[midPoint] Password Reset Email Notifier Configuration
Pálos Gustáv
gustav.palos at evolveum.com
Tue Mar 7 05:26:43 CET 2017
Hi Peter,
on login page you can now see "Forgot Password" link.
Best regards,
Gustav
2017-03-06 23:55 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
> Thanks Gustav, I put the notifier in as you described and it appears to
> have saved OK.
> Now that the notifier is there how can I allow users to actually reset
> passwords via email? Is there a URL I can give them to visit?
>
> Thanks again,
> Peter
>
> On Mon, Mar 6, 2017 at 4:35 PM, <midpoint-request at lists.evolveum.com>
> wrote:
>
>> Send midPoint mailing list submissions to
>> midpoint at lists.evolveum.com
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>> or, via email, send a message with subject or body 'help' to
>> midpoint-request at lists.evolveum.com
>>
>> You can reach the person managing the list at
>> midpoint-owner at lists.evolveum.com
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of midPoint digest..."
>>
>>
>> Today's Topics:
>>
>> 1. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Mon, 6 Mar 2017 22:35:10 +0100
>> From: Pálos Gustáv <gustav.palos at evolveum.com>
>> To: midPoint General Discussion <midpoint at lists.evolveum.com>
>> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
>> Message-ID:
>> <CAPXQVkeypuuT6rbU-G7X57GWGXJAD+viqN7AC9F-SkqV0hoLXA at mail.
>> gmail.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>>
>> you need not to import, but edit configuration --> repository objects -->
>> system configuration -->
>> find section <notificationConfiguration> and put here:
>> <handler>
>> <simpleUserNotifier>
>> .....
>> </simpleUserNotifier>
>> </handler>
>>
>> and please also read & use this:
>> https://wiki.evolveum.com/display/midPoint/Configuring+notifications
>>
>> You can start with redirecting e-mail to file over redirectToFile
>>
>> best regards,
>>
>> Gustav
>>
>> 2017-03-06 22:29 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
>>
>> > Hi Gustav,
>> > I have
>> > Version 3.5
>> > Git describe git-v3.5
>> > Build at Wed, 21 Dec 2016 14:01:34 +0000
>> >
>> > I copied and pasted verbatim from the wiki page into the embedded editor
>> > or the Import Object GUI page, I don't get any output from idm.log but
>> I do
>> > get this in catalina.out:
>> > ==> catalina.out <==
>> > java.lang.ClassCastException
>> >
>> > And the error in the GUI has changed to "Object validation failed (no
>> > reason given)"
>> >
>> > On Mon, Mar 6, 2017 at 3:31 PM, <midpoint-request at lists.evolveum.com>
>> > wrote:
>> >
>> >> Send midPoint mailing list submissions to
>> >> midpoint at lists.evolveum.com
>> >>
>> >> To subscribe or unsubscribe via the World Wide Web, visit
>> >> http://lists.evolveum.com/mailman/listinfo/midpoint
>> >> or, via email, send a message with subject or body 'help' to
>> >> midpoint-request at lists.evolveum.com
>> >>
>> >> You can reach the person managing the list at
>> >> midpoint-owner at lists.evolveum.com
>> >>
>> >> When replying, please edit your Subject line so it is more specific
>> >> than "Re: Contents of midPoint digest..."
>> >>
>> >>
>> >> Today's Topics:
>> >>
>> >> 1. JMS based workflow configuration (Prabhakara Rao Doddapaneni)
>> >> 2. Password Reset Email Notifier Configuration (Peter Healy)
>> >> 3. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
>> >>
>> >>
>> >> ----------------------------------------------------------------------
>> >>
>> >> Message: 1
>> >> Date: Mon, 6 Mar 2017 19:30:26 +0000 (UTC)
>> >> From: Prabhakara Rao Doddapaneni <dp_rao at yahoo.com>
>> >> To: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
>> >> Subject: [midPoint] JMS based workflow configuration
>> >> Message-ID: <1001644321.2237664.1488828626312 at mail.yahoo.com>
>> >> Content-Type: text/plain; charset="utf-8"
>> >>
>> >> One of my resources cannot be configured to respond to sync poll. I
>> plan
>> >> to send a message in JMS Q so that midpoint can listen to that message
>> and
>> >> reconcile/add the user into repository. What is the ideal solution to
>> >> achieve this? has anybody come across this situation?
