How to get jira to see beyond just 8 chars in the password?

Carey Clagett May 20, 2016

We have JIRA (v6.4.1) configured so it authenticates from openLdap. The ldap is configured to accept no less than 12 chars for a password when a user sets it. At login, we've found that JIRA only reads in the first 8 chars of a password and dismisses the rest. How can we force JIRA to read in 12 chars and compare it to the password in ldap before authenticating a user?

1 answer

1 vote
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 20, 2016

That doesn't sound right to me - I'm using at least one JIRA with openLDAP and a 24 character password that won't let me in unless the whole password is correct.

Carey Clagett May 20, 2016

I didn't think it sounded right either, which is why I'm asking. JIRA is using a read-only copy of the LDAP database, and somehow a configuration somewhere must be indicating to only read in the first 8 characters. I need to know how to expand that to read at minimum 12.

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 20, 2016

That's the problem, JIRA simply doesn't have anything that would do that.  There is code for checking password length and complexity in internal directories, but there's nothing that chops up passwords as they're entered, stored or checked.  All I can think of is that there's something in the LDAP settings.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events