On 26/05/2015 15:53, Suresh wrote:
Somehow we are still getting concurrent updates issue.
Anyways, what date 1.2.5 be releasing?
We haven't started discussing this yet.
If you want to backport the fix for SYNCOPE-671 into a 1.2.4 project (if
you're on 1.2.3 please first upgrade to 1.2.4), you need to download
this file
https://git-wip-us.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java;h=dc5fdd28bca3837d74198ad2bbed9599b3850beb;hb=4c90ea8
and save it as
core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java
in your own project (also creating all intermediate folders), then
re-build and re-deploy.
Please also remember, when 1.2.5 will be out, to remove such class from
your project's sources.
HTH
Regards.
On Mon, May 25, 2015 at 11:24 AM, Francesco Chicchiriccò
<[email protected] <mailto:[email protected]>> wrote:
On 24/05/2015 19:15, Francesco Chicchiriccò wrote:
On 2015-05-23 09:06 Suresh wrote:
hi,
Please find below scenarios which are not working in syncope.
First Try:
1. End user creates his profile using self-registration with
approval enabled
2. Manager gets approval request, he approves and user get
created successfully.
3. Manager edits the user to add resource and role id for
providing entitlements successfully.
4. User logs into syncope application and end application using
this username/password successfully.
5. User locks his password by attempting wrong passwords and
account gets locked.
6. User tries to self-password reset from login page link
7. User provides his username and security question answer and
submits the request.
8. User receives mail notification with link to change the password.
9. User provides new password and submits successfully.
10. User is able to successfully login into Syncope but not from
target application
*Issue: *We see the password is not propagating to target
application database and hence unable to login.
Confirmed: see SYNCOPE-671 [1] (just fixed on 1.2.5 / 2.0.0).
Second Try:
We tried resetting password through self login using following
steps.
1. Follow steps till 1-10 above.
2. End User logs in into Syncope and search himself
3. User clicks'Manage Resouce' link for his profile.
4. User tries to change password using 'Assign' / 'Provision' links.
5. Syncope throws error "ConcurrentModification [mismatch Etag
value]"
Again confirmed: this seems to be an issue on console side due to
some concurrent update (since 1.2.0 in fact, support for ETag is
available which prevents concurrent modifications of the same
user / role).
Update: after more attempts, I was actually unable to reproduce
this: it's probably been something related to unwanted / unaware
concurrent updates on the same object.
Third Try:
We also tried pushing the password to target application by Push
Task. The task gets successfully executed, but the password is
not pushed into target.
This will never work unless you are using AES as password cipher
algorithm, or DBPasswordPropagationActions is configured (see
SYNCOPE-505 [2] for details); basically, Syncope does not
(obviously) store password values as clear-text; with AES (which
is not default BTW) password values can be decrypted before being
sent externally, while with DBPasswordPropagationActions it is
possible to send encrypted password values to the external database.
Regards.
[1] https://issues.apache.org/jira/browse/SYNCOPE-671
[2] https://issues.apache.org/jira/browse/SYNCOPE-505
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