>> >> Thanks,Prabhakar.
>> >> -------------- next part --------------
>> >> An HTML attachment was scrubbed...
>> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
>> >> 20170306/a715dd11/attachment-0001.html>
>> >>
>> >> ------------------------------
>> >>
>> >> Message: 2
>> >> Date: Mon, 6 Mar 2017 15:24:27 -0500
>> >> From: Peter Healy <phealy3330 at gmail.com>
>> >> To: midpoint at lists.evolveum.com
>> >> Subject: [midPoint] Password Reset Email Notifier Configuration
>> >> Message-ID:
>> >> <CADnbc=wtq+Suhc6LUG-r04OppN4AQshDzgk5wGNf7MScsvzbTQ at mail.
>> >> gmail.com>
>> >> Content-Type: text/plain; charset="utf-8"
>> >>
>> >>
>> >> I am trying to implement:
>> >> https://wiki.evolveum.com/display/midPoint/Reset+Password+
>> Configuration
>> >>
>> >> But I get an error importing the Simple User Notifier XML object that
>> is
>> >> in
>> >> the wiki page:
>> >>
>> >> com.evolveum.midpoint.prism.PrismProperty cannot be cast to
>> >> com.evolveum.midpoint.prism.PrismObject
>> >>
>> >>
>> >> I created and successfully imported this Mail Nonce Policy:
>> >> <valuePolicy xmlns="
>> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> >> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
>> >> xmlns:c="
>> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> >> xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
>> >> xmlns:icfs="
>> >> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
>> >> esource-schema-3
>> >> "
>> >> xmlns:ri="
>> >> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
>> >> oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>> >> version="0">
>> >> <name>Mail Nonce Policy</name>
>> >> <description>Mail Nonce Policy</description>
>> >> <metadata>
>> >> <createTimestamp>2017-03-06T19:56:44.233Z</createTimestamp>
>> >> <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> >> type="c:UserType"><!-- administrator --></creatorRef>
>> >> <createChannel>
>> >> http://midpoint.evolveum.com/xml/ns/public/model/channels-3#
>> objectImport
>> >> </createChannel>
>> >> </metadata>
>> >> <lifetime>
>> >> <expiration>999</expiration>
>> >> <warnBeforeExpiration>9</warnBeforeExpiration>
>> >> <lockAfterExpiration>0</lockAfterExpiration>
>> >> <minPasswordAge>0</minPasswordAge>
>> >> <passwordHistoryLength>0</passwordHistoryLength>
>> >> </lifetime>
>> >> <stringPolicy>
>> >> <description>Testing string policy</description>
>> >> <limitations>
>> >> <minLength>20</minLength>
>> >> <maxLength>20</maxLength>
>> >> <minUniqueChars>3</minUniqueChars>
>> >> <limit>
>> >> <description>Alphas</description>
>> >> <minOccurs>1</minOccurs>
>> >> <mustBeFirst>false</mustBeFirst>
>> >> <characterClass>
>> >>
>> >> <value>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ</value>
>> >> </characterClass>
>> >> </limit>
>> >> <limit>
>> >> <description>Numbers</description>
>> >> <minOccurs>1</minOccurs>
>> >> <mustBeFirst>false</mustBeFirst>
>> >> <characterClass>
>> >> <value>1234567890</value>
>> >> </characterClass>
>> >> </limit>
>> >> </limitations>
>> >> </stringPolicy>
>> >> </valuePolicy>
>> >>
>> >> And I successfully imported this security policy for the Mail reset:
>> >> <securityPolicy xmlns="
>> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> >> xmlns:q="http://prism.evolveu
>> m.com/xml/ns/public/query-3"
>> >> xmlns:c="
>> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> >> xmlns:t="http://prism.evolveu
>> m.com/xml/ns/public/types-3"
>> >> xmlns:icfs="
>> >> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
>> >> esource-schema-3
>> >> "
>> >> xmlns:ri="
