Bug 1104665

Summary: UI inconsistency around root password strength
Product: Red Hat Satellite Reporter: Erik M Jacobs <ejacobs>
Component: WebUIAssignee: jmagen <jmagen>
Status: CLOSED CURRENTRELEASE QA Contact: sthirugn <sthirugn>
Severity: low Docs Contact:
Priority: unspecified    
Version: 6.0.3CC: dcleal, jmagen, jmontleo, mmccune, sthirugn
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
URL: http://projects.theforeman.org/issues/6067
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1104785 (view as bug list) Environment:
Last Closed: 2014-09-11 12:23:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Erik M Jacobs 2014-06-04 13:17:15 UTC
The UI is inconsistent regarding root passwords:

1) The hostgroup setting for Root Password makes no mention of password length requirement.

2) The new host / host edit mentions an 8 character minimum

3) There is no setting in "Administer" -> "Settings" that allows a user to change the minimum acceptable password length.

4) [RFE] there are no settings for password strength:
length
complexity
characters
etc.

Comment 1 RHEL Program Management 2014-06-04 13:33:50 UTC
Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

Comment 3 Dominic Cleal 2014-06-04 16:52:38 UTC
Cloned the RFE to bug #1104785 (please separate issues, makes it much easier), this bug will address the UI consistency only.

Comment 4 Dominic Cleal 2014-06-04 16:54:27 UTC
Created redmine issue http://projects.theforeman.org/issues/6067 from this bug

Comment 5 Bryan Kearney 2014-06-19 16:04:13 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/6067 has been closed

Comment 8 sthirugn@redhat.com 2014-09-04 19:13:31 UTC
Failed. 2 out of 4 mentioned issues still fail.
1) The hostgroup setting for Root Password makes no mention of password length requirement. - Now expects 8 characters or more - PASS

2) The new host / host edit mentions an 8 character minimum - Now expects 8 characters or more - PASS

3) There is no setting in "Administer" -> "Settings" that allows a user to change the minimum acceptable password length. - FAIL

4) [RFE] there are no settings for password strength: - FAIL
length
complexity
characters
etc.

Version Tested:
GA Snap 7 - Satellite-6.0.4-RHEL-6-20140829.0

* apr-util-ldap-1.3.9-3.el6_0.1.x86_64
* candlepin-0.9.23-1.el6_5.noarch
* candlepin-common-1.0.1-1.el6_5.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.9.23-1.el6_5.noarch
* candlepin-tomcat6-0.9.23-1.el6_5.noarch
* elasticsearch-0.90.10-6.el6sat.noarch
* foreman-1.6.0.42-1.el6sat.noarch
* foreman-compute-1.6.0.42-1.el6sat.noarch
* foreman-gce-1.6.0.42-1.el6sat.noarch
* foreman-libvirt-1.6.0.42-1.el6sat.noarch
* foreman-ovirt-1.6.0.42-1.el6sat.noarch
* foreman-postgresql-1.6.0.42-1.el6sat.noarch
* foreman-proxy-1.6.0.30-1.el6sat.noarch
* foreman-selinux-1.6.0.14-1.el6sat.noarch
* foreman-vmware-1.6.0.42-1.el6sat.noarch
* katello-1.5.0-30.el6sat.noarch
* katello-ca-1.0-1.noarch
* katello-certs-tools-1.5.6-1.el6sat.noarch
* katello-installer-0.0.62-1.el6sat.noarch
* openldap-2.4.23-34.el6_5.1.x86_64
* openldap-devel-2.4.23-34.el6_5.1.x86_64
* pulp-katello-0.3-4.el6sat.noarch
* pulp-nodes-common-2.4.1-0.5.rc1.el6sat.noarch
* pulp-nodes-parent-2.4.1-0.5.rc1.el6sat.noarch
* pulp-puppet-plugins-2.4.1-0.5.rc1.el6sat.noarch
* pulp-puppet-tools-2.4.1-0.5.rc1.el6sat.noarch
* pulp-rpm-plugins-2.4.1-0.5.rc1.el6sat.noarch
* pulp-selinux-2.4.1-0.5.rc1.el6sat.noarch
* pulp-server-2.4.1-0.5.rc1.el6sat.noarch
* python-ldap-2.3.10-1.el6.x86_64
* ruby193-rubygem-net-ldap-0.3.1-3.el6sat.noarch
* ruby193-rubygem-runcible-1.1.0-2.el6sat.noarch

Comment 9 Dominic Cleal 2014-09-05 07:26:16 UTC
(In reply to sthirugn from comment #8)
> 3) There is no setting in "Administer" -> "Settings" that allows a user to
> change the minimum acceptable password length. - FAIL
> 
> 4) [RFE] there are no settings for password strength: - FAIL
> length
> complexity
> characters
> etc.

Please see comment #3, password complexity features are being treated as an RFE under a separate BZ.

Comment 10 sthirugn@redhat.com 2014-09-05 13:00:55 UTC
Thank you Dominic.

Marking this Verified as per Comment 8 and Comment 9.  The failed scenarios are tracked under https://bugzilla.redhat.com/show_bug.cgi?id=1104785

Comment 11 Bryan Kearney 2014-09-11 12:23:18 UTC
This was delivered with Satellite 6.0 which was released on 10 September 2014.