• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
• Use
Item7848 for generic doc work for TWiki-6.1.1. Use Item7851 for doc work on extensions that are not part of a release. More... Close • Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
• Does this site look broken?. Use the LitterTray web for test cases.
Item5850: ResetPassword/ChangePassword combo "Oops: we could not recognize you"
Item Form Data
| AppliesTo: | Component: | Priority: | CurrentState: | WaitingFor: | TargetRelease | ReleasedIn |
|---|---|---|---|---|---|---|
| Engine | Urgent | Closed | patch | 4.2.1 |
Edit Form Data
Detail
NB you must be logged out to reproduce this!
I'm using TemplateLogin, and HtPasswdUser.
Performing a ResetPassword immediately followed by a ChangePassword brings up the login screen with
Oops: we could not recognize you. Try again or reset your password
.
There's nothing out of the ordinary in the logs.
If you then enter your automatically generated password in the login Oops form, you then get:
- 30 Jul 2008
Here's the complete HTTP log:
http://development2.wiley.co.uk/twiki/bin/manage/TWiki/WebHome
POST /twiki/bin/manage/TWiki/WebHome HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/view/TWiki/ChangePassword
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
Content-Type: application/x-www-form-urlencoded
Content-Length: 135
username=EllisPritchard&oldpassword=983847554&password=newpassword&passwordA=newpassword&TopicName=ChangePassword&action=changePassword
HTTP/1.x 302 Moved
Date: Wed, 30 Jul 2008 11:34:03 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Location: /twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
GET /twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/view/TWiki/ChangePassword
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
HTTP/1.x 200 OK
Date: Wed, 30 Jul 2008 11:34:05 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome
POST /twiki/bin/login/TWiki/WebHome HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
Content-Type: application/x-www-form-urlencoded
Content-Length: 183
username=EllisPritchard&password=983847554&oldpassword=983847554&passwordA=newpassword&TopicName=ChangePassword&action=changePassword&origurl=%2Ftwiki%2Fbin%2Fmanage%2FTWiki%2FWebHome
HTTP/1.x 302 Moved
Date: Wed, 30 Jul 2008 11:34:15 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Location: /twiki/bin/manage/TWiki/WebHome?twiki_redirect_cache=c9198768bb9e31d8f51c7b4bb53deb8b
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/manage/TWiki/WebHome?twiki_redirect_cache=c9198768bb9e31d8f51c7b4bb53deb8b
GET /twiki/bin/manage/TWiki/WebHome?twiki_redirect_cache=c9198768bb9e31d8f51c7b4bb53deb8b HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
HTTP/1.x 302 Moved
Date: Wed, 30 Jul 2008 11:34:16 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Location: http://development2.wiley.co.uk/twiki/bin/oops/TWiki/WebHome?oldpassword=983847554;passwordA=newpassword;TopicName=ChangePassword;action=changePassword;template=oopsattention;def=missing_fields;param1=username;template=oopsattention;def=missing_fields;param1=username
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/oops/TWiki/WebHome?oldpassword=983847554;passwordA=newpassword;TopicName=ChangePassword;action=changePassword;template=oopsattention;def=missing_fields;param1=username;template=oopsattention;def=missing_fields;param1=username
GET /twiki/bin/oops/TWiki/WebHome?oldpassword=983847554;passwordA=newpassword;TopicName=ChangePassword;action=changePassword;template=oopsattention;def=missing_fields;param1=username;template=oopsattention;def=missing_fields;param1=username HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
HTTP/1.x 200 OK
Date: Wed, 30 Jul 2008 11:34:17 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Content-Length: 5449
Connection: close
Content-Type: text/html; charset=iso-8859-1
---------------------------------------------------------- TWiki:Main.EllisPritchard
I have confirmed that both ApacheLogin and TemplateLogin handles reset password correctly.
- 30 Jul 2008
Re-opening this
The original reporter had not described the error clear enough.
Everything works when you follow the link to the ChangePassword topic which you are presented with after reset password.
BUT
If you follow the link in the email which has a trailing ?username=loginname then it fails as described. That is clearly wrong.
Why is the ChangePassword topic password protected? I remember it as a work around for some poorly implemented code and it was never repaired.
It is bullocks that you have to authenticate twice to change your password.
In any case - I will as a 4.2.1 work around change the message you receive by email so it contains the generic ChangePassword URL without the ?username=
Then at least you do not end up with a bad authentication which is very very confusing.
-- TWiki:Main.KennethLavrsen - 31 Jul 2008
Current behaviour comes from Item5447
So my workaround seems only quick solution.
-- TWiki:Main.KennethLavrsen - 31 Jul 2008
Cleaned "WaitingFor" field.
-- TWiki:Main.GilmarSantosJr - 10 Aug 2008
.
There's nothing out of the ordinary in the logs.
