[midPoint] Password Reset Email Notifier Configuration
Peter Healy
phealy3330 at gmail.com
Mon Mar 6 23:55:27 CET 2017
Thanks Gustav, I put the notifier in as you described and it appears to
have saved OK.
Now that the notifier is there how can I allow users to actually reset
passwords via email? Is there a URL I can give them to visit?
Thanks again,
Peter
On Mon, Mar 6, 2017 at 4:35 PM, <midpoint-request at lists.evolveum.com> wrote:
> Send midPoint mailing list submissions to
> midpoint at lists.evolveum.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.evolveum.com/mailman/listinfo/midpoint
> or, via email, send a message with subject or body 'help' to
> midpoint-request at lists.evolveum.com
>
> You can reach the person managing the list at
> midpoint-owner at lists.evolveum.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of midPoint digest..."
>
>
> Today's Topics:
>
> 1. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 6 Mar 2017 22:35:10 +0100
> From: Pálos Gustáv <gustav.palos at evolveum.com>
> To: midPoint General Discussion <midpoint at lists.evolveum.com>
> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
> Message-ID:
> <CAPXQVkeypuuT6rbU-G7X57GWGXJAD+viqN7AC9F-
> SkqV0hoLXA at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> you need not to import, but edit configuration --> repository objects -->
> system configuration -->
> find section <notificationConfiguration> and put here:
> <handler>
> <simpleUserNotifier>
> .....
> </simpleUserNotifier>
> </handler>
>
> and please also read & use this:
> https://wiki.evolveum.com/display/midPoint/Configuring+notifications
>
> You can start with redirecting e-mail to file over redirectToFile
>
> best regards,
>
> Gustav
>
> 2017-03-06 22:29 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
>
> > Hi Gustav,
> > I have
> > Version 3.5
> > Git describe git-v3.5
> > Build at Wed, 21 Dec 2016 14:01:34 +0000
> >
> > I copied and pasted verbatim from the wiki page into the embedded editor
> > or the Import Object GUI page, I don't get any output from idm.log but I
> do
> > get this in catalina.out:
> > ==> catalina.out <==
> > java.lang.ClassCastException
> >
> > And the error in the GUI has changed to "Object validation failed (no
> > reason given)"
> >
> > On Mon, Mar 6, 2017 at 3:31 PM, <midpoint-request at lists.evolveum.com>
> > wrote:
> >
> >> Send midPoint mailing list submissions to
> >> midpoint at lists.evolveum.com
> >>
> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> http://lists.evolveum.com/mailman/listinfo/midpoint
> >> or, via email, send a message with subject or body 'help' to
> >> midpoint-request at lists.evolveum.com
> >>
> >> You can reach the person managing the list at
> >> midpoint-owner at lists.evolveum.com
> >>
> >> When replying, please edit your Subject line so it is more specific
> >> than "Re: Contents of midPoint digest..."
> >>
> >>
> >> Today's Topics:
> >>
> >> 1. JMS based workflow configuration (Prabhakara Rao Doddapaneni)
> >> 2. Password Reset Email Notifier Configuration (Peter Healy)
> >> 3. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
> >>
> >>
> >> ----------------------------------------------------------------------
> >>
> >> Message: 1
> >> Date: Mon, 6 Mar 2017 19:30:26 +0000 (UTC)
> >> From: Prabhakara Rao Doddapaneni <dp_rao at yahoo.com>
> >> To: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
> >> Subject: [midPoint] JMS based workflow configuration
> >> Message-ID: <1001644321.2237664.1488828626312 at mail.yahoo.com>
> >> Content-Type: text/plain; charset="utf-8"
> >>
> >> One of my resources cannot be configured to respond to sync poll. I
> plan
> >> to send a message in JMS Q so that midpoint can listen to that message
> and
> >> reconcile/add the user into repository. What is the ideal solution to
> >> achieve this? has anybody come across this situation?
