[midPoint] Password Reset Email Notifier Configuration
Pálos Gustáv
gustav.palos at evolveum.com
Mon Mar 6 21:31:06 CET 2017
Hi Peter
I successfully imported Simple User Notifier snippet in midPoint 3.5. What
version do you try?
This feature is supported only from v3.5.
If you have same midPoint version, please send more detailed track trace
from idm.log
Best regards,
Gustav
2017-03-06 21:24 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
> I am trying to implement:
> https://wiki.evolveum.com/display/midPoint/Reset+Password+Configuration
>
> But I get an error importing the Simple User Notifier XML object that is
> in the wiki page:
>
> com.evolveum.midpoint.prism.PrismProperty cannot be cast to
> com.evolveum.midpoint.prism.PrismObject
>
>
> I created and successfully imported this Mail Nonce Policy:
> <valuePolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
> common/common-3"
> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
> common/common-3"
> xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
> xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/
> connector/icf-1/resource-schema-3"
> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/
> resource/instance-3"
> oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> version="0">
> <name>Mail Nonce Policy</name>
> <description>Mail Nonce Policy</description>
> <metadata>
> <createTimestamp>2017-03-06T19:56:44.233Z</createTimestamp>
> <creatorRef oid="00000000-0000-0000-0000-000000000002"
> type="c:UserType"><!-- administrator --></creatorRef>
> <createChannel>http://midpoint.evolveum.com/xml/ns/
> public/model/channels-3#objectImport</createChannel>
> </metadata>
> <lifetime>
> <expiration>999</expiration>
> <warnBeforeExpiration>9</warnBeforeExpiration>
> <lockAfterExpiration>0</lockAfterExpiration>
> <minPasswordAge>0</minPasswordAge>
> <passwordHistoryLength>0</passwordHistoryLength>
> </lifetime>
> <stringPolicy>
> <description>Testing string policy</description>
> <limitations>
> <minLength>20</minLength>
> <maxLength>20</maxLength>
> <minUniqueChars>3</minUniqueChars>
> <limit>
> <description>Alphas</description>
> <minOccurs>1</minOccurs>
> <mustBeFirst>false</mustBeFirst>
> <characterClass>
> <value>abcdefghijklmnopqrstuvwxyzABCD
> EFGHIJKLMNOPQRSTUVWXYZ</value>
> </characterClass>
> </limit>
> <limit>
> <description>Numbers</description>
> <minOccurs>1</minOccurs>
> <mustBeFirst>false</mustBeFirst>
> <characterClass>
> <value>1234567890</value>
> </characterClass>
> </limit>
> </limitations>
> </stringPolicy>
> </valuePolicy>
>
> And I successfully imported this security policy for the Mail reset:
> <securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
> common/common-3"
> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
> common/common-3"
> xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
> xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/
> connector/icf-1/resource-schema-3"
> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/
> resource/instance-3"
> oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
> version="19">
> <name>Mail Reset Security Policy</name>
> <metadata>
> <createTimestamp>2017-02-14T17:10:13.860Z</createTimestamp>
> <creatorRef oid="00000000-0000-0000-0000-000000000002"
> type="c:UserType"><!-- administrator --></creatorRef>
> <createChannel>http://midpoint.evolveum.com/xml/ns/
> public/model/channels-3#objectImport</createChannel>
> </metadata>
> <authentication>
> <mailAuthentication>
> <name>confirmationLink</name>
> <displayName>Additional mail authnetication</displayName>
> <mailNonce>mailNonce</mailNonce>
> </mailAuthentication>
> </authentication>
> <credentials>
> <nonce>
> <maxAge>PT2M</maxAge>
> <name>mailNonce</name>
> <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> type="c:ValuePolicyType"><!-- Mail Nonce Policy --></valuePolicyRef>
> </nonce>
> </credentials>
> <credentialsReset>
> <mailReset>
> <name>Reset password using mail</name>
> <additionalAuthenticationName>confirmationLink</
> additionalAuthenticationName>
> </mailReset>
> </credentialsReset>
> </securityPolicy>
>
> This is the Simple User Notifier form the wiki page:
> <simpleUserNotifier>
> <expressionFilter>
> <script>
> <code>
> import com.evolveum.midpoint.notifications.api.events.
> ModelEvent
> import com.evolveum.midpoint.xml.ns._
> public.common.common_3.OrgType
> import com.evolveum.midpoint.prism.delta.ChangeType
>
> (event instanceof ModelEvent &&
> event.getChannel().equals("http://midpoint.evolveum.com/xml/
> ns/public/gui/channels-3#resetPassword"))
> </code>
> </script>
> </expressionFilter>
> <recipientExpression>
> <script>
> <code>return requestee.getEmailAddress()</code>
> </script>
> </recipientExpression>
> <bodyExpression>
> <script>
> <code>
>
> import com.evolveum.midpoint.notifications.api.events.
> ModelEvent
> modelEvent = (ModelEvent) event
> newUser = modelEvent.getFocusContext().getObjectNew();
> userType = newUser.asObjectable();
>
> link = "http://localhost:8080/midpoint/
> resetPasswordConfrimation/user/" + userType.getName().getOrig()
> +"/token/" + midpoint.getPlaintext(userType.getCredentials().
> getNonce().getValue());
> bodyMessage = "Did you request password reset? If yes,
> click on the link bellow \n" + link
>
> return bodyMessage;
> </code>
> </script>
> </bodyExpression>
> <transport>mail</transport>
> </simpleUserNotifier>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
--
Gustáv Pálos
Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170306/85ab3d27/attachment.htm>
More information about the midPoint
mailing list