Uploaded image for project: 'OpenOLAT'
  1. OpenOLAT
  2. OO-4275

RS: change password if not allowed

    XMLWordPrintable

    Details

      Description

      If someone try to change its password with the password change workflow and it's not allowed, it gets a red screen (because of a security exception). Replace the exception by a nicer warning with an explanation.

      The link looks like: https://learn.olat.com/url/changepw/0

      2019-09-25 12:19:51,985 [ajp-nio2-8082-exec-83] ERROR OLATSecurityException - OLAT::ERROR ^%^ N82-E53 ^%^ org.olat.core.logging 
      
      Mozilla/5.0 (iPhone; CPU iPhone OS 13_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
      **RedScreen** chose password to be changed, but disallowed by config ::_:: ::_:: ^%^ 
      >>> stack of 1.cause::org.olat.core.logging.OLATSecurityException: chose password to be changed, but disallowed by config
      -> at org.olat.login.OLATAuthenticationController.openChangePassword(OLATAuthenticationController.java:161)
         at org.olat.login.OLATAuthenticationController.activate(OLATAuthenticationController.java:268)
         at org.olat.login.LoginAuthprovidersController.activate(LoginAuthprovidersController.java:135)
         at org.olat.core.commons.fullWebApp.BaseFullWebappController.activate(BaseFullWebappController.java:1238)
         at org.olat.dispatcher.DMZDispatcher.execute(DMZDispatcher.java:267)
         at org.olat.core.servlets.OpenOLATServlet.executeUserRequest(OpenOLATServlet.java:294)
         at org.olat.core.servlets.OpenOLATServlet.doGet(OpenOLATServlet.java:222)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
         at org.olat.core.servlets.OpenOLATServlet.service(OpenOLATServlet.java:178)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
      >>> stack of 2.cause::java.lang.Exception: olat_rtexception_stackgenerator
      -> at org.olat.core.logging.OLATRuntimeException.<init>(OLATRuntimeException.java:57)
         at org.olat.core.logging.OLATRuntimeException.<init>(OLATRuntimeException.java:79)
         at org.olat.core.logging.OLATSecurityException.<init>(OLATSecurityException.java:54)
         at org.olat.login.OLATAuthenticationController.openChangePassword(OLATAuthenticationController.java:161)
         at org.olat.login.OLATAuthenticationController.activate(OLATAuthenticationController.java:268)
         at org.olat.login.LoginAuthprovidersController.activate(LoginAuthprovidersController.java:135)
         at org.olat.core.commons.fullWebApp.BaseFullWebappController.activate(BaseFullWebappController.java:1238)
         at org.olat.dispatcher.DMZDispatcher.execute(DMZDispatcher.java:267)
         at org.olat.core.servlets.OpenOLATServlet.executeUserRequest(OpenOLATServlet.java:294)
         at org.olat.core.servlets.OpenOLATServlet.doGet(OpenOLATServlet.java:222)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
      

        Attachments

          Activity

            People

            Assignee:
            srosse Stéphane Rossé
            Reporter:
            srosse Stéphane Rossé
            Tester:
            Mandy Menzel
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 5 minutes
                5m