[midPoint] Password Reset Email Notifier Configuration

Pálos Gustáv gustav.palos at evolveum.com
Mon Mar 6 22:35:10 CET 2017


you need not to import, but edit configuration --> repository objects -->
system configuration -->
find section <notificationConfiguration> and put here:
  <handler>
         <simpleUserNotifier>
  .....
         </simpleUserNotifier>
  </handler>

and please also read & use this:
https://wiki.evolveum.com/display/midPoint/Configuring+notifications

You can start with redirecting e-mail to file over redirectToFile

best regards,

Gustav

2017-03-06 22:29 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:

> Hi Gustav,
> I have
> Version 3.5
> Git describe git-v3.5
> Build at Wed, 21 Dec 2016 14:01:34 +0000
>
> I copied and pasted verbatim from the wiki page into the embedded editor
> or the Import Object GUI page, I don't get any output from idm.log but I do
> get this in catalina.out:
> ==> catalina.out <==
> java.lang.ClassCastException
>
> And the error in the GUI has changed to "Object validation failed (no
> reason given)"
>
> On Mon, Mar 6, 2017 at 3:31 PM, <midpoint-request at lists.evolveum.com>
> wrote:
>
>> Send midPoint mailing list submissions to
>>         midpoint at lists.evolveum.com
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>>         http://lists.evolveum.com/mailman/listinfo/midpoint
>> or, via email, send a message with subject or body 'help' to
>>         midpoint-request at lists.evolveum.com
>>
>> You can reach the person managing the list at
>>         midpoint-owner at lists.evolveum.com
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of midPoint digest..."
>>
>>
>> Today's Topics:
>>
>>    1. JMS based workflow configuration (Prabhakara Rao Doddapaneni)
>>    2. Password Reset Email Notifier Configuration (Peter Healy)
>>    3. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Mon, 6 Mar 2017 19:30:26 +0000 (UTC)
>> From: Prabhakara Rao Doddapaneni <dp_rao at yahoo.com>
>> To: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
>> Subject: [midPoint] JMS based workflow configuration
>> Message-ID: <1001644321.2237664.1488828626312 at mail.yahoo.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>> One of my resources cannot be configured to respond to sync poll.  I plan
>> to send a message in JMS Q so that midpoint can listen to that message and
>> reconcile/add the user into repository.  What is the ideal solution to
>> achieve this?  has anybody come across this situation?
>> Thanks,Prabhakar.
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
>> 20170306/a715dd11/attachment-0001.html>
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Mon, 6 Mar 2017 15:24:27 -0500
>> From: Peter Healy <phealy3330 at gmail.com>
>> To: midpoint at lists.evolveum.com
>> Subject: [midPoint] Password Reset Email Notifier Configuration
>> Message-ID:
>>         <CADnbc=wtq+Suhc6LUG-r04OppN4AQshDzgk5wGNf7MScsvzbTQ at mail.
>> gmail.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>>
>> I am trying to implement:
>> https://wiki.evolveum.com/display/midPoint/Reset+Password+Configuration
>>
>> But I get an error importing the Simple User Notifier XML object that is
>> in
>> the wiki page:
>>
>> com.evolveum.midpoint.prism.PrismProperty cannot be cast to
>> com.evolveum.midpoint.prism.PrismObject
>>
>>
>> I created and successfully imported this Mail Nonce Policy:
>> <valuePolicy xmlns="
>> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>              xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
>>              xmlns:c="
>> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>              xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
>>              xmlns:icfs="
>> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
>> esource-schema-3
>> "
>>              xmlns:ri="
>> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
>>              oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>>              version="0">
>>    <name>Mail Nonce Policy</name>
>>    <description>Mail Nonce Policy</description>
>>    <metadata>
>>       <createTimestamp>2017-03-06T19:56:44.233Z</createTimestamp>
>>       <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> type="c:UserType"><!-- administrator --></creatorRef>
>>       <createChannel>
>> http://midpoint.evolveum.com/xml/ns/public/model/channels-3#objectImport
