Closed GoogleCodeExporter closed 8 years ago
Original comment by manico.james@gmail.com
on 2 Nov 2010 at 7:38
Original comment by manico.james@gmail.com
on 2 Nov 2010 at 7:59
Made update to add another small private method called from wherever
verifyPasswordStrength is called that validates the password != account name.
Made a separate method to not break the existing public verifyPasswordStrength
api, especially since the api is intended to change soon to be based on
credential, not just username/password. Also added test to AuthenticatorTest
to verify change worked, and reran all tests - all passed.
Original comment by jtmel...@gmail.com
on 4 Nov 2010 at 3:29
Based on recommendation of team, went back, removed method mentioned above, and
changed verifyPasswordStrength method signature to add a User object as an arg.
See http://code.google.com/p/owasp-esapi-java/source/detail?r=1656
Original comment by jtmel...@gmail.com
on 17 Nov 2010 at 4:28
Original issue reported on code.google.com by
marcin.w...@gmail.com
on 10 Feb 2010 at 3:09