Email Reset Link Not Working

984 views
Skip to first unread message

brennem...@pctc.k12.oh.us

unread,
Jun 13, 2018, 3:24:51 PM6/13/18
to pwm-general
Problem
I click on the reset password link in the email and receive a 404 page not found error.

More Information
I can successfully authenticate to the forgotten password module using my username, I then use the SMS/Email reset option to email the token/code to the email attached to my Active Directory account. When I open the link to reset the password I receive a 404 error "The page you requested could not be found". When I click continue on this page it takes me back to the login screen. If I click forgot password again it takes me straight to the change password screen for the user I just clicked the email link for. The behavior is the same if I copy and paste the code from the email, I click check code and get a 404 page and then if I go right back to the forgot password module I am immediately prompted to change the password for that user.

Password reset via secret questions works fine.

Summary

1. Reset password via email
2. Use 'click here' link in email to reset password
3. Receive 404 error, page not found
4. Go back to the forgotten password page and I am redirected to the change password view for the user whose email link I followed.

PWM-Version v1.8.0-SNAPSHOT b33241007 r8ef796d159b3d649bbca5b1aafef96f8f7f0b95d

rcmcdo...@gmail.com

unread,
Jun 17, 2018, 12:33:43 AM6/17/18
to pwm-general
Is the URL properly formatted?

I host mine at pwm.mydomain.com

So my site URL would be https://pwm.mydomain.com

Make sure to leave off the forward slash at the end

brennem...@pctc.k12.oh.us

unread,
Jun 18, 2018, 8:21:29 AM6/18/18
to pwm-general

I have not modified the default link PWM sends out. The default link in the email is - "@SiteURL@/public/forgottenpassword/%TOKEN%"

And it does work, it just doesn't take me to the correct page. The token is "consumed" in the logs and I can then go straight back to the forgotten password page and it will redirect me to the change password page because the token has authenticated me. The problem is that the redirect to the changepassword page doesn't happen automatically and the 404 error is misleading/broken for the end user.

Maybe I just need to update to a newer version and see if it is working there.

rcmcdo...@gmail.com

unread,
Jun 19, 2018, 10:03:43 PM6/19/18
to pwm-general

Works fine for me and I'm running the latest 1.8 SNAPSHOT from June 12th.

Reply all
Reply to author
Forward
0 new messages