Unable to change reset password on noggin with otp enabled

Question

Unable to change reset password on noggin with otp enabled

Closed this issue 5 months ago · 3 comments

Hi, I have a server with noggin attached to a freeipa server.
I reset password for a user who has OTP enabled.
He can successfully log in but when it's forced to change password he can't. I tried myself. If in the "current password" field I put the temporary password I got the error:

[Mon Jul 08 15:34:02.670812 2024] [wsgi:error] [pid 16867:tid 16875] [remote HIDDEN:36792] ipa: INFO: WSGI change_password.__call__:
[Mon Jul 08 15:34:02.672335 2024] [wsgi:error] [pid 16867:tid 16875] [remote HIDDEN:36792] ipa: INFO: WSGI change_password: start password change of user 'rotondo'
[Mon Jul 08 15:34:02.678140 2024] [wsgi:error] [pid 16867:tid 16875] [remote HIDDEN:36792] ipa: INFO: 200 Success: The old password or username is not correct.

I made a second attempt filling with "temporary password+OTP token". In this case the log is slightly different, but the result the same

INFO: WSGI change_password.__call__:
[Mon Jul 08 15:34:54.387324 2024] [wsgi:error] [pid 16866:tid 16874] [remote HIDDEN:41326] ipa: INFO: WSGI change_password: start password change of user 'rotondo'
[Mon Jul 08 15:34:54.441850 2024] [wsgi:error] [pid 16866:tid 16874] [remote HIDDEN:41326] ipa: ERROR: change_password: cannot change password of 'rotondo': Insufficient access:  Invalid credentials
[Mon Jul 08 15:34:54.442326 2024] [wsgi:error] [pid 16866:tid 16874] [remote HIDDEN:41326] ipa: INFO: 200 Success: Could not change the password

The only way to make password reset work is to force, from admin interface, the usage of simple "Password" method against "Two factor authentication (password + OTP)"

On the other hand, I tried to change password from the user interface. In that case there is a form for the OTP and there is no problem to change password. So my question is:

Could you fix the interface for the password reset and give the possibility to specify OTP token even in case of password expired?

Thank you in advance.

Riccardo

Answer 1 · 2024-09-07T02:05:57.000Z

This issue is stale because it has been open for 60 days with no activity.

Answer 2 · 2024-11-09T02:08:37.000Z

This issue is stale because it has been open for 60 days with no activity.

Answer 3 · 2024-11-16T02:17:45.000Z

This issue was closed because it has been inactive for 7 days since being marked as stale.