Forgotten password feature does not work after 1.6.2 update

GoogleCodeExporter commented 9 years ago

What steps will reproduce the problem?
Forgotten password feature does not work after 1.6.2 update from 1.6.1.
We enable only "require email token" option to retrive the password.
We enter username and email on forgotten password form.
Then browser presents a form with the "error" message and no mail is sent.

What version of PWM are you using?
1.6.2

What ldap directory and version are you using?
edirectory 8.7.10

Please paste any error log messages below:
2012-07-20 16:45:46, TRACE, pwm.SessionFilter, {19} POST request for: 
/pwm/public/ForgottenPassword  [10.10.10.10/pelletosh]
  mail='xxxxx@xxx'
  pwmFormID='xhrtBURK8rQoCteY0kdkcZbj2W0vCwMG138a4d98b5fhl3y0f'
  processAction='checkResponses'
2012-07-20 16:45:46, TRACE, servlet.ForgottenPasswordServlet, {19} successful 
validation of ldap attribute value for 'mail' [10.10.10.10/pelletosh]
2012-07-20 16:45:46, ERROR, servlet.ForgottenPasswordServlet, {19} 
password.pwm.error.ErrorInformation@1c719f0 [10.10.10.10/pelletosh]

Best regards
 Sandro

Original issue reported on code.google.com by spell...@gmail.com on 20 Jul 2012 at 2:47

GoogleCodeExporter commented 9 years ago

We have jre1.6.0_23.
Perhaps we have to install J2SE.

Best regards
 Sandro

Original comment by spell...@gmail.com on 20 Jul 2012 at 2:59

GoogleCodeExporter commented 9 years ago

We use jdk 1.7.0, but we cannot use forgotten password.
Same error:

2012-07-20 17:30:33, ERROR, servlet.ForgottenPasswordServlet, {1b~} 
password.pwm.error.ErrorInformation@8ac488 [10.10.10.10/pelletosh]

 Sandro

Original comment by spell...@gmail.com on 20 Jul 2012 at 3:34

GoogleCodeExporter commented 9 years ago

Do you see any errors on the health page?  Can you please share a more complete 
log?

Original comment by jrivard on 21 Jul 2012 at 6:44

Changed state: NeedInfo

GoogleCodeExporter commented 9 years ago

I have to enable "Integration / Enable External Web Services" to view 
health.jsp page in this release. Is it safe to enable this feature?
There are no error in health page. See the enclosed print screen and note 
random password generated on this form.
Here catalina log extract with servlet error during forgotten password and 
randompasswordgenerator on health page:
2012-07-23 10:51:46, TRACE, pwm.EventManager, {1h} http session created
2012-07-23 10:51:46, TRACE, pwm.SessionFilter, {1h} http session headers:  
[10.10.27.81/pelletosh]
  host=aaa-devldap:8280
  user-agent=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0
  accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  accept-language=it-it,it;q=0.8,en-us;q=0.5,en;q=0.3
  accept-encoding=gzip, deflate
  connection=keep-alive
2012-07-23 10:51:46, TRACE, pwm.SessionFilter, {1h} GET request for: 
/pwm/public/ForgottenPassword (no params)  [10.10.27.81/pelletosh]
2012-07-23 10:51:46, TRACE, pwm.SessionFilter, {1h} user locale set to 'it' 
[10.10.27.81/pelletosh]
2012-07-23 10:51:46, TRACE, pwm.SessionFilter, {1h} session has not been 
validated, redirecting with verification key to 
http://aaa-devldap:8280/pwm/public/ForgottenPassword?session_verificiation_key=m
73Jvm6wdphCJoPg6lQ3udkOATUBNmYs138b308f92f [10.10.27.81/pelletosh]
2012-07-23 10:51:46, TRACE, pwm.SessionFilter, {1h} GET request for: 
/pwm/public/ForgottenPassword  [10.10.27.81/pelletosh]
  session_verificiation_key='m73Jvm6wdphCJoPg6lQ3udkOATUBNmYs138b308f92f'
2012-07-23 10:51:46, TRACE, pwm.SessionFilter, {1h} session validated, 
redirecting to original request url: 
http://aaa-devldap:8280/pwm/public/ForgottenPassword? [10.10.27.81/pelletosh]
2012-07-23 10:51:46, TRACE, pwm.SessionFilter, {1h} GET request for: 
/pwm/public/ForgottenPassword (no params)  [10.10.27.81/pelletosh]
2012-07-23 10:51:46, DEBUG, pwm.CaptchaFilter, {1h} reCaptcha private or public 
key not configured, skipping captcha check [10.10.27.81/pelletosh]
2012-07-23 10:51:50, TRACE, pwm.SessionFilter, {1h} POST request for: 
/pwm/public/ForgottenPassword  [10.10.27.81/pelletosh]
  pwmFormID='m73Jvm6wdphCJoPg6lQ3udkOATUBNmYs138b308f92f3b1zxd'
  processAction='search'
  username='pelle100'
2012-07-23 10:51:50, TRACE, pwm.UserStatusHelper, {1h} username does not appear 
to be a DN (does not start with configured ldap naming attribute 'cn') 
[10.10.27.81/pelletosh]
2012-07-23 10:51:50, TRACE, pwm.UserStatusHelper, {1h} attempting username 
search for 'pelle100' in context o=LIGURIA [10.10.27.81/pelletosh]
2012-07-23 10:51:50, TRACE, pwm.UserStatusHelper, {1h} search for username: 
(&(objectClass=person)(cn=pelle100)), searchDN: o=LIGURIA 
[10.10.27.81/pelletosh]
2012-07-23 10:51:50, TRACE, pwm.UserStatusHelper, {1h} username match found: 
cn=pelle100,ou=P,ou=AutoRegistrati,ou=ExternalUsers,o=LIGURIA 
[10.10.27.81/pelletosh]
2012-07-23 10:51:58, TRACE, pwm.SessionFilter, {1h} POST request for: 
/pwm/public/ForgottenPassword  [10.10.27.81/pelletosh]
  mail='XXXXXXXXXXXXXXXX'
  pwmFormID='m73Jvm6wdphCJoPg6lQ3udkOATUBNmYs138b308f92f3b1zxd'
  processAction='checkResponses'
2012-07-23 10:51:58, TRACE, servlet.ForgottenPasswordServlet, {1h} successful 
validation of ldap attribute value for 'mail' [10.10.27.81/pelletosh]
2012-07-23 10:51:58, ERROR, servlet.ForgottenPasswordServlet, {1h} 
password.pwm.error.ErrorInformation@1ae2b61 [10.10.27.81/pelletosh]

