0009816: ChangePassword method description is ambiguous

ID	Project	Category	View Status	Date Submitted	Last Update

0009816	10000-018: Role-Based Security	Spec	public	2024-09-04 12:24	2024-09-12 09:40

Reporter	Matthias Isele	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	new	Resolution	open
Product Version	1.05.04 RC1

Summary	0009816: ChangePassword method description is ambiguous
Description	The spec states (5.2.8. ChangePassword): "After a successful call of ChangePassword, the Client is required to call ActivateSession for each of the affected Sessions with the user and the new password to apply the change." 1) Does this paragraph refer to the paragrpah above only (in case that a password change is required)? I assume yes. The ChangePassword method can also be called at any time if no password change is required. In that case I don't see any reason to call ActivateSession. If that is true the spec should clearly state that the paragraph above only refers to the case where a password change is required. 2) The expression "for each of the affected Sessions" in the paragraph above confuses me. How should another Session know that is also needs to call ActivateSession again?
Tags	No tags attached.

Commit Version
Fix Due Date

Date Modified	Username	Field	Change
2024-09-04 12:24	Matthias Isele	New Issue