> >> Thanks,Prabhakar.
> >> -------------- next part --------------
> >> An HTML attachment was scrubbed...
> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
> >> 20170306/a715dd11/attachment-0001.html>
> >>
> >> ------------------------------
> >>
> >> Message: 2
> >> Date: Mon, 6 Mar 2017 15:24:27 -0500
> >> From: Peter Healy <phealy3330 at gmail.com>
> >> To: midpoint at lists.evolveum.com
> >> Subject: [midPoint] Password Reset Email Notifier Configuration
> >> Message-ID:
> >> <CADnbc=wtq+Suhc6LUG-r04OppN4AQshDzgk5wGNf7MScsvzbTQ at mail.
> >> gmail.com>
> >> Content-Type: text/plain; charset="utf-8"
> >>
> >>
> >> I am trying to implement:
> >> https://wiki.evolveum.com/display/midPoint/Reset+Password+Configuration
> >>
> >> But I get an error importing the Simple User Notifier XML object that is
> >> in
> >> the wiki page:
> >>
> >> com.evolveum.midpoint.prism.PrismProperty cannot be cast to
> >> com.evolveum.midpoint.prism.PrismObject
> >>
> >>
> >> I created and successfully imported this Mail Nonce Policy:
> >> <valuePolicy xmlns="
> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
> >> xmlns:c="
> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
> >> xmlns:icfs="
> >> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
> >> esource-schema-3
> >> "
> >> xmlns:ri="
> >> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
> >> oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> >> version="0">
> >> <name>Mail Nonce Policy</name>
> >> <description>Mail Nonce Policy</description>
> >> <metadata>
> >> <createTimestamp>2017-03-06T19:56:44.233Z</createTimestamp>
> >> <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> type="c:UserType"><!-- administrator --></creatorRef>
> >> <createChannel>
> >> http://midpoint.evolveum.com/xml/ns/public/model/channels-
> 3#objectImport
> >> </createChannel>
> >> </metadata>
> >> <lifetime>
> >> <expiration>999</expiration>
> >> <warnBeforeExpiration>9</warnBeforeExpiration>
> >> <lockAfterExpiration>0</lockAfterExpiration>
> >> <minPasswordAge>0</minPasswordAge>
> >> <passwordHistoryLength>0</passwordHistoryLength>
> >> </lifetime>
> >> <stringPolicy>
> >> <description>Testing string policy</description>
> >> <limitations>
> >> <minLength>20</minLength>
> >> <maxLength>20</maxLength>
> >> <minUniqueChars>3</minUniqueChars>
> >> <limit>
> >> <description>Alphas</description>
> >> <minOccurs>1</minOccurs>
> >> <mustBeFirst>false</mustBeFirst>
> >> <characterClass>
> >>
> >> <value>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ</value>
> >> </characterClass>
> >> </limit>
> >> <limit>
> >> <description>Numbers</description>
> >> <minOccurs>1</minOccurs>
> >> <mustBeFirst>false</mustBeFirst>
> >> <characterClass>
> >> <value>1234567890</value>
> >> </characterClass>
> >> </limit>
> >> </limitations>
> >> </stringPolicy>
> >> </valuePolicy>
> >>
> >> And I successfully imported this security policy for the Mail reset:
> >> <securityPolicy xmlns="
> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> xmlns:q="http://prism.evolveum.com/xml/ns/public/
> query-3"
> >> xmlns:c="
> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> xmlns:t="http://prism.evolveum.com/xml/ns/public/
> types-3"
> >> xmlns:icfs="
> >> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
> >> esource-schema-3
> >> "
> >> xmlns:ri="
> >> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
