search

grealish / pwm

Automatically exported from code.google.com/p/pwm
0 stars 0 forks source link

PWM Macro's not working in User Activation Email template #370

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Enable the User Activation module and Token Verification inside the 
Configuration Manager
2. Edit the Email template for the User Activation so that it contain an Macro 
for an LDAP attribute (i.e. @LDAP:AuxTestdisplayName@)
3. Start a new User Activation in the frontend

What is the expected output? What do you see instead?
After entering my details, PWM send an E-mail with an Activation Code. I would 
expect that the PWM Macro Machine would have replaced @LDAP:AuxTestdisplayName@ 
by the LDAP vlaue for that User object inside the e-mail. Instead I get an 
empty replacement insider the e-mail. I double checked ACL's: the PWM proxy 
User has read and compare rights (inheritable) for the attribute 
AuxTestdisplayName on ou=users,o=meta. The User object does have a value for 
the LDAP attribute AuxTestdisplayName.

What version of PWM are you using?
Daily build (pwmVersion="1.7.0" pwmBuild="1216" pwmBuildType="RC1" 
createTime="2013-04-04 06:24:31 +0000") 

What ldap directory and version are you using?
eDirectory for Linux x86_64 v8.8 SP7 ON SLES11 SP1

Please paste any error log messages below:

Catalina.out (anonymized for security reasons):

2013-04-17 15:01:30, TRACE, pwm.Permission, {gj} begin check for permission for 
cn=m123456,ou=users,o=meta for ACTIVATE_USER using queryMatch: 
(&(employeestatus=pwm-init)) [132.229.105.12]
2013-04-17 15:01:30, TRACE, pwm.Permission, {gj} checking ldap to see if 
cn=m123456,ou=users,o=meta matches '(&(employeestatus=pwm-init))' 
[132.229.105.12]
2013-04-17 15:01:30, DEBUG, pwm.Permission, {gj} user 
cn=m123456,ou=users,o=meta is a match for '(&(employeestatus=pwm-init))', 
granting privilege for ACTIVATE_USER [132.229.105.12]
2013-04-17 15:01:30, TRACE, operations.UserStatusHelper, {gj} read 
pwmPassswordChangeTime as: null [132.229.105.12]
2013-04-17 15:01:30, DEBUG, operations.UserSearchEngine, beginning user search 
process
2013-04-17 15:01:30, DEBUG, operations.UserSearchEngine, performing ldap search 
for user, base=ou=users,o=meta filter=SearchHelper: filter: 
(&(pwmToken=7E01C31FAD1A1EE21E3FA3220BA8350D-hash*)(objectClass=AuxTestperson)),
 scope: SUBTREE, attributes: []
2013-04-17 15:01:30, TRACE, operations.UserSearchEngine, user not found in 
context ou=users,o=meta
2013-04-17 15:01:30, DEBUG, operations.UserSearchEngine, completed user search 
process in 2ms, resultSize=0
2013-04-17 15:01:30, DEBUG, servlet.ActivateUserServlet, {gj} generated 
activate user tokenKey code for session [132.229.105.12]
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteHost@ 
with value: test.example.com
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, could not replace value for 
'@LDAP:AuxTestdisplayName@', user does not have value for 'AuxTestdisplayName'
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, could not replace value for 
'@LDAP:AuxTestdisplayName@', user does not have value for 'AuxTestdisplayName'
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, TRACE, util.PwmMacroMachine, replaced Macro @SiteURL@ with 
value: https://test.example.com/pwm
2013-04-17 15:01:30, DEBUG, servlet.ActivateUserServlet, {gj} token email added 
to send queue for test@gmail.com [132.229.105.12]
2013-04-17 15:01:30, TRACE, servlet.ResourceFileServlet, {gj} GET request for: 
/pwm/public/resources/themes/red/logout.png (no params)  [132.229.105.12]
2013-04-17 15:01:31, DEBUG, queue.EmailQueueManager, successfully sent 
authenticated email: from: Activation Verification <noreply@test.example.com>, 
to: test@gmail.com, subject: Account Verification

ndstrace with LDAP debug (anonymized for security reasons):

