Awesome, thanks @phil and team. It is great to see all of these patches come through relatively soon to each other and with similar issues bringing each version closer together.
Regarding the fix for the password resets, ( in the notes as DHIS-9065) do you know if there has been a unified approach developed for password requirements, reset messages, errors, etc? From what I remember on the tickets I follow there were many different requirements depending on how you end up troubleshooting your password and it caused a lot of confusion. As noted by Jim & Ben.
Given that DHIS2-9436 is more recent and still open it looks like Morten’s team may still be working on it.
Not looking for a solution, just some info on what is to come if there is some
There were no changes made to the password requirements as part of DHIS-9065—we were just trying to get the message to reflect the requirements. As there were architectural changes post-2.34, it seemed to make more sense to do the quickest fix for these older versions of DHIS2, so that’s what @Jim_Grace did. (Thank you again, Jim!)
I am unsure whether the message matches the requirements in 2.35 and 2.36, but the work on those versions (tracked in DHIS2-9436) will likely include harmonizing the requirements as well as improving the messages. But maybe @netroms or @phil can speak more to that.
I assume the server.https setting relates to the server at the client end of the installation, whether it be an NGINX reverse proxy or Tomcat hosting DHIS2? i.e. if Tomcat is running on a local IP only on http port 8080 and NGINX reverse proxy on the public interface with port 443 https, we can (and should) enable server.https?