You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@archiva.apache.org by Jeff <pr...@gmail.com> on 2012/10/09 02:30:20 UTC
1.4-M3 -- YAY!!!
...except I've locked myself out of the admin account. I can't find any
documentation on how to reset or change the admin password. I'm running
the .WAR version with embedded Derby (I believe).
The new UI looks great so far and the entire system came up much faster (it
seems) than 1.4-M2.
--
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!
Re: 1.4-M3 -- YAY!!!
Posted by Jeff <pr...@gmail.com>.
And every so often the login attempt shows a bunch of the
spinners...hopefully the screenshot comes through.
[image: Inline image 1]
On Mon, Oct 8, 2012 at 8:31 PM, Jeff <pr...@gmail.com> wrote:
> I'm apparently running on too little sleep. When I click on the reset
> password link, it returns to the main page with a banner at the top saying
> "Password reset"...but to what? Should it e-mail me? If so, maybe I
> didn't really reset it before since I haven't yet received an e-mail. I
> thought it prompted me at one time to enter my existing password (that I
> finally found), then the new one (with confirmation), but it isn't
> prompting me now and it isn't accepting neither password. Is there a way
> to load up the derby db and clear it that way?
>
> Sorry and thanks for the tips/help.
>
> On Mon, Oct 8, 2012 at 7:36 PM, Brett Porter <br...@apache.org> wrote:
>
>> security.policy.unlockable.accounts=admin
>>
>
>
>
> --
> Jeff Vincent
> predatorvi@gmail.com
> See my LinkedIn profile at:
> http://www.linkedin.com/in/rjeffreyvincent
> I ♥ DropBox <http://db.tt/9O6LfBX> !!
>
>
--
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!
Re: 1.4-M3 -- YAY!!!
Posted by Jeff <pr...@gmail.com>.
Please ignore this particular error. I had been fiddling with the
security.properties and had set:
security.policy.password.previous.count=0
causing the DefaultUserSecurityPolicy.java:lines[327-329] to attempt
getting the subList() from 0 to -1 when previousPasswordsCount is 0:
int oldCount = Math.min( *previousPasswordsCount - 1*,
user.getPreviousEncodedPasswords().size() );
//modified sublist start index as the previous value results to
nothing being added to the list.
List<String> sublist =
user.getPreviousEncodedPasswords().subList( 0, *oldCount *);
Also, in the process of copying derbydb/ folder to/from my workstation and
forcing the password change by editing the database, the permissions on the
files/folders were inadvertently modified to root:root, effectively making
the database read only to the tomcat user so no updates would stick.
I do have another issue with changing other user settings where it forces
me to enter the password...but I'll start another thread ;-).
On Wed, Oct 10, 2012 at 5:04 PM, Jeff <pr...@gmail.com> wrote:
> I did not get an e-mail. I have verified the settings for the e-mail, but
> I don't know how to validate that it email works in general.
