Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8174

OpenAM gives an Internal Server Error when the user tries to reset their password before the minimum password age


    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.0.2, 13.0.0, 13.5.0
    • Fix Version/s: 12.0.3, 13.5.0
    • Component/s: XUI
    • Sprint:
      AM Sustaining Sprint 16, AM Sustaining Sprint 17
    • Support Ticket IDs:


      When OpenAM has a minimum password age established in OpenDJ with a Password Policy, the user will receive an Internal Server Error message in the XUI when they use Change Password instead of a message informing them their password cannot be changed due to the password policy.

      Steps to reproduce:

      1. Create a password Policy in OpenDJ with min-password-age set.
        • Run dsconfig command in OpenDJ bin
        • Select 27 for Password Policy
        • Select 3 to edit an existing password policy
        • Select 1 for Default Password Policy
        • Select 18 for min-password-age and change the value for the min-pasword-age
        • Select f to finish and save the changes that have been made
      2. Login to the end user page.
      3. Select "Change Password".
      4. Change the User's password.

      This will result in the user receiving an Internal User Error in the XUI even though the IdRepo logs show the following:

      ERROR: An error occurred while trying to change password for identity: user.0
      org.forgerock.opendj.ldap.ErrorResultException: Unwilling to Perform: The password cannot be changed because it has not been long enough since the last password change
      at org.forgerock.opendj.ldap.ErrorResultException.newErrorResult(ErrorResultException.java:232)
      at com.forgerock.opendj.ldap.AbstractLDAPFutureResultImpl.setResultOrError(AbstractLDAPFutureResultImpl.java:138)
      at com.forgerock.opendj.ldap.LDAPClientFilter$1.modifyResult(LDAPClientFilter.java:326)
      at com.forgerock.opendj.ldap.LDAPClientFilter$1.modifyResult(LDAPClientFilter.java:79)
      at com.forgerock.opendj.ldap.LDAPReader.decodeModifyResult(LDAPReader.java:1055)
      at com.forgerock.opendj.ldap.LDAPReader.decodeProtocolOp(LDAPReader.java:1143)
      at com.forgerock.opendj.ldap.LDAPReader.decode(LDAPReader.java:166)
      at com.forgerock.opendj.ldap.LDAPClientFilter.handleRead(LDAPClientFilter.java:499)
      at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
      at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:291)
      at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:209)
      at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:137)
      at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:115)
      at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
      at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:550)
      at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
      at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
      at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
      at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
      at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:565)
      at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:545)
      at java.lang.Thread.run(Thread.java:745)


          Issue Links



              • Assignee:
                quentin.castel Quentin CASTEL [X] (Inactive)
                abel.hoxeng Abel Hoxeng
              • Votes:
                0 Vote for this issue
                3 Start watching this issue


                • Created:

                  Time Tracking

                  Original Estimate - 3h Original Estimate - 3h
                  Remaining Estimate - 0h
                  Time Spent - 5h