        filter: "(&(objectClass=AuxTestperson)(AuxTestuser=veldhuisens)(AuxTestdateOfBirth=06-05-1978))"
        attribute: "1.1"
1313110336 LDAP: [2013/04/17 15:01:30.482] (132.229.42.142:57919)(0x000c:0x63) 
Sending search result entry "cn=m123456,ou=Users,o=Meta" to connection 
0xfffffffff8cd0420
1313110336 LDAP: [2013/04/17 15:01:30.482] (132.229.42.142:57919)(0x000c:0x63) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420
1299446080 LDAP: [2013/04/17 15:01:30.485] (132.229.42.142:57919)(0x000d:0x63) 
DoSearch on connection 0xfffffffff8cd0420
1299446080 LDAP: [2013/04/17 15:01:30.485] (132.229.42.142:57919)(0x000d:0x63) 
Search request:
        base: "cn=m123456,ou=users,o=meta"
        scope:0  dereference:0  sizelimit:0  timelimit:0  attrsonly:0
        filter: "(&(employeestatus=pwm-init))"
        attribute: "1.1"
1299446080 LDAP: [2013/04/17 15:01:30.487] (132.229.42.142:57919)(0x000d:0x63) 
Sending search result entry "cn=m123456,ou=Users,o=Meta" to connection 
0xfffffffff8cd0420
1299446080 LDAP: [2013/04/17 15:01:30.487] (132.229.42.142:57919)(0x000d:0x63) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420
1302600000 LDAP: [2013/04/17 15:01:30.488] (132.229.42.142:57919)(0x000e:0x63) 
DoSearch on connection 0xfffffffff8cd0420
1302600000 LDAP: [2013/04/17 15:01:30.488] (132.229.42.142:57919)(0x000e:0x63) 
Search request:
        base: "cn=m123456,ou=users,o=meta"
        scope:0  dereference:0  sizelimit:0  timelimit:0  attrsonly:0
        filter: "(objectClass=*)"
        attribute: "AuxTestmail3"
1302600000 LDAP: [2013/04/17 15:01:30.489] (132.229.42.142:57919)(0x000e:0x63) 
Sending search result entry "cn=m123456,ou=Users,o=Meta" to connection 
0xfffffffff8cd0420
1302600000 LDAP: [2013/04/17 15:01:30.489] (132.229.42.142:57919)(0x000e:0x63) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420
1235433792 LDAP: [2013/04/17 15:01:30.490] (132.229.42.142:57919)(0x000f:0x63) 
DoSearch on connection 0xfffffffff8cd0420
1235433792 LDAP: [2013/04/17 15:01:30.490] (132.229.42.142:57919)(0x000f:0x63) 
Search request:
        base: "cn=m123456,ou=users,o=meta"
        scope:0  dereference:0  sizelimit:0  timelimit:0  attrsonly:0
        filter: "(objectClass=*)"
        attribute: "AuxTestsmsNumber"
1235433792 LDAP: [2013/04/17 15:01:30.491] (132.229.42.142:57919)(0x000f:0x63) 
Sending search result entry "cn=m123456,ou=Users,o=Meta" to connection 
0xfffffffff8cd0420
1235433792 LDAP: [2013/04/17 15:01:30.491] (132.229.42.142:57919)(0x000f:0x63) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420
1229117760 LDAP: [2013/04/17 15:01:30.492] (132.229.42.142:57919)(0x0010:0x63) 
DoSearch on connection 0xfffffffff8cd0420
1229117760 LDAP: [2013/04/17 15:01:30.492] (132.229.42.142:57919)(0x0010:0x63) 
Search request:
        base: "cn=m123456,ou=users,o=meta"
        scope:0  dereference:0  sizelimit:0  timelimit:0  attrsonly:0
        filter: "(objectClass=*)"
        attribute: "pwdChangedTime"
1229117760 LDAP: [2013/04/17 15:01:30.493] (132.229.42.142:57919)(0x0010:0x63) 
Sending search result entry "cn=m123456,ou=Users,o=Meta" to connection 
0xfffffffff8cd0420
1229117760 LDAP: [2013/04/17 15:01:30.493] (132.229.42.142:57919)(0x0010:0x63) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420
1302600000 LDAP: [2013/04/17 15:01:30.495] (132.229.42.142:57919)(0x0011:0x63) 
DoSearch on connection 0xfffffffff8cd0420
1302600000 LDAP: [2013/04/17 15:01:30.495] (132.229.42.142:57919)(0x0011:0x63) 
Search request:
        base: "cn=m123456,ou=users,o=meta"
        scope:0  dereference:0  sizelimit:0  timelimit:0  attrsonly:0
        filter: "(objectClass=*)"
        attribute: "pwmLastPwdUpdate"
1302600000 LDAP: [2013/04/17 15:01:30.496] (132.229.42.142:57919)(0x0011:0x63) 
Sending search result entry "cn=m123456,ou=Users,o=Meta" to connection 
0xfffffffff8cd0420
1302600000 LDAP: [2013/04/17 15:01:30.496] (132.229.42.142:57919)(0x0011:0x63) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420
1235433792 LDAP: [2013/04/17 15:01:30.499] (132.229.42.142:57919)(0x0012:0x63) 
DoSearch on connection 0xfffffffff8cd0420
1235433792 LDAP: [2013/04/17 15:01:30.499] (132.229.42.142:57919)(0x0012:0x63) 
Search request:
        base: "ou=users,o=meta"
        scope:2  dereference:0  sizelimit:2  timelimit:0  attrsonly:0
        filter: "(&(pwmToken=7E01C31FAD1A1EE21E3FA3220BA8350D-hash*)(objectClass=AuxTestperson))"
        attribute: "1.1"
1235433792 LDAP: [2013/04/17 15:01:30.499] (132.229.42.142:57919)(0x0012:0x63) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420
1095817536 LDAP: [2013/04/17 15:01:30.504] (132.229.42.142:57919)(0x0013:0x66) 
DoModify on connection 0xfffffffff8cd0420
1095817536 LDAP: [2013/04/17 15:01:30.505] (132.229.42.142:57919)(0x0013:0x66) 
modify: dn (cn=m123456,ou=users,o=meta)
1095817536 LDAP: [2013/04/17 15:01:30.505] (132.229.42.142:57919)(0x0013:0x66) 
modifications:
1095817536 LDAP: [2013/04/17 15:01:30.505] (132.229.42.142:57919)(0x0013:0x66)  
replace: pwmToken
1095817536 LDAP: [2013/04/17 15:01:30.521] (132.229.42.142:57919)(0x0013:0x66) 
Sending operation result 0:"":"" to connection 0xfffffffff8cd0420

Original issue reported on code.google.com by sebastia...@gmail.com on 18 Apr 2013 at 5:56

GoogleCodeExporter commented 9 years ago 
The same behavior applies to the Forgotten Password Email template. Macro's for 
LDAP attributes are replaced with empty values as well. I'm not sure about all 
the other templates, because I'm not using them in my setup.

Original comment by sebastia...@gmail.com on 18 Apr 2013 at 6:23

GoogleCodeExporter commented 9 years ago 
The macros are working.  The problem is the attributes aren't loaded into the 
session cache.  As a workaround, add the attributes to an unused form, and they 
will be read during the session start and be available for macros.  

Leaving open until a better fix is implemented.

Original comment by jrivard on 25 Apr 2013 at 8:05

GoogleCodeExporter commented 9 years ago 
Could you elaborate a bit on the unused form workaround? I'm, not sure what 
type of "form" you mean and where to put it (PWM Form inside the Configuration, 
HTML form inside the JSP pages etc.).

Original comment by sebastia...@gmail.com on 1 May 2013 at 1:56

GoogleCodeExporter commented 9 years ago 
Closing bug as latest current builds have this issue resolved.

Original comment by jrivard on 20 May 2013 at 9:08

GoogleCodeExporter commented 9 years ago 
Excellent! Thanks for fixing this. The invocation of the macro now fills in the 
LDAP values for all email templates (including those without an available 
authenticated user).

Original comment by sebastia...@gmail.com on 21 May 2013 at 6:19