View Issue Details

IDProjectCategoryView StatusLast Update
000910910000-018: Role-Based SecuritySpecpublic2023-09-21 12:08
ReporterMatthias Isele Assigned ToMatthias Damm  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.05.03 
Summary0009109: Clarification for using the ChangePassword method
Description

The specification should state that after calling ChangePassword the client shall call ActivateSession.
This is necessary to update the Roles assigned to the Session when MustChangePassword is set.

TagsNo tags attached.
Commit Version1.05.03
Fix Due Date

Activities

Matthias Damm

2023-09-20 11:20

developer   ~0020017

Added the following clarification to
5.2.8 ChangePassword Method

The bit MustChangePassword in the UserConfigurationMask defined in 5.2.3 indicates if the Server requires that the user changes the password.

If the user that is used to activate a Session is required to change the password, the Service ActivateSession shall return Good_PasswordChangeRequired and the activated Session shall have the Role Anonymous. In this state, the Session shall be allowed to call ChangePassword for the user that activated the Session.

After a successful call of ChangePassword, the Client is required to use ActivateSession with the user and the new password to apply the change to existing Sessions.

Jim Luth

2023-09-21 12:08

administrator   ~0020037

Agreed to changes in F2F.

Issue History

Date Modified Username Field Change
2023-08-17 13:28 Matthias Isele New Issue
2023-09-20 11:20 Matthias Damm Assigned To => Matthias Damm
2023-09-20 11:20 Matthias Damm Status new => resolved
2023-09-20 11:20 Matthias Damm Resolution open => fixed
2023-09-20 11:20 Matthias Damm Fixed in Version => 1.05.03
2023-09-20 11:20 Matthias Damm Note Added: 0020017
2023-09-21 12:08 Jim Luth Status resolved => closed
2023-09-21 12:08 Jim Luth Commit Version => 1.05.03
2023-09-21 12:08 Jim Luth Note Added: 0020037