>> >> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
>> >> oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
>> >> version="19">
>> >> <name>Mail Reset Security Policy</name>
>> >> <metadata>
>> >> <createTimestamp>2017-02-14T17:10:13.860Z</createTimestamp>
>> >> <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> >> type="c:UserType"><!-- administrator --></creatorRef>
>> >> <createChannel>
>> >> http://midpoint.evolveum.com/xml/ns/public/model/channels-3#
>> objectImport
>> >> </createChannel>
>> >> </metadata>
>> >> <authentication>
>> >> <mailAuthentication>
>> >> <name>confirmationLink</name>
>> >> <displayName>Additional mail authnetication</displayName>
>> >> <mailNonce>mailNonce</mailNonce>
>> >> </mailAuthentication>
>> >> </authentication>
>> >> <credentials>
>> >> <nonce>
>> >> <maxAge>PT2M</maxAge>
>> >> <name>mailNonce</name>
>> >> <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>> >> type="c:ValuePolicyType"><!-- Mail Nonce Policy --></valuePolicyRef>
>> >> </nonce>
>> >> </credentials>
>> >> <credentialsReset>
>> >> <mailReset>
>> >> <name>Reset password using mail</name>
>> >>
>> >> <additionalAuthenticationName>confirmationLink</additionalAut
>> >> henticationName>
>> >> </mailReset>
>> >> </credentialsReset>
>> >> </securityPolicy>
>> >>
>> >> This is the Simple User Notifier form the wiki page:
>> >> <simpleUserNotifier>
>> >> <expressionFilter>
>> >> <script>
>> >> <code>
>> >> import
>> >> com.evolveum.midpoint.notifications.api.events.ModelEvent
>> >> import
>> >> com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType
>> >> import com.evolveum.midpoint.prism.de
>> lta.ChangeType
>> >>
>> >> (event instanceof ModelEvent &&
>> >> event.getChannel().equals("
>> >> http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#re
>> setPassword
>> >> "))
>> >> </code>
>> >> </script>
>> >> </expressionFilter>
>> >> <recipientExpression>
>> >> <script>
>> >> <code>return requestee.getEmailAddress()</code>
>> >> </script>
>> >> </recipientExpression>
>> >> <bodyExpression>
>> >> <script>
>> >> <code>
>> >>
>> >> import
>> >> com.evolveum.midpoint.notifications.api.events.ModelEvent
>> >> modelEvent = (ModelEvent) event
>> >> newUser = modelEvent.getFocusContext().getObjectNew();
>> >> userType = newUser.asObjectable();
>> >>
>> >> link = "
>> >> http://localhost:8080/midpoint/resetPasswordConfrimation/user/" +
>> >> userType.getName().getOrig() +"/token/" +
>> >> midpoint.getPlaintext(userType.getCredentials().getNonce().
>> getValue());
>> >> bodyMessage = "Did you request password reset? If yes,
>> >> click on the link bellow \n" + link
>> >>
>> >> return bodyMessage;
>> >> </code>
>> >> </script>
>> >> </bodyExpression>
>> >> <transport>mail</transport>
>> >> </simpleUserNotifier>
>> >> -------------- next part --------------
>> >> An HTML attachment was scrubbed...
>> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
>> >> 20170306/4448fc63/attachment-0001.html>
>> >>
>> >> ------------------------------
>> >>
>> >> Message: 3
>> >> Date: Mon, 6 Mar 2017 21:31:06 +0100
>> >> From: Pálos Gustáv <gustav.palos at evolveum.com>
>> >> To: midPoint General Discussion <midpoint at lists.evolveum.com>
>> >> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
>> >> Message-ID:
>> >> <CAPXQVkdrEFOqZxKLZFxNtx-2Z=v==PHTzEnkQhjdXcJXY6Mp=g at mail.gm
>> >> ail.com>
>> >> Content-Type: text/plain; charset="utf-8"
>> >>
>> >>
>> >> Hi Peter
>> >>
>> >> I successfully imported Simple User Notifier snippet in midPoint 3.5.
>> What
>> >> version do you try?
>> >> This feature is supported only from v3.5.
