Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-6723

Policy failure during forgotten password reset causes redirect to Login Page and obscures the failure cause

    Details

      Description

      Configuration
      • Git rev: f1fe01bbe47acffb449d06350cf1e69965d91ffb
      • Outbound Email
      • User Registration (Default Settings)
      • Password Reset (Default Settings)
      Steps to Reproduce
      1. Register a new account via Self Service Registration
      • Specify a user name which meets the default Password Policy requirements. Eg: DonaldD1
      • Specify whetever you like for the remaining values
      1. After completing the user registration, execute the 'Reset your password` flow
      2. When prompted for the new password, specify the previously selected user name (aka DonaldD1)
      3. Notice that the Password Reset fails and the page is re-directed back to the Login Page. The cause of the failure can not be seen and is lost as a result of a generic 'Forbidden Request' error being displayed and the page is redirected to the login.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jake.feasel Jake Feasel
                Reporter:
                cgdrake Chris Drake
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: