feature request #6161
closedPhycoBank - task #8515: Remaining registation UI tasks
Service and webservice to recover forgotten passwords
100%
Description
The password recovery function allows users to request for a password recovery link which is send to the user via email.
General security recommendations by OWASP : https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html
Below are two options for implementing this:
- How to implement this by your self in an easy and concise way: http://stackoverflow.com/questions/17219917/guide-to-implementing-spring-security-password-recovery-with-dynamic-url-sent-to#17238620
- By making use of https://github.com/OhadR/oAuth2-sample/tree/master/authentication-flows
Related issues
Updated by Andreas Kohlbecker almost 7 years ago
- Tracker changed from bug to feature request
Updated by Andreas Kohlbecker almost 7 years ago
- Precedes feature request #6162: Implement "Forgot your password?" button in the Taxeditor connect dialog added
Updated by Andreas Kohlbecker almost 7 years ago
- Subject changed from Function to recover forgotten passwords to Service and webservice to recover forgotten passwords
Updated by Andreas Kohlbecker over 5 years ago
- Related to feature request #7275: [DISCUSS] Require email address for Users added
Updated by Andreas Kohlbecker over 4 years ago
- Target version changed from Unassigned CDM tickets to Release 5.6
Updated by Andreas Kohlbecker over 4 years ago
- Priority changed from New to Priority13
- Target version changed from Release 5.6 to Reviewed Next Major Release
Updated by Andreas Kohlbecker about 4 years ago
- Parent task changed from #6169 to #8515
Updated by Andreas Müller almost 2 years ago
- Target version changed from Reviewed Next Major Release to Release 5.43
I move this to next milestone as it is what you are currently work on as far as I know.
Updated by Andreas Kohlbecker almost 2 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 50
Updated by Andreas Kohlbecker almost 2 years ago
- Tags changed from security to security, phycobank, phycobank-ready-for-submitters
- Priority changed from Priority13 to Highest
Updated by Andreas Kohlbecker almost 2 years ago
- Related to feature request #9859: Password Recovery UI added
Updated by Andreas Müller almost 2 years ago
I added the new service to httpInvoker and CdmApplicationRemoteConfiguration
Updated by Andreas Kohlbecker almost 2 years ago
- Status changed from Resolved to Feedback
- Assignee changed from Andreas Kohlbecker to Andreas Müller
Andreas Müller wrote:
I added the new service to httpInvoker and CdmApplicationRemoteConfiguration
I am not sure if these service methods are suitable for httpInvoker as they are asynchronously and return Futures. This needs to be checked.
Updated by Andreas Müller almost 2 years ago
Andreas Kohlbecker wrote:
Andreas Müller wrote:
I added the new service to httpInvoker and CdmApplicationRemoteConfiguration
I am not sure if these service methods are suitable for httpInvoker as they are asynchronously and return Futures. This needs to be checked.
This may be true. However, each CdmRemotingApplicationController requires this service. Alternatively we could implement in another way (e.g. by throwing an exception when being used).
Updated by Andreas Müller almost 2 years ago
- Status changed from Feedback to Resolved
- Assignee changed from Andreas Müller to Andreas Kohlbecker
... or we implement it similar to the ProgressMonitoring services which also handle asynchronous task but differently.
However, this is not my task. I only wanted to fix the compile error in TaxEditor code. If you think this needs to be done differently feel free to do so.
Updated by Andreas Kohlbecker almost 2 years ago
- Related to feature request #9497: User self registration service added
Updated by Andreas Kohlbecker almost 2 years ago
- Status changed from Resolved to Closed
- % Done changed from 50 to 100
I think we can keep it as it is.
Updated by Andreas Müller over 1 year ago
- Target version changed from Release 5.43 to Release 5.29