Reset Password feature not inserting key into database

Description

The reset password feature does not work in 3.9. It gets as far as sending an email with the key, but the key is either not stored or is immediately removed from the database (i.e. select * from HAccountResetPasswordKey == Empty set)

  • Press Log In

  • Press Forgot you password?

  • Enter username into field

  • Press Reset Password

  • Check mail/mailq

  • Use reset_password link in browser

Actual:
Invalid key (key does not exist)

Expected:
Reset / Change password page displayed

Additional:
I also noticed that the page shows "No errors", rather than the "We're Sorry" page. Log indicates
.. exception happened in view: /account/password_reset.xhtml: org.zanata.exception.KeyNotFoundException
...
14:28:08,117 INFO [javax.enterprise.resource.webcontainer.jsf.renderkit] (http-/127.0.0.1:8080-1) WARNING: FacesMessage(s) have been enqueued, but may not have been displayed.
sourceId=null[severity=(ERROR 2), summary=(Invalid activation key), detail=(Invalid activation key)]

Environment

JBoss eap 6.4, Fedora 22, tcms test database

Activity

Show:
Alex Eng
January 21, 2016, 10:55 PM
Edited

Confirmed the entry is not inserted into database.

Damian Jansen
January 14, 2016, 4:30 AM

14:26:29,517 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.listener.request.DeltaSpikeExternalContextWrapper activated=true
14:26:29,521 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.listener.request.JsfRequestBroadcaster activated=true
14:26:29,524 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.exception.control.BridgeExceptionHandlerWrapper activated=true
14:26:29,525 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.security.SecurityAwareViewHandler activated=true
14:26:29,525 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.navigation.NavigationHandlerAwareApplication activated=true
14:26:29,610 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.token.DoubleSubmitAwarePhaseListener activated=true
14:26:29,613 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.scope.window.JsfWindowContextQuotaHandler activated=true
14:26:29,650 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.view.DeltaSpikeViewHandler activated=true
14:26:30,095 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.navigation.DeltaSpikeNavigationHandler activated=true
14:26:30,098 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.scope.viewaccess.ViewAccessScopedAwareNavigationHandler activated=true
14:26:39,190 INFO [org.apache.deltaspike.core.util.ClassDeactivationUtils] (http-/127.0.0.1:8080-1) class: org.apache.deltaspike.jsf.impl.config.view.ViewControllerActionListener activated=true
14:26:39,346 INFO [org.zanata.service.impl.UserAccountServiceImpl] (http-/127.0.0.1:8080-1) Sent password reset key to Translator (translator)
14:26:39,583 INFO [org.zanata.email.EmailBuilder] (http-/127.0.0.1:8080-1) Sending message with Subject "Zanata Reset Password Request" to Recipients [Translator <translator@example.com>] From [Zanata <no-reply@redhat.com>] Reply-To [Zanata <no-reply@redhat.com>]
14:26:40,386 ERROR [stderr] (http-/127.0.0.1:8080-1) ScriptEngineManager providers.next(): javax.script.ScriptEngineFactory: Provider com.sun.script.javascript.RhinoScriptEngineFactory not found
14:26:41,978 INFO [org.zanata.util.CommonMarkRenderer] (http-/127.0.0.1:8080-1) Using commonmark.js version 0.20.0
14:26:41,979 INFO [org.zanata.util.CommonMarkRenderer] (http-/127.0.0.1:8080-1) Using Google Caja version 5669.0.0
14:28:07,667 WARN [org.zanata.exception.handler.AbstractExceptionHandler] (http-/127.0.0.1:8080-1) exception happened in view: /account/password_reset.xhtml: org.zanata.exception.KeyNotFoundException
at org.zanata.action.PasswordResetAction.validateActivationKey(PasswordResetAction.java:96) [classes:]
at org.zanata.action.PasswordResetAction$Proxy$$$_WeldClientProxy.validateActivationKey(PasswordResetAction$Proxy$$$_WeldClientProxy.java) [classes:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_65]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_65]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_65]
at java.lang.reflect.Method.invoke(Method.java:497) [rt.jar:1.8.0_65]
at org.apache.el.parser.AstValue.invoke(AstValue.java:258) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:278) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-1.1.28.Final-redhat-1.jar:1.1.28.Final-redhat-1]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-1.1.28.Final-redhat-1.jar:1.1.28.Final-redhat-1]
