Project

General

Profile

Actions

User story #3282

closed

Add a password input field in Directive

Added by François ARMAND almost 12 years ago. Updated over 11 years ago.

Status:
Released
Priority:
3
Category:
Web - Config management
Target version:
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:

Description

We need a kind of password field for Technique parameters, that will be translated visually as follow in a Directive:

  • a password type input text (with *** in place of characters)
  • a list of hash algorythme to use (crypt, md5, sha256, etc)
  • if the password field was already filled, the resulting hash, for ex: SHA1:40285A0854205

In LDAP, we only store the hashed value (with the algo used).

The field is considered:

  • empty if no value if filled in the input field, nor no hash already exists;
  • not updated if no value is filled in the input field and a hash already exists;
  • updated as soon as a value is filled in the input field.

That means that a password can never be blanked (and so, if the Technique logic require that possibility, a second field "use password / blank password" should be created).


Subtasks 2 (0 open2 closed)

User story #3283: Add a password input field in TechniqueReleasedNicolas CHARLES2013-02-18Actions
User story #3284: User interface and logic for password field in DirectiveReleasedNicolas CHARLES2013-02-18Actions

Related issues 1 (0 open1 closed)

Related to Rudder - Architecture #3379: Use the new XML tag for passwords in the TechniquesReleasedMatthieu CERDA2013-04-15Actions
Actions #1

Updated by Jonathan CLARKE almost 12 years ago

Sounds great. One detail: if a password is already defined, it should be displayed above the field to change the password, and extra text should be added in front of that saying "Change password:".

Actions #2

Updated by François ARMAND almost 12 years ago

It seems more convenient to be able to see the password (you are not really likelly to use Rudder in a given cyber café...).

Actions #3

Updated by François ARMAND almost 12 years ago

  • Status changed from 13 to 10
Actions #4

Updated by François ARMAND almost 12 years ago

Evolution:

  • we want to use the "INPUT" XML field in technique for password, with two new constrains;
    • a new type: password;
    • a new constrain: passwordHash. That constrain accept a list of hashes, with the following meaning:
      • a list on zero hashes means "show all defaults hashes"
      • a list of one hashes is a "no choice" for the user
      • a list of several hashes display a select, in the order given in the list
  • to make the user interface clearer, we want to have three select boxes to update the password :
    • 1/ Keep current password
    • 2/ None
    • 3/ [input] hash with: [select] <- a focus on these fields auto-change the radio to 3
Actions #5

Updated by Nicolas CHARLES over 11 years ago

  • Status changed from 10 to 12
Actions #6

Updated by Nicolas CHARLES over 11 years ago

  • Status changed from 12 to Pending release
Actions #7

Updated by Matthieu CERDA over 11 years ago

Now, we have to update the existing promises to use this.

Actions #8

Updated by Jonathan CLARKE over 11 years ago

  • Status changed from Pending release to Released

This ticket has been addressed in version 2.6.0~beta1 of Rudder, which has just been released. Please see the changelog here: https://www.rudder-project.org/foswiki/System/Documentation:ChangeLog26.

Actions

Also available in: Atom PDF