Bug 155379 - error message in validate_user_password seems incorrect
Summary: error message in validate_user_password seems incorrect
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Network
Classification: Retired
Component: RHN/Backend
Version: RHN Stable
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Adrian Likins
QA Contact: Beth Nackashi
URL:
Whiteboard:
: 151328 157375 (view as bug list)
Depends On:
Blocks: 147875 155572 156320
TreeView+ depends on / blocked
 
Reported: 2005-04-19 18:19 UTC by Adrian Likins
Modified: 2007-04-18 17:24 UTC (History)
4 users (show)

Fixed In Version: RHN 4.0.0
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-09-01 02:55:15 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2005:712 0 qe-ready SHIPPED_LIVE up2date bug fix update 2005-09-28 04:00:00 UTC

Description Adrian Likins 2005-04-19 18:19:16 UTC 
Description of problem:
as per #151328:

rhn/eng/backend/server/rhnUser.py:validate_new_password()

either the error message is wrong, or the regex/logic is wrong. I'm
not entirely sure what the intended behaviour is. 



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Adrian Likins 2005-05-13 18:01:50 UTC 
ping
Comment 2 Mihai Ibanescu 2005-05-17 14:35:00 UTC 
Should be fixed in rhns-4.0.0-53 and newer.

Test case: see bug 151328
Essentially, try to put a * in your password. Should work. 
Try to put a * at the beginning of the password. Should work.
Try to use only * chars. Should fail.
Comment 3 Adrian Likins 2005-05-17 18:38:15 UTC 
*** Bug 157375 has been marked as a duplicate of this bug. ***
Comment 4 Adrian Likins 2005-05-17 18:42:40 UTC 
*** Bug 151328 has been marked as a duplicate of this bug. ***
Comment 5 Debbie McGrath 2005-06-08 14:28:30 UTC 
This bug is considered CanFix for RHEL 3 U6 by RHN Engineering.
Comment 6 Mihai Ibanescu 2005-06-13 18:09:42 UTC 
Mass move to ON_QA
Comment 7 Debbie McGrath 2005-06-21 21:31:20 UTC 
Dev & PM ACKs for U6
Comment 8 Beth Nackashi 2005-06-28 21:12:11 UTC 
6/28/2005 -- bnackash

1- Using the web UI to create a new user, I was able to successfully choose a
password of "*******" and log in as the new user.  Bug 151328 states that the
web UI does allow all asterisks for the password, but I'm not sure if that's a
feature or a bug.  If feature, then disregard this comment.

2- Using the web UI, I was able to successfully change my RHN password to
*********** or something of that ilk.  (At least the web UI indicated my
information had been updated.)  And now I can't remember how many ********s I
used and locked myself out of RHN :(  Again, not sure if this is a feature or a bug.

3- There's a small typo in the error message:  "password can not be all
asterisks" should say "password cannot be all asterisks".

Other comments from Beth:  Using up2date --register (up2date-4.4.5.6-2), I was
unable to enter a password with all asterisks.  I was able to enter a password
with one or more asterisks.  This is correct behavior.
Comment 9 Adrian Likins 2005-07-11 16:58:58 UTC 
#3 from comment #8 fixed in svn

rest is pending discussion on whats the correct behaviour
Comment 10 Adrian Likins 2005-07-11 20:19:20 UTC 
Seems we decided client is doing the right thing, so moving this to ON_QA
Comment 12 Beth Nackashi 2005-07-13 14:38:47 UTC 
up2date-4.4.30-3 still says "password can not be all asterisks"

Which up2date fixes this?
Comment 13 Adrian Likins 2005-07-14 19:39:35 UTC 
re comment #12

It's a server side change, not a client side change, so fix should
appear for next QA push.
Comment 14 Beth Nackashi 2005-07-17 23:37:29 UTC 
Do you mean the fix should have made it into Thursday's (7/14) QA push?  Because
it didn't.
Comment 15 Adrian Likins 2005-07-20 17:05:33 UTC 
doh, never actually committed it. Next QA push.
Comment 16 Beth Nackashi 2005-07-26 14:35:55 UTC 
verified fix
Note You need to log in before you can comment on or make changes to this bug.