[midPoint] Password Reset Email Notifier Configuration

Peter Healy phealy3330 at gmail.com
Thu Mar 9 19:55:01 CET 2017


Hi Gustav,
Thank you, it works!
I set the global policy to the Mail Reset, that made the link appear.

I do have a couple of remaining questions.

1. While we get our email relay set up I am temporarily using gmail. I get
this error in the logs when trying to use gmail:
 The ssl 2017-03-09 15:53:04,632 [] [http-nio-8080-exec-10] ERROR
(com.evolveum.midpoint.notifications.impl.api.transports.MailTransport):
Couldn't send mail message to [peter.healy at odhsolutions.com] via
smtp.gmail.com, trying another mail server, if there is any, reason: Could
not convert socket to TLS (class javax.mail.MessagingException)

Which I believe is related to the gmail certificate not being in the trust
store.
So I used "openssl s_client -starttls smtp -connect smtp.gmail.com:587"
to get the PEM certificate and then imported with
"keytool -keystore /var/opt/midpoint/keystore.jceks -storetype jceks
-storepass [$PASSWORD] -import -alias smtp.gmail.com -trustcacerts -file
gmail.cert"

But it still doesn't work with the gmail relay, same error:
2017-03-09 18:45:38,945 [] [http-nio-8080-exec-7] ERROR
(com.evolveum.midpoint.notifications.impl.api.transports.MailTransport):
Couldn't send mail message to [peter.healy at odhsolutions.com] via
smtp.gmail.com, trying another mail server, if there is any, reason: Could
not convert socket to TLS (class javax.mail.MessagingException)

Do you have any advice on managing the trust store or what could be going
on here?

In the meantime I setup a temporary Debian based exim4 relay that Midpoint
connects to on port 25 with no authentication. This is working right now.

2. When an email can't be sent from the forgot password page I see:
 [Warning: Property for 'PageForgotPassword.send.nonce.failed' not found]

Is this because I have not defined an error page for when the reset
password email can't be sent?
Where can I set this property and what kind of format is it? (HTML, XHTML,
etc.)

Thank you again!
-Peter

On Wed, Mar 8, 2017 at 1:59 AM, <midpoint-request at lists.evolveum.com> wrote:

> Send midPoint mailing list submissions to
>         midpoint at lists.evolveum.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.evolveum.com/mailman/listinfo/midpoint
> or, via email, send a message with subject or body 'help' to
>         midpoint-request at lists.evolveum.com
>
> You can reach the person managing the list at
>         midpoint-owner at lists.evolveum.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of midPoint digest..."
>
>
> Today's Topics:
>
>    1. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 8 Mar 2017 07:58:30 +0100
> From: Pálos Gustáv <gustav.palos at evolveum.com>
> To: midPoint General Discussion <midpoint at lists.evolveum.com>
> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
> Message-ID:
>         <CAPXQVkc+FsidMQEgeeh-V=1t=2i8LJ4vLuZ8cY8W0euJoYqVPQ at mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> and do you also set Global security policy to "Mail Reset Security Policy"
> in Configuration-->System-->Basic?
> (or assigned to org where do you need this or another mechanism to enable
> it?)
>
> Best regards,
>
> Gustav
>
> 2017-03-08 0:23 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
>
> > Yes, I followed that document, excluding the custom form at the end.
> >
> > First I created a new ValuePolicy object named "Mail Nonce Policy", then
> I
> > created a new SecurityPolicy object named "Mail Reset Security Policy"
> > based on the wiki example (titled "Reset password by mail configuration")
> > and used to OID of the Mail Nonce Policy I created where needed.
> >
> > Then I copied the "Example for notification configuration" changing the
> > URL to the hostname of my install and as you suggested copied that into a
> > <handler> block underneath    <notificationConfiguration>  into the
> System
> > Configuration object.
> >
> >
> >
> > On Tue, Mar 7, 2017 at 3:13 PM, <midpoint-request at lists.evolveum.com>
> > wrote:
> >
> >> Send midPoint mailing list submissions to
> >>         midpoint at lists.evolveum.com
> >>
> >> To subscribe or unsubscribe via the World Wide Web, visit
> >>         http://lists.evolveum.com/mailman/listinfo/midpoint
> >> or, via email, send a message with subject or body 'help' to
> >>         midpoint-request at lists.evolveum.com
> >>
> >> You can reach the person managing the list at
> >>         midpoint-owner at lists.evolveum.com
> >>
> >> When replying, please edit your Subject line so it is more specific
> >> than "Re: Contents of midPoint digest..."
> >>
> >>
> >> Today's Topics:
> >>
> >>    1. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
> >>
> >>
> >> ----------------------------------------------------------------------
> >>
> >> Message: 1
> >> Date: Tue, 7 Mar 2017 21:13:24 +0100
> >> From: Pálos Gustáv <gustav.palos at gmail.com>
> >> To: midPoint General Discussion <midpoint at lists.evolveum.com>
> >> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
> >> Message-ID:
> >>         <CAPXQVkc5mbrY05xtV3SKLJ8DH_sOLtoKDYVuY06iain86PoXgg at mail.gm
> >> ail.com>
> >> Content-Type: text/plain; charset="utf-8"
> >>
> >>
> >> Hi,
> >>
> >> are you done with this?
