[midPoint] midPoint users' local passwords become undefined after a while
Patrik Spengler
patrick.spengler at c-iam.com
Fri Oct 13 13:34:10 CEST 2017
Hi Ramon,
I had the same error.
If you are using the default security policy, you can add maxAge tag in the password tag.
<securityPolicy/>
...
<credentials>
<password>
...
<maxAge>P200Y</maxAge> // password expires in 200 years
...
</password>
</credentials>
</securityPolicy>
In the default password policy you can delete the lifetime tag.
I hope this helps.
Regards,
Patrick
__________________________________
Patrick Spengler
IAM Consultant
Telefon: (0) 228 534-592-35
Mail: patrick.spengler at c-iam.com
Web: http://www.c-iam.com
C-IAM GmbH Bonn
Coburger Straße 2
D-53113 Bonn
C-IAM GmbH Hamburg
Ballindamm 39
D-20095 Hamburg
Geschäftsführer: Jamshed Kharkan
________________________________________________________________________
Die vorangehende e-mail inkl. jeglicher Anhänge beinhaltet Informationen, die vertraulich oder nicht für die Öffentlichkeit bestimmt sein könnten. Sie ist nur für den/die designierten Empfänger bestimmt. Sollten Sie nicht der designierte Empfänger sein, informieren Sie bitte den Absender und löschen Sie die Nachricht aus Ihrem System. Gebrauch, Verbreitung, Verteilung oder Reproduktion dieser Nachricht sind untersagt und können rechtswidrig sein.
________________________________________________________________________
The preceding e-mail message (including any attachments) contains information that may be confidential, or constitute non-public information. It is intended to be conveyed only to the designated recipient(s). If you are not an intended recipient of this message, please notify the sender by replying to this message and then delete it from your system. Use, dissemination, distribution, or reproduction of this message by unintended recipients is not authorized and may be unlawful.
-----Ursprüngliche Nachricht-----
Von: midPoint [mailto:midpoint-bounces at lists.evolveum.com] Im Auftrag von Ramón Cahenzli
Gesendet: Mittwoch, 11. Oktober 2017 09:54
An: midPoint General Discussion <midpoint at lists.evolveum.com>
Betreff: [midPoint] midPoint users' local passwords become undefined after a while
Hi everyone,
I have midPoint 3.6 on a development VM. There are two users, "administrator" with the default password and "rca" with his own password. Both have the superuser role and passwords don't expire. The users work fine for a while, I can log in, back out, back in again etc.
I can restart Tomcat and reboot the VM, everything continues working.
However, when I switch off my VM for a month or so and then start it again, both users are unable to log in. I get the error:
"User doesn't have defined password."
in the web interface.
I had this issue twice now, and I don't know where I could look for a solution. These accounts shouldn't simply expire, should they? And if they do expire, wouldn't "doesn't have defined password" be the wrong error?
I can still see the users in the database in the m_user table. So far I had to nuke my midPoint DB every time to be able to log back in again, but I'm sure there must be a real solution. Thanks for any hints.
Cheers,
Ramon
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
http://lists.evolveum.com/mailman/listinfo/midpoint
More information about the midPoint
mailing list