> >> oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
> >> version="19">
> >> <name>Mail Reset Security Policy</name>
> >> <metadata>
> >> <createTimestamp>2017-02-14T17:10:13.860Z</createTimestamp>
> >> <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> type="c:UserType"><!-- administrator --></creatorRef>
> >> <createChannel>
> >> http://midpoint.evolveum.com/xml/ns/public/model/channels-
> 3#objectImport
> >> </createChannel>
> >> </metadata>
> >> <authentication>
> >> <mailAuthentication>
> >> <name>confirmationLink</name>
> >> <displayName>Additional mail authnetication</displayName>
> >> <mailNonce>mailNonce</mailNonce>
> >> </mailAuthentication>
> >> </authentication>
> >> <credentials>
> >> <nonce>
> >> <maxAge>PT2M</maxAge>
> >> <name>mailNonce</name>
> >> <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> >> type="c:ValuePolicyType"><!-- Mail Nonce Policy --></valuePolicyRef>
> >> </nonce>
> >> </credentials>
> >> <credentialsReset>
> >> <mailReset>
> >> <name>Reset password using mail</name>
> >>
> >> <additionalAuthenticationName>confirmationLink</additionalAut
> >> henticationName>
> >> </mailReset>
> >> </credentialsReset>
> >> </securityPolicy>
> >>
> >> This is the Simple User Notifier form the wiki page:
> >> <simpleUserNotifier>
> >> <expressionFilter>
> >> <script>
> >> <code>
> >> import
> >> com.evolveum.midpoint.notifications.api.events.ModelEvent
> >> import
> >> com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType
> >> import com.evolveum.midpoint.prism.delta.ChangeType
> >>
> >> (event instanceof ModelEvent &&
> >> event.getChannel().equals("
> >> http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#resetPassword
> >> "))
> >> </code>
> >> </script>
> >> </expressionFilter>
> >> <recipientExpression>
> >> <script>
> >> <code>return requestee.getEmailAddress()</code>
> >> </script>
> >> </recipientExpression>
> >> <bodyExpression>
> >> <script>
> >> <code>
> >>
> >> import
> >> com.evolveum.midpoint.notifications.api.events.ModelEvent
> >> modelEvent = (ModelEvent) event
> >> newUser = modelEvent.getFocusContext().getObjectNew();
> >> userType = newUser.asObjectable();
> >>
> >> link = "
> >> http://localhost:8080/midpoint/resetPasswordConfrimation/user/" +
> >> userType.getName().getOrig() +"/token/" +
> >> midpoint.getPlaintext(userType.getCredentials().getNonce().getValue());
> >> bodyMessage = "Did you request password reset? If yes,
> >> click on the link bellow \n" + link
> >>
> >> return bodyMessage;
> >> </code>
> >> </script>
> >> </bodyExpression>
> >> <transport>mail</transport>
> >> </simpleUserNotifier>
> >> -------------- next part --------------
> >> An HTML attachment was scrubbed...
> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
> >> 20170306/4448fc63/attachment-0001.html>
> >>
> >> ------------------------------
> >>
> >> Message: 3
> >> Date: Mon, 6 Mar 2017 21:31:06 +0100
> >> From: Pálos Gustáv <gustav.palos at evolveum.com>
> >> To: midPoint General Discussion <midpoint at lists.evolveum.com>
> >> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
> >> Message-ID:
> >> <CAPXQVkdrEFOqZxKLZFxNtx-2Z=v==PHTzEnkQhjdXcJXY6Mp=g at mail.gm
> >> ail.com>
> >> Content-Type: text/plain; charset="utf-8"
> >>
> >>
> >> Hi Peter
> >>
> >> I successfully imported Simple User Notifier snippet in midPoint 3.5.
> What
> >> version do you try?
> >> This feature is supported only from v3.5.