>> >>
>> >> If you have same midPoint version, please send more detailed track
>> trace
>> >> from idm.log
>> >>
>> >> Best regards,
>> >>
>> >> Gustav
>> >>
>> >> 2017-03-06 21:24 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
>> >>
>> >> > I am trying to implement:
>> >> > https://wiki.evolveum.com/display/midPoint/Reset+Password+
>> Configuration
>> >> >
>> >> > But I get an error importing the Simple User Notifier XML object
>> that is
>> >> > in the wiki page:
>> >> >
>> >> > com.evolveum.midpoint.prism.PrismProperty cannot be cast to
>> >> > com.evolveum.midpoint.prism.PrismObject
>> >> >
>> >> >
>> >> > I created and successfully imported this Mail Nonce Policy:
>> >> > <valuePolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
>> >> > common/common-3"
>> >> > xmlns:q="http://prism.evolveum
>> .com/xml/ns/public/query-3"
>> >> > xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
>> >> > common/common-3"
>> >> > xmlns:t="http://prism.evolveum
>> .com/xml/ns/public/types-3"
>> >> > xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/
>> >> > connector/icf-1/resource-schema-3"
>> >> > xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/
>> >> > resource/instance-3"
>> >> > oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>> >> > version="0">
>> >> > <name>Mail Nonce Policy</name>
>> >> > <description>Mail Nonce Policy</description>
>> >> > <metadata>
>> >> > <createTimestamp>2017-03-06T19:56:44.233Z</createTimestamp>
>> >> > <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> >> > type="c:UserType"><!-- administrator --></creatorRef>
>> >> > <createChannel>http://midpoint.evolveum.com/xml/ns/
>> >> > public/model/channels-3#objectImport</createChannel>
>> >> > </metadata>
>> >> > <lifetime>
>> >> > <expiration>999</expiration>
>> >> > <warnBeforeExpiration>9</warnBeforeExpiration>
>> >> > <lockAfterExpiration>0</lockAfterExpiration>
>> >> > <minPasswordAge>0</minPasswordAge>
>> >> > <passwordHistoryLength>0</passwordHistoryLength>
>> >> > </lifetime>
>> >> > <stringPolicy>
>> >> > <description>Testing string policy</description>
>> >> > <limitations>
>> >> > <minLength>20</minLength>
>> >> > <maxLength>20</maxLength>
>> >> > <minUniqueChars>3</minUniqueChars>
>> >> > <limit>
>> >> > <description>Alphas</description>
>> >> > <minOccurs>1</minOccurs>
>> >> > <mustBeFirst>false</mustBeFirst>
>> >> > <characterClass>
>> >> > <value>abcdefghijklmnopqrstuvwxyzABCD
>> >> > EFGHIJKLMNOPQRSTUVWXYZ</value>
>> >> > </characterClass>
>> >> > </limit>
>> >> > <limit>
>> >> > <description>Numbers</description>
>> >> > <minOccurs>1</minOccurs>
>> >> > <mustBeFirst>false</mustBeFirst>
>> >> > <characterClass>
>> >> > <value>1234567890</value>
>> >> > </characterClass>
>> >> > </limit>
>> >> > </limitations>
>> >> > </stringPolicy>
>> >> > </valuePolicy>
>> >> >
>> >> > And I successfully imported this security policy for the Mail reset:
>> >> > <securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/
>> >> > common/common-3"
>> >> > xmlns:q="http://prism.evolveu
>> >> m.com/xml/ns/public/query-3"
>> >> > xmlns:c="http://midpoint.evolveum.com/xml/ns/public/
>> >> > common/common-3"
>> >> > xmlns:t="http://prism.evolveu
>> >> m.com/xml/ns/public/types-3"
>> >> > xmlns:icfs="http://midpoint.e
>> volveum.com/xml/ns/public/
>> >> > connector/icf-1/resource-schema-3"
>> >> > xmlns:ri="http://midpoint.evo
>> lveum.com/xml/ns/public/
>> >> > resource/instance-3"
>> >> > oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
>> >> > version="19">
>> >> > <name>Mail Reset Security Policy</name>
>> >> > <metadata>
>> >> > <createTimestamp>2017-02-14T17:10:13.860Z</createTimestamp>
>> >> > <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> >> > type="c:UserType"><!-- administrator --></creatorRef>
>> >> > <createChannel>http://midpoint.evolveum.com/xml/ns/
>> >> > public/model/channels-3#objectImport</createChannel>
>> >> > </metadata>
>> >> > <authentication>
>> >> > <mailAuthentication>
>> >> > <name>confirmationLink</name>
>> >> > <displayName>Additional mail authnetication</displayName>
>> >> > <mailNonce>mailNonce</mailNonce>
>> >> > </mailAuthentication>
>> >> > </authentication>
>> >> > <credentials>
>> >> > <nonce>
>> >> > <maxAge>PT2M</maxAge>
>> >> > <name>mailNonce</name>
>> >> > <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
>> >> > type="c:ValuePolicyType"><!-- Mail Nonce Policy --></valuePolicyRef>
>> >> > </nonce>
>> >> > </credentials>
>> >> > <credentialsReset>
>> >> > <mailReset>
>> >> > <name>Reset password using mail</name>
>> >> > <additionalAuthenticationName>confirmationLink</
>> >> > additionalAuthenticationName>
>> >> > </mailReset>
>> >> > </credentialsReset>
>> >> > </securityPolicy>
>> >> >
>> >> > This is the Simple User Notifier form the wiki page:
>> >> > <simpleUserNotifier>
>> >> > <expressionFilter>
>> >> > <script>
>> >> > <code>
>> >> > import com.evolveum.midpoint.notifica
>> >> tions.api.events.
