Expand my Community achievements bar.

Improvement of change password UI/UX

Avatar

hsim3
Level 1

9/13/21

Request for Feature Enhancement (RFE) Summary:

Want to Improve input items and error message of chenge password.
Use-case:
  • /system/console/configMgr/org.apache.jackrabbit.oak.security.user.UserConfigurationImpl
    Enable "Password On First Login"
  • /system/console/configMgr/org.apache.jackrabbit.oak.spi.security.user.action.DefaultAuthorizableActionProvider
    Set "Configure PasswordValidationAction: Password Constraint"
  • For enhanced security, I want to lock my account after multiple authentication failures.
    For this purpose, we override "AuthenticationHandler.authenticationFailed" to achieve the lock function.
Current/Experienced Behavior:
  • After you have been authenticated with your ID and password, the password change screen will appear.
    You will need to enter the password again on the password change screen.
  • The message on new password validation error is "Your password has expired".
  • "AuthenticationHandler.authenticationFailed" is called with new password validation error.
    Therefore, it will be account locked due to a password validation error.
Improved/Expected Behavior:
  • Message at the time of password validation error is "Password violates password constraintd".
  • Do not call "AuthenticationHandler.authenticationFailed" with new password validation error.
    or to eliminate the current password when chenge password.
Environment Details (AEM version/service pack, any other specifics if applicable): AEM6.5
Customer-name/Organization name:  
Screenshot (if applicable): image.png
Code package (if applicable):  
4 Comments

Avatar

Cedric_Latimier_
Employee Advisor

9/20/21

Hello @hsim3 

I have tried the behavior on OOTB without customization of "AuthenticationHandler.authenticationFailed" and everything works as expected

As the override of "AuthenticationHandler.authenticationFailed" is done at the project level via customization, this request will have to be performed at the project level as well unfortunately

 

Thanks

Status changed to: Needs Info

Avatar

hsim3
Level 1

9/23/21

Hello clatimier

Thank you for checking.

What is expected of the message displayed when a password verification error occurs?

 

 

 

Avatar

Cedric_Latimier_
Employee Advisor

10/19/21

Hi @hsim3 

When you will connect the first time, you will have the "Your password has expired" message

Then after providing a new one, you will see a "Your password has been changed successfully" message

 

clatimier_0-1634628299673.png

If you connect with incorrect credentials, you will see

clatimier_1-1634628371644.png

 

Does that answer your question? As I'm unsure of what information you're looking for.

Status changed to: Needs Info
Reply
Related Conversations
Adding Rules to Metadata fields in Assets UI

Views

56

Likes

0

Replies

1
Provide a means of permission and user-management for AppBuilder Applications (through Adobe IMS, AdminConsole)

Views

78

Likes

0

Replies

1
Allow to search for Assets by combination of options e.g. Created by, Created Date and Modified Date

Views

85

Like

1

Replies

1
Undo delete/move of pages/assets for single and Bulk

Views

120

Likes

0

Replies

1
Automating the Creation and Edition of Front-End Pipelines via Cloud Manager API and/or aio cli

Views

268

Likes

10

Replies

2