| Request for Feature Enhancement (RFE) Summary: |
Want to Improve input items and error message of chenge password.
|
| Use-case: |
- /system/console/configMgr/org.apache.jackrabbit.oak.security.user.UserConfigurationImpl
Enable "Password On First Login"
- /system/console/configMgr/org.apache.jackrabbit.oak.spi.security.user.action.DefaultAuthorizableActionProvider
Set "Configure PasswordValidationAction: Password Constraint"
- For enhanced security, I want to lock my account after multiple authentication failures.
For this purpose, we override "AuthenticationHandler.authenticationFailed" to achieve the lock function.
|
| Current/Experienced Behavior: |
- After you have been authenticated with your ID and password, the password change screen will appear.
You will need to enter the password again on the password change screen.
- The message on new password validation error is "Your password has expired".
- "AuthenticationHandler.authenticationFailed" is called with new password validation error.
Therefore, it will be account locked due to a password validation error.
|
| Improved/Expected Behavior: |
- Message at the time of password validation error is "Password violates password constraintd".
- Do not call "AuthenticationHandler.authenticationFailed" with new password validation error.
or to eliminate the current password when chenge password.
|
| Environment Details (AEM version/service pack, any other specifics if applicable): |
AEM6.5 |
| Customer-name/Organization name: |
|
| Screenshot (if applicable): |
 |
| Code package (if applicable): |
|