>> >> > ModelEvent
>> >> > import com.evolveum.midpoint.xml.ns._
>> >> > public.common.common_3.OrgType
>> >> > import com.evolveum.midpoint.prism.de
>> lta.ChangeType
>> >> >
>> >> > (event instanceof ModelEvent &&
>> >> > event.getChannel().equals("http://midpoint.evolveum.com/xml/
>> >> > ns/public/gui/channels-3#resetPassword"))
>> >> > </code>
>> >> > </script>
>> >> > </expressionFilter>
>> >> > <recipientExpression>
>> >> > <script>
>> >> > <code>return requestee.getEmailAddress()</code>
>> >> > </script>
>> >> > </recipientExpression>
>> >> > <bodyExpression>
>> >> > <script>
>> >> > <code>
>> >> >
>> >> > import com.evolveum.midpoint.notifica
>> tions.api.events.
>> >> > ModelEvent
>> >> > modelEvent = (ModelEvent) event
>> >> > newUser = modelEvent.getFocusContext().g
>> etObjectNew();
>> >> > userType = newUser.asObjectable();
>> >> >
>> >> > link = "http://localhost:8080/midpoint/
>> >> > resetPasswordConfrimation/user/" + userType.getName().getOrig()
>> >> > +"/token/" + midpoint.getPlaintext(userType.getCredentials().
>> >> > getNonce().getValue());
>> >> > bodyMessage = "Did you request password reset? If
>> yes,
>> >> > click on the link bellow \n" + link
>> >> >
>> >> > return bodyMessage;
>> >> > </code>
>> >> > </script>
>> >> > </bodyExpression>
>> >> > <transport>mail</transport>
>> >> > </simpleUserNotifier>
>> >> >
>> >> > _______________________________________________
>> >> > midPoint mailing list
>> >> > midPoint at lists.evolveum.com
>> >> > http://lists.evolveum.com/mailman/listinfo/midpoint
>> >> >
>> >> >
>> >>
>> >>
>> >> --
>> >> Gustáv Pálos
>> >> Identity Engineer
>> >> evolveum.com
>> >> -------------- next part --------------
>> >> An HTML attachment was scrubbed...
>> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
>> >> 20170306/85ab3d27/attachment.html>
>> >>
>> >> ------------------------------
>> >>
>> >> Subject: Digest Footer
>> >>
>> >> _______________________________________________
>> >> midPoint mailing list
>> >> midPoint at lists.evolveum.com
>> >> http://lists.evolveum.com/mailman/listinfo/midpoint
>> >>
>> >>
>> >> ------------------------------
>> >>
>> >> End of midPoint Digest, Vol 59, Issue 26
>> >> ****************************************
>> >>
>> >
>> >
>> > _______________________________________________
>> > midPoint mailing list
>> > midPoint at lists.evolveum.com
>> > http://lists.evolveum.com/mailman/listinfo/midpoint
>> >
>> >
>>
>>
>> --
>> Gustáv Pálos
>> Identity Engineer
>> evolveum.com
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
>> 20170306/3dfbadb0/attachment.html>
>>
>> ------------------------------
>>
>> Subject: Digest Footer
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>> ------------------------------
>>
>> End of midPoint Digest, Vol 59, Issue 28
>> ****************************************
>>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
--
Gustáv Pálos
Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170307/c28dfbb3/attachment.htm>
More information about the midPoint
mailing list