• Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • core
    • None

      A user is being allowed to create with invalid password credentials (<14 characters in length) when created via !https://github.com/fluidicon.png!jenkins/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java at b8e5141a9e69318d908982eaecdfea798010f954 · jenkinsci/jenkins (IN FIPS MODE)

      Expected Results.

      Ensure that user with invalid credentials is not allowed to be created in FIPS mode.

       

          [JENKINS-74918] Missing a potential FIPS validation

          Tejas created issue -
          Tejas made changes -
          Description Original: A user is being allowed to create with invalid password credentials (<14 characters in length) when created via [!https://github.com/fluidicon.png!jenkins/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java at b8e5141a9e69318d908982eaecdfea798010f954 · jenkinsci/jenkins|https://github.com/jenkinsci/jenkins/blob/b8e5141a9e69318d908982eaecdfea798010f954/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java#L534] *(IN FIPS MODE)* New: A user is being allowed to create with invalid password credentials (<14 characters in length) when created via [!https://github.com/fluidicon.png!jenkins/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java at b8e5141a9e69318d908982eaecdfea798010f954 · jenkinsci/jenkins|https://github.com/jenkinsci/jenkins/blob/b8e5141a9e69318d908982eaecdfea798010f954/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java#L534] *(IN FIPS MODE)*


          *Expected Results.*

          **

          Ensure that user with invalid credentials is not allowed to be created in FIPS mode.

           
          Tejas made changes -
          Description Original: A user is being allowed to create with invalid password credentials (<14 characters in length) when created via [!https://github.com/fluidicon.png!jenkins/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java at b8e5141a9e69318d908982eaecdfea798010f954 · jenkinsci/jenkins|https://github.com/jenkinsci/jenkins/blob/b8e5141a9e69318d908982eaecdfea798010f954/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java#L534] *(IN FIPS MODE)*


          *Expected Results.*

          **

          Ensure that user with invalid credentials is not allowed to be created in FIPS mode.

           
          New: A user is being allowed to create with invalid password credentials (<14 characters in length) when created via [!https://github.com/fluidicon.png!jenkins/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java at b8e5141a9e69318d908982eaecdfea798010f954 · jenkinsci/jenkins|https://github.com/jenkinsci/jenkins/blob/b8e5141a9e69318d908982eaecdfea798010f954/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java#L534] *(IN FIPS MODE)*

          *Expected Results.*

          Ensure that user with invalid credentials is not allowed to be created in FIPS mode.

           
          Tejas made changes -
          Link New: This issue is related to JENKINS-74858 [ JENKINS-74858 ]

            Unassigned Unassigned
            tejas_drolia Tejas
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: