Found the issue, sorry for the noise On Mon, Jun 19, 2017 at 5:38 PM, Maxim Solodovnik <[email protected]> wrote:
> Weird .... > my tests shows crypt class can't be MD5Implementation after import .... > Maybe you did any manual manipulations with DB? > > On Mon, Jun 19, 2017 at 5:30 PM, Maxim Solodovnik <[email protected]> > wrote: > >> Additional fix is required :( >> Could you please manually change crypt class name in configuration DB >> table to be org.apache.openmeetings.util.crypt.SCryptImplementation and >> restart OM? >> >> will try to commit changes ASAP >> >> On Mon, Jun 19, 2017 at 5:06 PM, Peter Dähn <[email protected]> wrote: >> >>> Hello Maxim, >>> >>> checked out fresh 3.3.x code and compiled it. >>> >>> ######################################################## >>> # Openmeetings is up # >>> # 3.3.0-SNAPSHOT 5889b5beda3299418cf80ee68846ea5ce54ee9ed >>> 2017/06/19 09:33 # >>> # and ready to use # >>> ######################################################## >>> >>> Import backup works so far, Login ended up in "Internal Error Page". >>> Belonging Error in the log underneath. >>> >>> >>> DEBUG 06-19 12:00:03.155 UserDao.java 162929 642 >>> org.apache.openmeetings.db.dao.user.UserDao >>> [http-nio-0.0.0.0-5080-exec-7] - login:: 1 users were found >>> DEBUG 06-19 12:00:03.169 CryptProvider.java 162943 36 >>> org.apache.openmeetings.util.crypt.CryptProvider >>> [http-nio-0.0.0.0-5080-exec-7] - getInstanceOfCrypt:: >>> configKeyCryptClassName: org.apache.openmeetings.util.c >>> rypt.MD5Implementation >>> ERROR 06-19 12:00:03.174 CryptProvider.java 162948 40 >>> org.apache.openmeetings.util.crypt.CryptProvider >>> [http-nio-0.0.0.0-5080-exec-7] - [getInstanceOfCrypt] >>> java.lang.ClassCastException: >>> org.apache.openmeetings.util.crypt.MD5Implementation >>> cannot be cast to org.apache.openmeetings.util.crypt.ICrypt >>> at org.apache.openmeetings.util.crypt.CryptProvider.get(CryptPr >>> ovider.java:38) >>> at org.apache.openmeetings.db.dao.user.UserDao.verifyPassword(U >>> serDao.java:473) >>> at org.apache.openmeetings.db.dao.user.UserDao.login(UserDao.ja >>> va:650) >>> at org.apache.openmeetings.db.dao.user.UserDao$$FastClassBySpri >>> ngCGLIB$$1492ba5a.invoke(<generated>) >>> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodPro >>> xy.java:204) >>> at org.springframework.aop.framework.CglibAopProxy$CglibMethodI >>> nvocation.invokeJoinpoint(CglibAopProxy.java:721) >>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>> .proceed(ReflectiveMethodInvocation.java:157) >>> at org.springframework.transaction.interceptor.TransactionInter >>> ceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) >>> at org.springframework.transaction.interceptor.TransactionAspec >>> tSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) >>> at org.springframework.transaction.interceptor.TransactionInter >>> ceptor.invoke(TransactionInterceptor.java:96) >>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>> .proceed(ReflectiveMethodInvocation.java:179) >>> at org.springframework.aop.framework.CglibAopProxy$DynamicAdvis >>> edInterceptor.intercept(CglibAopProxy.java:656) >>> at org.apache.openmeetings.db.dao.user.UserDao$$EnhancerBySprin >>> gCGLIB$$ae5af194.login(<generated>) >>> at org.apache.openmeetings.web.app.WebSession.signIn(WebSession >>> .java:336) >>> at org.apache.openmeetings.web.pages.auth.SignInDialog.onSubmit >>> (SignInDialog.java:188) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>> alog$DialogFormSubmitter.onSubmit(AbstractFormDialog.java:294) >>> at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form. >>> java:1248) >>> at org.apache.wicket.markup.html.form.Form.process(Form.java:946) >>> at org.apache.wicket.markup.html.form.StatelessForm.process(Sta >>> telessForm.java:100) >>> at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form >>> .java:770) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>> alog.internalOnClick(AbstractFormDialog.java:215) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractDialog >>> $1.onClick(AbstractDialog.java:413) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.DialogBehavior >>> .onAjax(DialogBehavior.java:188) >>> at com.googlecode.wicket.jquery.core.ajax.JQueryAjaxBehavior.re >>> spond(JQueryAjaxBehavior.java:173) >>> at org.apache.wicket.ajax.AbstractDefaultAjaxBehavior.onRequest >>> (AbstractDefaultAjaxBehavior.java:598) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.internalInvoke(ListenerRequestHandler.java:308) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.invoke(ListenerRequestHandler.java:282) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.invokeListener(ListenerRequestHandler.java:224) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.respond(ListenerRequestHandler.java:210) >>> at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor >>> .respond(RequestCycle.java:912) >>> at org.apache.wicket.request.RequestHandlerExecutor.execute(Req >>> uestHandlerExecutor.java:65) >>> at org.apache.wicket.request.cycle.RequestCycle.execute(Request >>> Cycle.java:283) >>> at org.apache.wicket.request.cycle.RequestCycle.processRequest( >>> RequestCycle.java:253) >>> at org.apache.wicket.request.cycle.RequestCycle.processRequestA >>> ndDetach(RequestCycle.java:221) >>> at org.apache.wicket.protocol.ws.AbstractUpgradeFilter.processR >>> equestCycle(AbstractUpgradeFilter.java:70) >>> at org.apache.wicket.protocol.http.WicketFilter.processRequest( >>> WicketFilter.java:204) >>> at org.apache.wicket.protocol.http.WicketFilter.doFilter(Wicket >>> Filter.java:286) >>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>> lter(ApplicationFilterChain.java:192) >>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>> licationFilterChain.java:165) >>> at org.red5.logging.LoggerContextFilter.doFilter(LoggerContextF >>> ilter.java:84) >>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>> lter(ApplicationFilterChain.java:192) >>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>> licationFilterChain.java:165) >>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar >>> dWrapperValve.java:198) >>> at org.apache.catalina.core.StandardContextValve.invoke(Standar >>> dContextValve.java:96) >>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A >>> uthenticatorBase.java:478) >>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo >>> stValve.java:140) >>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo >>> rtValve.java:80) >>> at org.apache.catalina.valves.AbstractAccessLogValve.invoke(Abs >>> tractAccessLogValve.java:624) >>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard >>> EngineValve.java:87) >>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd >>> apter.java:341) >>> at org.apache.coyote.http11.Http11Processor.service(Http11Proce >>> ssor.java:783) >>> at org.apache.coyote.AbstractProcessorLight.process(AbstractPro >>> cessorLight.java:66) >>> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process >>> (AbstractProtocol.java:798) >>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun >>> (NioEndpoint.java:1441) >>> at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketPro >>> cessorBase.java:49) >>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >>> Executor.java:1142) >>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >>> lExecutor.java:617) >>> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.r >>> un(TaskThread.java:61) >>> at java.lang.Thread.run(Thread.java:745) >>> ERROR 06-19 12:00:03.191 DefaultExceptionMapper.java 162965 170 >>> org.apache.wicket.DefaultExceptionMapper [http-nio-0.0.0.0-5080-exec-7] >>> - Unexpected error occurred >>> java.lang.NullPointerException: null >>> at org.apache.openmeetings.db.dao.user.UserDao.verifyPassword(U >>> serDao.java:474) >>> at org.apache.openmeetings.db.dao.user.UserDao.login(UserDao.ja >>> va:650) >>> at org.apache.openmeetings.db.dao.user.UserDao$$FastClassBySpri >>> ngCGLIB$$1492ba5a.invoke(<generated>) >>> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodPro >>> xy.java:204) >>> at org.springframework.aop.framework.CglibAopProxy$CglibMethodI >>> nvocation.invokeJoinpoint(CglibAopProxy.java:721) >>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>> .proceed(ReflectiveMethodInvocation.java:157) >>> at org.springframework.transaction.interceptor.TransactionInter >>> ceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) >>> at org.springframework.transaction.interceptor.TransactionAspec >>> tSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) >>> at org.springframework.transaction.interceptor.TransactionInter >>> ceptor.invoke(TransactionInterceptor.java:96) >>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>> .proceed(ReflectiveMethodInvocation.java:179) >>> at org.springframework.aop.framework.CglibAopProxy$DynamicAdvis >>> edInterceptor.intercept(CglibAopProxy.java:656) >>> at org.apache.openmeetings.db.dao.user.UserDao$$EnhancerBySprin >>> gCGLIB$$ae5af194.login(<generated>) >>> at org.apache.openmeetings.web.app.WebSession.signIn(WebSession >>> .java:336) >>> at org.apache.openmeetings.web.pages.auth.SignInDialog.onSubmit >>> (SignInDialog.java:188) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>> alog$DialogFormSubmitter.onSubmit(AbstractFormDialog.java:294) >>> at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form. >>> java:1248) >>> at org.apache.wicket.markup.html.form.Form.process(Form.java:946) >>> at org.apache.wicket.markup.html.form.StatelessForm.process(Sta >>> telessForm.java:100) >>> at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form >>> .java:770) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>> alog.internalOnClick(AbstractFormDialog.java:215) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractDialog >>> $1.onClick(AbstractDialog.java:413) >>> at com.googlecode.wicket.jquery.ui.widget.dialog.DialogBehavior >>> .onAjax(DialogBehavior.java:188) >>> at com.googlecode.wicket.jquery.core.ajax.JQueryAjaxBehavior.re >>> spond(JQueryAjaxBehavior.java:173) >>> at org.apache.wicket.ajax.AbstractDefaultAjaxBehavior.onRequest >>> (AbstractDefaultAjaxBehavior.java:598) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.internalInvoke(ListenerRequestHandler.java:308) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.invoke(ListenerRequestHandler.java:282) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.invokeListener(ListenerRequestHandler.java:224) >>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>> r.respond(ListenerRequestHandler.java:210) >>> at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor >>> .respond(RequestCycle.java:912) >>> at org.apache.wicket.request.RequestHandlerExecutor.execute(Req >>> uestHandlerExecutor.java:65) >>> at org.apache.wicket.request.cycle.RequestCycle.execute(Request >>> Cycle.java:283) >>> at org.apache.wicket.request.cycle.RequestCycle.processRequest( >>> RequestCycle.java:253) >>> at org.apache.wicket.request.cycle.RequestCycle.processRequestA >>> ndDetach(RequestCycle.java:221) >>> at org.apache.wicket.protocol.ws.AbstractUpgradeFilter.processR >>> equestCycle(AbstractUpgradeFilter.java:70) >>> at org.apache.wicket.protocol.http.WicketFilter.processRequest( >>> WicketFilter.java:204) >>> at org.apache.wicket.protocol.http.WicketFilter.doFilter(Wicket >>> Filter.java:286) >>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>> lter(ApplicationFilterChain.java:192) >>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>> licationFilterChain.java:165) >>> at org.red5.logging.LoggerContextFilter.doFilter(LoggerContextF >>> ilter.java:84) >>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>> lter(ApplicationFilterChain.java:192) >>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>> licationFilterChain.java:165) >>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar >>> dWrapperValve.java:198) >>> at org.apache.catalina.core.StandardContextValve.invoke(Standar >>> dContextValve.java:96) >>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A >>> uthenticatorBase.java:478) >>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo >>> stValve.java:140) >>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo >>> rtValve.java:80) >>> at org.apache.catalina.valves.AbstractAccessLogValve.invoke(Abs >>> tractAccessLogValve.java:624) >>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard >>> EngineValve.java:87) >>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd >>> apter.java:341) >>> at org.apache.coyote.http11.Http11Processor.service(Http11Proce >>> ssor.java:783) >>> at org.apache.coyote.AbstractProcessorLight.process(AbstractPro >>> cessorLight.java:66) >>> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process >>> (AbstractProtocol.java:798) >>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun >>> (NioEndpoint.java:1441) >>> at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketPro >>> cessorBase.java:49) >>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >>> Executor.java:1142) >>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >>> lExecutor.java:617) >>> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.r >>> un(TaskThread.java:61) >>> at java.lang.Thread.run(Thread.java:745) >>> >>> Any Ideas? >>> >>> Greetings Peter >>> >>> >>> Am 17.06.2017 um 08:15 schrieb Maxim Solodovnik: >>> >>>> Hello Peter, >>>> >>>> I have implemented #3 >>>> http://git-wip-us.apache.org/repos/asf/openmeetings/diff/156bcc79 >>>> The only difference: Password re-hashing is not being emailed but logged >>>> with WARN level >>>> >>>> Would appreciate if you can test it and let me know your thoughts :) >>>> >>>> Build 36+ from here: >>>> https://builds.apache.org/view/M-R/view/OpenMeetings/job/Ope >>>> nmeetings%203.3.x/ >>>> >>>> >>>> On Fri, Jun 16, 2017 at 2:43 PM, Maxim Solodovnik <[email protected] >>>> > >>>> wrote: >>>> >>>> Both external and LDAP users would not be affected >>>>> >>>>> Will try to implement 3) as you have described, looks doable :) >>>>> Thanks! >>>>> >>>>> On Fri, Jun 16, 2017 at 2:34 PM, Peter Dähn <[email protected]> wrote: >>>>> >>>>> Hi Maxim, >>>>>> >>>>>> We have a lot external user in our system and just a few "real" user. >>>>>> Am >>>>>> I right that this doesn't apply to external user or does this case >>>>>> also be >>>>>> handled? >>>>>> >>>>>> 1 and 2 wouldn't be my favorites. >>>>>> >>>>>> I would prefer 3 and has an alternative if 3 isn't possible. >>>>>> >>>>>> 3) We hat a similar change in our system. They did it in the following >>>>>> way. >>>>>> >>>>>> - user login -> check password with sha256 >>>>>> - if this doesn't match check password against md5 >>>>>> - if this match store sha256-hash for further logins and >>>>>> send an >>>>>> e-mail to that user "Rewrote password for security-reasons. If you >>>>>> didin't >>>>>> login right now, inform your system-admin" or something like that. >>>>>> - if both hashes doesn't match deny login. >>>>>> >>>>>> This would be the most user-friendly way I think. >>>>>> >>>>>> 4) Alternatively one could reset all passwords and if a user try to >>>>>> login >>>>>> with empty password one get a popup "Your password need to renewed. >>>>>> You got >>>>>> an e-mail". The system sends an e-mail with a link to create a new >>>>>> password. >>>>>> >>>>>> This are out ideas so