> >> https://wiki.evolveum.com/display/midPoint/Reset+Password+
> >> Configuration#ResetPasswordConfiguration-EnablingResetPassword
> >> To enable reset password feature, it is needed to configure it in
> security
> >> policy referenced from system configuration.
> >>
> >> best regards,
> >>
> >> Gustav
> >>
> >> 2017-03-07 19:06 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
> >>
> >> > Hi Gustav, I don't see the forgot password link on the login page at
> >> > "midpoint/login?0"
> >> > Where should I check to make this link active? Is there another step I
> >> > have to take?
> >> >
> >> > Thanks,
> >> > Peter
> >> >
> >> > On Mon, Mar 6, 2017 at 11:27 PM, <midpoint-request at lists.evolveum.com
> >
> >> > wrote:
> >> >
> >> >> Send midPoint mailing list submissions to
> >> >>         midpoint at lists.evolveum.com
> >> >>
> >> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> >>         http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> or, via email, send a message with subject or body 'help' to
> >> >>         midpoint-request at lists.evolveum.com
> >> >>
> >> >> You can reach the person managing the list at
> >> >>         midpoint-owner at lists.evolveum.com
> >> >>
> >> >> When replying, please edit your Subject line so it is more specific
> >> >> than "Re: Contents of midPoint digest..."
> >> >>
> >> >>
> >> >> Today's Topics:
> >> >>
> >> >>    1. Re: Password Reset Email Notifier Configuration (Pálos Gustáv)
> >> >>
> >> >>
> >> >> ------------------------------------------------------------
> ----------
> >> >>
> >> >> Message: 1
> >> >> Date: Tue, 7 Mar 2017 05:26:43 +0100
> >> >> From: Pálos Gustáv <gustav.palos at evolveum.com>
> >> >> To: midPoint General Discussion <midpoint at lists.evolveum.com>
> >> >> Subject: Re: [midPoint] Password Reset Email Notifier Configuration
> >> >> Message-ID:
> >> >>         <CAPXQVkfi2=rVEu4VtKZJFaJMAJ4psGzyrpruz3vfJ2-EKeYAKw at mail.gm
> >> >> ail.com>
> >> >> Content-Type: text/plain; charset="utf-8"
> >> >>
> >> >> Hi Peter,
> >> >>
> >> >> on login page you can now see "Forgot Password" link.
> >> >>
> >> >> Best regards,
> >> >>
> >> >> Gustav
> >> >>
> >> >> 2017-03-06 23:55 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
> >> >>
> >> >> > Thanks Gustav, I put the notifier in as you described and it
> appears
> >> to
> >> >> > have saved OK.
> >> >> > Now that the notifier is there how can I allow users to actually
> >> reset
> >> >> > passwords via email? Is there a URL I can give them to visit?
> >> >> >
> >> >> > Thanks again,
> >> >> > Peter
> >> >> >
> >> >> > On Mon, Mar 6, 2017 at 4:35 PM, <midpoint-request at lists.
> evolveum.com
> >> >
> >> >> > wrote:
> >> >> >
> >> >> >> Send midPoint mailing list submissions to
> >> >> >>         midpoint at lists.evolveum.com
> >> >> >>
> >> >> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> >> >>         http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> >> or, via email, send a message with subject or body 'help' to
> >> >> >>         midpoint-request at lists.evolveum.com
> >> >> >>
> >> >> >> You can reach the person managing the list at
> >> >> >>         midpoint-owner at lists.evolveum.com
> >> >> >>
> >> >> >> When replying, please edit your Subject line so it is more
> specific
> >> >> >> than "Re: Contents of midPoint digest..."
> >> >> >>
> >> >> >>
> >> >> >> Today's Topics:
> >> >> >>
> >> >> >>    1. Re: Password Reset Email Notifier Configuration (Pálos
> Gustáv)
> >> >> >>
> >> >> >>
> >> >> >> ------------------------------------------------------------
> >> ----------
> >> >> >>
> >> >> >> Message: 1
> >> >> >> Date: Mon, 6 Mar 2017 22:35:10 +0100
> >> >> >> From: Pálos Gustáv <gustav.palos at evolveum.com>
> >> >> >> To: midPoint General Discussion <midpoint at lists.evolveum.com>
> >> >> >> Subject: Re: [midPoint] Password Reset Email Notifier
> Configuration
> >> >> >> Message-ID:
> >> >> >>         <CAPXQVkeypuuT6rbU-G7X57GWGXJAD+viqN7AC9F-
> SkqV0hoLXA at mail.
> >> >> >> gmail.com>
> >> >> >> Content-Type: text/plain; charset="utf-8"
> >> >> >>
> >> >> >>
> >> >> >> you need not to import, but edit configuration --> repository
> >> objects
> >> >> -->
> >> >> >> system configuration -->
> >> >> >> find section <notificationConfiguration> and put here:
> >> >> >>   <handler>
> >> >> >>          <simpleUserNotifier>
> >> >> >>   .....
