Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #3266 (closed)

Opened 9 years ago

Closed 9 years ago

BUG: Web ; Password change issues

Reported by: cxallan Owned by: atarkowska
Priority: minor Milestone: OMERO-Beta4.2.1
Component: General Version: n.a.
Keywords: n.a. Cc:
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: 2010-11-11 (19)

Description


Change History (7)

comment:1 Changed 9 years ago by cxallan

When entering an original password that does not match that in the database:

Traceback (most recent call last):

  File "/home/jboss/OMERO.server-4.2.1-DEV-r8558-trunk-b1236/lib/python/django/core/handlers/base.py", line 92, in get_response
    response = callback(request, *callback_args, **callback_kwargs)

  File "/home/jboss/OMERO.server-4.2.1-DEV-r8558-trunk-b1236/lib/python/omeroweb/webadmin/views.py", line 214, in wrapped
    return f(request, *args, **kwargs)

  File "/home/jboss/OMERO.server-4.2.1-DEV-r8558-trunk-b1236/lib/python/omeroweb/webadmin/views.py", line 577, in manage_password
    conn.changeMyPassword(old_password, password)

  File "/home/jboss/OMERO.server-4.2.1-DEV-r8558-trunk-b1236/lib/python/omeroweb/webclient/webclient_gateway.py", line 1178, in changeMyPassword
    admin_serv.changePasswordWithOldPassword(rstring(str(old_password)), rstring(str(password)))

  File "/home/jboss/OMERO.server-4.2.1-DEV-r8558-trunk-b1236/lib/python/omero/gateway/__init__.py", line 2367, in wrapped
    return inner(*args, **kwargs)

  File "/home/jboss/OMERO.server-4.2.1-DEV-r8558-trunk-b1236/lib/python/omero/gateway/__init__.py", line 2328, in inner
    return f(*args, **kwargs)

  File "/home/jboss/OMERO.server-4.2.1-DEV-r8558-trunk-b1236/lib/python/omero_api_IAdmin_ice.py", line 357, in changePasswordWithOldPassword
    return _M_omero.api.IAdmin._op_changePasswordWithOldPassword.invoke(self, ((oldPassword, newPassword), _ctx))

SecurityViolation: exception ::omero::SecurityViolation
{
    serverStackTrace = ome.conditions.SecurityViolation: Old password is invalid
	at ome.logic.AdminImpl.changePasswordWithOldPassword(AdminImpl.java:1101)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at ome.security.basic.EventHandler.invoke(EventHandler.java:157)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:231)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:111)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at $Proxy66.changePasswordWithOldPassword(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:83)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:40)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at $Proxy66.changePasswordWithOldPassword(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179)
	at ome.services.throttling.Callback.run(Callback.java:56)
	at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56)
	at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:136)
	at ome.services.blitz.impl.AdminI.changePasswordWithOldPassword_async(AdminI.java:139)
	at omero.api._IAdminTie.changePasswordWithOldPassword_async(_IAdminTie.java:113)
	at omero.api._IAdminDisp.___changePasswordWithOldPassword(_IAdminDisp.java:1276)
	at omero.api._IAdminDisp.__dispatch(_IAdminDisp.java:1503)
	at IceInternal.Incoming.invoke(Incoming.java:159)
	at Ice.ConnectionI.invokeAll(ConnectionI.java:2037)
	at Ice.ConnectionI.message(ConnectionI.java:972)
	at IceInternal.ThreadPool.run(ThreadPool.java:577)
	at IceInternal.ThreadPool.access$100(ThreadPool.java:12)
	at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971)

    serverExceptionClass = ome.conditions.SecurityViolation
    message = Old password is invalid
}


<WSGIRequest
GET:<QueryDict: {}>,
POST:<QueryDict: {u'confirmation': [u'qqq'], u'password': [u'qqq'], u'old_password': [u'aaa']}>,
COOKIES:{'sessionid': 'ffa2a6ef82eee188e9b79f512fff2ace'},
META:{'CONTENT_LENGTH': '46',
 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
 'DOCUMENT_ROOT': '/var/www/localhost/htdocs',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
 'HTTP_ACCEPT_CHARSET': 'ISO-8859-1,utf-8;q=0.7,*;q=0.7',
 'HTTP_ACCEPT_ENCODING': 'gzip,deflate',
 'HTTP_ACCEPT_LANGUAGE': 'en-us,en;q=0.5',
 'HTTP_CONNECTION': 'keep-alive',
 'HTTP_COOKIE': 'sessionid=ffa2a6ef82eee188e9b79f512fff2ace',
 'HTTP_HOST': 'nightshade.openmicroscopy.org.uk',
 'HTTP_KEEP_ALIVE': '115',
 'HTTP_REFERER': 'http://nightshade.openmicroscopy.org.uk/webadmin/change_password/32/',
 'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8',
 'PATH': '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin',
 'PATH_INFO': u'/webadmin/change_password/32/',
 'PATH_TRANSLATED': '/var/www/localhost/htdocs/omero.fcgi/webadmin/change_password/32/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '10.12.0.121',
 'REMOTE_PORT': '55138',
 'REQUEST_METHOD': 'POST',
 'REQUEST_URI': '/webadmin/change_password/32/',
 'SCRIPT_FILENAME': '/var/www/localhost/htdocs/omero.fcgi',
 'SCRIPT_NAME': u'',
 'SERVER_ADDR': '134.36.65.51',
 'SERVER_ADMIN': 'root@localhost',
 'SERVER_NAME': 'nightshade.openmicroscopy.org.uk',
 'SERVER_PORT': '80',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SIGNATURE': '<address>Apache Server at nightshade.openmicroscopy.org.uk Port 80</address>\n',
 'SERVER_SOFTWARE': 'Apache',
 'UNIQUE_ID': 'TNmDfoYkQTMAAGQHef8AAAAB',
 'wsgi.errors': <flup.server.fcgi_base.TeeOutputStream object at 0x286f410>,
 'wsgi.input': <flup.server.fcgi_base.InputStream object at 0x286f310>,
 'wsgi.multiprocess': True,
 'wsgi.multithread': False,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}>

It also seems that the password change itself does not actually happen if shown as successful in webadmin.

comment:2 Changed 9 years ago by cxallan

Scratch the last comment about the password change not happening. It appears to work fine.

comment:3 Changed 9 years ago by atarkowska

(In [8582]) this fixes #3265 and modify the order of the password change fields, see #3266

comment:4 Changed 9 years ago by atarkowska

(in r8582) this fixes #3265 and modify the order of the password change fields, see #3266

comment:5 Changed 9 years ago by atarkowska

I assume you typed password in the wrong order because obviously 'Old password' field should be in the first position.

comment:6 Changed 9 years ago by atarkowska

(in r8585) this fixes #3266, it prevents error500 while old password is invalid or any other exceptions

comment:7 Changed 9 years ago by atarkowska

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.77431 sec.)

© 2000-2014 University of Dundee & Open Microscopy Environment. Creative Commons Attribution 3.0 Unported License
OME source code is available under the GNU General public license or through commercial license from Glencoe Software

We're Hiring!