.....

2012-07-23 11:05:20, TRACE, rest.RestHealthServer, {1j} GET request for: 
/pwm/public/rest/pwm-health
  pwmFormID='UJUvsHozsy3vqnvjl60SwfGQJmipwn44138b30eee531orwd4'
  dojo.preventCache='1343034320494'
2012-07-23 11:05:20, WARN , pwm.Validator, {1j} form submitted with incorrect 
pwmFormID value
2012-07-23 11:05:30, TRACE, rest.RestHealthServer, {1j} GET request for: 
/pwm/public/rest/pwm-health
  pwmFormID='UJUvsHozsy3vqnvjl60SwfGQJmipwn44138b30eee531orwd4'
  dojo.preventCache='1343034330546'
2012-07-23 11:05:30, WARN , pwm.Validator, {1j} form submitted with incorrect 
pwmFormID value
2012-07-23 11:05:33, TRACE, rest.RestRandomPasswordServer, {1j} POST request 
for: /pwm/public/rest/randompassword
  pwmFormID='UJUvsHozsy3vqnvjl60SwfGQJmipwn44138b30eee531orwd4'
2012-07-23 11:05:33, WARN , pwm.Validator, {1j} form submitted with incorrect 
pwmFormID value
2012-07-23 11:05:33, TRACE, util.Helper, {1j} externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 44
2012-07-23 11:05:33, TRACE, pwm.Validator, {1j} password rejected, password 
strength of 44 is lower than policy requirement of 45
2012-07-23 11:05:33, TRACE, util.Helper, {1j} externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 66
2012-07-23 11:05:33, TRACE, util.RandomPasswordGenerator, {1j} finished random 
password generation in 3ms after 2 tries.
2012-07-23 11:05:33, TRACE, util.RandomPasswordGenerator, {1j} real-time random 
password generator called (3ms)

Best regards
 Sandro

Original comment by spell...@gmail.com on 23 Jul 2012 at 9:10

Attachments:

sr245_screenCapture.JPG

GoogleCodeExporter commented 9 years ago

Fixed in svn revision 442.  This bug appears to occur only when responses are 
not required, but there are mandatory attributes required as part of the 
response process.

Original comment by jrivard on 23 Jul 2012 at 11:30

Changed state: Fixed
Added labels: Type-Defect
Removed labels: Type-Help

fbordina / pwm

Forgotten password feature does not work after 1.6.2 update #245