Jdbc PasswordManagement
47 views
Skip to first unread message
Lars Feistner
Feb 25, 2021, 9:06:15 AM2/25/21
to CAS Community
Dear
all,
I am experirncing something weird. I set up Password Management, pm-webflow and pm-jdbc. I turned off security questions.
Everything works as expected. I can reset my password, get the email, setting my new password after clicking the link in the email. But after a successful message that I changed my password the value in the column in the database is still the old one.
I debugged the code, the update count was 1. I turned on debug logging for spring. The log files says 'SQL update affected 1 rows'.
I attached the log.
It seems as if some kind of transaction is not commited or rolled back but nothing appears in the log file. Can anyone think of anything that I missed?
I am using cas version 5.3.16.
2021-02-25 14:59:19,007 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] - <Returning cached instance of singleton bean 'passwordChangeAction'>
2021-02-25 14:59:19,007 DEBUG [org.apereo.cas.pm.web.flow.actions.PasswordChangeAction] - <Retrieved the current credential from webflow [UsernamePasswordCredential(username=ucan)]>
2021-02-25 14:59:19,007 DEBUG [org.apereo.cas.pm.web.flow.actions.PasswordChangeAction] - <Attempting to validate the provided password>
2021-02-25 14:59:19,008 DEBUG [org.apereo.cas.pm.web.flow.actions.PasswordChangeAction] - <Attempting to update the password>
2021-02-25 14:59:19,008 DEBUG [org.apereo.cas.authentication.support.password.PasswordEncoderUtils] - <Creating BCRYPT password encoder given the strength [14] and secret in the configuration>
2021-02-25 14:59:19,008 DEBUG [org.apereo.cas.authentication.support.password.PasswordEncoderUtils] - <Creating BCRYPT encoder without secret>
2021-02-25 14:59:19,560 DEBUG [org.springframework.core.env.PropertySourcesPropertyResolver] - <Could not find key 'config.client.state' in any property source>
2021-02-25 14:59:19,931 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL update>
2021-02-25 14:59:19,932 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL statement [UPDATE cus_auth_method SET password=? WHERE account_id=(SELECT id from cus_account where login = ?)]>
2021-02-25 14:59:19,932 DEBUG [org.springframework.jdbc.datasource.DataSourceUtils] - <Fetching JDBC Connection from DataSource>
2021-02-25 14:59:19,934 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <SQL update affected 1 rows>
2021-02-25 14:59:19,935 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: UsernamePasswordCredential(username=ucan)
ACTION: CHANGE_PASSWORD_SUCCESS
APPLICATION: CAS
WHEN: Thu Feb 25 14:59:19 CET 2021
CLIENT IP ADDRESS: 192.168.1.125
SERVER IP ADDRESS: 192.168.1.199
=============================================================
Best regards,
Lars
I am experirncing something weird. I set up Password Management, pm-webflow and pm-jdbc. I turned off security questions.
Everything works as expected. I can reset my password, get the email, setting my new password after clicking the link in the email. But after a successful message that I changed my password the value in the column in the database is still the old one.
I debugged the code, the update count was 1. I turned on debug logging for spring. The log files says 'SQL update affected 1 rows'.
I attached the log.
It seems as if some kind of transaction is not commited or rolled back but nothing appears in the log file. Can anyone think of anything that I missed?
I am using cas version 5.3.16.
