[MAGNOLIA-8815] Cannnot login with non-system users and change password of the users with Superuser login Created: 30/Nov/22  Updated: 14/Mar/23  Resolved: 14/Mar/23

Status: Closed
Project: Magnolia
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Neutral
Reporter: Nguyen Phung Chi Assignee: Evzen Fochr
Resolution: Done Votes: 0
Labels: None
Σ Remaining Estimate: Not Specified Remaining Estimate: Not Specified
Σ Time Spent: Not Specified Time Spent: Not Specified
Σ Original Estimate: Not Specified Original Estimate: Not Specified

Attachments: PNG File image-2022-11-30-10-54-40-932.png     PNG File image-2022-11-30-10-55-31-160.png     Text File user-error.log    
Issue Links:
duplicate
duplicates MAGNOLIA-8351 /admin folder not created on first in... Closed
Sub-Tasks:
Key
Summary
Type
Status
Assignee
MAGNOLIA-8816 Implementation Technical task Completed Evzen Fochr  
MAGNOLIA-8817 Review Technical task Completed Nguyen Phung Chi  
MAGNOLIA-8818 Pre-Integration QA Technical task Completed Nguyen Phung Chi  
MAGNOLIA-8819 QA Technical task Completed Khayal Musayev  
Template:
Acceptance criteria:
Empty
Task DoD:
[X]* Doc/release notes changes? Comment present?
[X]* Downstream builds green?
[X]* Solution information and context easily available?
[X]* Tests
[X]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:
Epic Link: Security maintenance
Sprint: AdminX 31
Story Points: 0.5
Team: AdminX
Work Started:

 Description   

Step to reproduce

  • On DX Core or CE 6.3 version, open Security app
  • Select user "eric" and click "Edit user" action
  • Set new password for the user
  • Click button "Save changes"

Second case is it can't login with user eric also, it might be the same root cause.

Actual result

  • Error message "User cannot be created. No user manager with realm name admin is defined." pop up in the UI, check the error logs in the attachment.
  • Cannot login with non-system user like eric, peter, tina

Expected result

  • User's password should be changed successfully
  • Be able to login with non-system user

More info: It works on Magnolia 6.2.x version

 

Discovery:

This configuration that is needed for admin realm was removed on master branch
https://git.magnolia-cms.com/projects/PLATFORM/repos/main/browse/magnolia-core/src/main/resources/mgnl-bootstrap/core/config.server.security.xml?at=refs%2Fheads%2Frelease%2F6.2#106
Needs to be brought back by security module?

caused by https://git.magnolia-cms.com/projects/PLATFORM/repos/main/commits/b96443424ef6242573ab001b782d2a100562c3be#magnolia-core/src/main/resources/mgnl-bootstrap/core/config.server.security.xml

 

Note: revert https://git.magnolia-cms.com/projects/PLATFORM/repos/main/commits/b96443424ef6242573ab001b782d2a100562c3be#magnolia-core/src/main/resources/mgnl-bootstrap/core/config.server.security.xml



 Comments   
Comment by Evzen Fochr [ 07/Mar/23 ]

apchelintcev can I ask for reasons for this removal? https://git.magnolia-cms.com/projects/PLATFORM/repos/main/commits/b96443424ef6242573ab001b782d2a100562c3be#magnolia-core/src/main/resources/mgnl-bootstrap/core/config.server.security.xml 

Can we simply revert it orwould it be better to bring it by security module (https://git.magnolia-cms.com/projects/MODULES/repos/security/browse/security-core) instead of magnolia-core one?

Generated at Mon Feb 12 04:36:02 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.