>
> I hadn't noticed an error but just captured this in the Chrome console:
>
>
> 1. POST
> http://archiva/restServices/redbackServices/userService/updateMe 500
> (Internal Server Error)
> /js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 1. send/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 2. p.extend.ajax/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 3. editUserDetails/js/redback/user.js?_archivaVersion=1.4-M3:675<http://archiva/js/redback/user.js?_archivaVersion=1.4-M3>
> 4. (anonymous function)
> /js/redback/user.js?_archivaVersion=1.4-M3:646<http://archiva/js/redback/user.js?_archivaVersion=1.4-M3>
> 5. p.event.dispatch/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 6. g.handle.h/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
>
>
> 1. Uncaught SyntaxError: Unexpected token <
> /js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 1. p.extend.parseJSON
> /js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 2. $.ajax.error/js/redback/user.js?_archivaVersion=1.4-M3:694<http://archiva/js/redback/user.js?_archivaVersion=1.4-M3>
> 3. k/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 4. l.fireWith/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 5. y/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
> 6. send.d
>
>
> Exception on server:
>
> Oct 10, 2012 4:53:48 PM org.apache.catalina.core.StandardWrapperValve
> invoke
> SEVERE: Servlet.service() for servlet CXFServlet threw exception
> java.lang.RuntimeException: org.apache.cxf.interceptor.Fault: fromIndex(0)
> > toIndex(-1)
> at
> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:115)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:322)
> at
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> at
> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:211)
> at
> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)
> at
> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)
> at
> org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)
> at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)
> at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
> at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> at
> com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.java:30)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
> at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
> at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
> at java.lang.Thread.run(Thread.java:722)
> Caused by: org.apache.cxf.interceptor.Fault: fromIndex(0) > toIndex(-1)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:162)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:128)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:167)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:94)
> at
> org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
> at
> org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
> ... 26 more
> Caused by: java.lang.IllegalArgumentException: fromIndex(0) > toIndex(-1)
> at java.util.ArrayList.subListRangeCheck(ArrayList.java:924)
> at java.util.ArrayList.subList(ArrayList.java:914)
> at
> org.apache.archiva.redback.policy.DefaultUserSecurityPolicy.extensionChangePassword(DefaultUserSecurityPolicy.java:329)
> at
> org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:377)
> at
> org.apache.archiva.redback.users.cached.CachedUserManager.updateUser(CachedUserManager.java:240)
> at
> org.apache.archiva.redback.users.cached.CachedUserManager.updateUser(CachedUserManager.java:230)
> at
> org.apache.archiva.redback.rest.services.DefaultUserService.updateUser(DefaultUserService.java:353)
> at
> org.apache.archiva.redback.rest.services.DefaultUserService.updateMe(DefaultUserService.java:334)
> at sun.reflect.GeneratedMethodAccessor359.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:601)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
> ... 31 more
>
>
> On Wed, Oct 10, 2012 at 11:01 AM, Olivier Lamy <ol...@apache.org> wrote:
>
>> Hi,
>> The most important is to know if you pass in resetPassword method when
>> you use it.
>> That's located in class DefaultUserService method resetPassword
>> (that's part of redback sources:
>> https://svn.apache.org/repos/asf/archiva/redback/redback-core/).
>> Do you receive any emails when asking for a "password reset" ?
>> Do you any javascript errors in your browser console ?
>>
>> Thanks!
>>
>> 2012/10/9 Jeff <pr...@gmail.com>:
>> > I pulled the source and have enabled remote debugging on the server.
>> I'll
>> > try to drill into it. If you can point me to the file/module I should
>> > focus on, it would help. :)
>> You need to have a look a
>> >
>> > On Tue, Oct 9, 2012 at 1:06 AM, Olivier Lamy <ol...@apache.org> wrote:
>> >
>> >> 2012/10/9 Brett Porter <br...@apache.org>:
>> >> >
>> >> > On 09/10/2012, at 4:04 PM, Jeff <pr...@gmail.com> wrote:
>> >> >
>> >> >> Okay, I copied the database to my system (host is headless Linux),
>> >> >> installed latest SquirrelSQL client copied the password field from
>> >> another
>> >> >> user that I remembered and was able to log in.
>> >> >>
>> >> >> THANK YOU!
>> >> >>
>> >> >> However, when I attempt to change the password, it tells me:
>> >> >>
>> >> >> Password provided does not match existing.
>> >> >>
>> >> >> I can log out and log in still using the password I copied but all
>> >> attempts
>> >> >> to change it result in this error...unless I pick a password I've
>> used
>> >> >> previously.
>> >> >>
>> >> >> Also, I don't want service accounts (users) that are used
>> specifically
>> >> for
>> >> >> our deployment scripts to have to change the password.
>> >> >>
>> >> >> My archiva installation/configuration is at /archiva/conf. I
>> created a
>> >> >> security.properties file there and have the following settings but
>> it
>> >> still
>> >> >> says the user requires a password change if I attempt to log in or
>> if I
>> >> >> "Manage" the users, the 3 service account users show that the "Force
>> >> >> password change" is enabled but the setting won't stick if I change
>> it.
>> >> >
>> >> > I wonder if these could be bugs in the new UI? Obviously some
>> >> significant changes there and something might have crept through. You
>> could
>> >> always point 1.4-M2 or earlier at the users database and see if it
>> acts as
>> >> expected... or file a bug regardless.
>> >> >
>> >> could be a bug in the new ui :-).
>> >> @Jeff what are the steps to reproduce that ?
>> >> Normally using reset link must send an email to you.
>> >> Can you create a jira with all the steps ?
>> >> > I'd add the deployment user to the unlockable accounts, which will
>> avoid
>> >> the issue of password change over time (but not help with the forced
>> >> password change).
>> >> >
>> >> > - Brett
>> >> >
>> >> > --
>> >> > Brett Porter
>> >> > brett@apache.org
>> >> > http://brettporter.wordpress.com/
>> >> > http://au.linkedin.com/in/brettporter
>> >> > http://twitter.com/brettporter
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> Olivier Lamy
>> >> Talend: http://coders.talend.com
>> >> http://twitter.com/olamy | http://linkedin.com/in/olamy
>> >>
>> >
>> >
>> >
>> > --
>> > Jeff Vincent
>> > predatorvi@gmail.com
>> > See my LinkedIn profile at:
>> > http://www.linkedin.com/in/rjeffreyvincent
>> > I ♥ DropBox <http://db.tt/9O6LfBX> !!
>>
>>
>>
>> --
>> Olivier Lamy
>> Talend: http://coders.talend.com
>> http://twitter.com/olamy | http://linkedin.com/in/olamy
>>
>
>
>
> --
> Jeff Vincent
> predatorvi@gmail.com
> See my LinkedIn profile at:
> http://www.linkedin.com/in/rjeffreyvincent
> I ♥ DropBox <http://db.tt/9O6LfBX> !!
>
>
--
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!
Re: 1.4-M3 -- YAY!!!
Posted by Jeff <pr...@gmail.com>.
I did not get an e-mail. I have verified the settings for the e-mail, but I
don't know how to validate that it email works in general.
I hadn't noticed an error but just captured this in the Chrome console:
1. POST http://archiva/restServices/redbackServices/userService/updateMe500
(Internal Server Error)
/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
1. send/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
2. p.extend.ajax/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
3. editUserDetails/js/redback/user.js?_archivaVersion=1.4-M3:675<http://archiva/js/redback/user.js?_archivaVersion=1.4-M3>
4. (anonymous
function)/js/redback/user.js?_archivaVersion=1.4-M3:646<http://archiva/js/redback/user.js?_archivaVersion=1.4-M3>
5. p.event.dispatch/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
6. g.handle.h/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
1. Uncaught SyntaxError: Unexpected token <
/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
1. p.extend.parseJSON/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
2. $.ajax.error/js/redback/user.js?_archivaVersion=1.4-M3:694<http://archiva/js/redback/user.js?_archivaVersion=1.4-M3>
3. k/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
4. l.fireWith/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
5. y/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3:2<http://archiva/js/jquery-1.8.1.min.js?_archivaVersion=1.4-M3>
6. send.d
Exception on server:
Oct 10, 2012 4:53:48 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet CXFServlet threw exception
java.lang.RuntimeException: org.apache.cxf.interceptor.Fault: fromIndex(0)
> toIndex(-1)
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:115)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:322)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:211)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:154)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:221)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:141)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:197)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.java:30)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:722)
Caused by: org.apache.cxf.interceptor.Fault: fromIndex(0) > toIndex(-1)
at
org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:162)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:128)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:167)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:94)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
... 26 more
Caused by: java.lang.IllegalArgumentException: fromIndex(0) > toIndex(-1)
at java.util.ArrayList.subListRangeCheck(ArrayList.java:924)
at java.util.ArrayList.subList(ArrayList.java:914)
at
org.apache.archiva.redback.policy.DefaultUserSecurityPolicy.extensionChangePassword(DefaultUserSecurityPolicy.java:329)
at
org.apache.archiva.redback.users.jdo.JdoUserManager.updateUser(JdoUserManager.java:377)
at
org.apache.archiva.redback.users.cached.CachedUserManager.updateUser(CachedUserManager.java:240)
at
org.apache.archiva.redback.users.cached.CachedUserManager.updateUser(CachedUserManager.java:230)
at
org.apache.archiva.redback.rest.services.DefaultUserService.updateUser(DefaultUserService.java:353)
at
org.apache.archiva.redback.rest.services.DefaultUserService.updateMe(DefaultUserService.java:334)
at sun.reflect.GeneratedMethodAccessor359.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
... 31 more
On Wed, Oct 10, 2012 at 11:01 AM, Olivier Lamy <ol...@apache.org> wrote:
> Hi,
> The most important is to know if you pass in resetPassword method when
> you use it.
> That's located in class DefaultUserService method resetPassword
> (that's part of redback sources:
> https://svn.apache.org/repos/asf/archiva/redback/redback-core/).
> Do you receive any emails when asking for a "password reset" ?
> Do you any javascript errors in your browser console ?
>
> Thanks!
>
> 2012/10/9 Jeff <pr...@gmail.com>:
> > I pulled the source and have enabled remote debugging on the server.
> I'll
> > try to drill into it. If you can point me to the file/module I should
> > focus on, it would help. :)
> You need to have a look a
> >
> > On Tue, Oct 9, 2012 at 1:06 AM, Olivier Lamy <ol...@apache.org> wrote:
> >
> >> 2012/10/9 Brett Porter <br...@apache.org>:
> >> >
> >> > On 09/10/2012, at 4:04 PM, Jeff <pr...@gmail.com> wrote:
> >> >
> >> >> Okay, I copied the database to my system (host is headless Linux),
> >> >> installed latest SquirrelSQL client copied the password field from
> >> another
> >> >> user that I remembered and was able to log in.
> >> >>
> >> >> THANK YOU!
> >> >>
> >> >> However, when I attempt to change the password, it tells me:
> >> >>
> >> >> Password provided does not match existing.
> >> >>
> >> >> I can log out and log in still using the password I copied but all
> >> attempts
> >> >> to change it result in this error...unless I pick a password I've
> used
> >> >> previously.
> >> >>
> >> >> Also, I don't want service accounts (users) that are used
> specifically
> >> for
> >> >> our deployment scripts to have to change the password.
> >> >>
> >> >> My archiva installation/configuration is at /archiva/conf. I
> created a
> >> >> security.properties file there and have the following settings but it
> >> still
> >> >> says the user requires a password change if I attempt to log in or
> if I
> >> >> "Manage" the users, the 3 service account users show that the "Force
> >> >> password change" is enabled but the setting won't stick if I change
> it.
> >> >
> >> > I wonder if these could be bugs in the new UI? Obviously some
> >> significant changes there and something might have crept through. You
> could
> >> always point 1.4-M2 or earlier at the users database and see if it acts
> as
> >> expected... or file a bug regardless.
> >> >
> >> could be a bug in the new ui :-).
> >> @Jeff what are the steps to reproduce that ?
> >> Normally using reset link must send an email to you.
> >> Can you create a jira with all the steps ?
> >> > I'd add the deployment user to the unlockable accounts, which will
> avoid
> >> the issue of password change over time (but not help with the forced
> >> password change).
> >> >
> >> > - Brett
> >> >
> >> > --
> >> > Brett Porter
> >> > brett@apache.org
> >> > http://brettporter.wordpress.com/
> >> > http://au.linkedin.com/in/brettporter
> >> > http://twitter.com/brettporter
> >> >
> >> >
> >> >
> >> >
> >> >
> >>
> >>
> >>
> >> --
> >> Olivier Lamy
> >> Talend: http://coders.talend.com
> >> http://twitter.com/olamy | http://linkedin.com/in/olamy
> >>
> >
> >
> >
> > --
> > Jeff Vincent
> > predatorvi@gmail.com
> > See my LinkedIn profile at:
> > http://www.linkedin.com/in/rjeffreyvincent
> > I ♥ DropBox <http://db.tt/9O6LfBX> !!
>
>
>
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
>
--
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!
Re: 1.4-M3 -- YAY!!!
Posted by Olivier Lamy <ol...@apache.org>.
