console, as well as any other applications secured using the ManagementRealm. The password must have no fewer than 8 characters, and must contain at least one digit, alphabetic character, and non-alphanumeric symbol. http://git.app.eng.bos.redhat.com/jbossas-installer.git/commit/?h=eap-6.2&id=12f3ae6a5a9c7152694c188e5df6abfec122df9a This is failing also with EAP 6.3.0.ER1 installer. Installer now doesn't accept password without alphabetic symbol, but we should also fix the text (in both gui and console mode). Actual: The password must have at least 8 characters, and contain at least one number and one non-alphanumeric symbol. Expected (We can use the text from documentation): The password must be at least eight characters long, with one alphabetic character, one digit, and one non-alphabanumeric character. Changed the string. http://git.app.eng.bos.redhat.com/git/eap-installer.git/commit/?id=9f4f79c596f14efd14d9d9ed1090b5b087a12d6f Verified on EAP 6.3.0.ER7 installer. |