← Back to team overview

dhis2-devs team mailing list archive

Re: 2.27 - updating expired password does not work

 

Hi

Nobody responded to this email, but Zubair picked it up and fixed it
yesterday - as I suspected, it was a bug.

I have just tested the new build from this morning, and the bug has been
fixed.

Thanks, Zubair!!

Regards
Calle

On 14 June 2017 at 13:10, Calle Hedberg <calle.hedberg@xxxxxxxxx> wrote:

> Hi,
>
> Just note that I strongly suspect this to be a bug - see extract from
> tomcat log - below - but I cannot be sure if it is data related (the
> instance was recently upgraded to 2.27):
>
> * INFO  2017-06-14 12:11:56,298 Login attempt for disabled/locked user:
> 'Calle_Hedberg', enabled: true, credentials non-expired: false, account
> non-locked: true (DefaultUserDetailsService.java [http-nio-8083-exec-1])
> * WARN  2017-06-14 12:11:56,414 Authentication event
> AuthenticationFailureCredentialsExpiredEvent: Calle_Hedberg; details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c:
> RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 0A1DD66DE5786BDF88B17EC290000251;
> exception: User credentials have expired (LoggerListener.java
> [http-nio-8083-exec-1])
> java.lang.NullPointerException
>         at org.hisp.dhis.webapi.controller.AccountController.
> updatePassword(AccountController.java:450)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
>         at java.lang.reflect.Method.invoke(Method.java:498)
>         at org.springframework.web.method.support.InvocableHandlerMethod.
> doInvoke(InvocableHandlerMethod.java:205)
>         at org.springframework.web.method.support.InvocableHandlerMethod.
> invokeForRequest(InvocableHandlerMethod.java:133)
>         at org.springframework.web.servlet.mvc.method.annotation.
> ServletInvocableHandlerMethod.invokeAndHandle(
> ServletInvocableHandlerMethod.java:97)
>         at org.springframework.web.servlet.mvc.method.annotation.
> RequestMappingHandlerAdapter.invokeHandlerMethod(
> RequestMappingHandlerAdapter.java:827)
>         at org.springframework.web.servlet.mvc.method.annotation.
> RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.
> java:738)
>         at org.springframework.web.servlet.mvc.method.
> AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
>         at org.springframework.web.servlet.DispatcherServlet.
> doDispatch(DispatcherServlet.java:967)
>         at org.springframework.web.servlet.DispatcherServlet.
> doService(DispatcherServlet.java:901)
>         at org.springframework.web.servlet.FrameworkServlet.
> processRequest(FrameworkServlet.java:970)
>         at org.springframework.web.servlet.FrameworkServlet.
> doPost(FrameworkServlet.java:872)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
>         at org.springframework.web.servlet.FrameworkServlet.
> service(FrameworkServlet.java:846)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
>         at org.apache.catalina.core.ApplicationFilterChain.
> internalDoFilter(ApplicationFilterChain.java:292)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:207)
>         at org.apache.tomcat.websocket.server.WsFilter.doFilter(
> WsFilter.java:52)
>         at org.apache.catalina.core.ApplicationFilterChain.
> internalDoFilter(ApplicationFilterChain.java:240)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:207)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:317)
>         at org.springframework.security.web.access.intercept.
> FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)
>         at org.springframework.security.web.access.intercept.
> FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.access.
> ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.session.
> SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.authentication.
> AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.
> java:111)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.servletapi.
> SecurityContextHolderAwareRequestFilter.doFilter(
> SecurityContextHolderAwareRequestFilter.java:170)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.savedrequest.
> RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.authentication.www.
> BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.
> java:158)
>         at org.springframework.web.filter.OncePerRequestFilter.
> doFilter(OncePerRequestFilter.java:107)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.hisp.dhis.security.filter.CorsFilter.doFilter(
> CorsFilter.java:126)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.authentication.
> AbstractAuthenticationProcessingFilter.doFilter(
> AbstractAuthenticationProcessingFilter.java:200)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.authentication.
> AbstractAuthenticationProcessingFilter.doFilter(
> AbstractAuthenticationProcessingFilter.java:200)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.hisp.dhis.security.filter.CustomAuthenticationFilter.
> doFilter(CustomAuthenticationFilter.java:64)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.authentication.logout.
> LogoutFilter.doFilter(LogoutFilter.java:116)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.hisp.dhis.security.filter.AutomaticAccessFilter.doFilter(
> AutomaticAccessFilter.java:115)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.header.HeaderWriterFilter.
> doFilterInternal(HeaderWriterFilter.java:64)
>         at org.springframework.web.filter.OncePerRequestFilter.
> doFilter(OncePerRequestFilter.java:107)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.context.request.async.
> WebAsyncManagerIntegrationFilter.doFilterInternal(
> WebAsyncManagerIntegrationFilter.java:56)