Hi,
The most important is to know if you pass in resetPassword method when
you use it.
That's located in class DefaultUserService method resetPassword
(that's part of redback sources:
https://svn.apache.org/repos/asf/archiva/redback/redback-core/).
Do you receive any emails when asking for a "password reset" ?
Do you any javascript errors in your browser console ?
Thanks!
2012/10/9 Jeff <pr...@gmail.com>:
> I pulled the source and have enabled remote debugging on the server. I'll
> try to drill into it. If you can point me to the file/module I should
> focus on, it would help. :)
You need to have a look a
>
> On Tue, Oct 9, 2012 at 1:06 AM, Olivier Lamy <ol...@apache.org> wrote:
>
>> 2012/10/9 Brett Porter <br...@apache.org>:
>> >
>> > On 09/10/2012, at 4:04 PM, Jeff <pr...@gmail.com> wrote:
>> >
>> >> Okay, I copied the database to my system (host is headless Linux),
>> >> installed latest SquirrelSQL client copied the password field from
>> another
>> >> user that I remembered and was able to log in.
>> >>
>> >> THANK YOU!
>> >>
>> >> However, when I attempt to change the password, it tells me:
>> >>
>> >> Password provided does not match existing.
>> >>
>> >> I can log out and log in still using the password I copied but all
>> attempts
>> >> to change it result in this error...unless I pick a password I've used
>> >> previously.
>> >>
>> >> Also, I don't want service accounts (users) that are used specifically
>> for
>> >> our deployment scripts to have to change the password.
>> >>
>> >> My archiva installation/configuration is at /archiva/conf. I created a
>> >> security.properties file there and have the following settings but it
>> still
>> >> says the user requires a password change if I attempt to log in or if I
>> >> "Manage" the users, the 3 service account users show that the "Force
>> >> password change" is enabled but the setting won't stick if I change it.
>> >
>> > I wonder if these could be bugs in the new UI? Obviously some
>> significant changes there and something might have crept through. You could
>> always point 1.4-M2 or earlier at the users database and see if it acts as
>> expected... or file a bug regardless.
>> >
>> could be a bug in the new ui :-).
>> @Jeff what are the steps to reproduce that ?
>> Normally using reset link must send an email to you.
>> Can you create a jira with all the steps ?
>> > I'd add the deployment user to the unlockable accounts, which will avoid
>> the issue of password change over time (but not help with the forced
>> password change).
>> >
>> > - Brett
>> >
>> > --
>> > Brett Porter
>> > brett@apache.org
>> > http://brettporter.wordpress.com/
>> > http://au.linkedin.com/in/brettporter
>> > http://twitter.com/brettporter
>> >
>> >
>> >
>> >
>> >
>>
>>
>>
>> --
>> Olivier Lamy
>> Talend: http://coders.talend.com
>> http://twitter.com/olamy | http://linkedin.com/in/olamy
>>
>
>
>
> --
> Jeff Vincent
> predatorvi@gmail.com
> See my LinkedIn profile at:
> http://www.linkedin.com/in/rjeffreyvincent
> I ♥ DropBox <http://db.tt/9O6LfBX> !!
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: 1.4-M3 -- YAY!!!
Posted by Jeff <pr...@gmail.com>.
I pulled the source and have enabled remote debugging on the server. I'll
try to drill into it. If you can point me to the file/module I should
focus on, it would help. :)
On Tue, Oct 9, 2012 at 1:06 AM, Olivier Lamy <ol...@apache.org> wrote:
> 2012/10/9 Brett Porter <br...@apache.org>:
> >
> > On 09/10/2012, at 4:04 PM, Jeff <pr...@gmail.com> wrote:
> >
> >> Okay, I copied the database to my system (host is headless Linux),
> >> installed latest SquirrelSQL client copied the password field from
> another
> >> user that I remembered and was able to log in.
> >>
> >> THANK YOU!
> >>
> >> However, when I attempt to change the password, it tells me:
> >>
> >> Password provided does not match existing.
> >>
> >> I can log out and log in still using the password I copied but all
> attempts
> >> to change it result in this error...unless I pick a password I've used
> >> previously.