If you then enter your automatically generated password in the login Oops form, you then get:
Missing Fields
** username fields are required. Please go back in your browser and try again. However, after this point you are actually logged in, using the automatically generated password. The user is in TWikiUsers, and this happens even if I reset a known working account. If you instead ResetPassword, then log in normally with the auto-generated password (rather than via ChangePassword), then use ChangePassword, it works correctly. -- TWiki:Main/EllisPritchard - 30 Jul 2008
Here's the complete HTTP log:
http://development2.wiley.co.uk/twiki/bin/manage/TWiki/WebHomePOST /twiki/bin/manage/TWiki/WebHome HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/view/TWiki/ChangePassword
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
Content-Type: application/x-www-form-urlencoded
Content-Length: 135
username=EllisPritchard&oldpassword=983847554&password=newpassword&passwordA=newpassword&TopicName=ChangePassword&action=changePassword
HTTP/1.x 302 Moved
Date: Wed, 30 Jul 2008 11:34:03 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Location: /twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
GET /twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/view/TWiki/ChangePassword
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
HTTP/1.x 200 OK
Date: Wed, 30 Jul 2008 11:34:05 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome
POST /twiki/bin/login/TWiki/WebHome HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
Content-Type: application/x-www-form-urlencoded
Content-Length: 183
username=EllisPritchard&password=983847554&oldpassword=983847554&passwordA=newpassword&TopicName=ChangePassword&action=changePassword&origurl=%2Ftwiki%2Fbin%2Fmanage%2FTWiki%2FWebHome
HTTP/1.x 302 Moved
Date: Wed, 30 Jul 2008 11:34:15 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Location: /twiki/bin/manage/TWiki/WebHome?twiki_redirect_cache=c9198768bb9e31d8f51c7b4bb53deb8b
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/manage/TWiki/WebHome?twiki_redirect_cache=c9198768bb9e31d8f51c7b4bb53deb8b
GET /twiki/bin/manage/TWiki/WebHome?twiki_redirect_cache=c9198768bb9e31d8f51c7b4bb53deb8b HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
HTTP/1.x 302 Moved
Date: Wed, 30 Jul 2008 11:34:16 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Location: http://development2.wiley.co.uk/twiki/bin/oops/TWiki/WebHome?oldpassword=983847554;passwordA=newpassword;TopicName=ChangePassword;action=changePassword;template=oopsattention;def=missing_fields;param1=username;template=oopsattention;def=missing_fields;param1=username
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
----------------------------------------------------------
http://development2.wiley.co.uk/twiki/bin/oops/TWiki/WebHome?oldpassword=983847554;passwordA=newpassword;TopicName=ChangePassword;action=changePassword;template=oopsattention;def=missing_fields;param1=username;template=oopsattention;def=missing_fields;param1=username
GET /twiki/bin/oops/TWiki/WebHome?oldpassword=983847554;passwordA=newpassword;TopicName=ChangePassword;action=changePassword;template=oopsattention;def=missing_fields;param1=username;template=oopsattention;def=missing_fields;param1=username HTTP/1.1
Host: development2.wiley.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://development2.wiley.co.uk/twiki/bin/login/TWiki/WebHome?twiki_redirect_cache=8af5e6722041e04c25187326b08dc7ae
Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411
HTTP/1.x 200 OK
Date: Wed, 30 Jul 2008 11:34:17 GMT
Server: Apache/2.0.54 (Unix) DAV/2 PHP/4.4.2 mod_sar/1.1
Set-Cookie: TWIKISID=81590dfe7e85df167aa79cd612b8a411; path=/
Content-Length: 5449
Connection: close
Content-Type: text/html; charset=iso-8859-1
---------------------------------------------------------- TWiki:Main.EllisPritchard
I have confirmed that both ApacheLogin and TemplateLogin handles reset password correctly.
- Reset password
- Change password first asks for you to login. Not on an oops screen but with login
- Once authenticated you will need to again fill out the username, old password, and twice new password.
- New password works
- 30 Jul 2008
Re-opening this
The original reporter had not described the error clear enough.
Everything works when you follow the link to the ChangePassword topic which you are presented with after reset password.
BUT
If you follow the link in the email which has a trailing ?username=loginname then it fails as described. That is clearly wrong.
Why is the ChangePassword topic password protected? I remember it as a work around for some poorly implemented code and it was never repaired.
It is bullocks that you have to authenticate twice to change your password.
In any case - I will as a 4.2.1 work around change the message you receive by email so it contains the generic ChangePassword URL without the ?username=
Then at least you do not end up with a bad authentication which is very very confusing.
-- TWiki:Main.KennethLavrsen - 31 Jul 2008
Current behaviour comes from Item5447
So my workaround seems only quick solution.
-- TWiki:Main.KennethLavrsen - 31 Jul 2008
Cleaned "WaitingFor" field.
-- TWiki:Main.GilmarSantosJr - 10 Aug 2008
| ItemTemplate | |
|---|---|
| Summary | ResetPassword/ChangePassword combo "Oops: we could not recognize you" |
| ReportedBy |
TWiki:Main.EllisPritchard
|
| Codebase | 4.2.0 |
| SVN Range | TWiki-5.0.0, Sun, 27 Jul 2008, build 17148 |
| AppliesTo | Engine |
| Component | |
| Priority | Urgent |
| CurrentState | Closed |
| WaitingFor | |
| Checkins |
TWikirev:17238 TWikirev:17239
|
| TargetRelease | patch |
| ReleasedIn | 4.2.1 |
Topic revision: r8 - 2008-08-10 - GilmarSantosJr
Site map
Bugs web
Create New Report
Index
Search
Detailed Items Query
Changes
100
Notifications
RSS Feed
Statistics
Preferences
Bugs 
Items by urgency
My Reports
Recently Closed
Extensions
By Status 
Waiting for Feedback
Confirmed
Being Worked On
Waiting for Release
No Action Required
Lima 
Fixes for Rel.Notes
Create Feature Request
Account 
Copyright © 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback