Details

      Description

      Steps to reproduce

      1. Create a public user (e.g user1)
      2. Create a new password policy as the following settings
        Name: test policy
        Password Changes: Changeable Yes
        Password Expiration:
          Enable Expiration - Yes
            Maximum Age - 2 Weeks
            Warning Time - 1 Weeks
            Grace Limit - 1
      3. Assign user1 to test policy
      4. Change User_.passwordModifiedDate in the database to 1 month ago to simulate the password expiration
      5. Navigate to Control Panel > Configuration > Server Administration
      6. Clear the database cache
      7. Log in as user1

      Expected result
      The warning message "Your password is expired. You have 0 grace login(s) remaining." displays and the user cannot log out and in again.

      Actual result
      The warning message "Your password is expired. You have 1 grace login(s) remaining." displays and the user can log out and in indefinitely despite having an expired password.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sharry.shi Sharry Shi
                Reporter:
                jonathan.mccann Jonathan McCann
                Participants of an Issue:
                Recent user:
                Clarissa Velazquez
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  9 weeks, 4 days ago