> >> >> >>          </simpleUserNotifier>
> >> >> >>   </handler>
> >> >> >>
> >> >> >> and please also read & use this:
> >> >> >> https://wiki.evolveum.com/display/midPoint/Configuring+notif
> >> ications
> >> >> >>
> >> >> >> You can start with redirecting e-mail to file over redirectToFile
> >> >> >>
> >> >> >> best regards,
> >> >> >>
> >> >> >> Gustav
> >> >> >>
> >> >> >> 2017-03-06 22:29 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
> >> >> >>
> >> >> >> > Hi Gustav,
> >> >> >> > I have
> >> >> >> > Version 3.5
> >> >> >> > Git describe git-v3.5
> >> >> >> > Build at Wed, 21 Dec 2016 14:01:34 +0000
> >> >> >> >
> >> >> >> > I copied and pasted verbatim from the wiki page into the
> embedded
> >> >> editor
> >> >> >> > or the Import Object GUI page, I don't get any output from
> idm.log
> >> >> but
> >> >> >> I do
> >> >> >> > get this in catalina.out:
> >> >> >> > ==> catalina.out <==
> >> >> >> > java.lang.ClassCastException
> >> >> >> >
> >> >> >> > And the error in the GUI has changed to "Object validation
> failed
> >> (no
> >> >> >> > reason given)"
> >> >> >> >
> >> >> >> > On Mon, Mar 6, 2017 at 3:31 PM, <midpoint-request at lists.evolve
> >> um.com
> >> >> >
> >> >> >> > wrote:
> >> >> >> >
> >> >> >> >> Send midPoint mailing list submissions to
> >> >> >> >>         midpoint at lists.evolveum.com
> >> >> >> >>
> >> >> >> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> >> >> >>         http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> >> >> or, via email, send a message with subject or body 'help' to
> >> >> >> >>         midpoint-request at lists.evolveum.com
> >> >> >> >>
> >> >> >> >> You can reach the person managing the list at
> >> >> >> >>         midpoint-owner at lists.evolveum.com
> >> >> >> >>
> >> >> >> >> When replying, please edit your Subject line so it is more
> >> specific
> >> >> >> >> than "Re: Contents of midPoint digest..."
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> Today's Topics:
> >> >> >> >>
> >> >> >> >>    1. JMS based workflow configuration (Prabhakara Rao
> >> Doddapaneni)
> >> >> >> >>    2. Password Reset Email Notifier Configuration (Peter Healy)
> >> >> >> >>    3. Re: Password Reset Email Notifier Configuration (Pálos
> >> Gustáv)
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> ------------------------------------------------------------
> >> >> ----------
> >> >> >> >>
> >> >> >> >> Message: 1
> >> >> >> >> Date: Mon, 6 Mar 2017 19:30:26 +0000 (UTC)
> >> >> >> >> From: Prabhakara Rao Doddapaneni <dp_rao at yahoo.com>
> >> >> >> >> To: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com
> >
> >> >> >> >> Subject: [midPoint] JMS based workflow configuration
> >> >> >> >> Message-ID: <1001644321.2237664.1488828626312 at mail.yahoo.com>
> >> >> >> >> Content-Type: text/plain; charset="utf-8"
> >> >> >> >>
> >> >> >> >> One of my resources cannot be configured to respond to sync
> >> poll.  I
> >> >> >> plan
> >> >> >> >> to send a message in JMS Q so that midpoint can listen to that
> >> >> message
> >> >> >> and
> >> >> >> >> reconcile/add the user into repository.  What is the ideal
> >> solution
> >> >> to
> >> >> >> >> achieve this?  has anybody come across this situation?
> >> >> >> >> Thanks,Prabhakar.
> >> >> >> >> -------------- next part --------------
> >> >> >> >> An HTML attachment was scrubbed...
> >> >> >> >> URL: <http://lists.evolveum.com/pipermail/midpoint/
> attachments/
> >> >> >> >> 20170306/a715dd11/attachment-0001.html>
> >> >> >> >>
> >> >> >> >> ------------------------------
> >> >> >> >>
> >> >> >> >> Message: 2
> >> >> >> >> Date: Mon, 6 Mar 2017 15:24:27 -0500
> >> >> >> >> From: Peter Healy <phealy3330 at gmail.com>
> >> >> >> >> To: midpoint at lists.evolveum.com
> >> >> >> >> Subject: [midPoint] Password Reset Email Notifier Configuration
> >> >> >> >> Message-ID:
> >> >> >> >>         <CADnbc=wtq+Suhc6LUG-r04OppN4
> >> AQshDzgk5wGNf7MScsvzbTQ at mail.
> >> >> >> >> gmail.com>
> >> >> >> >> Content-Type: text/plain; charset="utf-8"
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> I am trying to implement:
> >> >> >> >> https://wiki.evolveum.com/display/midPoint/Reset+Password+
> >> >> >> Configuration
> >> >> >> >>
> >> >> >> >> But I get an error importing the Simple User Notifier XML
> object
> >> >> that
> >> >> >> is
> >> >> >> >> in
> >> >> >> >> the wiki page:
> >> >> >> >>
> >> >> >> >> com.evolveum.midpoint.prism.PrismProperty cannot be cast to
> >> >> >> >> com.evolveum.midpoint.prism.PrismObject
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> I created and successfully imported this Mail Nonce Policy:
> >> >> >> >> <valuePolicy xmlns="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> >> >> >>              xmlns:q="http://prism.evolveum
> >> >> .com/xml/ns/public/query-3"
> >> >> >> >>              xmlns:c="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> >> >> >>              xmlns:t="http://prism.evolveum
> >> >> .com/xml/ns/public/types-3"
> >> >> >> >>              xmlns:icfs="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
> >> >> >> >> esource-schema-3
> >> >> >> >> "
> >> >> >> >>              xmlns:ri="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3
> "
> >> >> >> >>              oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> >> >> >> >>              version="0">
> >> >> >> >>    <name>Mail Nonce Policy</name>
> >> >> >> >>    <description>Mail Nonce Policy</description>
> >> >> >> >>    <metadata>
> >> >> >> >>       <createTimestamp>2017-03-06T1
> >> 9:56:44.233Z</createTimestamp>
> >> >> >> >>       <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> >> >> >> type="c:UserType"><!-- administrator --></creatorRef>
> >> >> >> >>       <createChannel>
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/model/channels-3#
> >> >> >> objectImport
> >> >> >> >> </createChannel>
> >> >> >> >>    </metadata>
> >> >> >> >>    <lifetime>
> >> >> >> >>       <expiration>999</expiration>
> >> >> >> >>       <warnBeforeExpiration>9</warnBeforeExpiration>
> >> >> >> >>       <lockAfterExpiration>0</lockAfterExpiration>
> >> >> >> >>       <minPasswordAge>0</minPasswordAge>
> >> >> >> >>       <passwordHistoryLength>0</passwordHistoryLength>
> >> >> >> >>    </lifetime>
> >> >> >> >>    <stringPolicy>
> >> >> >> >>       <description>Testing string policy</description>
> >> >> >> >>       <limitations>
> >> >> >> >>          <minLength>20</minLength>
> >> >> >> >>          <maxLength>20</maxLength>
> >> >> >> >>          <minUniqueChars>3</minUniqueChars>
> >> >> >> >>          <limit>
> >> >> >> >>             <description>Alphas</description>
> >> >> >> >>             <minOccurs>1</minOccurs>
> >> >> >> >>             <mustBeFirst>false</mustBeFirst>
> >> >> >> >>             <characterClass>
> >> >> >> >>
> >> >> >> >>  <value>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ<
> >> >> /value>
> >> >> >> >>             </characterClass>
> >> >> >> >>          </limit>
> >> >> >> >>          <limit>
> >> >> >> >>             <description>Numbers</description>
> >> >> >> >>             <minOccurs>1</minOccurs>
> >> >> >> >>             <mustBeFirst>false</mustBeFirst>
> >> >> >> >>             <characterClass>
> >> >> >> >>                <value>1234567890</value>
> >> >> >> >>             </characterClass>
> >> >> >> >>          </limit>
> >> >> >> >>       </limitations>
> >> >> >> >>    </stringPolicy>
> >> >> >> >> </valuePolicy>
> >> >> >> >>
> >> >> >> >> And I successfully imported this security policy for the Mail
> >> reset:
> >> >> >> >> <securityPolicy xmlns="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> >> >> >>                 xmlns:q="http://prism.evolveu
> >> >> >> m.com/xml/ns/public/query-3"
> >> >> >> >>                 xmlns:c="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> >> >> >> >>                 xmlns:t="http://prism.evolveu
> >> >> >> m.com/xml/ns/public/types-3"
> >> >> >> >>                 xmlns:icfs="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/r
> >> >> >> >> esource-schema-3
> >> >> >> >> "
> >> >> >> >>                 xmlns:ri="
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3
> "
> >> >> >> >>                 oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
> >> >> >> >>                 version="19">
> >> >> >> >>    <name>Mail Reset Security Policy</name>
> >> >> >> >>    <metadata>
> >> >> >> >>       <createTimestamp>2017-02-14T1
> >> 7:10:13.860Z</createTimestamp>
> >> >> >> >>       <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> >> >> >> type="c:UserType"><!-- administrator --></creatorRef>
