Jeff Vincent created MRM-1690:
---------------------------------
Summary: User & password management broken
Key: MRM-1690
URL: https://jira.codehaus.org/browse/MRM-1690
Project: Archiva
Issue Type: Bug
Components: Users/Security
Affects Versions: 1.4-M3
Environment: Archiva Server: Apache Tomcat 6
OS: CentOS 6.2
Client: Windows 7/Chrome (latest) and FireFox 15.0.1 and IE 9.0.10 (except IE
hangs when loading the home page)
Reporter: Jeff Vincent
Priority: Critical
1) Can't create new users. Filling in the form and clicking save does nothing.
The dialog stays open. (Attempted w/ Chrome&FF, couldn't get IE to open the
home page)
2) I'm having problems setting the password for the admin user (possibly
others, but I don't want to touch other accounts and I can't create new ones).
The reset password process didn't send me an e-mail.
Initially after the upgrade from 1.4-M2, I had forgotten the 'admin' password
and eventually got a prompt (not sure how) to change the password but it didn't
seem to do anything.
I also tried clicking "Forgot Password" and it put a banner at the top of the
page saying "Password reset", but it wasn't clear what that meant. I think
maybe it was supposed to send an email. If so, maybe the message needs to say
that.
However, I never got an e-mail.
I ended up copying the derby database files to my local system and using
SquirreL SQL client to open up and copy a known encrypted password value from
another user.
After logging in using the copied password, I attempted to change the 'admin'
password. I click "Edit Details", entered my existing password and new
password info. When I click "Ok". It appears to do nothing. The dialog stays
open and no password is set.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
