-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5, 6.5.0, 6.0.0.6, 6.5.0.1
-
Component/s: idrepo
-
Labels:
Bug description
Error message does not displayed when user tried to change password does not meet password policy.
How to reproduce the issue
- Install OOTB AM 6.0.0.4
- Disable Behera Support Enabled option ([Realm] > Data Stores > embedded > Server Settings)
- Configure the Length Based Password Validator and set the minimum password length to 10:
$ cd /path/to/OpenAMConfig/opends/bin $ ./dsconfig set-password-validator-prop \ --validator-name Length-Based\ Password\ Validator \ --set min-password-length:10 \ --hostname <hostname> \ --port 4444 \ --bindDn cn=Directory\ Manager \ --bindPassword ****** \ --trustAll \ --no-prompt
- Add Length Based Password Validator to Default password policy:
$ ./dsconfig set-password-policy-prop \ --policy-name Default\ Password\ Policy \ --set password-validator:Length-Based\ Password\ Validator \ --hostname <hostname> \ --port 4444 \ --bindDn cn=Directory\ Manager \ --bindPassword ****** \ --trustAll \ --no-prompt
- Authenticate demo user via console. Upon success, redirect to User Profile Page
- Change demo user password. In this case, have a password that length less than 10 (e.g "changeit1")
Expected behaviour
Red Error pop up box with message of "The password policy configured for the user data store was not satisfied.
Current behaviour
Red Error pop up box with no text message displayed
From IdRepo:
amIdm:01/31/2019 04:18:35:003 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[550530e9-0b3d-4ea8-92e4-a94bd0c8de89-2959] IdServicesImpl.changePassword: Unable to change password in the following repository com.sun.identity.idm.plugins.internal.SpecialRepo :: Plug-in com.sun.identity.idm.plugins.internal.SpecialRepo: Changing user password not supported. DJLDAPv3Repo:01/31/2019 04:18:35:003 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[550530e9-0b3d-4ea8-92e4-a94bd0c8de89-2959] changePassword invoked DJLDAPv3Repo:01/31/2019 04:18:35:006 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[550530e9-0b3d-4ea8-92e4-a94bd0c8de89-2959] ERROR: An error occurred while trying to change password for identity: demo Constraint Violation: The provided password value was rejected by a password validator: The provided password is shorter than the minimum required length of 10 characters at org.forgerock.opendj.ldap.LdapException.newLdapException(LdapException.java:219) at org.forgerock.opendj.ldap.LdapClientImpl$Exchange.onNext(LdapClientImpl.java:668) at org.forgerock.opendj.ldap.LdapClientImpl$Exchange.onNext(LdapClientImpl.java:582) .......... at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:593) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:573) at java.lang.Thread.run(Thread.java:748) amIdm:01/31/2019 04:18:35:007 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[550530e9-0b3d-4ea8-92e4-a94bd0c8de89-2959] WARNING: IdServicesImpl.changePassword: Unable to change password following repository org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo :: Plug-in org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo encountered an ldap exception 19: The provided password value was rejected by a password validator: The provided password is shorter than the minimum required length of 10 characters amIdm:01/31/2019 04:18:35:007 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[550530e9-0b3d-4ea8-92e4-a94bd0c8de89-2959] WARNING: IdServicesImpl.changePassword: Unable to change password for identity user::demo in any configured data store Message:Plug-in org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo encountered an ldap exception 19: The provided password value was rejected by a password validator: The provided password is shorter than the minimum required length of 10 characters at org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo.changePassword(DJLDAPv3Repo.java:460) at com.sun.identity.idm.server.IdServicesImpl.changePassword(IdServicesImpl.java:1711) at com.sun.identity.idm.AMIdentity.changePassword(AMIdentity.java:505) .......... at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748)
From CoreSystem:
frRest:01/31/2019 04:18:35:008 PM SGT: Thread[http-nio-8080-exec-10,5,main]: TransactionId[550530e9-0b3d-4ea8-92e4-a94bd0c8de89-2959] ERROR: A runtime exception occurred during the CREST request handling java.lang.ClassCastException: org.forgerock.i18n.LocalizableMessage cannot be cast to java.lang.String at com.sun.identity.idm.IdRepoException.getConstraintViolationDetails(IdRepoException.java:312) at org.forgerock.openam.errors.IdentityResourceExceptionMappingHandler.handleError(IdentityResourceExceptionMappingHandler.java:83) at org.forgerock.openam.core.rest.IdentityRestUtils.changePassword(IdentityRestUtils.java:87) ......... at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748)
Cause
Changes of DJ interface on DJ 6.5 See
compared to DJ3.5 -> 5.5
Notice the type was (String)