> >> >> >> >>       <createChannel>
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/model/channels-3#
> >> >> >> objectImport
> >> >> >> >> </createChannel>
> >> >> >> >>    </metadata>
> >> >> >> >>    <authentication>
> >> >> >> >>       <mailAuthentication>
> >> >> >> >>          <name>confirmationLink</name>
> >> >> >> >>          <displayName>Additional mail
> >> authnetication</displayName>
> >> >> >> >>          <mailNonce>mailNonce</mailNonce>
> >> >> >> >>       </mailAuthentication>
> >> >> >> >>    </authentication>
> >> >> >> >>    <credentials>
> >> >> >> >>       <nonce>
> >> >> >> >>          <maxAge>PT2M</maxAge>
> >> >> >> >>          <name>mailNonce</name>
> >> >> >> >>          <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e
> >> 7f8993593a0"
> >> >> >> >> type="c:ValuePolicyType"><!-- Mail Nonce Policy
> >> --></valuePolicyRef>
> >> >> >> >>       </nonce>
> >> >> >> >>    </credentials>
> >> >> >> >>    <credentialsReset>
> >> >> >> >>       <mailReset>
> >> >> >> >>          <name>Reset password using mail</name>
> >> >> >> >>
> >> >> >> >>  <additionalAuthenticationName>confirmationLink</additionalAut
> >> >> >> >> henticationName>
> >> >> >> >>       </mailReset>
> >> >> >> >>    </credentialsReset>
> >> >> >> >> </securityPolicy>
> >> >> >> >>
> >> >> >> >> This is the Simple User Notifier form the wiki page:
> >> >> >> >> <simpleUserNotifier>
> >> >> >> >>     <expressionFilter>
> >> >> >> >>         <script>
> >> >> >> >>             <code>
> >> >> >> >>                     import
> >> >> >> >> com.evolveum.midpoint.notifications.api.events.ModelEvent
> >> >> >> >>                     import
> >> >> >> >> com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType
> >> >> >> >>                     import com.evolveum.midpoint.prism.de
> >> >> >> lta.ChangeType
> >> >> >> >>
> >> >> >> >>                    (event instanceof ModelEvent &&
> >> >> >> >> event.getChannel().equals("
> >> >> >> >> http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#re
> >> >> >> setPassword
> >> >> >> >> "))
> >> >> >> >>             </code>
> >> >> >> >>         </script>
> >> >> >> >>     </expressionFilter>
> >> >> >> >>     <recipientExpression>
> >> >> >> >>         <script>
> >> >> >> >>             <code>return requestee.getEmailAddress()</code>
> >> >> >> >>         </script>
> >> >> >> >>     </recipientExpression>
> >> >> >> >>     <bodyExpression>
> >> >> >> >>         <script>
> >> >> >> >>             <code>
> >> >> >> >>
> >> >> >> >>                 import
> >> >> >> >> com.evolveum.midpoint.notifications.api.events.ModelEvent
> >> >> >> >>                 modelEvent = (ModelEvent) event
> >> >> >> >>                 newUser = modelEvent.getFocusContext().g
> >> >> etObjectNew();
> >> >> >> >>                 userType = newUser.asObjectable();
> >> >> >> >>
> >> >> >> >>                 link = "
> >> >> >> >> http://localhost:8080/midpoint/resetPasswordConfrimation/user/
> "
> >> +
> >> >> >> >> userType.getName().getOrig() +"/token/" +
> >> >> >> >> midpoint.getPlaintext(userType.getCredentials().getNonce().
> >> >> >> getValue());
> >> >>
> >> >> >> >>                 bodyMessage = "Did you request password reset?
> If
> >> >> yes,
> >> >> >> >> click on the link bellow \n" + link
> >> >> >> >>
> >> >> >> >>                 return bodyMessage;
> >> >> >> >>             </code>
> >> >> >> >>         </script>
> >> >> >> >>     </bodyExpression>
> >> >> >> >>     <transport>mail</transport>
> >> >> >> >> </simpleUserNotifier>
> >> >> >> >> -------------- next part --------------
> >> >> >> >> An HTML attachment was scrubbed...
> >> >> >> >> URL: <http://lists.evolveum.com/pipermail/midpoint/
> attachments/
> >> >> >> >> 20170306/4448fc63/attachment-0001.html>
> >> >> >> >>
> >> >> >> >> ------------------------------
> >> >> >> >>
> >> >> >> >> Message: 3
> >> >> >> >> Date: Mon, 6 Mar 2017 21:31:06 +0100
> >> >> >> >> From: Pálos Gustáv <gustav.palos at evolveum.com>
> >> >> >> >> To: midPoint General Discussion <midpoint at lists.evolveum.com>
> >> >> >> >> Subject: Re: [midPoint] Password Reset Email Notifier
> >> Configuration
> >> >> >> >> Message-ID:
> >> >> >> >>         <CAPXQVkdrEFOqZxKLZFxNtx-2Z=
> >> v==PHTzEnkQhjdXcJXY6Mp=g at mail.
> >> >> gm
> >> >> >> >> ail.com>
> >> >> >> >> Content-Type: text/plain; charset="utf-8"
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> Hi Peter
> >> >> >> >>
> >> >> >> >> I successfully imported Simple User Notifier snippet in
> midPoint
> >> >> 3.5.
> >> >> >> What
> >> >> >> >> version do you try?
> >> >> >> >> This feature is supported only from v3.5.
