Password Management Not Changing Password
107 views
Skip to first unread message
M. Reza Ganji
Feb 11, 2018, 12:57:19 AM2/11/18
to CAS Community
I have CAS installed and Password Management configured with LDAP. The user whom request a reset password link receives the email with the link signed by CAS. Then ther are two questions and answers which gets verified correctly and user gets redirected to the next page where the new password has to be entered.
However, when user enter the new password and click on Submit an error notify the user that password cannot be changed. I have checked the log and there is NO error/warning/info in catalina related to PM.
My CAS Config:
I have a few thoughts that may have caused it.
However, when user enter the new password and click on Submit an error notify the user that password cannot be changed. I have checked the log and there is NO error/warning/info in catalina related to PM.
My CAS Config:
- The user that is BIND to AD from CAS is Domain Admin.
- I have a load balancer that two CAS instances are behind it.
- There are two Memcached instances with a load balancer and sync between these two in place.
- Two AD configured for authentication and both on LDAP port 389
- Service Registry, Audit and Log are on JDBC
error message:
Could not update the account password
Debug Log (only available log after click on submit button):
2018-02-11 05:54:43,657 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [SessionThemeResolver]>
2018-02-11 05:54:43,658 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [RequestHeaderThemeResolver]>
2018-02-11 05:54:43,658 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [ServiceThemeResolver]>
2018-02-11 05:54:43,658 DEBUG [org.apereo.cas.services.web.ServiceThemeResolver] - <No service is found in the request context. Falling back to the default theme [cas-theme-default]>
2018-02-11 05:54:43,659 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [FixedThemeResolver]>
2018-02-11 05:54:43,659 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <No specific theme could be found. Using default theme [cas-theme-default}>
2018-02-11 05:54:43,698 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [CookieThemeResolver]>
2018-02-11 05:54:43,699 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [SessionThemeResolver]>
2018-02-11 05:54:43,699 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [RequestHeaderThemeResolver]>
2018-02-11 05:54:43,700 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [ServiceThemeResolver]>
2018-02-11 05:54:43,702 DEBUG [org.apereo.cas.services.web.ServiceThemeResolver] - <No service is found in the request context. Falling back to the default theme [cas-theme-default]>
2018-02-11 05:54:43,702 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [FixedThemeResolver]>
2018-02-11 05:54:43,703 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <No specific theme could be found. Using default theme [cas-theme-default}>
2018-02-11 05:54:43,720 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [CookieThemeResolver]>
2018-02-11 05:54:43,723 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [SessionThemeResolver]>
2018-02-11 05:54:43,723 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [RequestHeaderThemeResolver]>
2018-02-11 05:54:43,723 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [ServiceThemeResolver]>
2018-02-11 05:54:43,724 DEBUG [org.apereo.cas.services.web.ServiceThemeResolver] - <No service is found in the request context. Falling back to the default theme [cas-theme-default]>
2018-02-11 05:54:43,724 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [FixedThemeResolver]>
2018-02-11 05:54:43,725 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <No specific theme could be found. Using default theme [cas-theme-default}>
Debug Log (only available log after click on submit button):
2018-02-11 05:54:43,657 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [SessionThemeResolver]>
2018-02-11 05:54:43,658 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [RequestHeaderThemeResolver]>
2018-02-11 05:54:43,658 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [ServiceThemeResolver]>
2018-02-11 05:54:43,658 DEBUG [org.apereo.cas.services.web.ServiceThemeResolver] - <No service is found in the request context. Falling back to the default theme [cas-theme-default]>
2018-02-11 05:54:43,659 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [FixedThemeResolver]>
2018-02-11 05:54:43,659 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <No specific theme could be found. Using default theme [cas-theme-default}>
2018-02-11 05:54:43,698 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [CookieThemeResolver]>
2018-02-11 05:54:43,699 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [SessionThemeResolver]>
2018-02-11 05:54:43,699 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [RequestHeaderThemeResolver]>
2018-02-11 05:54:43,700 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [ServiceThemeResolver]>
2018-02-11 05:54:43,702 DEBUG [org.apereo.cas.services.web.ServiceThemeResolver] - <No service is found in the request context. Falling back to the default theme [cas-theme-default]>
2018-02-11 05:54:43,702 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [FixedThemeResolver]>
2018-02-11 05:54:43,703 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <No specific theme could be found. Using default theme [cas-theme-default}>
2018-02-11 05:54:43,720 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [CookieThemeResolver]>
2018-02-11 05:54:43,723 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [SessionThemeResolver]>
2018-02-11 05:54:43,723 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [RequestHeaderThemeResolver]>
2018-02-11 05:54:43,723 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [ServiceThemeResolver]>
2018-02-11 05:54:43,724 DEBUG [org.apereo.cas.services.web.ServiceThemeResolver] - <No service is found in the request context. Falling back to the default theme [cas-theme-default]>
2018-02-11 05:54:43,724 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <Attempting to resolve theme via [FixedThemeResolver]>
2018-02-11 05:54:43,725 DEBUG [org.apereo.cas.services.web.ChainingThemeResolver] - <No specific theme could be found. Using default theme [cas-theme-default}>
I have a few thoughts that may have caused it.
- I have configured Active Directory to allow change password over LDAP ( https://stackoverflow.com/questions/16861664/how-to-disable-password-operations-over-ldaps-only-policy-in-active-directory ). Could this cause the error and interrupt the reset password process?
- I do not have the Password Policy configured on AD. However, I am applying the password policy in CAS properties. Could that cause the issue?
- Is there any setting on AD that stops the password being reset through CAS?
Ray Bon
Feb 13, 2018, 12:13:14 PM2/13/18
to cas-...@apereo.org
Check logs in AD.
Ray
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
M. Reza Ganji
Mar 10, 2018, 10:44:38 PM3/10/18
to CAS Community
I have solved the issue. there were two problems:
1. we had a custom theme and one of the javascript files been blocked due to cross-origin.
2. the CAS server is an EC2 on AWS and server was using the default DNS settings. forest dns and configurations could not be found on LDAP request. we have added a custom DNS record and it solved the issue.
1. we had a custom theme and one of the javascript files been blocked due to cross-origin.
2. the CAS server is an EC2 on AWS and server was using the default DNS settings. forest dns and configurations could not be found on LDAP request. we have added a custom DNS record and it solved the issue.
Reply all
Reply to author
Forward
0 new messages