Jahia in English > Users password recovery

0 (0 Good)
0 (0 Bad)

Users password recovery

by  asd »  2011/11/07 10:02

I want to ask you how do you manage password recovery? We have a lot of users wich send us email to restore theirs passwords :( it is not very nice way to do it :)

Is there option "Reset my password" or something similar?

 

Thank you for your time.

  (asd)

Number of messages  8
Registration date
1 (1 Good)
0 (0 Bad)

Re: Users password recovery

by  shyrkov »  2011/11/07 15:01

Hello,

indeed, the password recovery functionality is not provided out-of-the-box.

But is a warmly welcomed feature to be implemented and contributed back to the product :-)

Due to a security concerns, Jahia, by default, does not store and send to the users clear text or two-way encrypted (with the possibility to recover it) passwords. The implementation of this functionality and the the related risks/protection are subject to a particular project requirements and are left to the integrators.

Kind regards

Sergiy

  • Re: Users password recovery
    2011/11/07 15:42

    shyrkov <p> Hello,</p> <p> indeed, the password recovery functionality is not provided out-of-the-box.</p> <p> But is a warmly welcomed feature to be implemented and contributed back to the product :-)</p> <p> Due to a security concerns, Jahia, by default, does not store and send to the users clear text or two-way encrypted (with the possibility to recover it) passwords. The implementation of this functionality and the the related risks/protection are subject to a particular project requirements and are left to the integrators.</p> <p> Kind regards</p> <p> Sergiy</p>

  • Number of messages  407
    Registration date Nov 7, 2011
    0 (0 Good)
    0 (0 Bad)

    Re: Re: Users password recovery

    by  asd »  2011/11/09 11:13

    Hi ho :)

    We add link under login button. Click on it shows password recovery form. We have a small problem with permissions :). It is working fine but we need to be loged in :) 

    Can you give us some hints with permissions?

      (asd)

    Number of messages  8
    Registration date
    0 (0 Good)
    0 (0 Bad)

    Re: Re: Re: Users password recovery

    by  shyrkov »  2011/11/09 12:17

    Hello,

    could you perhaps provide more details on how the form is submitted?

    Is it submitted to your custom action? If yes, actions require an authenticated user by default (default security level). But you can explicitly override it by adding:

    <property name="requireAuthenticatedUser" value="false"/>

    into the Spring bean definition of your action class.

     

    Kind regards

    Sergiy

  • Re: Re: Re: Users password recovery
    2011/11/09 12:17

    shyrkov <p> Hello,</p> <p> could you perhaps provide more details on how the form is submitted?</p> <p> Is it submitted to your custom action? If yes, actions require an authenticated user by default (default security level). But you can explicitly override it by adding:</p> <p> &lt;property name=&quot;requireAuthenticatedUser&quot; value=&quot;false&quot;/&gt;</p> <p> into the Spring bean definition of your action class.</p> <p> &nbsp;</p> <p> Kind regards</p> <p> Sergiy</p>

  • Number of messages  407
    Registration date Nov 9, 2011
    Contact
    Share
    Feedback

    Get in touch

    Whether you are a current user or if you are just evaluating Jahia, we are here to help.

    Contact us

    Share this page