Want to Improve input items and error message of chenge password.
Use-case:
/system/console/configMgr/org.apache.jackrabbit.oak.security.user.UserConfigurationImpl Enable "Password On First Login"
/system/console/configMgr/org.apache.jackrabbit.oak.spi.security.user.action.DefaultAuthorizableActionProvider Set "Configure PasswordValidationAction: Password Constraint"
For enhanced security, I want to lock my account after multiple authentication failures. For this purpose, we override "AuthenticationHandler.authenticationFailed" to achieve the lock function.
Current/Experienced Behavior:
After you have been authenticated with your ID and password, the password change screen will appear. You will need to enter the password again on the password change screen.
The message on new password validation error is "Your password has expired".
"AuthenticationHandler.authenticationFailed" is called with new password validation error. Therefore, it will be account locked due to a password validation error.
Improved/Expected Behavior:
Message at the time of password validation error is "Password violates password constraintd".
Do not call "AuthenticationHandler.authenticationFailed" with new password validation error. or to eliminate the current password when chenge password.
Environment Details (AEM version/service pack, any other specifics if applicable):
I have tried the behavior on OOTB without customization of "AuthenticationHandler.authenticationFailed" and everything works as expected
As the override of "AuthenticationHandler.authenticationFailed" is done at the project level via customization, this request will have to be performed at the project level as well unfortunately