GeoNetwork is a catalog application to manage spatially referenced resources. It provides powerful metadata editing and search functions as well as an interactive web map viewer. It is currently used in numerous Spatial Data Infrastructure initiatives across the world.
Legacy users have in the security field in the database the value update_hash_required as in previous versions of GeoNetwork the encoder algorithm was different. So they have to reset the password.
When reseting the password from the Admin UI, it works updating the password and removing previous value:
Legacy users have in the
security
field in the database the valueupdate_hash_required
as in previous versions of GeoNetwork the encoder algorithm was different. So they have to reset the password.When reseting the password from the Admin UI, it works updating the password and removing previous value:
https://github.com/geonetwork/core-geonetwork/blob/3.4.x/core/src/main/java/org/fao/geonet/util/PasswordUtil.java#L220
But not from the Forgot password that uses
PasswordApi
and doesn't remove that attribute, so the user can't login:https://github.com/geonetwork/core-geonetwork/blob/3.4.x/services/src/main/java/org/fao/geonet/api/users/PasswordApi.java#L136