Random Token Security Key generation is one character too short

[GoogleCodeExporter]

What steps will reproduce the problem?
1. In the Configuration Manager go to Configuration editor -> Settings -> 
Security
2. Click on Set password at the Security Key configuration option
3. Save the configuration
4. Put the length of the key on 32, Special=off, Show=off
5. Press the random button
6. Confirm the generated key and Click on Set password

What is the expected output? What do you see instead?
I would expect that PWM would accept its own generated security key. Instead I 
get an error upon saving the configuration: "5203 CONFIG_FORMAT_ERROR 
(Security-Security Key incorrect value format for value 
'12345678hkK9g2pE91kHWHYnH54pD6S')". It looks like the generated security key 
is 1 character too short (31 characters, instead of the 32 minimum required 
characters.

What version of PWM are you using?
Daily build (pwmVersion="1.7.0" pwmBuild="1216" pwmBuildType="RC1" 
createTime="2013-04-04 06:24:31 +0000")

What ldap directory and version are you using?
eDirectory for Linux x86_64 v8.8 SP7 ON SLES11 SP1

Original issue reported on code.google.com by sebastia...@gmail.com on 25 Apr 2013 at 6:01

[GoogleCodeExporter]

Unable to reproduce.

Original comment by jrivard on 25 Apr 2013 at 8:02

[GoogleCodeExporter]

That is a pity ;) Some more detail on my setup:

Servlet container/ Web Server: tomcat6-6.0.18-20
OS: SLES 11 SP1
Java SDK: tried both IBM 1.6.0 J9 SDK and Oracle 1.7.0_u21 SDK

Some tips on how I can pinpoint this problem?

Original comment by sebastia...@gmail.com on 25 Apr 2013 at 2:28

[GoogleCodeExporter]

Finally got some logging from catalina.out:

2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 94
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 94
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 94
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 94
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 94
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 94
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 97
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 100
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 100
2013-05-03 15:06:17, TRACE, util.Helper, externalJudgeMethod 
'password.pwm.PwmPasswordJudge' returned a value of 100
2013-05-03 15:06:17, ERROR, util.RandomPasswordGenerator, {p,testuser} failed 
random password generation after 3s after 1000 tries. (errors=2, judgeLevel=100 
[132.321.123.321]

Original comment by sebastia...@gmail.com on 3 May 2013 at 1:23

[GoogleCodeExporter]

Dived a bit deeper into the source. It looks like the random generated password 
must comply to the password policy of the authneticated user that is generating 
the security key 
(pwm/servlet/src/password/pwm/ws/server/rest/RestRandomPasswordServer.java)

This leads to problems if the password policy for regular users does not allow 
passwords of 32 characters :)

I'm not sure why that logic is in there, but it looks wrong to me

Original comment by sebastia...@gmail.com on 3 May 2013 at 2:44

[GoogleCodeExporter]

Original comment by jrivard on 14 Jun 2013 at 3:48

• Changed state: Accepted
• Added labels: Priority-Low, Type-Defect
• Removed labels: Priority-Medium, Type-Help