>> </createChannel>
>>    </metadata>
>>    <lifetime>
>>       <expiration>999</expiration>
>>       <warnBeforeExpiration>9</warnBeforeExpiration>
>>       <lockAfterExpiration>0</lockAfterExpiration>
>>       <minPasswordAge>0</minPasswordAge>
>>       <passwordHistoryLength>0</passwordHistoryLength>
>>    </lifetime>
>>    <stringPolicy>
>>       <description>Testing string policy</description>
>>       <limitations>
>>          <minLength>20</minLength>
>>          <maxLength>20</maxLength>
>>          <minUniqueChars>3</minUniqueChars>
>>          <limit>
>>             <description>Alphas</description>
>>             <minOccurs>1</minOccurs>
>>             <mustBeFirst>false</mustBeFirst>
>>             <characterClass>
>>
>>  <value>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ</value>
>>             </characterClass>
>>          </limit>
>>          <limit>
>>             <description>Numbers</description>
>>             <minOccurs>1</minOccurs>
>>             <mustBeFirst>false</mustBeFirst>
>>             <characterClass>
>>                <value>1234567890</value>
>>             </characterClass>
>>          </limit>
>>       </limitations>
>>    </stringPolicy>
>> </valuePolicy>
>>
>> And I successfully imported this security policy for the Mail reset:
>> <securityPolicy xmlns="
>> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>                 xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
>>                 xmlns:c="
>> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>                 xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
>>                 xmlns:icfs="
>> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
>> esource-schema-3
>> "
>>                 xmlns:ri="
>> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
>>                 oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
>>                 version="19">
>>    <name>Mail Reset Security Policy</name>
>>    <metadata>
>>       <createTimestamp>2017-02-14T17:10:13.860Z</createTimestamp>
>>       <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> type="c:UserType"><!-- administrator --></creatorRef>
>>       <createChannel>
>> http://midpoint.evolveum.com/xml/ns/public/model/channels-3#objectImport
>> </createChannel>
>>    </metadata>
>>    <authentication>
>>       <mailAuthentication>
>>          <name>confirmationLink</name>
>>          <displayName>Additional mail authnetication</displayName>
>>          <mailNonce>mailNonce</mailNonce>
>>       </mailAuthentication>
>>    </authentication>
>>    <credentials>
>>       <nonce>
>>          <maxAge>PT2M</maxAge>
>>          <name>mailNonce</name>
>>          <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>> type="c:ValuePolicyType"><!-- Mail Nonce Policy --></valuePolicyRef>
>>       </nonce>
>>    </credentials>
>>    <credentialsReset>
>>       <mailReset>
>>          <name>Reset password using mail</name>
>>
>>  <additionalAuthenticationName>confirmationLink</additionalAut
>> henticationName>
>>       </mailReset>
>>    </credentialsReset>
>> </securityPolicy>
>>
>> This is the Simple User Notifier form the wiki page:
>> <simpleUserNotifier>
>>     <expressionFilter>
>>         <script>
>>             <code>
>>                     import
>> com.evolveum.midpoint.notifications.api.events.ModelEvent
>>                     import
>> com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType
>>                     import com.evolveum.midpoint.prism.delta.ChangeType
>>
>>                    (event instanceof ModelEvent &&
>> event.getChannel().equals("
>> http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#resetPassword
>> "))
>>             </code>
>>         </script>
>>     </expressionFilter>
>>     <recipientExpression>
>>         <script>
>>             <code>return requestee.getEmailAddress()</code>
>>         </script>
>>     </recipientExpression>
>>     <bodyExpression>
>>         <script>
>>             <code>
>>
>>                 import
>> com.evolveum.midpoint.notifications.api.events.ModelEvent
>>                 modelEvent = (ModelEvent) event
>>                 newUser = modelEvent.getFocusContext().getObjectNew();
>>                 userType = newUser.asObjectable();
>>
>>                 link = "
