Support disabling specific password methods

Adding a password method for empty passwords showed that it would be useful to be able to only allow a subset of the existing password methods.

This would allow to disable empty passwords, or clear text passwords for instance.

added PJ1804-0204 label

By bmortier on 2018-10-29T16:05:56 (imported from GitLab)

added fusiondirectory-core label

By bmortier on 2018-10-29T16:06:03 (imported from GitLab)

changed due date to June 11, 2019

By bmortier on 2019-06-04T12:25:33 (imported from GitLab)

mentioned in merge request !606

By Côme Chilliet on 2019-06-13T08:52:15 (imported from GitLab)

created merge request !606 to address this issue

By Côme Chilliet on 2019-06-13T08:52:15 (imported from GitLab)

mentioned in commit ae651615

By Côme Chilliet on 2019-06-13T09:54:15 (imported from GitLab)

mentioned in commit e1a17e48

By Côme Chilliet on 2019-06-13T09:54:16 (imported from GitLab)

mentioned in commit 5627399b

By Côme Chilliet on 2019-06-13T10:14:07 (imported from GitLab)

Password methods files were renamed for consistency:

• include/password-methods/{class_password-methods.inc => class_passwordMethod.inc}
• include/password-methods/{class_password-methods-clear.inc => class_passwordMethodClear.inc}
• include/password-methods/{class_password-methods-crypt.inc => class_passwordMethodCrypt.inc}
• include/password-methods/{class_password-methods-empty.inc => class_passwordMethodEmpty.inc}
• include/password-methods/{class_password-methods-md5.inc => class_passwordMethodMd5.inc}
• include/password-methods/{class_password-methods-sasl.inc => class_passwordMethodSasl.inc}
• include/password-methods/{class_password-methods-sha.inc => class_passwordMethodSha.inc}
• include/password-methods/{class_password-methods-smd5.inc => class_passwordMethodSmd5.inc}
• include/password-methods/{class_password-methods-ssha.inc => class_passwordMethodSsha.inc}

Should be tested:

1. Use a password method other than the default for a user
2. Remove this method from authorized list
3. Edit this user and attempt to save it

(I’d expect the method used to show but not to be "savable" I guess. At least not if the password is changed.)

By Côme Chilliet on 2019-06-13T11:53:35 (imported from GitLab)

added 3h of time spent at 2019-06-13

By Côme Chilliet on 2019-06-13T11:53:36 (imported from GitLab)

added To Be Tested packaging labels

assigned to @jswaelens and unassigned @MCMic

By Côme Chilliet on 2019-06-13T11:53:37 (imported from GitLab)

I tested on my VM but the password is reencrypted.

1. Have a user with an allowed password method (md5)
2. Remove md5 from the allowed password method
3. Edit your user and save it back
4. The pasword i encrypted in ssha (I didn't test the new password)

By Jonathan Swaelens on 2019-06-17T13:47:58 (imported from GitLab)

added 42m of time spent at 2019-06-17

By Jonathan Swaelens on 2019-06-17T13:47:59 (imported from GitLab)

removed To Be Tested label

assigned to @MCMic and unassigned @jswaelens

By Jonathan Swaelens on 2019-06-17T13:47:59 (imported from GitLab)

created merge request !609 to address this issue

By Côme Chilliet on 2019-06-18T10:44:47 (imported from GitLab)

mentioned in merge request !609

By Côme Chilliet on 2019-06-18T10:44:47 (imported from GitLab)

mentioned in commit 96e2d60b

By Côme Chilliet on 2019-06-18T10:50:21 (imported from GitLab)

mentioned in commit f42f7c15

By Côme Chilliet on 2019-06-18T10:50:21 (imported from GitLab)