Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5557

XUI fails on password change with WDSSO enabled

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 12.0.0
    • Fix Version/s: None
    • Component/s: XUI
    • Labels:
      None

      Description

      The XUI profile page fails on changing the users password when the default authentication chains has been configured for WDSSO.
      When trying to change the password, XUI responds with a "invalid password" message, although the password is correct.

      The auth chains is configured like this:
      1. WDSSO as SUFFICIENT
      2. Datastore (against external OpenDJ) as REQUIRED

      The chain is working properly with normal authentication on secured services.
      Users with valid Kerberos tickets are authenticated automatically, others provide user/password in the XUI login prompt.

      Steps to reproduce:
      1. Setup WDSSO authentication against AD (see auth chain above)
      2. Enable XUI
      3. Verify that authentication without Kerberos is working properly for a chosen user via the login prompt. Remember the password.
      You should now be located in the XUI profile screen (.../openam/XUI/#profile/).
      4. Hit the change password link and provide old & new credentials for the user.
      5. Submit the form and note the error message about an "invalid user or password".

      This is reproducable as soon as the WDSSO module is put in the chain.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                peter.major Peter Major [X] (Inactive)
                Reporter:
                jdelker Jörg Delker [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: