search

sourcefrog / cargo-mutants

:zombie: Inject bugs and see if your tests catch them!
https://mutants.rs/
MIT License
583 stars 27 forks source link

Unable to Set User Password via REST API in OpenDJ #378

Closed anees-sequoiaat closed 3 months ago

anees-sequoiaat commented 3 months ago

Context:

I have configured OpenDJ as an external data store for OpenAM and enabled the REST API. I am able to create users using the REST API successfully. For example, I created a user with the following command:

curl \
 --request PUT \
 --user admin:password \
 --header "Content-Type: application/json" \
 --header "If-None-Match: *" \
 --data '{
  "_id": "newuser2",
  "_schema": "frapi:opendj:rest2ldap:user:1.0",
  "contactInformation": {
    "telephoneNumber": "+1 408 555 1212",
    "emailAddress": "newuser2@example.com"
  },
  "name": {
    "familyName": "New",
    "givenName": "User"
  },
  "displayName": ["New User"],
  "manager": {
    "_id": "admin",
    "displayName": "admin"
  }
 }' \
 http://127.0.0.1:8080/api/users/newuser2?prettyPrint=true

Problem:

The user is created successfully, but I am unable to log in with the newly created user from the OpenAM web login console because no password is set during the user creation process.

Configuration Details:

HTTP Authorization Mechanisms:

HTTP Authorization Mechanism              : Type
------------------------------------------:--------------------------------------------------------
HTTP Anonymous                            : http-anonymous-authorization-mechanism
HTTP Basic                                : http-basic-authorization-mechanism
HTTP OAuth2 CTS                           : http-oauth2-cts-authorization-mechanism
HTTP OAuth2 File                          : http-oauth2-file-authorization-mechanism
HTTP OAuth2 OpenAM                        : http-oauth2-openam-authorization-mechanism
HTTP OAuth2 Token Introspection (RFC7662) : http-oauth2-token-introspection-authorization-mechanism

HTTP Endpoints:

HTTP Endpoint : Type               : enabled
--------------:--------------------:--------
/admin        : admin-endpoint     : true
/api          : rest2ldap-endpoint : true

Question:

1. How can I set or update the user password via the OpenDJ REST API?
2. Is there a specific key or method that should be used to set the password during user creation or immediately afterward?
3. Is there any other attribute or key that should be included in the user creation JSON to set the password correctly?

Any guidance or examples would be greatly appreciated.

Thanks and Regards, Anees

sourcefrog commented 3 months ago

I think you filed this against the wrong project.