> >>
> >> Also, I don't want service accounts (users) that are used specifically
> for
> >> our deployment scripts to have to change the password.
> >>
> >> My archiva installation/configuration is at /archiva/conf. I created a
> >> security.properties file there and have the following settings but it
> still
> >> says the user requires a password change if I attempt to log in or if I
> >> "Manage" the users, the 3 service account users show that the "Force
> >> password change" is enabled but the setting won't stick if I change it.
> >
> > I wonder if these could be bugs in the new UI? Obviously some
> significant changes there and something might have crept through. You could
> always point 1.4-M2 or earlier at the users database and see if it acts as
> expected... or file a bug regardless.
> >
> could be a bug in the new ui :-).
> @Jeff what are the steps to reproduce that ?
> Normally using reset link must send an email to you.
> Can you create a jira with all the steps ?
> > I'd add the deployment user to the unlockable accounts, which will avoid
> the issue of password change over time (but not help with the forced
> password change).
> >
> > - Brett
> >
> > --
> > Brett Porter
> > brett@apache.org
> > http://brettporter.wordpress.com/
> > http://au.linkedin.com/in/brettporter
> > http://twitter.com/brettporter
> >
> >
> >
> >
> >
>
>
>
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
>
--
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!
Re: 1.4-M3 -- YAY!!!
Posted by Olivier Lamy <ol...@apache.org>.
2012/10/9 Brett Porter <br...@apache.org>:
>
> On 09/10/2012, at 4:04 PM, Jeff <pr...@gmail.com> wrote:
>
>> Okay, I copied the database to my system (host is headless Linux),
>> installed latest SquirrelSQL client copied the password field from another
>> user that I remembered and was able to log in.
>>
>> THANK YOU!
>>
>> However, when I attempt to change the password, it tells me:
>>
>> Password provided does not match existing.
>>
>> I can log out and log in still using the password I copied but all attempts
>> to change it result in this error...unless I pick a password I've used
>> previously.
>>
>> Also, I don't want service accounts (users) that are used specifically for
>> our deployment scripts to have to change the password.
>>
>> My archiva installation/configuration is at /archiva/conf. I created a
>> security.properties file there and have the following settings but it still
>> says the user requires a password change if I attempt to log in or if I
>> "Manage" the users, the 3 service account users show that the "Force
>> password change" is enabled but the setting won't stick if I change it.
>
> I wonder if these could be bugs in the new UI? Obviously some significant changes there and something might have crept through. You could always point 1.4-M2 or earlier at the users database and see if it acts as expected... or file a bug regardless.
>
could be a bug in the new ui :-).
@Jeff what are the steps to reproduce that ?
Normally using reset link must send an email to you.
Can you create a jira with all the steps ?
> I'd add the deployment user to the unlockable accounts, which will avoid the issue of password change over time (but not help with the forced password change).
>
> - Brett
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: 1.4-M3 -- YAY!!!
Posted by Brett Porter <br...@apache.org>.
On 09/10/2012, at 4:04 PM, Jeff <pr...@gmail.com> wrote:
> Okay, I copied the database to my system (host is headless Linux),
> installed latest SquirrelSQL client copied the password field from another
> user that I remembered and was able to log in.
>
> THANK YOU!
>
> However, when I attempt to change the password, it tells me:
>
> Password provided does not match existing.
>
> I can log out and log in still using the password I copied but all attempts
> to change it result in this error...unless I pick a password I've used
> previously.
>
> Also, I don't want service accounts (users) that are used specifically for
> our deployment scripts to have to change the password.
>
> My archiva installation/configuration is at /archiva/conf. I created a
> security.properties file there and have the following settings but it still
> says the user requires a password change if I attempt to log in or if I
> "Manage" the users, the 3 service account users show that the "Force
> password change" is enabled but the setting won't stick if I change it.
I wonder if these could be bugs in the new UI? Obviously some significant changes there and something might have crept through. You could always point 1.4-M2 or earlier at the users database and see if it acts as expected... or file a bug regardless.
