Bug 1267996 - cli settings option PASSWORD_HISTORY_LIMIT doesn't take effect
cli settings option PASSWORD_HISTORY_LIMIT doesn't take effect
Status: CLOSED CURRENTRELEASE
Product: ovirt-engine-extension-aaa-jdbc
Classification: oVirt
Component: Core (Show other bugs)
1.0.0
Unspecified Unspecified
unspecified Severity unspecified (vote)
: ovirt-3.6.0-rc3
: 1.0.0
Assigned To: Martin Perina
Ondra Machacek
infra
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-01 10:23 EDT by Ondra Machacek
Modified: 2016-02-10 14:14 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-04 08:40:34 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
ylavi: ovirt‑3.6.0?
omachace: planning_ack?
rule-engine: devel_ack+
rule-engine: testing_ack+


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 46920 master MERGED core: fix of password history limit check Never
oVirt gerrit 46943 ovirt-engine-extension-aaa-jdbc-1.0 MERGED core: fix of password history limit check Never

  None (edit)
Description Ondra Machacek 2015-10-01 10:23:53 EDT
Description of problem:


Version-Release number of selected component (if applicable):
v0.0.0-7

How reproducible:
always

Steps to Reproduce:
1. See value of PASSWORD_HISTORY_LIMIT
   ovirt-aaa-jdbc-tool settings show --name PASSWORD_HISTORY_LIMIT
   ..
   value 3

2. change admin password four times
  ovirt-aaa-jdbc-tool user password-reset admin --password=pass:123456
  ovirt-aaa-jdbc-tool user password-reset admin --password=pass:1234567
  ovirt-aaa-jdbc-tool user password-reset admin --password=pass:12345678
  ovirt-aaa-jdbc-tool user password-reset admin --password=pass:123456789

Check table user_password history.

engine=# select id, user_id, changed from aaa_jdbc.user_password_history;
 id | user_id |          changed           
----+---------+----------------------------
  1 |       2 | 2015-10-01 12:18:10.554+02
  2 |       2 | 2015-10-01 12:40:32.898+02
  3 |       2 | 2015-10-01 12:44:18.128+02
  4 |       2 | 2015-10-01 12:44:25.711+02
  5 |       2 | 2015-10-01 12:44:28.902+02

3. Change password back to the first one.
  ovirt-aaa-jdbc-tool user password-reset admin --password=pass:123456


Actual results:
new password already used

Expected results:
password successfully changed

Additional info:
Password history is kept forever instead of saving only X last values based on 
PASSWORD_HISTORY_LIMIT option
Comment 1 Martin Perina 2015-10-02 09:51:15 EDT
Fixed in ovirt-engine-extension-aaa-jdbc-1.0.0-0.0.master.20151002134359.git23d432a
Comment 2 Martin Perina 2015-10-06 13:52:41 EDT
Fix contained in ovirt-engine-extension-aaa-jdbc-1.0.0
Comment 3 Martin Perina 2015-10-15 06:14:18 EDT
ovirt-engine-extension-aaa-jdbc-1.0.0-2 is contained in oVirt 3.6.0 RC2
Comment 4 Ondra Machacek 2015-10-16 09:13:44 EDT
ovirt-engine-extension-aaa-jdbc-1.0.0-2.el6ev.noarch
Comment 5 Red Hat Bugzilla Rules Engine 2015-10-18 04:22:03 EDT
Fixed bug tickets must have version flags set prior to fixing them. Please set the correct version flags and move the bugs back to the previous status after this is corrected.
Comment 6 Sandro Bonazzola 2015-11-04 08:40:34 EST
oVirt 3.6.0 has been released on November 4th, 2015 and should fix this issue.
If problems still persist, please open a new BZ and reference this one.

Note You need to log in before you can comment on or make changes to this bug.