> >> >> >> >>
> >> >> >> >> If you have same midPoint version, please send more detailed
> >> track
> >> >> >> trace
> >> >> >> >> from idm.log
> >> >> >> >>
> >> >> >> >> Best regards,
> >> >> >> >>
> >> >> >> >> Gustav
> >> >> >> >>
> >> >> >> >> 2017-03-06 21:24 GMT+01:00 Peter Healy <phealy3330 at gmail.com>:
> >> >> >> >>
> >> >> >> >> > I am trying to implement:
> >> >> >> >> > https://wiki.evolveum.com/display/midPoint/Reset+Password+
> >> >> >> Configuration
> >> >> >> >> >
> >> >> >> >> > But I get an error importing the Simple User Notifier XML
> >> object
> >> >> >> that is
> >> >> >> >> > in the wiki page:
> >> >> >> >> >
> >> >> >> >> > com.evolveum.midpoint.prism.PrismProperty cannot be cast to
> >> >> >> >> > com.evolveum.midpoint.prism.PrismObject
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> > I created and successfully imported this Mail Nonce Policy:
> >> >> >> >> > <valuePolicy xmlns="http://midpoint.evolveu
> >> m.com/xml/ns/public/
> >> >> >> >> > common/common-3"
> >> >> >> >> >              xmlns:q="http://prism.evolveum
> >> >> >> .com/xml/ns/public/query-3"
> >> >> >> >> >              xmlns:c="http://midpoint.evolv
> >> eum.com/xml/ns/public/
> >> >> >> >> > common/common-3"
> >> >> >> >> >              xmlns:t="http://prism.evolveum
> >> >> >> .com/xml/ns/public/types-3"
> >> >> >> >> >              xmlns:icfs="http://midpoint.ev
> >> >> olveum.com/xml/ns/public/
> >> >> >> >> > connector/icf-1/resource-schema-3"
> >> >> >> >> >              xmlns:ri="http://midpoint.evol
> >> >> veum.com/xml/ns/public/
> >> >> >> >> > resource/instance-3"
> >> >> >> >> >              oid="c0c8a80d-1818-42d1-b3ad-e7f8993593a0"
> >> >> >> >> >              version="0">
> >> >> >> >> >    <name>Mail Nonce Policy</name>
> >> >> >> >> >    <description>Mail Nonce Policy</description>
> >> >> >> >> >    <metadata>
> >> >> >> >> >       <createTimestamp>2017-03-06T1
> >> 9:56:44.233Z</createTimestamp>
> >> >> >> >> >       <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> >> >> >> > type="c:UserType"><!-- administrator --></creatorRef>
> >> >> >> >> >       <createChannel>http://midpoint.evolveum.com/xml/ns/
> >> >> >> >> > public/model/channels-3#objectImport</createChannel>
> >> >> >> >> >    </metadata>
> >> >> >> >> >    <lifetime>
> >> >> >> >> >       <expiration>999</expiration>
> >> >> >> >> >       <warnBeforeExpiration>9</warnBeforeExpiration>
> >> >> >> >> >       <lockAfterExpiration>0</lockAfterExpiration>
> >> >> >> >> >       <minPasswordAge>0</minPasswordAge>
> >> >> >> >> >       <passwordHistoryLength>0</passwordHistoryLength>
> >> >> >> >> >    </lifetime>
> >> >> >> >> >    <stringPolicy>
> >> >> >> >> >       <description>Testing string policy</description>
> >> >> >> >> >       <limitations>
> >> >> >> >> >          <minLength>20</minLength>
> >> >> >> >> >          <maxLength>20</maxLength>
> >> >> >> >> >          <minUniqueChars>3</minUniqueChars>
> >> >> >> >> >          <limit>
> >> >> >> >> >             <description>Alphas</description>
> >> >> >> >> >             <minOccurs>1</minOccurs>
> >> >> >> >> >             <mustBeFirst>false</mustBeFirst>
> >> >> >> >> >             <characterClass>
> >> >> >> >> >                <value>abcdefghijklmnopqrstuvwxyzABCD
> >> >> >> >> > EFGHIJKLMNOPQRSTUVWXYZ</value>
> >> >> >> >> >             </characterClass>
> >> >> >> >> >          </limit>
> >> >> >> >> >          <limit>
> >> >> >> >> >             <description>Numbers</description>
> >> >> >> >> >             <minOccurs>1</minOccurs>
> >> >> >> >> >             <mustBeFirst>false</mustBeFirst>
> >> >> >> >> >             <characterClass>
> >> >> >> >> >                <value>1234567890</value>
> >> >> >> >> >             </characterClass>
> >> >> >> >> >          </limit>
> >> >> >> >> >       </limitations>
> >> >> >> >> >    </stringPolicy>
> >> >> >> >> > </valuePolicy>
> >> >> >> >> >
> >> >> >> >> > And I successfully imported this security policy for the Mail
> >> >> reset:
> >> >> >> >> > <securityPolicy xmlns="http://midpoint.evolveu
> >> >> m.com/xml/ns/public/
> >> >> >> >> > common/common-3"
> >> >> >> >> >                 xmlns:q="http://prism.evolveu
