Thank you! I really appreciate the quick and thorough answer! I’ll focus on other areas until 2.0.3 comes out. It’s a relief knowing a fix is on the way!
Thanks again. > On Mar 3, 2017, at 2:28 AM, Francesco Chicchiriccò <ilgro...@apache.org> > wrote: > > Hi, > welcome to Syncope. > > You'll find my comments embedded below. > Regards. > > On 03/03/2017 01:20, Terrance A. Crow wrote: >> I’m having an issue with both Syncope 2.0.1 and Syncope 2.0.2 where the >> end-users can’t save their answers to security questions. >> >> Steps to recreate: >> >> 1. Using syncope-console as admin, create a security question. >> 2. Log in to syncope-enduser as a normal (non-admin) user. Select the new >> security question, specify an answer, click on Finish, click on Save, and >> enter the correct captcha information. >> 3. Log back on using the same ID to syncope-enduser and observe that the >> answer to the security question is blank. >> 4. Log into syncope-console as admin, add the security answer to the USER >> Search screen, and observe a blank answer for the user in question. > > Once set, the security answer is *never* reported, neither in Admin Console > nor in Enduser UI, to avoid potential security issues. > I have just added a note to the SNAPSHOT reference guide [1]: this version > will replace [2] once next release (2.0.3) will be out. > Thanks for reporting! > > The password reset process, however, is not working properly until the latest > fixes already available in 2.0.3-SNAPSHOT, that will be publicly available > (alongside with others) with Syncope 2.0.3. > >> The ID’s the result of a self-registration. >> >> Syncope’s running on CentOS 7 (patched to current) under Oracle Java JDK >> 1.8.0_121. The Tomcat version is 8.0.41. >> >> I found a similar condition in Jira (SYNCOPE-942), but it’s not an exact >> match and that issue’s closed. >> >> Am I missing something obvious? > > [1] > https://ci.apache.org/projects/syncope/reference-guide.html#password-reset-no-security-answer > [2] https://syncope.apache.org/docs/reference-guide.html#password-reset > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellence > http://www.tirasa.net/ > > Member at The Apache Software Foundation > Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail > http://home.apache.org/~ilgrosso/ >
