Allow 201 as success scenario for setting user password
Closed this issue · 1 comments
cliffano commented
Following certain events (in this case, after crxde is disabled), change password operation responds with 201 as a success indicator.
Wrapped exception:
Unexpected response
status code: 201
headers: {"Date"=>"Tue, 11 Jul 2017 01:21:14 GMT", "X-Content-Type-Options"=>"nosniff", "Set-Cookie"=>"cq-authoring-mode=CLASSIC;Path=/;Expires=Tue, 18-Jul-2017 01:21:14 GMT", "Expires"=>"Thu, 01 Jan 1970 00:00:00 GMT", "Location"=>"/crx/explorer/ui/setpassword.jsp", "Content-Type"=>"text/html; charset=UTF-8", "Transfer-Encoding"=>"chunked"}
body: <html>
<head>
<title>Content created /crx/explorer/ui/setpassword.jsp</title>
</head>
<body>
<h1>Content created /crx/explorer/ui/setpassword.jsp</h1>
<table>
<tbody>
<tr>
<td>Status</td>
<td><div id="Status">201</div></td>
</tr>
<tr>
<td>Message</td>
<td><div id="Message">Created</div></td>
</tr>
<tr>
<td>Location</td>
<td><a href="/crx/explorer/ui/setpassword.jsp" id="Location">/crx/explorer/ui/setpassword.jsp</a></td>
</tr>
<tr>
<td>Parent Location</td>
<td><a href="/crx/explorer/ui" id="ParentLocation">/crx/explorer/ui</a></td>
</tr>
<tr>
<td>Path</td>
<td><div id="Path">/crx/explorer/ui/setpassword.jsp</div></td>
</tr>
<tr>
<td>Referer</td>
<td><div id="Referer"></div></td>
</tr>
<tr>
<td>ChangeLog</td>
<td><div id="ChangeLog"><pre>created("/crx");<br/>created("/crx/explorer");<br/>created("/crx/explorer/ui");<br/>created("/crx/explorer/ui/setpassword.jsp");<br/>modified("/crx/explorer/ui/setpassword.jsp/old");<br/>modified("/crx/explorer/ui/setpassword.jsp/plain");<br/>modified("/crx/explorer/ui/setpassword.jsp/verify");<br/></pre></div></td>
</tr>
</tbody>
</table>
<p><a href="/crx/explorer/ui/setpassword.jsp">Modified Resource</a></p>
<p><a href="/crx/explorer/ui">Parent of Modified Resource</a></p>
</body>
</html>
cliffano commented
After further testing with various repository states, we found out that 201 shouldn't be considered a success scenario.
The problem originated from crx-explorer bundle being disabled, which led AEM to create a default node at /crx/explorer/ui/setpassword.jsp when a request is sent to /crx/explorer/ui/setpassword.jsp , and this node does not actually contain any logic for setting user password.
Change ec30d4e will be reverted.