-
Type:
Enhancement
-
Status: Closed
-
Priority:
Medium
-
Resolution: Done
-
Component/s: BenAdmin
-
Labels:None
-
Module:BenAdmin - Security
-
Reported by:Support
-
Item State:Production Complete - Closed
-
Sprint:ST Sprint 1
Refer parent ticket for this issue : https://workterra.atlassian.net/browse/ST-84
- Password needs to be encrypt at client side for security purpose. It'll decrypt at server side for authentication. In short, we are transmitting old password in encrypted format.
- relates to
-
-
- Closed
-
| Field | Original Value | New Value |
|---|---|---|
| Item State | Parent values: Development(10200)Level 1 values: In Progress(10206) |
| Assignee | Niteen Surwase [ niteen.surwase ] |
| Status | New Request [ 10029 ] | Pending for Approval [ 10002 ] |
| Status | Pending for Approval [ 10002 ] | Approved for Development [ 10003 ] |
| Status | Approved for Development [ 10003 ] | In Development [ 10007 ] |
| Assignee | Niteen Surwase [ niteen.surwase ] | Amit Gude [ amitg ] |
| Status | In Development [ 10007 ] | Local Testing [ 10200 ] |
| Sprint | ST Sprint 1 [ 1 ] |
| Rank | Ranked higher |
| Assignee | Amit Gude [ amitg ] | Shubhankar Joshi [ shubhankar ] |
| QA | Shubhankar Joshi [ shubhankar ] |
| Status | Local Testing [ 10200 ] | Pending for Stage Approval [ 10300 ] |
This feature has been tested in the local environment and is working as expected. The Passwords are being sent in the encrypted form to the server from the client.
| Attachment | EncryptedChangePassword.png [ 15412 ] |
| Assignee | Shubhankar Joshi [ shubhankar ] | Vijayendra Shinde [ ID10506 ] |
| Module | Parent values: BenAdmin(10100) | Parent values: BenAdmin(10100)Level 1 values: Security(10112) |
| Item State | Parent values: Development(10200)Level 1 values: In Progress(10206) | Parent values: LB QA(10201)Level 1 values: Ready for Stage(10213) |
| Item State | Parent values: LB QA(10201)Level 1 values: Ready for Stage(10213) | Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602) |
| Status | Pending for Stage Approval [ 10300 ] | Approved for Stage [ 10030 ] |
| Assignee | Vijayendra Shinde [ ID10506 ] | Zeeshan Chishty [ zeeshan.chishty ] |
| Status | Approved for Stage [ 10030 ] | Stage Testing [ 10201 ] |
| Developer | Niteen Surwase [ niteen.surwase ] |
Zeeshan Chishty (Inactive)
made changes -
| Description | Password needs to be encrypt at client side for security purpose. It'll decrypt at server side for authentication. In short, we are transmitting old password in encrypted format. | # Password needs to be encrypt at client side for security purpose. It'll decrypt at server side for authentication. In short, we are transmitting old password in encrypted format. |
Hi please implement old password field for verification 
Zeeshan Chishty (Inactive)
added a comment - Hi please implement old password field for verification Zeeshan Chishty (Inactive)
made changes -
| Attachment | WT_old pass.jpg [ 20006 ] |
Zeeshan Chishty (Inactive)
made changes -
| Attachment | Old Password is sent to server in clear text.jpg [ 20015 ] |
Hi Niteen Surwase The old password is sent from Client to server in clear text 
Zeeshan Chishty (Inactive)
added a comment - Hi Niteen Surwase The old password is sent from Client to server in clear text | Attachment | Pwd Encrypt.jpg [ 20126 ] |
Hi Zeeshan Chishty,
Old password is going in encrypted format. You have not verified for old Password Field, Please check it again for Old Password Field not for New Password/Confirm Password field. I have verified it and it is in encrypted format.
To enable Old Password field please refer parent ticket ST-84
| Description | # Password needs to be encrypt at client side for security purpose. It'll decrypt at server side for authentication. In short, we are transmitting old password in encrypted format. |
*{color:green}Refer parent ticket for this issue : [https://workterra.atlassian.net/browse/ST-84]{color}* # Password needs to be encrypt at client side for security purpose. It'll decrypt at server side for authentication. In short, we are transmitting old password in encrypted format. |
Hi Niteen SurwaseNiteen,
I have added the screenshot. If you want more proof Please come at my desk I will show you the steps for it.
Zeeshan Chishty (Inactive)
added a comment - Hi Niteen Surwase Niteen,
I have added the screenshot. If you want more proof Please come at my desk I will show you the steps for it. Reverting back this implementation as encryption is not necessary But temporary moving on production. After that it get removed through all branches.
| Item State | Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602) | Parent values: Stage QA(10202)Level 1 values: Ready for Production(10217) |
| Status | Stage Testing [ 10201 ] | Pending for Production Approval [ 10301 ] |
| Status | Pending for Production Approval [ 10301 ] | Approved for production [ 10034 ] |
| Item State | Parent values: Stage QA(10202)Level 1 values: Ready for Production(10217) | Parent values: Production QA(10203)Level 1 values: Production Deployed(10221) |
| Assignee | Zeeshan Chishty [ zeeshan.chishty ] | Niteen Surwase [ niteen.surwase ] |
| Assignee | Niteen Surwase [ niteen.surwase ] | Zeeshan Chishty [ zeeshan.chishty ] |
Zeeshan Chishty (Inactive)
made changes -
| Assignee | Zeeshan Chishty [ zeeshan.chishty ] | Rakesh Roy [ rakeshr ] |
Hi Rakesh Roy Please take necessary decision on this ticket as the changes are now reverted and I am not sure what should be the status.
Zeeshan Chishty (Inactive)
added a comment - Hi Rakesh Roy Please take necessary decision on this ticket as the changes are now reverted and I am not sure what should be the status. | Assignee | Rakesh Roy [ rakeshr ] | Deepali Tidke [ deepalit ] |
This has been completed on production hence it can be closed, discussed with Niteen.
| Item State | Parent values: Production QA(10203)Level 1 values: Production Deployed(10221) | Parent values: Production Complete(10222)Level 1 values: Closed(10223) |
| Status | Approved for production [ 10034 ] | Production Testing [ 10202 ] |
| Resolution | Fixed [ 1 ] | |
| Status | Production Testing [ 10202 ] | Production Complete [ 10028 ] |
| Status | Production Complete [ 10028 ] | Closed [ 6 ] |
| Transition | Time In Source Status | Execution Times |
|---|
|
22h 46m | 1 |
|
7s | 1 |
|
9s | 1 |
|
24m 46s | 1 |
|
19d 44m | 1 |
|
62d 17h 8m | 1 |
|
5h 11m | 1 |
|
7d 23h 29m | 1 |
|
2m 43s | 1 |
|
23h 19m | 1 |
|
7s | 1 |
|
2s | 1 |
Page :
Change Password (Old Password Field)
Description :
Only encryption and decryption for old password is implemented in this patch.
When we enter all fields and hit save button then it encrypts old password at client side and transmit it to server. When it receives at controller, using same algorithm it is decrypted. While transmitting the old password it is in encrypted format for security.