Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13581

"Try Resetting Your Password Again" link fails if the Single use Token is expired/used

    XMLWordPrintable

    Details

    • Rank:
      1|hzpuef:
    • AM Sustaining Sprint 55
    • 5
    • Yes
    • No
    • No
    • Yes and I used the same an in the description

      Description

      Bug description

      If you invalidate the single use token used for Self-Service Password Reset, the link Try Resetting Your Password Again will fail to function and will not generate another email or take you back to enter your Username and reset your password.

      How to reproduce the issue

      Will Email Self Service configured do the following

      1. Click the Forgot password link and generate the Email
      2. Click on the Link once, but do not reset your password
      3. Click on the link again, the one time token is no longer valid due to OPENAM-8349
      4. Click on the Try Resetting Your Password Again again link it should link back to:
        http://openam6.example.com:8080/openam/XUI/?realm=/#
        But this will not work. 
      5. If you click on Return to Login page, and also click on fogot password again this will fail also with "Snapshot token is invalid" 
      Expected behaviour
      User should be able to reset password again in the same browser without need to clear or restart browser
      Current behaviour
      User would have to close browser to reset password again.

       

        Attachments

          Activity

            People

            lawrence.yarham Lawrence Yarham
            william.hepler William Hepler
            Filip Kubáň [X] Filip Kubáň [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: