Details
-
Improvement
-
Resolution: Won't Do
-
Major
-
None
-
1.0-rc3
-
None
-
window XP /redhat linux
jdk1.5
Description
There is one defect that allows the admin to break the publish once we use LDAP authentication.
After using LDAP with empty password field for that user, admin can still put something in the password field of that user, save that change. If the string in the password field is not the same as that user's password in LDAP, that user will fail in activating page. The defect is that admin can remove the string in the password field but won't be able to save the change. The password is still there after click on save.
I have to switch back to JCR authentication, set password to be null for that user. Then switch back to LDAP. Since switch authentication need server restart, this problem is quite annoying to me.
Checklists
Acceptance criteria