> >>
> >> If you have same midPoint version, please send more detailed track trace
> >> from idm.log
> >>
> >> Best regards,
> >>
> >> Gustav
> >>
> >> 2017-03-06 21:24 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
> >>
> >> > I am trying to implement:
> >> > https://wiki.evolveum.com/display/midPoint/Reset+
> Password+Configuration
> >> >
> >> > But I get an error importing the Simple User Notifier XML object that
> is
> >> > in the wiki page:
> >> >
> >> > com.evolveum.midpoint.prism.PrismProperty cannot be cast to
> >> > com.evolveum.midpoint.prism.PrismObject
> >> >
> >> >
> >> > I created and successfully imported this Mail Nonce Policy:
> >> > <valuePolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
> >> > common/common-3"
> >> > xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3
> "
> >> > xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
> >> > common/common-3"
> >> > xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3
> "
> >> > xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/
> >> > connector/icf-1/resource-schema-3"
> >> > xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/
> >> > resource/instance-3"
> >> > oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> >> > version="0">
> >> > <name>Mail Nonce Policy</name>
> >> > <description>Mail Nonce Policy</description>
> >> > <metadata>
> >> > <createTimestamp>2017-03-06T19:56:44.233Z</createTimestamp>
> >> > <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> > type="c:UserType"><!-- administrator --></creatorRef>
> >> > <createChannel>http://midpoint.evolveum.com/xml/ns/
> >> > public/model/channels-3#objectImport</createChannel>
> >> > </metadata>
> >> > <lifetime>
> >> > <expiration>999</expiration>
> >> > <warnBeforeExpiration>9</warnBeforeExpiration>
> >> > <lockAfterExpiration>0</lockAfterExpiration>
> >> > <minPasswordAge>0</minPasswordAge>
> >> > <passwordHistoryLength>0</passwordHistoryLength>
> >> > </lifetime>
> >> > <stringPolicy>
> >> > <description>Testing string policy</description>
> >> > <limitations>
> >> > <minLength>20</minLength>
> >> > <maxLength>20</maxLength>
> >> > <minUniqueChars>3</minUniqueChars>
> >> > <limit>
> >> > <description>Alphas</description>
> >> > <minOccurs>1</minOccurs>
> >> > <mustBeFirst>false</mustBeFirst>
> >> > <characterClass>
> >> > <value>abcdefghijklmnopqrstuvwxyzABCD
> >> > EFGHIJKLMNOPQRSTUVWXYZ</value>
> >> > </characterClass>
> >> > </limit>
> >> > <limit>
> >> > <description>Numbers</description>
> >> > <minOccurs>1</minOccurs>
> >> > <mustBeFirst>false</mustBeFirst>
> >> > <characterClass>
> >> > <value>1234567890</value>
> >> > </characterClass>
> >> > </limit>
> >> > </limitations>
> >> > </stringPolicy>
> >> > </valuePolicy>
> >> >
> >> > And I successfully imported this security policy for the Mail reset:
> >> > <securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
> >> > common/common-3"
> >> > xmlns:q="http://prism.evolveu
> >> m.com/xml/ns/public/query-3"
> >> > xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
> >> > common/common-3"
> >> > xmlns:t="http://prism.evolveu
> >> m.com/xml/ns/public/types-3"
> >> > xmlns:icfs="http://midpoint.