far. >>>>>> >>>>>> Greetings Peter >>>>>> >>>>>> >>>>>> Am 14.06.2017 um 09:07 schrieb Maxim Solodovnik: >>>>>> >>>>>> Sure, have to fix some issues >>>>>>> Will try to finish everything until next week-end :) >>>>>>> So no rush right now :) >>>>>>> >>>>>>> My ideas were: >>>>>>> 1) Add Admin function "reset all passwords" (not sure how users >>>>>>> should be >>>>>>> notified on new password in this case) >>>>>>> 2) Add Admin function: "Email all users" general email "Please reset >>>>>>> your >>>>>>> passwords" will be sent to all users >>>>>>> 3) Allow login with old password and require user to change it, >>>>>>> possible >>>>>>> but seems to be tricky >>>>>>> >>>>>>> Will wait for the results of your discussion :) >>>>>>> >>>>>>> On Wed, Jun 14, 2017 at 2:00 PM, Peter Dähn <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>> Hi Maxim, >>>>>>> >>>>>>>> you are right, this point is left.... >>>>>>>> I think I try to discuss this with a colleague of mine. Maybe we >>>>>>>> get an >>>>>>>> idea... >>>>>>>> >>>>>>>> Back later the or most likely on Friday. I hope this is on time. >>>>>>>> >>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> >>>>>>>> Am 14.06.2017 um 07:43 schrieb Maxim Solodovnik: >>>>>>>> >>>>>>>> Thanks a lot Peter, >>>>>>>> >>>>>>>> Now I'm back and ready to help :) >>>>>>>> >>>>>>>> Would appreciate to hear any thought regarding "soft" changing of >>>>>>>> password >>>>>>>> hash function >>>>>>>> >>>>>>>> On Mon, Jun 12, 2017 at 6:40 PM, Peter Dähn <[email protected]> < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>> >>>>>>>> so.. now it is time I think... >>>>>>>> >>>>>>>> Congratulations! I hope you had a nice wedding and a few relaxing >>>>>>>> days... >>>>>>>> >>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> >>>>>>>> Am 24.05.2017 um 12:03 schrieb Peter Dähn: >>>>>>>> >>>>>>>> >>>>>>>> ok.. then good luck... >>>>>>>> >>>>>>>> and best wishes when you are back... ;-) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Am 24.05.2017 um 11:57 schrieb Maxim Solodovnik: >>>>>>>> >>>>>>>> >>>>>>>> Thanks :) >>>>>>>> >>>>>>>> I'll be on vacation for the next 2 weeks, with rare access to the >>>>>>>> email >>>>>>>> from my phone, so no rush :) >>>>>>>> >>>>>>>> On Wed, May 24, 2017 at 4:55 PM, Peter Dähn <[email protected]> < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>> ok.. need to think about it... ;-) >>>>>>>> >>>>>>>> I will be back in office next week... maybe with "THE IDEA".. or >>>>>>>> maybe >>>>>>>> not... ;-) >>>>>>>> >>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> Am 24.05.2017 um 11:21 schrieb Maxim Solodovnik: >>>>>>>> >>>>>>>> It is all discussible :) >>>>>>>> >>>>>>>> 3.0.7 still uses MD5CryptImplementation<https:/ >>>>>>>> /github.com/apache/openmeetings/blob/3.0.x/src/util/ >>>>>>>> java/org/apache/openmeetings/util/crypt/MD5CryptImplementation.java> >>>>>>>> < >>>>>>>> https://github.com/apache/openmeetings/blob/3.0.x/src/util/ >>>>>>>> java/org/apache/openmeetings/util/crypt/MD5CryptImplementati >>>>>>>> on.java> >>>>>>>> which >>>>>>>> is not secure at all :((( >>>>>>>> We can add back SHA256Implementation<https://g >>>>>>>> ithub.com/apache/openmeetings/blob/3.1.x/openmeeti >>>>>>>> ngs-util/src/main/java/org/apache/openmeetings/util/ >>>>>>>> crypt/SHA256Implementation.java> <https://github.com/apache/ope >>>>>>>> nmeetings/blob/3.1.x/openmeetings-util/src/main/java/org/apa >>>>>>>> che/openmeetings/util/crypt/SHA256Implementation.java> >>>>>>>> >>>>>>>> ( >>>>>>>> available since 3.1.x) for compatibility reasons, but I'm afraid >>>>>>>> there >>>>>>>> is >>>>>>>> no clean way to perform backup and preserve passwords ..... >>>>>>>> >>>>>>>> I thought maybe we can add "Reset All passwords" admin function, but >>>>>>>> it is >>>>>>>> totally insecure :( >>>>>>>> Any ideas