Bug 1247137 - Can't change password for a redhat.com account of OpenShift type
Can't change password for a redhat.com account of OpenShift type
Product: OpenShift Online
Classification: Red Hat
Component: Management Console (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Andy Grimm
Wei Sun
Depends On:
  Show dependency treegraph
Reported: 2015-07-27 08:18 EDT by Ron Šmeral
Modified: 2016-11-07 22:48 EST (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-10-29 15:52:08 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ron Šmeral 2015-07-27 08:18:44 EDT
Description of problem:
When trying to change my password, the site insists that my old password is incorrect, even though it is correct.

Version-Release number of selected component (if applicable):
The version at https://openshift.redhat.com at the time of reporting

Steps to Reproduce:
1. Visit https://openshift.redhat.com/app/account/password/edit
2. Type old password and a new password twice, submit

Actual results:
Error message "Your old password was incorrect."

Expected results:
Changed password

Additional info:
This happens even right after logging in with exactly the same password as later entered into the change password form. And even after resetting my password and using the new one received through e-mail.
Comment 1 Ron Šmeral 2015-08-11 05:57:03 EDT
Clarification: this happens for my redhat.com account, haven't tried others.

By trial and error I figured out that the only value which the Change Password form considers correct as the "old password" is my Red Hat account password. 

This is definitely erroneous, since this happens even right after password reset, when the old password should be the one received in inbox from the reset process (right?).

Moreover, after entering my redhat.com password into the change password form and changing it into something else, I can then log into my redhat.com account with this changed password. But I still can't use this changed password, or the old one, or the reset one for login. THE ONLY way for me to log in currently is through password reset.

Does the change password process actually change my RH password? I believe this should be VERY clearly stated in the interface, or even better - the password for the RH account should not be changeable from the OS interface, it's really confusing.
Comment 2 Thien-Thi Nguyen 2015-08-11 06:41:50 EDT
It seems strange to me that OSO offers the possibility to change the RH password.
Comment 3 Alex Dellapenta 2015-08-11 10:10:53 EDT
Just tried it with my account (rhn-support-adellape) and got a "Your password has been changed" message in the OpenShift webUI. New password works for openshift.com and redhat.com.

Comment 4 Ron Šmeral 2015-08-11 10:33:20 EDT
I just realized the account type under https://openshift.redhat.com/app/account is "OpenShift". This bug might (hopefully) be limited to accounts created with a redhat.com address before RHN integration (my OSO acct is ~3 years old).

So, I guess the password validation logic is inconsistent between the Change Password screen and the login screen:
* the Change Password only respects my RHN account password as correct (probably shouldn't since my acct type is OpenShift..?)
* login screen does not respect my RHN account password
Comment 5 Andy Grimm 2015-08-11 20:58:57 EDT
This is a known issue in the case where a user has a "simple user" account and a "full user" account which conflict.  You have both type of accounts for the login rsmeral@redhat.com .  The reason this can happen is that RHN doesn't have any knowledge of simple users.  So, OSO can prevent the creation of a simple user which conflicts with an RHN account, but RHN will happily create an account that conflicts with an existing simple user, and then the problem begin.

The solution for this is to have the "simple user" deactivated.  I can file an internal ticket for that.
Comment 6 Ron Šmeral 2015-08-12 04:09:38 EDT
OK, please file the ticket for deactivation of the simple account. Thanks.
Comment 7 Abhishek Gupta 2015-09-04 14:35:30 EDT
I believe the ticket was created? Has the "simple user" account been deactivated? Can we close this bug at this point?
Comment 8 Andy Grimm 2015-10-29 15:52:08 EDT
This was resolved.

Note You need to log in before you can comment on or make changes to this bug.