Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8282

Password Reset questions are not randomly chosen when resetting password

    Details

    • Sprint:
      AM Sustaining Sprint 17
    • Support Ticket IDs:

      Description

      When password reset questions are created as explained in https://backstage.forgerock.com/#!/docs/openam/11.0.0/admin-guide/chap-pwd-reset#set-up-pwd-reset-service, only the first question in the list is selected when the user tries to reset their password.

      Steps to recreate:

      1. Set up password reset questions as explained in the above document.
      2. Add an email service for the realm you a testing in.
      3. Add REST Security service for the realm you are testing in to enable Forgot Password for User.
      4. Add Password Reset service for the realm you are testing in.
        • Add list of Secret Questions created from step 1.
      5. Navigate to http://openam.example.com:8080/openam/password and enter user ID you will now see the security question that is first in the list of questions no matter how many times you try to get a different question.
      6. Delete the first question from the Secret Question list in Password Reset. Complete step 5 to verify that the question asked is always the first question.

        Attachments

          Activity

            People

            • Assignee:
              markdr Mark de Reeper
              Reporter:
              abel.hoxeng Abel Hoxeng
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 16h
                16h