> >> >> >> >> m.com/xml/ns/public/query-3"
> >> >> >> >> >                 xmlns:c="http://midpoint.evol
> >> >> veum.com/xml/ns/public/
> >> >> >> >> > common/common-3"
> >> >> >> >> >                 xmlns:t="http://prism.evolveu
> >> >> >> >> m.com/xml/ns/public/types-3"
> >> >> >> >> >                 xmlns:icfs="http://midpoint.e
> >> >> >> volveum.com/xml/ns/public/
> >> >> >> >> > connector/icf-1/resource-schema-3"
> >> >> >> >> >                 xmlns:ri="http://midpoint.evo
> >> >> >> lveum.com/xml/ns/public/
> >> >> >> >> > resource/instance-3"
> >> >> >> >> >                 oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
> >> >> >> >> >                 version="19">
> >> >> >> >> >    <name>Mail Reset Security Policy</name>
> >> >> >> >> >    <metadata>
> >> >> >> >> >       <createTimestamp>2017-02-14T1
> >> 7:10:13.860Z</createTimestamp>
> >> >> >> >> >       <creatorRef oid="00000000-0000-0000-0000-000000000002"
> >> >> >> >> > type="c:UserType"><!-- administrator --></creatorRef>
> >> >> >> >> >       <createChannel>http://midpoint.evolveum.com/xml/ns/
> >> >> >> >> > public/model/channels-3#objectImport</createChannel>
> >> >> >> >> >    </metadata>
> >> >> >> >> >    <authentication>
> >> >> >> >> >       <mailAuthentication>
> >> >> >> >> >          <name>confirmationLink</name>
> >> >> >> >> >          <displayName>Additional mail
> >> authnetication</displayName>
> >> >> >> >> >          <mailNonce>mailNonce</mailNonce>
> >> >> >> >> >       </mailAuthentication>
> >> >> >> >> >    </authentication>
> >> >> >> >> >    <credentials>
> >> >> >> >> >       <nonce>
> >> >> >> >> >          <maxAge>PT2M</maxAge>
> >> >> >> >> >          <name>mailNonce</name>
> >> >> >> >> >          <valuePolicyRef oid="c0c8a80d-1818-42d1-b3ad-e
> >> >> 7f8993593a0"
> >> >> >> >> > type="c:ValuePolicyType"><!-- Mail Nonce Policy
> >> >> --></valuePolicyRef>
> >> >> >> >> >       </nonce>
> >> >> >> >> >    </credentials>
> >> >> >> >> >    <credentialsReset>
> >> >> >> >> >       <mailReset>
> >> >> >> >> >          <name>Reset password using mail</name>
> >> >> >> >> >          <additionalAuthenticationName>confirmationLink</
> >> >> >> >> > additionalAuthenticationName>
> >> >> >> >> >       </mailReset>
> >> >> >> >> >    </credentialsReset>
> >> >> >> >> > </securityPolicy>
> >> >> >> >> >
> >> >> >> >> > This is the Simple User Notifier form the wiki page:
> >> >> >> >> > <simpleUserNotifier>
> >> >> >> >> >     <expressionFilter>
> >> >> >> >> >         <script>
> >> >> >> >> >             <code>
> >> >> >> >> >                     import com.evolveum.midpoint.notifica
> >> >> >> >> tions.api.events.
> >> >> >> >> > ModelEvent
> >> >> >> >> >                     import com.evolveum.midpoint.xml.ns._
> >> >> >> >> > public.common.common_3.OrgType
> >> >> >> >> >                     import com.evolveum.midpoint.prism.de
> >> >> >> lta.ChangeType
> >> >> >> >> >
> >> >> >> >> >                    (event instanceof ModelEvent &&
> >> >> >> >> > event.getChannel().equals("http://midpoint.evolveum.com/xml/
> >> >> >> >> > ns/public/gui/channels-3#resetPassword"))
> >> >> >> >> >             </code>
> >> >> >> >> >         </script>
> >> >> >> >> >     </expressionFilter>
> >> >> >> >> >     <recipientExpression>
> >> >> >> >> >         <script>
> >> >> >> >> >             <code>return requestee.getEmailAddress()</code>
> >> >> >> >> >         </script>
> >> >> >> >> >     </recipientExpression>
> >> >> >> >> >     <bodyExpression>
> >> >> >> >> >         <script>
> >> >> >> >> >             <code>
> >> >> >> >> >
> >> >> >> >> >                 import com.evolveum.midpoint.notifica
> >> >> >> tions.api.events.
> >> >> >> >> > ModelEvent
> >> >> >> >> >                 modelEvent = (ModelEvent) event
> >> >> >> >> >                 newUser = modelEvent.getFocusContext().g
> >> >> >> etObjectNew();
> >> >> >> >> >                 userType = newUser.asObjectable();
> >> >> >> >> >
> >> >> >> >> >                 link = "http://localhost:8080/midpoint/
> >> >> >> >> > resetPasswordConfrimation/user/" +
> >> userType.getName().getOrig()
> >> >> >> >> > +"/token/" + midpoint.getPlaintext(
> userType.getCredentials().