>> http://localhost:8080/midpoint/resetPasswordConfrimation/user/" +
>> userType.getName().getOrig() +"/token/" +
>> midpoint.getPlaintext(userType.getCredentials().getNonce().getValue());
>>                 bodyMessage = "Did you request password reset? If yes,
>> click on the link bellow \n" + link
>>
>>                 return bodyMessage;
>>             </code>
>>         </script>
>>     </bodyExpression>
>>     <transport>mail</transport>
>> </simpleUserNotifier>
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
>> 20170306/4448fc63/attachment-0001.html>
>>
>> ------------------------------
>>
>> Message: 3
>> Date: Mon, 6 Mar 2017 21:31:06 +0100
>> From: Pálos Gustáv <gustav.palos at evolveum.com>
>> To: midPoint General Discussion <midpoint at lists.evolveum.com>
>> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
>> Message-ID:
>>         <CAPXQVkdrEFOqZxKLZFxNtx-2Z=v==PHTzEnkQhjdXcJXY6Mp=g at mail.gm
>> ail.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>>
>> Hi Peter
>>
>> I successfully imported Simple User Notifier snippet in midPoint 3.5. What
>> version do you try?
>> This feature is supported only from v3.5.
>>
>> If you have same midPoint version, please send more detailed track trace
>> from idm.log
>>
>> Best regards,
>>
>> Gustav
>>
>> 2017-03-06 21:24 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
>>
>> > I am trying to implement:
>> > https://wiki.evolveum.com/display/midPoint/Reset+Password+Configuration
>> >
>> > But I get an error importing the Simple User Notifier XML object that is
>> > in the wiki page:
>> >
>> > com.evolveum.midpoint.prism.PrismProperty cannot be cast to
>> > com.evolveum.midpoint.prism.PrismObject
>> >
>> >
>> > I created and successfully imported this Mail Nonce Policy:
>> > <valuePolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
>> > common/common-3"
>> >              xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
>> >              xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
>> > common/common-3"
>> >              xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
>> >              xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/
>> > connector/icf-1/resource-schema-3"
>> >              xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/
>> > resource/instance-3"
>> >              oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>> >              version="0">
>> >    <name>Mail Nonce Policy</name>
>> >    <description>Mail Nonce Policy</description>
>> >    <metadata>
>> >       <createTimestamp>2017-03-06T19:56:44.233Z</createTimestamp>
>> >       <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> > type="c:UserType"><!-- administrator --></creatorRef>
>> >       <createChannel>http://midpoint.evolveum.com/xml/ns/
>> > public/model/channels-3#objectImport</createChannel>
>> >    </metadata>
>> >    <lifetime>
>> >       <expiration>999</expiration>
>> >       <warnBeforeExpiration>9</warnBeforeExpiration>
>> >       <lockAfterExpiration>0</lockAfterExpiration>
>> >       <minPasswordAge>0</minPasswordAge>
>> >       <passwordHistoryLength>0</passwordHistoryLength>
>> >    </lifetime>
>> >    <stringPolicy>
>> >       <description>Testing string policy</description>
>> >       <limitations>
>> >          <minLength>20</minLength>
>> >          <maxLength>20</maxLength>
>> >          <minUniqueChars>3</minUniqueChars>
>> >          <limit>
>> >             <description>Alphas</description>
>> >             <minOccurs>1</minOccurs>
>> >             <mustBeFirst>false</mustBeFirst>
>> >             <characterClass>
>> >                <value>abcdefghijklmnopqrstuvwxyzABCD
>> > EFGHIJKLMNOPQRSTUVWXYZ</value>
>> >             </characterClass>
>> >          </limit>
>> >          <limit>
>> >             <description>Numbers</description>
>> >             <minOccurs>1</minOccurs>
>> >             <mustBeFirst>false</mustBeFirst>
>> >             <characterClass>
>> >                <value>1234567890</value>
>> >             </characterClass>
>> >          </limit>
>> >       </limitations>
>> >    </stringPolicy>
>> > </valuePolicy>
>> >
>> > And I successfully imported this security policy for the Mail reset:
>> > <securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
>> > common/common-3"
>> >                 xmlns:q="http://prism.evolveu
