Details
-
Type:
Bug
-
Status: Merged (View workflow)
-
Priority:
Highest
-
Resolution: Ready for Release
-
Affects Version/s: server-3.9.0
-
Fix Version/s: server-3.9.0
-
Component/s: Authentication-Internal
-
Labels:
-
Environment:JBoss eap 6.4, Fedora 22, tcms test database
-
Sprint:16.02
Description
The reset password feature does not work in 3.9. It gets as far as sending an email with the key, but the key is either not stored or is immediately removed from the database (i.e. select * from HAccountResetPasswordKey == Empty set)
- Press Log In
- Press Forgot you password?
- Enter username into field
- Press Reset Password
- Check mail/mailq
- Use reset_password link in browser
Actual:
Invalid key (key does not exist)
Expected:
Reset / Change password page displayed
Additional:
I also noticed that the page shows "No errors", rather than the "We're Sorry" page. Log indicates
.. exception happened in view: /account/password_reset.xhtml: org.zanata.exception.KeyNotFoundException
...
14:28:08,117 INFO [javax.enterprise.resource.webcontainer.jsf.renderkit] (http-/127.0.0.1:8080-1) WARNING: FacesMessage(s) have been enqueued, but may not have been displayed.
sourceId=null[severity=(ERROR 2), summary=(Invalid activation key), detail=(Invalid activation key)]