I'd add the deployment user to the unlockable accounts, which will avoid the issue of password change over time (but not help with the forced password change).
- Brett
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter
Re: 1.4-M3 -- YAY!!!
Posted by Jeff <pr...@gmail.com>.
Okay, I copied the database to my system (host is headless Linux),
installed latest SquirrelSQL client copied the password field from another
user that I remembered and was able to log in.
THANK YOU!
However, when I attempt to change the password, it tells me:
Password provided does not match existing.
I can log out and log in still using the password I copied but all attempts
to change it result in this error...unless I pick a password I've used
previously.
Also, I don't want service accounts (users) that are used specifically for
our deployment scripts to have to change the password.
My archiva installation/configuration is at /archiva/conf. I created a
security.properties file there and have the following settings but it still
says the user requires a password change if I attempt to log in or if I
"Manage" the users, the 3 service account users show that the "Force
password change" is enabled but the setting won't stick if I change it.
Security Policies
security.policy.password.previous.count=0
security.policy.password.expiration.days=90
security.policy.password.expiration.enabled=false
security.policy.allowed.login.attempt=6
security.policy.strict.force.password.change.enabled=false
# Password Rules
security.policy.password.rule.alphanumeric.enabled=false
security.policy.password.rule.alphacount.enabled=false
security.policy.password.rule.alphacount.minimum=1
security.policy.password.rule.characterlength.enabled=false
security.policy.password.rule.characterlength.minimum=1
security.policy.password.rule.characterlength.maximum=8
security.policy.password.rule.musthave.enabled=true
security.policy.password.rule.numericalcount.enabled=false
security.policy.password.rule.numericalcount.minimum=0
security.policy.password.rule.reuse.enabled=true
security.policy.password.rule.nowhitespace.enabled=true
security.policy.unlockable.accounts=admin
On Mon, Oct 8, 2012 at 9:37 PM, Brett Porter <br...@apache.org> wrote:
>
> On 09/10/2012, at 1:31 PM, Jeff <pr...@gmail.com> wrote:
>
> > I'm apparently running on too little sleep. When I click on the reset
> > password link, it returns to the main page with a banner at the top
> saying
> > "Password reset"...but to what? Should it e-mail me? If so, maybe I
> > didn't really reset it before since I haven't yet received an e-mail. I
> > thought it prompted me at one time to enter my existing password (that I
> > finally found), then the new one (with confirmation), but it isn't
> > prompting me now and it isn't accepting neither password. Is there a way
> > to load up the derby db and clear it that way?
>
> It should be possible to reset it, but if you'd like to dig in to more
> information, you can point a tool such as SquirrelSQL at the Derby database
> (the JDBC URL to use is in jetty.xml). the JDOUSER table contains the
> information (which could also be reset if needed).
>
> - Brett
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
>
--
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!
Re: 1.4-M3 -- YAY!!!
Posted by Brett Porter <br...@apache.org>.
On 09/10/2012, at 1:31 PM, Jeff <pr...@gmail.com> wrote:
> I'm apparently running on too little sleep. When I click on the reset
> password link, it returns to the main page with a banner at the top saying
> "Password reset"...but to what? Should it e-mail me? If so, maybe I
> didn't really reset it before since I haven't yet received an e-mail. I
> thought it prompted me at one time to enter my existing password (that I
> finally found), then the new one (with confirmation), but it isn't
> prompting me now and it isn't accepting neither password. Is there a way
> to load up the derby db and clear it that way?
It should be possible to reset it, but if you'd like to dig in to more information, you can point a tool such as SquirrelSQL at the Derby database (the JDBC URL to use is in jetty.xml). the JDOUSER table contains the information (which could also be reset if needed).
- Brett
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter
Re: 1.4-M3 -- YAY!!!
Posted by Jeff <pr...@gmail.com>.
I'm apparently running on too little sleep. When I click on the reset
password link, it returns to the main page with a banner at the top saying
"Password reset"...but to what? Should it e-mail me? If so, maybe I
didn't really reset it before since I haven't yet received an e-mail. I
thought it prompted me at one time to enter my existing password (that I
finally found), then the new one (with confirmation), but it isn't
prompting me now and it isn't accepting neither password. Is there a way
to load up the derby db and clear it that way?