2021-02-25 14:59:19,007 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] - <Returning cached instance of singleton bean 'passwordChangeAction'>
2021-02-25 14:59:19,007 DEBUG [org.apereo.cas.pm.web.flow.actions.PasswordChangeAction] - <Retrieved the current credential from webflow [UsernamePasswordCredential(username=ucan)]>
2021-02-25 14:59:19,007 DEBUG [org.apereo.cas.pm.web.flow.actions.PasswordChangeAction] - <Attempting to validate the provided password>
2021-02-25 14:59:19,008 DEBUG [org.apereo.cas.pm.web.flow.actions.PasswordChangeAction] - <Attempting to update the password>
2021-02-25 14:59:19,008 DEBUG [org.apereo.cas.authentication.support.password.PasswordEncoderUtils] - <Creating BCRYPT password encoder given the strength [14] and secret in the configuration>
2021-02-25 14:59:19,008 DEBUG [org.apereo.cas.authentication.support.password.PasswordEncoderUtils] - <Creating BCRYPT encoder without secret>
2021-02-25 14:59:19,560 DEBUG [org.springframework.core.env.PropertySourcesPropertyResolver] - <Could not find key 'config.client.state' in any property source>
2021-02-25 14:59:19,931 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL update>
2021-02-25 14:59:19,932 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL statement [UPDATE cus_auth_method SET password=? WHERE account_id=(SELECT id from cus_account where login = ?)]>
2021-02-25 14:59:19,932 DEBUG [org.springframework.jdbc.datasource.DataSourceUtils] - <Fetching JDBC Connection from DataSource>
2021-02-25 14:59:19,934 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <SQL update affected 1 rows>
2021-02-25 14:59:19,935 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: UsernamePasswordCredential(username=ucan)
ACTION: CHANGE_PASSWORD_SUCCESS
APPLICATION: CAS
WHEN: Thu Feb 25 14:59:19 CET 2021
CLIENT IP ADDRESS: 192.168.1.125
SERVER IP ADDRESS: 192.168.1.199
=============================================================
Best regards,
Lars
--
 |
Lars Feistner Entwicklungsleitung Phone: +49 6221/186749-5 Mail: l.fei...@cares.institute |
 |
Institut für Kommunikations- und
Prüfungsforschung gGmbH Institute for Communication and Assessment Research Wieblinger Weg 92a 69123 Heidelberg, Germany Web: www.ucan-assess.org |
Andy Ng
Feb 28, 2021, 11:39:32 PM2/28/21
to CAS Community, Lars Feistner
Dear Lars,
I have not encountered your issue, but I encountered a similar issue before (Not able to insert row to JDBC in another component)
I found that setting autocommit to true seems to fix my issue, not sure about the root cause since JDBC is not my strong suit.
https://apereo.github.io/cas/6.3.x/configuration/Configuration-Properties-Common.html#database-settings
I found that setting autocommit to true seems to fix my issue, not sure about the root cause since JDBC is not my strong suit.
https://apereo.github.io/cas/6.3.x/configuration/Configuration-Properties-Common.html#database-settings
Might not fix you issue, but you can try see if it helps.
Cheers.
- Andy
Lars Feistner
Mar 3, 2021, 2:36:54 AM3/3/21
to cas-...@apereo.org
Dear
Andy,
thank you very much that did the trick. But to be honest running a production server with autocommit = true is not really something you want to have.
So it looks like there is a bug with the transaction management in 5.3.x? Or is there another jdbc parameter that I have to tweak to make it work with autocommit = false?
Best regards,
Lars
thank you very much that did the trick. But to be honest running a production server with autocommit = true is not really something you want to have.
So it looks like there is a bug with the transaction management in 5.3.x? Or is there another jdbc parameter that I have to tweak to make it work with autocommit = false?
Best regards,
Lars
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dd8f1038-b331-412b-a57f-df3f3c7fff9fn%40apereo.org.
Andy Ng
Mar 4, 2021, 4:57:15 AM3/4/21
to CAS Community, Lars Feistner
Dear Lars,
Glad it at least work. That autocommit = true setting is a very old setting in my server, it does run on prod no issue.
Thanks for mentioning the potential issue with autocommit, I will also look into it and see if I can figure out another way to fix this issue without resulting to changing authcommit.
In the meantime, I am keeping my setting as it does work for a very long time and I think is safe to keep it as is for a while still.
If you find any solution later on, please share them to this discussion :) I am also very interested on any more elegant solution!
Cheers!
- Andy
Reply all
Reply to author
Forward
0 new messages