[magnolia-dev] [JIRA] (MGNLPUR-138) TokenPasswordProcessor does not check if the user has an actual token
Roman Kovařík updated MGNLPUR-138 TokenPasswordProcessor does not check if the user has an actual token Change By: Roman Kovařík (01/Sep/14 12:49 PM) Fix Version/s: 2.4 Fix Version/s: 2.3.2 This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira Forlistdetails,see:http://www.magnolia-cms.com/community/mailing-lists.html Alternatively,useourforums:http://forum.magnolia-cms.com/ Tounsubscribe,E-mailto:dev-list-unsubscr...@magnolia-cms.com
[magnolia-dev] [JIRA] (MGNLPUR-138) TokenPasswordProcessor does not check if the user has an actual token
Federico Grilli updated MGNLPUR-138 TokenPasswordProcessor does not check if the user has an actual token Change By: Federico Grilli (15/Aug/14 5:20 PM) Fix Version/s: 2.3.2 This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira Forlistdetails,see:http://www.magnolia-cms.com/community/mailing-lists.html Alternatively,useourforums:http://forum.magnolia-cms.com/ Tounsubscribe,E-mailto:dev-list-unsubscr...@magnolia-cms.com
[magnolia-dev] [JIRA] (MGNLPUR-138) TokenPasswordProcessor does not check if the user has an actual token
Christian Ringele created MGNLPUR-138 TokenPasswordProcessor does not check if the user has an actual token Issue Type: Bug Affects Versions: 2.3.1 Assignee: Unassigned Created: 11/Aug/14 2:01 PM Description: No check is done to see if the user actually has a token. If the user has no token (e.g. because the password change functionality has already been used; e.g. the user clicks on the change password link twice) you get an ugly null pointer. We added this in our TokenPasswordProcessor. See code below. The error messages (which are shown to the end-user) are hardcoded. i18n messages should really be used. I think it would be good to add this to the Magnolia TokenPasswordProcessor class? // not present in Magnolia's TokenPasswordProcessor // check if user's token is present at all; if we don't do this and the token is not present // we get an ugly nullpointer later on if (null == user.getProperty("token")) { throw new FormProcessorFailedException("No 'password change token' is present in the current user session. " + "Maybe you have already changed your password? Should you want to change your password again then please " + "request a new password reset."); } Project: Magnolia Public User Registration Labels: support Priority: Neutral Reporter: Christian Ringele This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira Forlistdetails,see:http://www.magnolia-cms.com/community/mailing-lists.html Alternatively,useourforums:http://forum.magnolia-cms.com/ Tounsubscribe,E-mailto:dev-list-unsubscr...@magnolia-cms.com