907314 – Reset Password link dont work if the user clicks the Forgot Password link twice accidentally

Bug 907314 - Reset Password link dont work if the user clicks the Forgot Password link twice accidentally

Summary: Reset Password link dont work if the user clicks the Forgot Password link twi...

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Subscription Asset Manager
Classification:	Retired
Component:	katello
Sub Component:
Version:	1.3
Hardware:	All
OS:	All
Priority:	unspecified
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Brad Buckingham
QA Contact:	SAM QE List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	sam13-tracker
TreeView+	depends on / blocked

Reported:	2013-02-04 05:17 UTC by sthirugn@redhat.com
Modified:	2013-07-23 19:47 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2013-07-23 19:47:44 UTC
Embargoed:

Attachments	(Terms of Use)
Error message when clicking on the reset password link from the recent email (36.15 KB, image/png) 2013-02-04 05:17 UTC, sthirugn@redhat.com	no flags	Details
View All

Description sthirugn@redhat.com 2013-02-04 05:17:20 UTC

Created attachment 692618 [details]
Error message when clicking on the reset password link from the recent email

Description of problem:
Reset Password link sent in the email says invalid or expired token if the user clicks Forgot Password link twice accidentally.

Version-Release number of selected component (if applicable):
* candlepin-0.7.23-1.el6_3.noarch
* candlepin-cert-consumer-cloud-qe-8.idm.lab.bos.redhat.com-1.0-1.noarch
* candlepin-tomcat6-0.7.23-1.el6_3.noarch
* elasticsearch-0.19.9-5.el6_3.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.2.1-1h.el6_3.noarch
* katello-cli-1.2.1-12h.el6_3.noarch
* katello-cli-common-1.2.1-12h.el6_3.noarch
* katello-common-1.2.1-15h.el6_3.noarch
* katello-configure-1.2.3-3h.el6_3.noarch
* katello-glue-candlepin-1.2.1-15h.el6_3.noarch
* katello-headpin-1.2.1-15h.el6_3.noarch
* katello-headpin-all-1.2.1-15h.el6_3.noarch
* katello-selinux-1.2.1-2h.el6_3.noarch
* thumbslug-0.0.28-1.el6_3.noarch
* thumbslug-selinux-0.0.28-1.el6_3.noarch

How reproducible:
Always

Steps to Reproduce:
1. Launch SAM UI
2. Click Forgot Password twice
3. Receive two password reset emails
4. Click on the reset password link from the first email received - Enter new Password and Confirm Password. Click on Save - Error message shown saying invalid or expired token - This error message is expected.
5. Now, Click on the reset password link from the recent email received - Error message thrown again instead of allowing the user to reset his password.
  
Actual results:
Error message thrown to the user:
Request received has either an invalid or expired token. Token: 'f7696070f9f353dc5931b653bee4b6e62049fd10d0ecfd85abfcfc3a3534a84a'

Expected results:
Password reset functionality should work fine


Additional info:
-> After step 5 above, again go back to the home page and click on Forgot Password.  
-> Click on the reset password link from the email received.  
-> Again the error message is shown. There is no workaround for the user to reset his password himself.  Only option is to have Administrator do it.

Comment 1 Tom McKay 2013-07-23 19:47:44 UTC

This BZ is obsolete due to introduction of "signo" signal sign on module replacement.

Note You need to log in before you can comment on or make changes to this bug.