> evolveum.com/xml/ns/public/
> >> > connector/icf-1/resource-schema-3"
> >> > xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/
> >> > resource/instance-3"
> >> > oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
> >> > version="19">
> >> > <name>Mail Reset Security Policy</name>
> >> > <metadata>
> >> > <createTimestamp>2017-02-14T17:10:13.860Z</createTimestamp>
> >> > <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> > type="c:UserType"><!-- administrator --></creatorRef>
> >> > <createChannel>http://midpoint.evolveum.com/xml/ns/
> >> > public/model/channels-3#objectImport</createChannel>
> >> > </metadata>
> >> > <authentication>
> >> > <mailAuthentication>
> >> > <name>confirmationLink</name>
> >> > <displayName>Additional mail authnetication</displayName>
> >> > <mailNonce>mailNonce</mailNonce>
> >> > </mailAuthentication>
> >> > </authentication>
> >> > <credentials>
> >> > <nonce>
> >> > <maxAge>PT2M</maxAge>
> >> > <name>mailNonce</name>
> >> > <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> >> > type="c:ValuePolicyType"><!-- Mail Nonce Policy --></valuePolicyRef>
> >> > </nonce>
> >> > </credentials>
> >> > <credentialsReset>
> >> > <mailReset>
> >> > <name>Reset password using mail</name>
> >> > <additionalAuthenticationName>confirmationLink</
> >> > additionalAuthenticationName>
> >> > </mailReset>
> >> > </credentialsReset>
> >> > </securityPolicy>
> >> >
> >> > This is the Simple User Notifier form the wiki page:
> >> > <simpleUserNotifier>
> >> > <expressionFilter>
> >> > <script>
> >> > <code>
> >> > import com.evolveum.midpoint.notifica
> >> tions.api.events.
> >> > ModelEvent
> >> > import com.evolveum.midpoint.xml.ns._
> >> > public.common.common_3.OrgType
> >> > import com.evolveum.midpoint.prism.
> delta.ChangeType
> >> >
> >> > (event instanceof ModelEvent &&
> >> > event.getChannel().equals("http://midpoint.evolveum.com/xml/
> >> > ns/public/gui/channels-3#resetPassword"))
> >> > </code>
> >> > </script>
> >> > </expressionFilter>
> >> > <recipientExpression>
> >> > <script>
> >> > <code>return requestee.getEmailAddress()</code>
> >> > </script>
> >> > </recipientExpression>
> >> > <bodyExpression>
> >> > <script>
> >> > <code>
> >> >
> >> > import com.evolveum.midpoint.
> notifications.api.events.
> >> > ModelEvent
> >> > modelEvent = (ModelEvent) event
> >> > newUser = modelEvent.getFocusContext().
> getObjectNew();
> >> > userType = newUser.asObjectable();
> >> >
> >> > link = "http://localhost:8080/midpoint/
> >> > resetPasswordConfrimation/user/" + userType.getName().getOrig()
> >> > +"/token/" + midpoint.getPlaintext(userType.getCredentials().
> >> > getNonce().getValue());
> >> > bodyMessage = "Did you request password reset? If yes,
> >> > click on the link bellow \n" + link
> >> >
> >> > return bodyMessage;
> >> > </code>
> >> > </script>
> >> > </bodyExpression>
> >> > <transport>mail</transport>
> >> > </simpleUserNotifier>
> >> >
> >> > _______________________________________________
> >> > midPoint mailing list
> >> > midPoint at lists.evolveum.com
> >> > http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >
> >> >
> >>
> >>
> >> --
> >> Gustáv Pálos
> >> Identity Engineer
> >> evolveum.com
> >> -------------- next part --------------
> >> An HTML attachment was scrubbed...
> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
> >> 20170306/85ab3d27/attachment.html>
> >>
> >> ------------------------------
> >>
> >> Subject: Digest Footer
> >>
> >> _______________________________________________
> >> midPoint mailing list
> >> midPoint at lists.evolveum.com
> >> http://lists.evolveum.com/mailman/listinfo/midpoint
> >>
> >>
> >> ------------------------------
> >>
> >> End of midPoint Digest, Vol 59, Issue 26
> >> ****************************************
> >>
> >
> >
> > _______________________________________________
> > midPoint mailing list
> > midPoint at lists.evolveum.com
> > http://lists.evolveum.com/mailman/listinfo/midpoint
> >
> >
>
>
> --
> Gustáv Pálos
> Identity Engineer
> evolveum.com
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.evolveum.com/pipermail/midpoint/
> attachments/20170306/3dfbadb0/attachment.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> ------------------------------
>
> End of midPoint Digest, Vol 59, Issue 28
> ****************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170306/c266199d/attachment.htm>
More information about the midPoint
mailing list