Bug #100374
closed
When the password policy is disabled by configuration, it is still not possible to save passwords violating default policy in user module
Added by Helmut Hummel about 1 year ago.
Updated about 1 year ago.
Description
- set passwordPolicy to "none" in configuration
- go to user settings of an admin and change password
expected result:
password is changed without error
actual result:
no error is presented to the user, but password is not changed, because DataHandler still evaluates TCA enforcing the policy
- Status changed from New to Needs Feedback
I tried to reproduce the described problem but with no success. Setting the password policy for FE and BE context to none or an empty string will result in no password policy being used. However, since the used password policy for FE/BE users table is assigned in TCA, it is most likely that the cached value for the password policy is used.
Can you please try if clearing the TYPO3 system cache after changing the configuration resolves the problem.
- Subject changed from When the password policy is disable by configuration, it is still not possible to save passwords violating default policy in user module to When the password policy is disabled by configuration, it is still not possible to save passwords violating default policy in user module
- Status changed from Needs Feedback to Rejected
Torben Hansen wrote in #note-1:
Can you please try if clearing the TYPO3 system cache after changing the configuration resolves the problem.
Embarrassinggly for me this worked :-D
I somehow also missed, that TCA did not have a hard coded value, but reads configuration.
Thanks for looking into it and sorry for the noise.
Also available in: Atom
PDF
Updated by 
Updated by