>         at org.springframework.web.filter.OncePerRequestFilter.
> doFilter(OncePerRequestFilter.java:107)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.context.
> SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilt
> er.java:105)
>         at org.springframework.security.web.FilterChainProxy$
> VirtualFilterChain.doFilter(FilterChainProxy.java:331)
>         at org.springframework.security.web.FilterChainProxy.
> doFilterInternal(FilterChainProxy.java:214)
>         at org.springframework.security.web.FilterChainProxy.doFilter(
> FilterChainProxy.java:177)
>         at org.springframework.web.filter.DelegatingFilterProxy.
> invokeDelegate(DelegatingFilterProxy.java:346)
>         at org.springframework.web.filter.DelegatingFilterProxy.doFilter(
> DelegatingFilterProxy.java:262)
>         at org.apache.catalina.core.ApplicationFilterChain.
> internalDoFilter(ApplicationFilterChain.java:240)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:207)
>         at org.hisp.dhis.servlet.filter.HttpUrlPatternFilter.doFilter(
> HttpUrlPatternFilter.java:120)
>         at org.apache.catalina.core.ApplicationFilterChain.
> internalDoFilter(ApplicationFilterChain.java:240)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:207)
>         at org.springframework.web.filter.ShallowEtagHeaderFilter.
> doFilterInternal(ShallowEtagHeaderFilter.java:110)
>         at org.hisp.dhis.servlet.filter.ExcludableShallowEtagHeaderFil
> ter.doFilterInternal(ExcludableShallowEtagHeaderFilter.java:112)
>         at org.springframework.web.filter.OncePerRequestFilter.
> doFilter(OncePerRequestFilter.java:107)
>         at org.apache.catalina.core.ApplicationFilterChain.
> internalDoFilter(ApplicationFilterChain.java:240)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:207)
>         at org.springframework.orm.hibernate5.support.
> OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:151)
>         at org.springframework.web.filter.OncePerRequestFilter.
> doFilter(OncePerRequestFilter.java:107)
>         at org.apache.catalina.core.ApplicationFilterChain.
> internalDoFilter(ApplicationFilterChain.java:240)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:207)
>         at org.springframework.web.filter.CharacterEncodingFilter.
> doFilterInternal(CharacterEncodingFilter.java:197)
>         at org.springframework.web.filter.OncePerRequestFilter.
> doFilter(OncePerRequestFilter.java:107)
>         at org.apache.catalina.core.ApplicationFilterChain.
> internalDoFilter(ApplicationFilterChain.java:240)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:207)
>         at org.apache.catalina.core.StandardWrapperValve.invoke(
> StandardWrapperValve.java:213)
>         at org.apache.catalina.core.StandardContextValve.invoke(
> StandardContextValve.java:106)
>         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(
> AuthenticatorBase.java:502)
>         at org.apache.catalina.core.StandardHostValve.invoke(
> StandardHostValve.java:141)
>         at org.apache.catalina.valves.ErrorReportValve.invoke(
> ErrorReportValve.java:79)
>         at org.apache.catalina.valves.AbstractAccessLogValve.invoke(
> AbstractAccessLogValve.java:616)
>         at org.apache.catalina.core.StandardEngineValve.invoke(
> StandardEngineValve.java:88)
>         at org.apache.catalina.connector.CoyoteAdapter.service(
> CoyoteAdapter.java:522)
>         at org.apache.coyote.http11.AbstractHttp11Processor.process(
> AbstractHttp11Processor.java:1095)
>         at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.
> process(AbstractProtocol.java:672)
>         at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
> doRun(NioEndpoint.java:1504)
>         at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
> run(NioEndpoint.java:1460)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1142)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:617)
>         at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(
> TaskThread.java:61)
>         at java.lang.Thread.run(Thread.java:745)
>
>
> On 14 June 2017 at 12:49, Calle Hedberg <calle.hedberg@xxxxxxxxx> wrote:
>
>> Hi
>> When trying to log into an instance that runs the latest 2.27, I get the
>> "password expired - please update" popup (as expected)
>>
>> But when I enter the old and the new password (x2) and click SAVE,
>> NOTHING happens. No error message, NOTHING.
>>
>> I don't know if this is instance related or a bug - has anybody else used
>> that functionality after 2.27 was released?
>>
>> Regards
>> Calle
>>
>> *******************************************
>>
>> Calle Hedberg
>>
>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>
>> Tel/fax (home): +27-21-685-6472 <+27%2021%20685%206472>
>>
>> Cell: +27-82-853-5352 <+27%2082%20853%205352>
>>
>> Iridium SatPhone: +8816-315-19119 <+881%206%20315%2019119>
>>
>> Email: calle.hedberg@xxxxxxxxx
>>
>> Skype: calle_hedberg
>>
>> *******************************************
>>
>>
>
>
> --
>
> *******************************************
>
> Calle Hedberg
>
> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>
> Tel/fax (home): +27-21-685-6472 <+27%2021%20685%206472>
>
> Cell: +27-82-853-5352 <+27%2082%20853%205352>
>
> Iridium SatPhone: +8816-315-19119 <+881%206%20315%2019119>
>
> Email: calle.hedberg@xxxxxxxxx
>
> Skype: calle_hedberg
>
> *******************************************
>
>


-- 

*******************************************

Calle Hedberg

46D Alma Road, 7700 Rosebank, SOUTH AFRICA

Tel/fax (home): +27-21-685-6472

Cell: +27-82-853-5352

Iridium SatPhone: +8816-315-19119

Email: calle.hedberg@xxxxxxxxx

Skype: calle_hedberg

*******************************************

References