The self-service password API was left intentionally
unprotected in a change during the stable/ocata cycle:
I4d3421c56642cfdbb25cb33b3aaaacbac4c64dd1
The default policy was not removed from the same config and as a
result it was migrated into code during the policy-in-code work.
This isn't necessary since it's not used to protect anything. Policy
should still be enforced on administrative password resets, but that
is done using the `update_user` API.
Reviewed: https:/ /review. openstack. org/485818 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=77bf1ad0b89 91abb6c7ebba608 fde27a3fd01c09
Committed: https:/
Submitter: Jenkins
Branch: master
commit 77bf1ad0b8991ab b6c7ebba608fde2 7a3fd01c09
Author: Lance Bragstad <email address hidden>
Date: Thu Jul 20 20:45:42 2017 +0000
Remove policy for self-service password changes
The self-service password API was left intentionally
unprotected in a change during the stable/ocata cycle:
I4d3421c5 6642cfdbb25cb33 b3aaaacbac4c64d d1
The default policy was not removed from the same config and as a
result it was migrated into code during the policy-in-code work.
This isn't necessary since it's not used to protect anything. Policy
should still be enforced on administrative password resets, but that
is done using the `update_user` API.
Change-Id: I431f5ef9d6d5d6 89a06736640d229 97fbddb869c
Closes-Bug: 1705485