>> m.com/xml/ns/public/query-3"
>> >                 xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
>> > common/common-3"
>> >                 xmlns:t="http://prism.evolveu
>> m.com/xml/ns/public/types-3"
>> >                 xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/
>> > connector/icf-1/resource-schema-3"
>> >                 xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/
>> > resource/instance-3"
>> >                 oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
>> >                 version="19">
>> >    <name>Mail Reset Security Policy</name>
>> >    <metadata>
>> >       <createTimestamp>2017-02-14T17:10:13.860Z</createTimestamp>
>> >       <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> > type="c:UserType"><!-- administrator --></creatorRef>
>> >       <createChannel>http://midpoint.evolveum.com/xml/ns/
>> > public/model/channels-3#objectImport</createChannel>
>> >    </metadata>
>> >    <authentication>
>> >       <mailAuthentication>
>> >          <name>confirmationLink</name>
>> >          <displayName>Additional mail authnetication</displayName>
>> >          <mailNonce>mailNonce</mailNonce>
>> >       </mailAuthentication>
>> >    </authentication>
>> >    <credentials>
>> >       <nonce>
>> >          <maxAge>PT2M</maxAge>
>> >          <name>mailNonce</name>
>> >          <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>> > type="c:ValuePolicyType"><!-- Mail Nonce Policy --></valuePolicyRef>
>> >       </nonce>
>> >    </credentials>
>> >    <credentialsReset>
>> >       <mailReset>
>> >          <name>Reset password using mail</name>
>> >          <additionalAuthenticationName>confirmationLink</
>> > additionalAuthenticationName>
>> >       </mailReset>
>> >    </credentialsReset>
>> > </securityPolicy>
>> >
>> > This is the Simple User Notifier form the wiki page:
>> > <simpleUserNotifier>
>> >     <expressionFilter>
>> >         <script>
>> >             <code>
>> >                     import com.evolveum.midpoint.notifica
>> tions.api.events.
>> > ModelEvent
>> >                     import com.evolveum.midpoint.xml.ns._
>> > public.common.common_3.OrgType
>> >                     import com.evolveum.midpoint.prism.delta.ChangeType
>> >
>> >                    (event instanceof ModelEvent &&
>> > event.getChannel().equals("http://midpoint.evolveum.com/xml/
>> > ns/public/gui/channels-3#resetPassword"))
>> >             </code>
>> >         </script>
>> >     </expressionFilter>
>> >     <recipientExpression>
>> >         <script>
>> >             <code>return requestee.getEmailAddress()</code>
>> >         </script>
>> >     </recipientExpression>
>> >     <bodyExpression>
>> >         <script>
>> >             <code>
>> >
>> >                 import com.evolveum.midpoint.notifications.api.events.
>> > ModelEvent
>> >                 modelEvent = (ModelEvent) event
>> >                 newUser = modelEvent.getFocusContext().getObjectNew();
>> >                 userType = newUser.asObjectable();
>> >
>> >                 link = "http://localhost:8080/midpoint/
>> > resetPasswordConfrimation/user/" + userType.getName().getOrig()
>> > +"/token/" + midpoint.getPlaintext(userType.getCredentials().
>> > getNonce().getValue());
>> >                 bodyMessage = "Did you request password reset? If yes,
>> > click on the link bellow \n" + link
>> >
>> >                 return bodyMessage;
>> >             </code>
>> >         </script>
>> >     </bodyExpression>
>> >     <transport>mail</transport>
>> > </simpleUserNotifier>
>> >
>> > _______________________________________________
>> > midPoint mailing list
>> > midPoint at lists.evolveum.com
>> > http://lists.evolveum.com/mailman/listinfo/midpoint
>> >
>> >
>>
>>
>> --
>> Gustáv Pálos
>> Identity Engineer
>> evolveum.com
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
>> 20170306/85ab3d27/attachment.html>
>>
>> ------------------------------
>>
>> Subject: Digest Footer
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>> ------------------------------
>>
>> End of midPoint Digest, Vol 59, Issue 26
>> ****************************************
>>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>


-- 
Gustáv Pálos
Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170306/3dfbadb0/attachment.htm>


More information about the midPoint mailing list