are appreciated :) >>>>>>>> >>>>>>>> On Wed, May 24, 2017 at 4:15 PM, Peter Dähn <[email protected]> < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> >>>>>>>> I think further investigation is not needed. I just didn't see it >>>>>>>> before... >>>>>>>> >>>>>>>> Is this behavior the final state? Then it will be difficult to >>>>>>>> update my >>>>>>>> installation (3.0.7). This also should the problem with any >>>>>>>> installation >>>>>>>> before 3.3.0. Isn't it? >>>>>>>> >>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> Am 24.05.2017 um 11:07 schrieb Maxim Solodovnik: >>>>>>>> >>>>>>>> Hello Peter, >>>>>>>> >>>>>>>> >>>>>>>> these debug messages are OK during import (I can perform further >>>>>>>> investigation, but I believe this is not an issue) >>>>>>>> >>>>>>>> Current 4.0.0 contains backported code from 3.3.0 which has stronger >>>>>>>> Password rules ... >>>>>>>> You were unable to login after restore from backup since Password >>>>>>>> Crypt >>>>>>>> was >>>>>>>> changed to the SCrypt, which is stronger than SHA512 used before >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Wed, May 24, 2017 at 3:50 PM, Peter Dähn <[email protected]> < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>> I tried to reset the password. I got following message: >>>>>>>> >>>>>>>> "Weak' password: at least 1 special symbol '!@#$%^&*][' is required" >>>>>>>> >>>>>>>> Could this be the Problem? I think this shouldn't be like that, >>>>>>>> because >>>>>>>> there wasn't such restriction before. >>>>>>>> >>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Am 24.05.2017 um 10:21 schrieb Peter Dähn: >>>>>>>> >>>>>>>> Hi Maxim, >>>>>>>> >>>>>>>> I wanted to try out html5 video components... >>>>>>>> >>>>>>>> While importing my backup (worked before) I got a lot of these >>>>>>>> messages >>>>>>>> below. >>>>>>>> >>>>>>>> DEBUG 05-24 10:06:49.592 AuthLevelUtil.java 56867 40 >>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>> Login :: >>>>>>>> [GRANTED] >>>>>>>> DEBUG 05-24 10:06:49.601 AuthLevelUtil.java 56876 40 >>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>> Login :: >>>>>>>> [DENIED] >>>>>>>> DEBUG 05-24 10:06:49.609 AuthLevelUtil.java 56884 40 >>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>> Login :: >>>>>>>> [DENIED] >>>>>>>> DEBUG 05-24 10:06:49.615 AuthLevelUtil.java 56890 40 >>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>> Login :: >>>>>>>> [DENIED] >>>>>>>> DEBUG 05-24 10:06:49.622 AuthLevelUtil.java 56897 40 >>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>> Login :: >>>>>>>> [DENIED] >>>>>>>> DEBUG 05-24 10:06:49.629 AuthLevelUtil.java 56904 40 >>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>> Login :: >>>>>>>> [DENIED] >>>>>>>> DEBUG 05-24 10:06:49.636 AuthLevelUtil.java 56911 40 >>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>> Login :: >>>>>>>> [DENIED] >>>>>>>> >>>>>>>> I never noticed these ones before. After starting the server, I >>>>>>>> couldn't >>>>>>>> login with my admin user. "Username/email and/or password are >>>>>>>> incorrect." >>>>>>>> >>>>>>>> Any Ideas? >>>>>>>> >>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> B.Sc. Peter Dähn >>>>>>>> Virtueller Campus Rheinland-Pfalz <http://www.vcrp.de/> >>>>>>>> Postfach 3049 >>>>>>>> 67653 Kaiserslautern >>>>>>>> Tel: 0631/205-4944 >>>>>>>> Olat <https://olat.vcrp.de/> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> -- >>>>>> B.Sc. Peter Dähn >>>>>> Virtueller Campus Rheinland-Pfalz <http://www.vcrp.de/> >>>>>> Postfach 3049 >>>>>> 67653 Kaiserslautern >>>>>> Tel: 0631/205-4944 >>>>>> Olat <https://olat.vcrp.de/> >>>>>> >>>>>> >>>>> >>>>> -- >>>>> WBR >>>>> Maxim aka solomax >>>>> >>>>> >>>> >>>> >> >> >> -- >> WBR >> Maxim aka solomax >> > > > > -- > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
