Project

General

Profile

Actions

Bug #100374

closed

When the password policy is disabled by configuration, it is still not possible to save passwords violating default policy in user module

Added by Helmut Hummel over 1 year ago. Updated over 1 year ago.

Status:
Rejected
Priority:
Should have
Assignee:
-
Category:
Backend API
Target version:
-
Start date:
2023-04-01
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

  • set passwordPolicy to "none" in configuration
  • go to user settings of an admin and change password

expected result:

password is changed without error

actual result:

no error is presented to the user, but password is not changed, because DataHandler still evaluates TCA enforcing the policy

Actions #1

Updated by Torben Hansen over 1 year ago

  • Status changed from New to Needs Feedback

I tried to reproduce the described problem but with no success. Setting the password policy for FE and BE context to none or an empty string will result in no password policy being used. However, since the used password policy for FE/BE users table is assigned in TCA, it is most likely that the cached value for the password policy is used.

Can you please try if clearing the TYPO3 system cache after changing the configuration resolves the problem.

Actions #2

Updated by Helmut Hummel over 1 year ago

  • Subject changed from When the password policy is disable by configuration, it is still not possible to save passwords violating default policy in user module to When the password policy is disabled by configuration, it is still not possible to save passwords violating default policy in user module
Actions #3

Updated by Helmut Hummel over 1 year ago

  • Status changed from Needs Feedback to Rejected

Torben Hansen wrote in #note-1:

Can you please try if clearing the TYPO3 system cache after changing the configuration resolves the problem.

Embarrassinggly for me this worked :-D

I somehow also missed, that TCA did not have a hard coded value, but reads configuration.

Thanks for looking into it and sorry for the noise.

Actions

Also available in: Atom PDF