Password Reminder Link broken on Sandbox

Create issue
Issue #1902 resolved
Stephan Doerfel created an issue

The password reminder function in the sandbox is broken. the recovery link (sent to the user via mail) is not valid. Please check if this is true for other puma instances as well. Please determine the cause for the broken link. You will need to create "group" accounts, i.e. accounts with username and password instead of the usual library accounts.

Before you take any action fixing the issue please report back to Stephan with results or questions. The inability to change the password is actually good for the sandbox. However, we should find a nicer way to achieve this (at least a note in the email would be nice). For the other PUMAs we will have to fix it in case they also suffer from that problem.

Comments (5)

  1. Viktor Hemsen

    The PasswordReminder generates a hash for the user. This particular hash sometimes contains encoded slashes. It looks like the webserver for puma.sanbox denies requests containing encoded slashes '%2F' . I enabled it on my system by adding the following option to the catalina.properties file: " org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true " After that the Reminder-function worked properly.

  2. Log in to comment