> >> >> >> >> > getNonce().getValue());
> >> >> >> >> >                 bodyMessage = "Did you request password
> reset?
> >> If
> >> >> >> yes,
> >> >> >> >> > click on the link bellow \n" + link
> >> >> >> >> >
> >> >> >> >> >                 return bodyMessage;
> >> >> >> >> >             </code>
> >> >> >> >> >         </script>
> >> >> >> >> >     </bodyExpression>
> >> >> >> >> >     <transport>mail</transport>
> >> >> >> >> > </simpleUserNotifier>
> >> >> >> >> >
> >> >> >> >> > _______________________________________________
> >> >> >> >> > midPoint mailing list
> >> >> >> >> > midPoint at lists.evolveum.com
> >> >> >> >> > http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> --
> >> >> >> >> Gustáv Pálos
> >> >> >> >> Identity Engineer
> >> >> >> >> evolveum.com
> >> >> >> >> -------------- next part --------------
> >> >> >> >> An HTML attachment was scrubbed...
> >> >> >> >> URL: <http://lists.evolveum.com/pipermail/midpoint/
> attachments/
> >> >> >> >> 20170306/85ab3d27/attachment.html>
> >> >> >> >>
> >> >> >> >> ------------------------------
> >> >> >> >>
> >> >> >> >> Subject: Digest Footer
> >> >> >> >>
> >> >> >> >> _______________________________________________
> >> >> >> >> midPoint mailing list
> >> >> >> >> midPoint at lists.evolveum.com
> >> >> >> >> http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> ------------------------------
> >> >> >> >>
> >> >> >> >> End of midPoint Digest, Vol 59, Issue 26
> >> >> >> >> ****************************************
> >> >> >> >>
> >> >> >> >
> >> >> >> >
> >> >> >> > _______________________________________________
> >> >> >> > midPoint mailing list
> >> >> >> > midPoint at lists.evolveum.com
> >> >> >> > http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> >> >
> >> >> >> >
> >> >> >>
> >> >> >>
> >> >> >> --
> >> >> >> Gustáv Pálos
> >> >> >> Identity Engineer
> >> >> >> evolveum.com
> >> >> >> -------------- next part --------------
> >> >> >> An HTML attachment was scrubbed...
> >> >> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
> >> >> >> 20170306/3dfbadb0/attachment.html>
> >> >> >>
> >> >> >> ------------------------------
> >> >> >>
> >> >> >> Subject: Digest Footer
> >> >> >>
> >> >> >> _______________________________________________
> >> >> >> midPoint mailing list
> >> >> >> midPoint at lists.evolveum.com
> >> >> >> http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> >>
> >> >> >>
> >> >> >> ------------------------------
> >> >> >>
> >> >> >> End of midPoint Digest, Vol 59, Issue 28
> >> >> >> ****************************************
> >> >> >>
> >> >> >
> >> >> >
> >> >> > _______________________________________________
> >> >> > midPoint mailing list
> >> >> > midPoint at lists.evolveum.com
> >> >> > http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >> >
> >> >> >
> >> >>
> >> >>
> >> >> --
> >> >> Gustáv Pálos
> >> >> Identity Engineer
> >> >> evolveum.com
> >> >> -------------- next part --------------
> >> >> An HTML attachment was scrubbed...
> >> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
> >> >> 20170307/c28dfbb3/attachment.html>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >> Subject: Digest Footer
> >> >>
> >> >> _______________________________________________
> >> >> midPoint mailing list
> >> >> midPoint at lists.evolveum.com
> >> >> http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >> End of midPoint Digest, Vol 59, Issue 56
> >> >> ****************************************
> >> >>
> >> >
> >> >
> >> > _______________________________________________
> >> > midPoint mailing list
> >> > midPoint at lists.evolveum.com
> >> > http://lists.evolveum.com/mailman/listinfo/midpoint
> >> >
> >> >
> >>
> >>
> >> --
> >> s pozdravom
> >>
> >> Gustáv Pálos
> >> -------------- next part --------------
> >> An HTML attachment was scrubbed...
> >> URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/
> >> 20170307/420ea1a4/attachment.html>
> >>
> >> ------------------------------
> >>
> >> Subject: Digest Footer
> >>
> >> _______________________________________________
> >> midPoint mailing list
> >> midPoint at lists.evolveum.com
> >> http://lists.evolveum.com/mailman/listinfo/midpoint
> >>
> >>
> >> ------------------------------
> >>
> >> End of midPoint Digest, Vol 59, Issue 62
> >> ****************************************
> >>
> >
> >
> > _______________________________________________
> > midPoint mailing list
> > midPoint at lists.evolveum.com
> > http://lists.evolveum.com/mailman/listinfo/midpoint
> >
> >
>
>
> --
> Gustáv Pálos
> Identity Engineer
> evolveum.com
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.evolveum.com/pipermail/midpoint/
> attachments/20170308/3a2fb997/attachment.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> ------------------------------
>
> End of midPoint Digest, Vol 59, Issue 64
> ****************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170309/507f61ab/attachment.htm>


More information about the midPoint mailing list