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at com.sun.faces.facelets.tag.jsf.core.DeclarativeSystemEventListener.processEvent(EventHandler.java:128) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at javax.faces.component.UIComponent$ComponentSystemEventListenerAdapter.processEvent(UIComponent.java:2526) [jboss-jsf-api_2.1_spec-2.1.28.Final-redhat-1.jar:2.1.28.Final-redhat-1]
at javax.faces.event.SystemEvent.processListener(SystemEvent.java:106) [jboss-jsf-api_2.1_spec-2.1.28.Final-redhat-1.jar:2.1.28.Final-redhat-1]
at com.sun.faces.application.ApplicationImpl.processListeners(ApplicationImpl.java:2166) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at com.sun.faces.application.ApplicationImpl.invokeComponentListenersFor(ApplicationImpl.java:2111) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at com.sun.faces.application.ApplicationImpl.publishEvent(ApplicationImpl.java:289) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at com.sun.faces.application.ApplicationImpl.publishEvent(ApplicationImpl.java:247) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at org.jboss.as.weld.webtier.jsf.ForwardingApplication.publishEvent(ForwardingApplication.java:293) [jboss-as-weld-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
at javax.faces.application.ApplicationWrapper.publishEvent(ApplicationWrapper.java:670) [jboss-jsf-api_2.1_spec-2.1.28.Final-redhat-1.jar:2.1.28.Final-redhat-1]
at javax.faces.application.ApplicationWrapper.publishEvent(ApplicationWrapper.java:670) [jboss-jsf-api_2.1_spec-2.1.28.Final-redhat-1.jar:2.1.28.Final-redhat-1]
at org.apache.deltaspike.jsf.impl.injection.InjectionAwareApplicationWrapper.publishEvent(InjectionAwareApplicationWrapper.java:133) [deltaspike-jsf-module-impl-1.5.1.jar:1.5.1]
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:107) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139) [jsf-impl-2.1.28.redhat-8.jar:2.1.28.redhat-8]
at org.apache.deltaspike.jsf.impl.listener.request.DeltaSpikeLifecycleWrapper.render(DeltaSpikeLifecycleWrapper.java:111) [deltaspike-jsf-module-impl-1.5.1.jar:1.5.1]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:594) [jboss-jsf-api_2.1_spec-2.1.28.Final-redhat-1.jar:2.1.28.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:832) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:620) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:553) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:482) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.tuckey.web.filters.urlrewrite.NormalRewrittenUrl.doRewrite(NormalRewrittenUrl.java:213) [urlrewritefilter-4.0.4.jar:4.0.4]
at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:171) [urlrewritefilter-4.0.4.jar:4.0.4]
at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) [urlrewritefilter-4.0.4.jar:4.0.4]
at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) [urlrewritefilter-4.0.4.jar:4.0.4]
at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389) [urlrewritefilter-4.0.4.jar:4.0.4]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.zanata.seam.interceptor.MonitoringWrapper.doFilter(MonitoringWrapper.java:61) [classes:]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.zanata.servlet.MDCInsertingServletFilter.doFilter(MDCInsertingServletFilter.java:76) [classes:]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.zanata.servlet.RequestLoggingFilter.doFilter(RequestLoggingFilter.java:88) [classes:]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
at org.jboss.security.negotiation.NegotiationAuthenticator$WrapperValve.invoke(NegotiationAuthenticator.java:490) [jboss-negotiation-common-2.3.6.Final-redhat-1.jar:2.3.6.Final-redhat-1]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:420) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_65]

14:28:08,117 INFO [javax.enterprise.resource.webcontainer.jsf.renderkit] (http-/127.0.0.1:8080-1) WARNING: FacesMessage(s) have been enqueued, but may not have been displayed.
sourceId=null[severity=(ERROR 2), summary=(Invalid activation key), detail=(Invalid activation key)]

Ready for Release

Assignee

Alex Eng

Reporter

Damian Jansen

Labels

Tested Version/s

None

Components

Sprint

None

Fix versions

Affects versions

Priority

Highest