Description Michael Grandjean 2020-06-02 17:10:16 CEST

UCS: 4.4-4 errata617

Scenario: I use a simple password policy, e.g. minimum length is 8 characters. I have a user whose password expired. This is quite common for new users, when the option "change password at next login" is checked. This user tries to use the Self Service to change their password.

Expected behaviour: The Self Service dialog for "Protect account" tells me that my password expired. It then offers to change my password and tells me the requirements (e.g. at least 8 characters).

Observed behaviour: The Self Service dialog for "Protect account" does not tell me that my password expired. Instead it says:
"An error occurred
You are not authorized to perform this action.

Server error message:

Either username or password is incorrect or you are not allowed to use this service."


The user's primary group is listed in "umc/self-service/passwordreset/whitelist/groups".