Version 1.6.0
ℹ️ Self Service Password
LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password if they lost it.
It works with any LDAP directory, including Active Directory.
📄 What's Changed
- Update tr.inc.php by @berkaycagir in #775
- Audit log by @coudot in #781
- Use login_hint to prefill user login by @coudot in #795
- Update phpunit by @coudot in #799
- translated the line $messages['tokensent_ifexists'] into german by @piang0 in #804
- First implementation of a page to set mail and phone attributes by @coudot in #808
- Use LTB LDAP common PHP lib by @coudot in #797
- Update tr.inc.php by @berkaycagir in #812
- Complete and fix pt-BR translation by @natanjunges in #815
- Filter allowed languages by @coudot in #829
- Error handling when using the signal-cli api for sms by @armfem in #833
- Update it.inc.php by @iotaka in #839
- Upgrade Bootstrap to 5.3 by @coudot in #837
- Fix pt-BR translation for pwned password policy by @campolargo in #841
- prevent multiple form submits (#844) by @davidcoutadeur in #845
- 830 entropy by @davidcoutadeur in #843
- remove useless show_policy function, now rendered by smarty template by @davidcoutadeur in #842
- Remove criteria depending on old password when unavailable (#855) by @davidcoutadeur in #856
- add docker image labels (#778) + update base image to php:8.2 + smarty to v4.4.1 by @davidcoutadeur in #866
- update bundled dependencies + mv them as composer managed dep (#849) by @davidcoutadeur in #859
- Spec cleanup (#846) by @davidcoutadeur in #847
- deb cleanup (#852) by @davidcoutadeur in #858
- Avoid host header poisoning by @coudot in #857
- Use a dedicated CSS class for ppolicy div by @coudot in #873
- Test crypt_tokens parameter if SMS feature is enabled by @coudot in #874
- Securisation of reset by SMS token feature by @armfem in #851
- use new ltb-ldap v0.2 and adapt method signatures (#878) by @davidcoutadeur in #879
- 878 use ltb ldap functions by @davidcoutadeur in #882
- Use POST instead of GET in check entropy module (#884) by @davidcoutadeur in #885
- compute pwd_diff_last_min_chars the same way than at backend side (#868) by @davidcoutadeur in #869
- reinject default configuration file into conf directory (#831) by @davidcoutadeur in #870
- fix warnings for uninitialized variables (#887) by @davidcoutadeur in #888
- ability to change custom password fields, developped by @markus-96 (#864) by @davidcoutadeur in #865
- Correction of max number of attempts for token sent by sms bug by @armfem in #890
- remove global variables in sendsms.php (#889) by @davidcoutadeur in #891
- Corrected error introduced when adding obscure notifications by @armfem in #892
- 674 notify by mail code factorization by @davidcoutadeur in #893
- Remove obscure_failure_messages option by @coudot in #899
Full Changelog: v1.5.4...v1.6.0
👥 Main Team
🤝 New Contributors
- @piang0 made their first contribution in #804
- @natanjunges made their first contribution in #815
- @armfem made their first contribution in #833
- @iotaka made their first contribution in #839
- @campolargo made their first contribution in #841
⬇️ Download
Get tarball and packages on https://ltb-project.org/download.html
Use our apt and yum repositories to ease the installation:
- https://self-service-password.readthedocs.io/en/latest/installation.html#debian-ubuntu
- https://self-service-password.readthedocs.io/en/latest/installation.html#centos-redhat
You can also use our Docker image: https://hub.docker.com/r/ltbproject/self-service-password