Details
-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 13.5.0
-
Component/s: rest
-
Labels:
-
Target Version/s:
-
Rank:1|hzs8g7:
-
Sprint:AM Sustaining Sprint 56
-
Story Points:5
-
Epic Link:
-
Needs backport:Yes
-
Support Ticket IDs:
-
Verified Version/s:
-
Needs QA verification:Yes
-
Are the reproduction steps defined?:Yes and I used the same an in the description
Description
An attempt to change a password via json/users can show the error "Identity <user> of type user not found" when multiple datastores are configured.
Steps to reproduce:
1. Install OpenAM with embedded config store containing user 'demo'.
2. Configure a second datastore in the root realm. This datastore should not contain a 'demo' user.
3. Login as demo and try to change password through:
curl 'http://openam.example.com:8080/openam/json/users/demo?_action=changePassword' -H 'Content-Type: application/json' -H 'Cookie: iPlanetDirectoryPro=AQIC5wM2LY4SfcxEhnezSVV0EJXiKdZxjFV_k4fhwzQs8SQ.*AAJTSQACMDEAAlNLABQtOTE1NjYyNjU2NjI3MTQzMTY2MgACUzEAAA..*' --data-binary '{"username":"demo","currentpassword":"wrongpassword","userpassword":"changeit"}'
or use http://openam.example.com:8080/openam/XUI/#profile/password
and when prompted for the current password, enter the wrong one.
Expected result:
HTTP 400:
Actual result:
HTTP 404:
Another case would be if an OpenDJ password policy was enabled which prevented re-use of old passwords. In this case:
Expected result:
{"code":400,"reason":"Bad Request","message":"The provided new password was found in the password history for the user"}Actual result:
HTTP 404:
Attachments
Issue Links
- is related to
-
OPENAM-8437 Forgotten Password REST endpoint is not returning LDAP issues that are related to a user mistake.
-
- In Progress
-
- relates to
-
OPENAM-14938 ID repo setAttributes service call returns the wrong error message with multiple datastores
-
- Resolved
-