Sorry and thanks for the tips/help.
On Mon, Oct 8, 2012 at 7:36 PM, Brett Porter <br...@apache.org> wrote:
> security.policy.unlockable.accounts=admin
>
--
Jeff Vincent
predatorvi@gmail.com
See my LinkedIn profile at:
http://www.linkedin.com/in/rjeffreyvincent
I ♥ DropBox <http://db.tt/9O6LfBX> !!
Re: 1.4-M3 -- YAY!!!
Posted by Brett Porter <br...@apache.org>.
Try adding this to security.properties:
security.policy.unlockable.accounts=admin
Then restart and reset your password again.
- Brett
On 09/10/2012, at 12:19 PM, Jeff <pr...@gmail.com> wrote:
> Well, it's now locked. It did prompt me to change the password but when I
> *think* I made it through the wizard it didn't seem to accept the password
> I used when I tried logging in....and now its locked....I was too much in a
> hurry.
> On Oct 8, 2012 6:39 PM, "Brett Porter" <br...@apache.org> wrote:
>
>> Is the reset password mechanism not working, or is the admin account
>> locked?
>>
>> On 09/10/2012, at 11:30 AM, Jeff <pr...@gmail.com> wrote:
>>
>>> ...except I've locked myself out of the admin account. I can't find any
>>> documentation on how to reset or change the admin password. I'm running
>>> the .WAR version with embedded Derby (I believe).
>>>
>>> The new UI looks great so far and the entire system came up much faster
>> (it
>>> seems) than 1.4-M2.
>>>
>>> --
>>> Jeff Vincent
>>> predatorvi@gmail.com
>>> See my LinkedIn profile at:
>>> http://www.linkedin.com/in/rjeffreyvincent
>>> I ♥ DropBox <http://db.tt/9O6LfBX> !!
>>
>> --
>> Brett Porter
>> brett@apache.org
>> http://brettporter.wordpress.com/
>> http://au.linkedin.com/in/brettporter
>> http://twitter.com/brettporter
>>
>>
>>
>>
>>
>>
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter
Re: 1.4-M3 -- YAY!!!
Posted by Jeff <pr...@gmail.com>.
Well, it's now locked. It did prompt me to change the password but when I
*think* I made it through the wizard it didn't seem to accept the password
I used when I tried logging in....and now its locked....I was too much in a
hurry.
On Oct 8, 2012 6:39 PM, "Brett Porter" <br...@apache.org> wrote:
> Is the reset password mechanism not working, or is the admin account
> locked?
>
> On 09/10/2012, at 11:30 AM, Jeff <pr...@gmail.com> wrote:
>
> > ...except I've locked myself out of the admin account. I can't find any
> > documentation on how to reset or change the admin password. I'm running
> > the .WAR version with embedded Derby (I believe).
> >
> > The new UI looks great so far and the entire system came up much faster
> (it
> > seems) than 1.4-M2.
> >
> > --
> > Jeff Vincent
> > predatorvi@gmail.com
> > See my LinkedIn profile at:
> > http://www.linkedin.com/in/rjeffreyvincent
> > I ♥ DropBox <http://db.tt/9O6LfBX> !!
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
>
Re: 1.4-M3 -- YAY!!!
Posted by Brett Porter <br...@apache.org>.
Is the reset password mechanism not working, or is the admin account locked?
On 09/10/2012, at 11:30 AM, Jeff <pr...@gmail.com> wrote:
> ...except I've locked myself out of the admin account. I can't find any
> documentation on how to reset or change the admin password. I'm running
> the .WAR version with embedded Derby (I believe).
>
> The new UI looks great so far and the entire system came up much faster (it
> seems) than 1.4-M2.
>
> --
> Jeff Vincent
> predatorvi@gmail.com
> See my LinkedIn profile at:
> http://www.linkedin.com/in/rjeffreyvincent
> I ♥ DropBox <http://db.tt/9O6LfBX> !!
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter